0

Actually, if i create multiple RAW sockets with the same IP Address. I could bind all of them, and consequently packets are received by all the sockets.

Is there any way that could be avoided, such that the other process trying to bind the same ip address receives an error?

I am using a raw socket

#include <sys/socket.h>
#include <netinet/in.h>
raw_socket = socket(AF_INET, SOCK_RAW, int protocol);

In Man Page raw(7)

A raw socket can be bound to a specific local address using the bind(2) call. If it isn't bound all packets with the specified IP protocol are received. In addition a RAW socket can be bound to a specific network device using SO_BINDTODEVICE; see socket(7).

You cannot bind a raw socket to a specific port because "port" is a concept in TCP and UDP, not IP. With a sneek at the header diagrams for those three protocols and it should become obvious: i am working at a lower level, where the concept of port is not known. This is what i understand regarding port numbers.

innosam
  • 427
  • 1
  • 5
  • 18
  • Ports are constructs of TCP and UDP. Raw sockets operate at the IP layer, and IP has no concept of ports. You get the TCP and UDP headers, so you can see where the data is destined, but your raw socket can't bind to those sockets.. not without writing kernel extensions – xaxxon Aug 09 '13 at 00:11

1 Answers1

0

No. The mere fact that its RAW means there's no other protocol except RAW Internet Protocol. Without TCP or UDP, there won't be any port to distinguish which application this packet gets sent to, so instead, everything will have to be filtered through the IP packet's payload. You'd have to do this manually. Best way is to make a program that forwards these packets after inspection to wherever you want it to go.

KrisSodroski
  • 2,796
  • 3
  • 24
  • 39
  • sd = socket(AF_INET, SOCK_RAW, protocol); Based on the protocol the packets are filtered by the kernel. My problem is that the multiple raw sockets with the same protocol are the opened by different processes and with the same IP. And, kernel doesn't stop the process from doing so. I want the kernel to restrict it to only one bind/IP/Protocol. – innosam Aug 08 '13 at 14:34
  • @innosam What's your protocol? Depending on the protocol, when you bind, set your sockaddr port address's differently. If you use the standard socket.h header, then I believe all of the protocols will allow you to bind to a specific port. If you give each process a different port (like you're supposed to), yo uwont receive the error. – KrisSodroski Aug 08 '13 at 14:45
  • Actually i am using pmipv6 Protocol. It doesn't use transport layer and works directly over ipv6. I suppose that means, there is no port involved for this protocol. – innosam Aug 08 '13 at 15:24
  • 1
    ipv6 has ports. pmipv6 isn't even an internet protocol, but rather it is just IPv6 with the added constraint that the network (DHCP) will try to retain the same ip address for users, even if they change their connection point. This is transparent to you unless you're programming routers in this instance. You can still set a port in the ipv6 struct addr, and then bind the sockets to different ports. If you want to only use STRAIGHT ipv6 without any transport layer, you'll ahve to use functionality that isn't included in socket.h (RAW interface functionality is located in ) – KrisSodroski Aug 08 '13 at 15:30
  • @innosam it says right in your edit, all packets of the SPECIFIED PROTOCOL will be received, which means if you do not bind the socket, you'll get all ipv6 packets in that program. What you're basically doing at that point, is creating a middle man for packet processing that you can then IPC to other programs. Other than that, you can't have two programs use that same socket unless you share it globally and have each program wait on that socket. I am unsure if they will both receive the same data, or if they will each get chunks of data from the same packet. The question is WHY do this? – KrisSodroski Aug 08 '13 at 16:06
  • to be very clear, its a negative scenario for my software, where the user might start two instances with the same ip address and protocol. I can confirm that, the same pmipv6 packet is received by both the sockets. Just want to avoid this condition. – innosam Aug 08 '13 at 16:17
  • Then why not just give them different ports? Are they listening on the sockets and then accepting connections, or are they initiating connections? – KrisSodroski Aug 08 '13 at 16:18
  • That's what, port number doesn't come into the picture when you are handing raw socket. – innosam Aug 08 '13 at 16:19
  • It seems your right. If you bind the raw to a port, it just ignores it. The only thing you can do is use one program to filter out the data yourself. Other than that, if you share it, both programs will get a subset of the data. You'll ahve to use one program, and then forward it to your two "client instances." Therefore, you'll have to force only one instance of this raw socket. I don't see what you'd want to do with it anyways though, since you're going to literally consume all the packets that come in, and stop any other programs from getting their data. – KrisSodroski Aug 08 '13 at 16:29
  • let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/35089/discussion-between-innosam-and-magn3s1um) – innosam Aug 08 '13 at 16:37
  • @Magn3s1um ipv6 has ports? – xaxxon Aug 09 '13 at 00:11