• RAW socket

    • raw socket分为2种

    • 网络层数据帧

    socket(AF_INET, SOCK_RAW, IPPROTO_XXX)           // 发送、接收网络层IP数据包 网络层

    • 数据链路帧

    socket(PF_PACKET, SOCK_RAW, htons(ETH_P_XXX))    // 发送、接收数据链路层

    【以ptp报文帧为例】

    raw socket通过帧报文中的DMAC地址知道发送给谁

    要注意的是send/recv函数使用MSG_WAITALL的时候,sockfd 必须是处于阻塞模式下,否则WAITALL不能起作用。

    • raw socket如何过滤

    • 用raw socket会收到很多的以太网帧
    • solve:告诉底层 raw socket, 哪些包是自己想要的,直接在底层被过滤掉,即bpf
    • 在终端输入命令获取过滤参数: sudo  tcpdump -dd -i eth0 tcp port 9090 -s 0
    • 在将过滤参数写入代码

    raw socket 使用 BPF 过滤报文_confirmwz的博客-CSDN博客_bpf socket

    1. #include 
    2. #include 
    3. #include 
    4. #include 
    5. #include 
    6. #include 
    7. #include 
    8. #include 
    9. #include 
    10.  
    11. #include 
    12.  
    13. unsigned char buffer[102];
    14. void main()
    15. {
    16.     int fd, n, i;
    17.     struct sock_fprog filter;
    18.  
    19.     struct sock_filter code[] = {
    20.     { 0x28, 0, 0, 0x0000000c },
    21.     { 0x15, 0, 6, 0x000086dd },
    22.     { 0x30, 0, 0, 0x00000014 },
    23.     { 0x15, 0, 15, 0x00000006 },
    24.     { 0x28, 0, 0, 0x00000036 },
    25.     { 0x15, 12, 0, 0x00002382 },
    26.     { 0x28, 0, 0, 0x00000038 },
    27.     { 0x15, 10, 11, 0x00002382 },
    28.     { 0x15, 0, 10, 0x00000800 },
    29.     { 0x30, 0, 0, 0x00000017 },
    30.     { 0x15, 0, 8, 0x00000006 },
    31.     { 0x28, 0, 0, 0x00000014 },
    32.     { 0x45, 6, 0, 0x00001fff },
    33.     { 0xb1, 0, 0, 0x0000000e },
    34.     { 0x48, 0, 0, 0x0000000e },
    35.     { 0x15, 2, 0, 0x00002382 },
    36.     { 0x48, 0, 0, 0x00000010 },
    37.     { 0x15, 0, 1, 0x00002382 },
    38.     { 0x6, 0, 0, 0x00040000 },
    39.     { 0x6, 0, 0, 0x00000000 },
    40.  
    41.     };
    42.    
    43.     filter.len = sizeof(code)/sizeof(struct sock_filter); 
    44.     filter.filter = code;
    45.     
    46.     fd = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL));
    47.     if (fd < 0 ) {
    48.         perror("socket fail\n");
    49.         exit(1);
    50.     }
    51.     //设置 sk_filter
    52.     if (setsockopt(fd, SOL_SOCKET, SO_ATTACH_FILTER, &filter, sizeof(filter)) < 0) {
    53.         perror("setsockopt fail\n"); 
    54.         exit(1);   
    55.     }
    56.  
    57.     /*block*/
    58.     n = recvfrom(fd, buffer, sizeof(buffer), 0, NULL, NULL);
    59.     if (n < 0) {
    60.         perror("recvfrom none\n");
    61.         exit(1);
    62.     }
    63.  
    64.     for (i = 0; i < n ;i++) {
    65.         printf("%02x ", buffer[i]);
    66.     }
    67. }
    • 过滤指定mac地址的mac帧

    sudo tcpdump ether host 01:1b:19:00:00:00 -vvv -xx

    • 过滤指定的以太网帧类型为0x88f7的包

    root@pc123:/usrdata# tcpdump -dd ether proto 0x88F7
    [ 2073.317491] device eth0 entered promiscuous mode
    { 0x28, 0, 0, 0x0000000c },
    { 0x15, 0, 1, 0x000088f7 },
    { 0x6, 0, 0, 0x00040000 },
    { 0x6, 0, 0, 0x00000000 },
    [ 2073.357828] device eth0 left promiscuous mode

    • 混杂模式:

    在调试过程中,用tcpdump发现可以抓到包,但应用程序拿不到这个包。

    查资料发现:默认情况下,网卡接收一个包,网卡只把发给本机的包(包括广播包)传到上层的APP

           混杂模式就是指网卡能接受所有通过它的数据流,无论是什么模式、什么地址的。当网卡处于这种“混杂”模式时,它对所有遇到的每一个数据帧都产生一个硬件中断,以提醒操作系统处理流经该物理媒体上的每一个报文包。

    • 设置网卡eth0为混杂模式

    [root@localhost test]# ifconfig eth0 promisc

    • 取消网卡混杂模式

    [root@localhost test]# ifconfig enp0s3 -promisc

    • 查看方式: ifconfig 看网卡信息是否有PROMISC字段

    • 一个用raw socket的client/server例子 

    • 编译: g++ main.cpp -lpthread
    • 运行: ./a.out master 或者 ./a.out slave
    1.  
    2.  
    3.  
    4.  
    5. #include 
    6. #include 
    7. #include 
    8. #include 
    9.  
    10. #include 
    11. #include 
    12. #include 
    13.  
    14.  
    15. #include 
    16. #include 
    17. #include 
    18. #include 
    19. #include 
    20. #include  
    21. #include 
    22. #include 
    23. #include 
    24. #include 
    25. #include           /* See NOTES */
    26. #include 
    27. #include 
    28. #include 
    29. #include 
    30. #include 
    31. #include 
    32.  
    33. #include 
    34. #include 
    35.  
    36. enum role {
    37.     master,
    38.     slave,
    39. };
    40. enum role mTmprole;
    41. int fd_raw;
    42.  
    43. void master_process_msg()
    44. {
    45. 	uint8_t tmp_buffer[300] = {'0'};
    46. 	ssize_t size = recvfrom(fd_raw, tmp_buffer, sizeof(tmp_buffer), 0,  NULL, NULL);
    47.  
    48. 	if (size > 14) {
    49. 		printf("master recv msg size [%ld]\n", size);
    50. 	}
    51. }
    52.  
    53.  
    54. void slave_process_msg()
    55. {
    56. 	uint8_t tmp_buffer[300] = {'0'};
    57.  
    58. 	ssize_t size = recvfrom(fd_raw, tmp_buffer, sizeof(tmp_buffer), 0,  NULL, NULL);
    59.  
    60. 	if (size > 14) {
    61.         printf(" recv msg size [%ld] \n",  size);
    62. 	}
    63. }
    64.  
    65. void process_msg()
    66. {
    67.     if (mTmprole == master) {
    68. 		master_process_msg();
    69. 	} else if (mTmprole == slave) {
    70.         slave_process_msg();
    71. 	} else {
    72. 		printf("please selecet role\n");
    73. 		exit(0);
    74. 	}
    75. }
    76.  
    77.  
    78.  
    79.  
    80.  
    81.  
    82. void *thread_recv(void* arg)
    83. {
    84.     printf("thread is running!!!!\n");
    85.     while(1)
    86. 	{
    87. 		process_msg();
    88. 	}
    89.     printf("thread recv over!!!!!!\n");
    90. }
    91.  
    92. int start_recv_msg_thread()
    93. {
    94.  
    95.     int res;
    96.     pthread_t a_thread;
    97.     // void *thread_result;
    98.     
    99.     res = pthread_create(&a_thread, NULL, thread_recv, NULL);
    100.     if(res != 0){
    101. 		printf("error create thread\n");  
    102. 	}
    103. 	pthread_detach(a_thread);
    104. 	return 0;
    105. }
    106.  
    107. void add_raw_filter()
    108. {
    109. 	// sudo tcpdump -dd ether host 01:1b:19:00:00:00 -vvv -xx 
    110. 	/*struct sock_filter code[] = {
    111. 		{ 0x20, 0, 0, 0x00000008 },
    112. 		{ 0x15, 0, 2, 0x19000000 },
    113. 		{ 0x28, 0, 0, 0x00000006 },
    114. 		{ 0x15, 4, 0, 0x0000011b },
    115. 		{ 0x20, 0, 0, 0x00000002 },
    116. 		{ 0x15, 0, 3, 0x19000000 },
    117. 		{ 0x28, 0, 0, 0x00000000 },
    118. 		{ 0x15, 0, 1, 0x0000011b },
    119. 		{ 0x6, 0, 0, 0x00040000 },
    120. 		{ 0x6, 0, 0, 0x00000000 },
    121. 	};*/
    122.  
    123.     struct sock_fprog filter;
    124.     filter.len = sizeof(code)/sizeof(struct sock_filter); 
    125.     filter.filter = code;
    126.     if (setsockopt(fd_raw, SOL_SOCKET, SO_ATTACH_FILTER, &filter, sizeof(filter)) < 0) {
    127.         perror("setsockopt fail\n"); 
    128.         exit(1);
    129.     }
    130. }
    131.  
    132. int open_raw_socket(const char* interface)
    133. {
    134.     fd_raw = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL));  //收发数据链路层的数据包
    135.     if (fd_raw == -1) {
    136. 		printf("socket failed: [%d] [%s]\n", fd_raw, strerror(errno));
    137. 		return -1;
    138. 	} else {
    139. 		printf("socket [%d] \n", fd_raw);
    140. 	}
    141. 	// add_raw_filter();
    142.  
    143. 	ioctl(fd_raw, FIONBIO, 0);  //1:非阻塞 0:阻塞 
    144.  
    145. 	struct sockaddr_ll addr;
    146. 	memset(&addr, 0, sizeof(addr));
    147. 	addr.sll_ifindex = if_nametoindex(interface);
    148. 	addr.sll_family = AF_PACKET;
    149. 	addr.sll_protocol = htons(ETH_P_ALL);
    150. 	int err = bind(fd_raw, (struct sockaddr *) &addr, sizeof(addr));
    151. 	if (err != 0) {
    152. 		printf("raw socket bind failed: [%d] [%s]\n", err, strerror(errno));
    153.         return -1;
    154. 	} else {
    155. 		printf("raw socket bind sucess [%s] [%d]\n", interface, fd_raw);
    156. 	}
    157. // 开启接收线程
    158.     start_recv_msg_thread();
    159.  
    160.     return 0;
    161. }
    162. void enter_promis_mode(char* mac_name)
    163. {
    164. 	// 进入混杂模式
    165. 	char cmd[50] ={'0'}; // ifconfig %s promisc
    166. 	snprintf(cmd, 50, "ifconfig %s promisc", mac_name);
    167. 	printf("[%s]\n", cmd);
    168. 	system(cmd);
    169. }
    170.  
    171. int main(int argc, char** argv)
    172. {
    173.     if (argc >= 2) {
    174.         printf("argv = %s\n", argv[1]);
    175.         if (strcmp(argv[1], "master")) {
    176.             mTmprole = master;
    177.         } else if (strcmp(argv[1], "slave")) {
    178.             mTmprole = slave;
    179.         }
    180.     } else {
    181.         exit(0);
    182.     }
    183.     enter_promis_mode("eth0");
    184.     open_raw_socket("eth0");
    185.  
    186.     while(1)
    187.     {
    188.         sleep(3);
    189.     }
    190.     exit(0);
    191. }

  • 相关阅读:
    go defer简介
    【计算机网络】广域网协议分析
    Ceres 自动求导解析-从原理到实践
    [错题]Mocha and Railgun
    私域运营系统的两个基础
    机器学习-集成学习LightGBM
    爬虫入门教程:爬虫概述
    基于ssm008医院门诊挂号系统+jsp【附PPT|开题|任务书|万字文档(LW)和搭建文档】
    Jenkins使用pipeline部署服务到远程服务器
    python烟花代码通过编写程序来模拟烟花的绽放过程
  • 原文地址:https://blog.csdn.net/m0_37844072/article/details/127212560