Hi,

I'm trying to create a RAW TCP SYN packet and send it from one Linux machine to another. I know the packet I have created is well formed and is received by the peer.

Now what I want is to get an ACK for my SYN. I want the peer's Network protocol stack to send me an ACK for that. I know RAW socket is not stream oriented, but is instead datagram-oriented. But can you tell me if there is any hack that I can use to get the network protocol stack to send back an ACK.

Thanks.

>How do you know this?
I know this, since when I do a revcfrom on the peer, I receive the exact no. of bytes I sent.. If my packet was malformed, I should have got an ICMP error message, which I don't.

>If your TCP segment was well-formed, then the peer should do this automatically. It >wouldn't be able to tell the difference between the raw socket you used and a >``normal'' socket anyway, so the same behavior can be expected. It is transparent ...
>Maybe you could post the code you're using if it isn't too long. [/B][/QUOTE]
RAW sockets difer from stream sockets in the sense that the network protocol stack does not bother about packets coming from RAW sockets. Therefore, for the SYN on a RAW socket, it doen't return an SYN|ACK.

I will post my code once the remote machine is up.

>I can't see how this guarantees that your packet is ``well-formed''. Maybe we have differing definitions of ``well-formed'' on this issue, but I mean a packet with valid TCP >content too, not just the same number of bytes you sent out ...


On this issue, can you tell me if the packet is mal formed, will I receive an ICMP error? And if I do, how can I catch it ?

>It's not my fault if you do not mention that the server side uses a raw socket too. Why don't you run a normal server and see whether an ACK is generated? Running both sides with raw >sockets where you could use a stream socket on either side to >ease debugging is asking for trouble ...

Thanks I will try this and let you know what happens.

>Edit: May I ask what's the purpose of your applications?

The research we are doing involves mesuring the MTU from each hop to other. We are using an approach in which the Maximum Segment Size in TCP header can be used.

What you're attempting is so far "out there" that I hesitate to reply. I have never used raw sockets at all. And you seem to be trying to bypass TCP entirely. I'm not sure what to expect when raw sockets are used like that. Like Driver, I think it would help if you posted your code.

I do know the TCP protocol though. Your SYN packet seems to be step one of the 3-way handshake. If it's addressed to port that is listening, You should get a packet that ACK's your SYN and contains a SYN of it's own. Otherwise you should get a RST packet. These days, some systems run in stealth mode and just ignore SYN's to unused ports.

You should not get an ICMP message. But if you fumble a bit, and set the protocol to UDP instead on TCP, then a ICMP port unreachable would be in order.

But you're using raw sockets, right? So isn't all of this your job? You seem to be expecting the kernel's TCP code to help you out. I don't know if it should or not. Like I said, I've never used raw sockets like this. But my expectation would be that the kernel's TCP code would not be in use. After all, to the kernel, there is no TCP connection.

To answer your original question, you can use a raw socket on the client who sends the SYN, and a regular listening stream socket on the server to automatically reply with ACK.

typedef struct ip_header_t {
unsigned char ihl:4,
version:4;
unsigned char tos;
unsigned short tot_len;
unsigned short id;
unsigned short frag_off;
unsigned char ttl;
unsigned char protocol;
unsigned short check;
unsigned int saddr;
unsigned int daddr;
} * ip_header_t;

typedef struct tcp_header_t {
unsigned short source;
unsigned short dest;
unsigned int seq;
unsigned int ack_seq;
unsigned short res1:4,
doff:4,
fin:1,
syn:1,
rst:1,
psh:1,
ack:1,
urg:1,
ece:1,
cwr:1;
unsigned short window;
unsigned short check;
unsigned short urg_ptr;
} * tcp_header_t;

int readn(int, void *, int);

int main(int argc, char * argv[])
{
int sock,sent, temp, rcvd;
struct sockaddr_in sin;
unsigned short local_port;
unsigned short remote_port;
unsigned char protocol;
char * buffer;
//char data[1452];
ip_header_t ip_header;
tcp_header_t tcp_header;
char *remote_ip_str;
int semantics = 0;
unsigned short buffer_size = 0;
int tmp;

protocol = IPPROTO_TCP;
semantics = SOCK_RAW;

remote_ip_str=DEST_IP_ADDR;
remote_port = 6666;

if((sock = socket(PF_INET, semantics, protocol)) < 0) {
perror("socket");
exit(1);
}

bzero((char *)& sin, sizeof(sin));
sin.sin_port = htons(local_port);

if ((bind(sock, (struct sockaddr *)& sin, sizeof(sin))) < 0) {
perror("bind");
exit(1);
}

tmp = 1;
setsockopt(sock, 0, IP_HDRINCL, &tmp, sizeof(tmp));

bzero((char *)& sin, sizeof(sin));
sin.sin_family = AF_INET;
sin.sin_port = htons(remote_port);
sin.sin_addr.s_addr = inet_addr(remote_ip_str);

buffer_size = sizeof(struct ip_header_t) + sizeof(struct tcp_header_t);

srand(getpid());

buffer = (char *) malloc(buffer_size);

ip_header = (ip_header_t) buffer;
ip_header->ihl = 5;
ip_header->version = 4;
ip_header->tos = 0;
ip_header->tot_len = htons(buffer_size);
ip_header->id = 0;
ip_header->ttl = 64;
ip_header->frag_off = 0x40;
ip_header->protocol = protocol;
ip_header->check = 0;
ip_header->daddr = inet_addr(remote_ip_str);
ip_header->saddr = 0;

tcp_header = (tcp_header_t) (ip_header + 1);

tcp_header->source = htons(local_port);
tcp_header->dest = htons(remote_port);
tcp_header->seq = rand()%time(NULL);
tcp_header->ack_seq = rand()%time(NULL);
tcp_header->res1 = 0;
tcp_header->doff = 4;
tcp_header->syn = 1;
tcp_header->check = 0;

printf("SEQ is %u\n", tcp_header->seq);
if((sent=sendto(sock, buffer, buffer_size, 0, (struct sockaddr *) &sin,
sizeof(sin))) < buffer_size) {
perror("sendto");
exit(1);
}
printf("Came here sent %d bytes \n",sent);
if((rcvd = readn(sock, buffer, buffer_size)) < 0 ) {
fprintf(stderr, "nread error\n");
}
else
printf("Received %d bytes\n", rcvd);

close(sock);

return 0;
}

Can you please tell me what's wrong with the packet header I have created? I can't accept it using a STREAM socket. I think there is a problem with the header format, can you tell me what's that?

Thanks

Maybe the checksum field is incorrect and your packet gets discarded...