-1

I'm using VpnService to capture packets and after capturing them I want to send them to their destination. Now, the capturing aspect works. I got the protocol, Source IP / Destination IP and the Source Port / Destination Port from the packets.

I was thinking about creating a socket with these parameters. VpnService has actually a method protect() which protects the socket and the traffic will not be forwarded through VPN.

I don't have muche experience with sockets. But the other day I read a comment here saying I only send the actual data through the socket and not the IP or TCP header? But since TCP uses a 3-way-handshake (correct me if i'm wrong) the first packets wouldn't have any data, just a SYN - flag.

Does that mean this method doesn't work or can i send a packet with the header through the socket?

Fischa
  • 33
  • 4

1 Answers1

0

Yes, we can send data via sockets and dont have to worry about Transport-layer or IP layer headers. Depending upon the socket type (SOCK_STREAM or SOCK_DGRAM), the underlying layer (and the stack for behavior) adds TCP or UDP header on top of application data. Lastly, before sending it out, the IP layer would add IP header. But, if your design requires, you can always "encapsulate" your entire packet with IP/TCP/Data as a data and send it to the other end. When the other end receives the packet, the application layer would receive data which would actually be the original IP/TCP/Data.

Edit You should explore 2 more questions: a) how would we maintain the packet boundary and (b) what about MTU size. The first one needs to be thought about since TCP does not bother about packet boundary, so it is possible that when you read data on the receiver, it would not start with the header -- one quick solution would be to check if you are hitting the header and then read the length of the packet and continue to read till you have read that much data. The second one is if your packet is already the size of MTU, then adding 2 additional headers would throw it beyond MTU and hence, would likely be fragmented. If you are worried about performance, then this may not be a good thing.

Manoj Pandey
  • 4,528
  • 1
  • 17
  • 18
  • Thanks for the quick answer. I just have to use the socket, so I can protect the traffic. Preferably I'd like to send the exact same packet that I captured. Just so that I understand you correctly. I would check which protocol I'm using create the fitting socket and could then just send all the bytes from the initial packet through there. The fact that the other end would receive a packet with basically two IP and TCP / UDP headers wouldn't be a problem? – Fischa Sep 11 '13 at 22:12
  • The receiver would only read the first IP (strip it off) and pass it to TCP layer, The TCP layer would read the first TCP header (strip it off) and pass it to the appliation. So, nobody should be confused because of this encapsulation. – Manoj Pandey Sep 11 '13 at 22:24
  • Ok thanks, I'm not sure if I totally understand the whole concept yet but I will try to make it work. Concerning your edit, performance isn't that important at the moment. I'm working on this for a course at my university, so getting it to work is enough. – Fischa Sep 11 '13 at 22:45