Re: IPPROTO_RAW
- From: Barry Margolin <barmar@xxxxxxxxxxxx>
- Date: Thu, 17 Jul 2008 23:50:15 -0400
In article
<725c6b52-301d-4ae0-bf5d-490399235091@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>,
lak <lakindia89@xxxxxxxxx> wrote:
On Jul 17, 6:57 am, Barry Margolin <bar...@xxxxxxxxxxxx> wrote:
In article
<ab289c53-4c47-4aa0-9f03-38161e271...@xxxxxxxxxxxxxxxxxxxxxxxxxxx>,
lak <lakindi...@xxxxxxxxx> wrote:
Receiving of all IP protocols via IPPROTO_RAW is not possible using
raw sockets. Why?
Because some protocols, such as TCP and UDP, are handled automatically
by the network stack. When the stack receives a TCP or UDP packet with
a destination port that isn't open, it will send an error response back
to the sender.
Can you please explain a little more? please.
You use a raw socket to send out a TCP SYN packet with source port 5000
and destination port 80. The web server sends back a SYN-ACK with
source port 80 and destination port 5000. Since this is a TCP packet
the kernel passes it to the TCP driver. The TCP driver searches its
connection table looking for one with a local port 5000 and remote port
80. It can't find one, so it sends a RST packet, and this causes the
server to abort the connection.
--
Barry Margolin, barmar@xxxxxxxxxxxx
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***
.
- References:
- IPPROTO_RAW
- From: lak
- Re: IPPROTO_RAW
- From: Barry Margolin
- Re: IPPROTO_RAW
- From: lak
- IPPROTO_RAW
- Prev by Date: 7 Unix Admin needed for contract position in Texas and Georgia - secret or interim clearance rqd
- Next by Date: Re: Loose source option
- Previous by thread: Re: IPPROTO_RAW
- Next by thread: web server with pool of thread ...again
- Index(es):
Relevant Pages
|
