0

I'm using Windows Server 2008 R2 for production purposes, so it must be no problem for me to utilize raw socket functionality. But instead I got a problem receiving data on inbound RCVALL socket. What am I doing:

  1. m_recv_socket = socket( AF_INET6 , SOCK_RAW , IPPROTO_IPV6 ),
  2. setsockopt( m_recv_socket, SOL_SOCKET, SO_RCVTIMEO, reinterpret_cast<const char*>( &recv_timeout_ms ), sizeof(int) );
  3. bind( m_recv_socket, reinterpret_cast<sockaddr *>( &sa ), sizeof( sa ) ); (I'm binding it here to the my nic's LINK-Local address, i.e. fe80::a077:5573:5f:3ca5)
  4. WSAIoctl( m_recv_socket, SIO_RCVALL , &dwBufferInLen, sizeof(dwBufferInLen), &dwBufferLen, sizeof(dwBufferLen), &dwBytesReturned , NULL , NULL ); (Where dwBufferInLen equals to 1)

When I try to recv data on this socket, I constantly receive WSA_TIMEDOUT and no data have been received. In the meantime Wireshark proves both inbound and outboud traffic exists on this interface. What is wrong? Any help please? The same code, modified for IPv4 usage works correctly. All return codes for the above calls are OK.

Let me give some clue. There exists unbound send socket of type (AF_INET6, SOCK_RAW, IPPROTO_IPV6); IPV6_HDRINCL is being set. I send manually formed TCP packet through it. Wireshark proves it passes fine. Next I see incoming TCP(RST, ACK) to it exactly to the address I bound receiving socket to. But application remains blocked upon data receiving trial. All checksums are ok, otherwise there wouldn't be any response incoming packets. I'm sure this incoming packet is a response to my TCP(SYN) request because SEQ/ACK numbers prove this(Wireshark also shows me this stream's sequence). So what can be done wrong to this receiving socket?

Lightness Races in Orbit
  • 378,754
  • 76
  • 643
  • 1,055
Zorgiev
  • 794
  • 1
  • 7
  • 19

1 Answers1

0

According to the documentation:

On Windows Server 2008 and earlier, the SIO_RCVALL IOCTL setting would not capture local packets sent out of a network interface. This included packets received on another interface and forwarded out the network interface specified for the SIO_RCVALL IOCTL.

Setting this IOCTL requires Administrator privilege on the local computer.

Do either of those apply to your situation?

Remy Lebeau
  • 555,201
  • 31
  • 458
  • 770
  • Neither of them... I want to add that Wireshark proves there are incoming packets to fe80::a077:5573:5f:3ca5 address, which I bound this socket to. These incoming packets are ones, I'm interested in capturing of. – Zorgiev Jun 20 '12 at 10:26
  • Can you please show the code that sets up the `sockaddr` you are binding with? And can you please update your question with the actual code block you are compiling with? Don't use bullet points to show individual statements. – Remy Lebeau Jun 20 '12 at 18:04
  • `sockaddr_in6 sa = {}; sa.sin6_family = AF_INET6; sa.sin6_addr = ip_addr; ` ip_addr here is a `in6_addr const &` variable. It's set to a correct address(The one, I typed above). The code is large, so it's of no use to paste it here. – Zorgiev Jun 22 '12 at 08:53