I'm writing a C program on Linux machine that needs convert data from UART port to ETH and send it to the ETH port. In order to do so, I build a UDP packet with a given payload (in a SKB from UART) and send it to another machine (win7) on a given destination IP via the ETH port.
I do the following all on Linux machine:
"Learn" the other machine (win7) MAC address, from receive packets.
Allocate a new SKB and copy all the given UART SKB data to the new SKB
Build ETH, IP and UDP headers with correct data
Send the UDP packet that I built to the network by 'netif_rx(MsgSkb);' command.
Now, when I write in the ETH header the local port MAC address, I get an error on the Linux machine:
net_ratelimit: 167 callbacks suppressed
br0: received packet on mb_radio with own address as source address
br0: received packet on mb_radio with own address as source address
br0: received packet on mb_radio with own address as source address
br0: received packet on mb_radio with own address as source address
When I write in the ETH header a junk MAC address as 00:01:02:03:04:05, all works OK.
In both the cases, I checked and verified in the destination machine (win7) with a sniffer (Wireshark) that all the packet that I send from the Linux machine are received OK with the MAC address that I wrote.
How can I write the packet to leave the Linux machine with the correct MAC address?
Thank ahead for your help and advice,
-yaron.
Related
I receive a UDP packet using recvmsg(2). I would like to know if it is from the local machine or not.
I can use IP_PKTINFO with recvmsg to get the interface the packet was received on. When the packet was sent to a loopback address this is the loopback interface, which is great. When the packet was sent to an address of some other network interface, it comes back as that interface whether the packet was locally generated or not, which is not so great.
I can check if the source address of the packet is an address of the local machine, but if reverse path filtering is disabled then it could have that address and still be from another machine, and I can't assume that it isn't. Also, this would be a race between when I receive the packet and when I check what the local addresses are.
The system is Linux. C or C++. The process doing this has CAP_NET_ADMIN. How do I determine if the received packet is from the local machine or not?
I have two interfaces in my Linux system - eth0 and eth1. I have opened a raw socket on eth0 and I am listening on it for incoming packets. When a packet comes from eth0, I forward it to eth1 after changing the ethernet header (specifically destination MAC to eth1's MAC address). The packet should now be accepted by the interface and sent to the kernel for further processing and eventually to the application waiting for it. But for some reason the packet reaches eth1 (as I can see from wireshark) but the application does not receive it (the application is ping and I don't see the ping reply).
How do I send the packet to eth1 such that it is accepted and sent upstream to the kernel?
There is probably a misunderstanding here:
If you send a packet through a raw socket on an interface, in your case eth1, it will not be treated as local to the kernel, regardless of its mac-address, but will leave the interface to the network (with its own mac-address as destination). This is what you observe with wireshark.
If you want the packet to be processed by your kernel, send it to the lo-interface (Loopback-interface), which is specifically for that purpose.
I have a Linux machine that is connected directly to a Raspberry Pi via an Ethernet cable. Is there a way to programmatically in C get the Raspberry Pi's MAC address based on which Ethernet port on my computer it is connected to (eth0, eth1 etc...)
For instance, say I have two Raspberry Pi's, one connected to eth0 and another to eth1. I would like to get the MAC address of only the Pi that is connected to eth0. How would I do that?
Depending on do you know the ip address of the Pi, there are two cases:
The Pi has IP address and are known to your program, you can just send any data to it, e.g. an ICMP PING packet, the networking stack will send out ARP requests for the address, and when the Pi respond with its MAC address, you can get it from the ARP table, which can be viewed by the command arp -n.
The Pi's IP is not known, then you send a broadcast packet through the connected interface, eth0 in this case, for example, ping -b -I eth0 255.255.255.255, the Pi will also respond with its MAC address, and you can get it from the local arp table.
Now for how to do this in programmatic way, you can send the packet using raw sockets, and read arp table through parsing the proc entry /proc/net/arp.
I have seen the SYN flooding packet source code.
But in there, there are nothing about making ethernet packet.
Why source code doesn't manipulate the ethernet header. Why just TCP (It should be manipulated), and IP (It should be also) are manipulated?
If ethernet header is not manipulated, the kernel make the ethernet header's source address with attacker's mac address automatically.
So victim can know source mac address, but not IP address (because of randomize IP address when sending SYN packet to victim).
mac address only valid inside same lan, and will be changed through gateways. So there is no way the victim can know source mac.
But your gateway can know the source mac, since it is your gateway, it is very easy to track you down even if you change your source mac.
So it is meaningless to change your source mac.
I have a need for some C or C++ code, compilable under Linux, to be able to take a list of IP addresses of some arbitrary number of remote hosts machines and obtain a ethernet MAC address for each one. These host machines may be on the same subnet or they could be on a different subnet behind a router. Its OK if the MAC address of some or all of the remote hosts is the address of the interface on the router. Ultimately, I want to hand off the IP address and MAC address to an FPGA who will use these pieces of information to format and send UDP/IP packets over ethernet to the hosts. Obviously, the FPGA will also be given its own MAC address and IP address to fill in the source MAC and source IP addresses in the packets.
Is there some code I can be pointed to that can create and broadcast ARP packets to these remote machines and receive back the ARP response packets such that the destination MAC addresses can be extracted?
Part of what you want to do requires some raw socket programming.
http://mixter.void.ru/rawip.html
The source for the linux arp command will give the rest of what you need. Here's a link:
http://www.comp.nus.edu.sg/~cs4236/readings/out/html/arp_8c-source.html
I recommend looking into arping which is doing a somewhat identical job. It takes IPs and MACs and tries to receive additional informationen. Or justs pings them.
http://freshmeat.net/projects/arping/