Linux下的raw Socket（原始套接字）编程

最新推荐文章于 2023-10-07 22:47:51 发布

聆听--风雨

最新推荐文章于 2023-10-07 22:47:51 发布

阅读量2.1w

点赞数 7

分类专栏：计算机网络 Linux 文章标签： Linux 网络编程 DNS Socket

本文链接：https://blog.csdn.net/luchengtao11/article/details/73878760

版权

Linux 同时被 2 个专栏收录

24 篇文章 0 订阅

订阅专栏

计算机网络

22 篇文章 3 订阅

订阅专栏

前言

本文所述代码托管在https://github.com/Wuchenwcf/MyCode/blob/master/C%2B%2B/Linux/rawSocketTest.cpp

简介

最近项目需要用到rawSocket来进行自定义IP报文的源地址。

windows从winxp sp2开始便对raw socket进行了限制。

【1】只能发送UDP包

【2】只能发送正确的UDP包

【3】不能冒充源地址，即，源地址只能填本机地址。

所以raw socket只有在Linux平台上才能发挥它本该有的功能。

注意

网上很多raw Socket的代码很坑，尤其是这个：http://www.tenouk.com/Module43a.html。看起来很正规很牛逼的样子，实际上IP报文都组错了。而且sendto函数调用错误，导致数据报只能在本地环路中收发，根本就不经过网卡，也就发不出去。博主参考了他的代码，结果卡了一天。唉。

代码

代码注释写的很清楚，看官自己看吧

#include <unistd.h>
#include <stdio.h>
#include <sys/socket.h>
#include <netinet/ip.h>
#include <netinet/udp.h>
#include<memory.h>
#include<stdlib.h>
#include <linux/if_ether.h>
#include <linux/if_packet.h> // sockaddr_ll
#include<arpa/inet.h>
#include<netinet/if_ether.h>
#include<iomanip>
#include<iostream>

// The packet length
#define PCKT_LEN 100

//UDP的伪头部
struct UDP_PSD_Header
{
	u_int32_t src;
	u_int32_t des;
	u_int8_t  mbz;
	u_int8_t ptcl;
	u_int16_t len;
};
//计算校验和
unsigned short csum(unsigned short *buf, int nwords)
{ 
	unsigned long sum;
	for (sum = 0; nwords > 0; nwords--)
	{
		sum += *buf++;
	}
	sum = (sum >> 16) + (sum & 0xffff);
	sum += (sum >> 16);
	return (unsigned short)(~sum);
}


// Source IP, source port, target IP, target port from the command line arguments
int main(int argc, char *argv[])
{
	int sd;
	char buffer[PCKT_LEN] ;
	//查询www.chongfer.cn的DNS报文
	unsigned char DNS[] = { 0xd8, 0xcb , 0x01, 0x00, 0x00, 0x01, 0x00 ,0x00,
		0x00, 0x00, 0x00, 0x00, 0x03, 0x77, 0x77, 0x77,
		0x08, 0x63, 0x68, 0x6f, 0x6e, 0x67, 0x66, 0x65,
		0x72, 0x02, 0x63, 0x6e, 0x00, 0x00, 0x01, 0x00,
		0x01 };
	struct iphdr *ip = (struct iphdr *) buffer;
	struct udphdr *udp = (struct udphdr *) (buffer + sizeof(struct iphdr));
	// Source and destination addresses: IP and port
	struct sockaddr_in sin, din;
	int  one = 1;
	const int *val = &one;
	//缓存清零
	memset(buffer, 0, PCKT_LEN);

	if (argc != 5)
	{
		printf("- Invalid parameters!!!\n");
		printf("- Usage %s <source hostname/IP> <source port> <target hostname/IP> <target port>\n", argv[0]);
		exit(-1);
	}

	// Create a raw socket with UDP protocol
	sd = socket(AF_INET, SOCK_RAW, IPPROTO_UDP);
	if (sd < 0)
	{
		perror("socket() error");
		// If something wrong just exit
		exit(-1);
	}
	else
		printf("socket() - Using SOCK_RAW socket and UDP protocol is OK.\n");
	//IPPROTO_TP说明用户自己填写IP报文
	//IP_HDRINCL表示由内核来计算IP报文的头部校验和，和填充那个IP的id 
	if (setsockopt(sd, IPPROTO_IP, IP_HDRINCL, val, sizeof(int)))
	{
		perror("setsockopt() error");
		exit(-1);
	}
	else
		printf("setsockopt() is OK.\n");

	// The source is redundant, may be used later if needed
	// The address family
	sin.sin_family = AF_INET;
	din.sin_family = AF_INET;
	// Port numbers
	sin.sin_port = htons(atoi(argv[2]));
	din.sin_port = htons(atoi(argv[4]));
	// IP addresses
	sin.sin_addr.s_addr = inet_addr(argv[1]);
	din.sin_addr.s_addr = inet_addr(argv[3]);

	// Fabricate the IP header or we can use the
	// standard header structures but assign our own values.
	ip->ihl = 5;
	ip->version = 4;//报头长度，4*32=128bit=16B
	ip->tos = 0; // 服务类型
	ip->tot_len = ((sizeof(struct iphdr) + sizeof(struct udphdr)+sizeof(DNS)));
	//ip->id = htons(54321);//可以不写
	ip->ttl = 64; // hops生存周期
	ip->protocol = 17; // UDP
	ip->check = 0;
	// Source IP address, can use spoofed address here!!!
	ip->saddr = inet_addr(argv[1]);
	// The destination IP address
	ip->daddr = inet_addr(argv[3]);

	// Fabricate the UDP header. Source port number, redundant
	udp->source = htons(atoi(argv[2]));//源端口
	// Destination port number
	udp->dest = htons(atoi(argv[4]));//目的端口
	udp->len = htons(sizeof(struct udphdr)+sizeof(DNS));//长度
	//forUDPCheckSum用来计算UDP报文的校验和用
	//UDP校验和需要计算 伪头部、UDP头部和数据部分
	char * forUDPCheckSum = new char[sizeof(UDP_PSD_Header) + sizeof(udphdr)+sizeof(DNS)+1];
	memset(forUDPCheckSum, 0, sizeof(UDP_PSD_Header) + sizeof(udphdr) + sizeof(DNS) + 1);
	UDP_PSD_Header * udp_psd_Header = (UDP_PSD_Header *)forUDPCheckSum;
	udp_psd_Header->src = inet_addr(argv[1]);
	udp_psd_Header->des = inet_addr(argv[3]);
	udp_psd_Header->mbz = 0;
	udp_psd_Header->ptcl = 17;
	udp_psd_Header->len = htons(sizeof(udphdr)+sizeof(DNS));
	memcpy(forUDPCheckSum + sizeof(UDP_PSD_Header), udp, sizeof(udphdr));
	memcpy(forUDPCheckSum + sizeof(UDP_PSD_Header) + sizeof(udphdr), DNS, sizeof(DNS));

	//ip->check = csum((unsigned short *)ip, sizeof(iphdr)/2);//可以不用算
	//计算UDP的校验和，因为报文长度可能为单数，所以计算的时候要补0
	udp->check = csum((unsigned short *)forUDPCheckSum,(sizeof(udphdr)+sizeof(UDP_PSD_Header)+sizeof(DNS)+1)/2);

	setuid(getpid());//如果不是root用户，需要获取权限	

	// Send loop, send for every 2 second for 2000000 count
	printf("Trying...\n");
	printf("Using raw socket and UDP protocol\n");
	printf("Using Source IP: %s port: %u, Target IP: %s port: %u.\n", argv[1], atoi(argv[2]), argv[3], atoi(argv[4]));
	std::cout << "Ip length:" << ip->tot_len << std::endl;
	int count;
	//将DNS报文拷贝进缓存区
	memcpy(buffer + sizeof(iphdr) + sizeof(udphdr), DNS, sizeof(DNS));
	
	for (count = 1; count <= 2000000; count++)
	{
		
		if (sendto(sd, buffer, ip->tot_len, 0, (struct sockaddr *)&din, sizeof(din)) < 0)
			// Verify
		{
			perror("sendto() error");
			exit(-1);
		}
		else
		{
			printf("Count #%u - sendto() is OK.\n", count);
			sleep(2);
		}
	}
	close(sd);
	return 0;
}

结果

在IP为93的机器上冒充那个IP为94的机器向阿里的DNS服务器114.114.114.114上发送DNS查询报文

在IP为94的机器上收到阿里DNS服务器传回来的DNS报文

聆听--风雨

关注

7
点赞
踩
80

收藏

觉得还不错? 一键收藏
23
评论
Linux下的raw Socket（原始套接字）编程

前言本文所述代码托管在https://github.com/Wuchenwcf/MyCode/blob/master/C%2B%2B/Linux/rawSocketTest.cpp简介最近项目需要用到rawSocket来进行自定义IP报文的源地址。windows从winxp sp2开始便对raw socket进行了限制。【1】只能发送UDP包【2】只能发送正确的UDP包...
复制链接

扫一扫

专栏目录