Develop Reference

Why there are no ICMP ping requests sent when wireshark packet capture is opened?

Summary : The sendto api in raw socket reports no error but the ICMP packet is not sent in wireshark packet capture.
I'm new in Raw Socket programming and trying to create a ICMP ping packet from scratch. I successfully created a ping program following this : https://www.geeksforgeeks.org/ping-in-c/ but now I wish to build also the ethernet header myself i.e all the packet headers from scratch. I did write the program following this : https://opensourceforu.com/2015/03/a-guide-to-using-raw-sockets/ but when I run it and capture the packet transfer using tcpdump and analyze it using Wireshark I find no ICMP packets sent, although according to my programming logic my packet has been successfully sent(since sendto api doesn't report any error). I'm attaching the code, any help will be really appreciated.
#include <stdio.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <netdb.h>
#include <unistd.h>
#include <string.h>
#include <stdlib.h>
#include <netinet/ip_icmp.h>
#include <time.h>
#include <fcntl.h>
#include <signal.h>
#include <time.h>
#include <string.h>
#include <netinet/if_ether.h>
#include <netpacket/packet.h>
#include <net/ethernet.h>
#include <net/if.h>
#include <sys/ioctl.h>
#define PING_PKT_S 64
#define PORT_NO 0
#define PING_SLEEP_RATE 1000000
#define RECV_TIMEOUT 1
int pingloop=1;
struct ping_pkt
{
struct ethhdr eth;
struct ip ip;
struct icmphdr hdr;
char msg[PING_PKT_S-sizeof(struct icmphdr)];
}g_pckt;
typedef struct ping_ctx{
int tos;
int ttl;
char srcIP[200];
char dstIP[200];
int r_sock;
}ping_ctx;
unsigned short checksum(void *b, int len)
{
unsigned short *buf = b;
unsigned int sum=0;
unsigned short result;
for ( sum = 0; len > 1; len -= 2 )
sum += *buf++;
if ( len == 1 )
sum += *(unsigned char*)buf;
sum = (sum >> 16) + (sum & 0xFFFF);
sum += (sum >> 16);
result = ~sum;
return result;
}
void intHandler(int dummy)
{
pingloop=0;
}
void fill_ip_h(struct ip *ip, ping_ctx* ctx)
{
ip->ip_src.s_addr = inet_addr(ctx->srcIP);
ip->ip_dst.s_addr = inet_addr(ctx->dstIP);
ip->ip_v = 4;
ip->ip_hl = sizeof*ip >> 2;
ip->ip_tos = (unsigned char)(ctx->tos);
ip->ip_len = htons(sizeof(g_pckt));
ip->ip_id = htons(4321);
ip->ip_off = htons(0);
ip->ip_ttl = (unsigned char)(ctx->ttl);
ip->ip_p = 1;
ip->ip_sum = 0; /* Let kernel fills in */
}
void fill_icmp_h(struct icmphdr* hdr,int *msg_count)
{
hdr->type = ICMP_ECHO;
hdr->un.echo.id = 1;
hdr->un.echo.sequence = (*msg_count)++;
}
void fill_data(unsigned char * data)
{
memset(data, 'J', PING_PKT_S-sizeof(struct icmphdr));
}
void fill_eth(struct ethhdr* eth){
eth->h_source[0] = 0x08;
eth->h_source[1] = 0x00;
eth->h_source[2] = 0x27;
eth->h_source[3] = 0xe8;
eth->h_source[4] = 0xb5;
eth->h_source[5] = 0x12;
eth->h_dest[0] = 0x08;
eth->h_dest[1] = 0x00;
eth->h_dest[2] = 0x27;
eth->h_dest[3] = 0xe8;
eth->h_dest[4] = 0xb5;
eth->h_dest[5] = 0x12;
eth->h_proto = htons(ETH_P_IP);
}
void send_ping(ping_ctx* ctx)
{
int msg_count=0, i, addr_len, pkt_sent=1,
msg_received_count=0,on =1;
struct sockaddr_ll remote_addr;
struct ip *ip = NULL;
struct icmphdr* icmph = NULL;
unsigned char* data = NULL;
struct ethhdr* eth = NULL;
struct sockaddr_ll r_addr;
struct timespec time_start, time_end, tfs, tfe;
long double rtt_msec=0, total_msec=0;
struct timeval tv_out;
/*Set params*/
char *to = ctx->dstIP;
char *from = ctx->srcIP;
int ping_sockfd = ctx->r_sock;
int ttl = ctx->ttl;
int tos =ctx->tos;
/*Timer Settings*/
tv_out.tv_sec = RECV_TIMEOUT;
tv_out.tv_usec = 0;
clock_gettime(CLOCK_MONOTONIC, &tfs);
//GET INTERFACE INDEX FOR INTERFACE enp0s3
/*struct ifreq ifr;
size_t if_name_len = strlen(if_name);
if(if_name_len<sizeof(ifr.ifr_name)){
memcpy(ifr.ifr_name,if_name,if_name_len);
ifr.ifr_name[if_name_len]=0;
}
else{
die("Interface name is too long");
}
memset(&ifr,0,sizeof(ifr));
strncpy(ifr.ifr_name,enp0s3,IFNAMSIZ-1);
int fd = socket(AF_UNIX,SOCK_DGRAM,0);
if(fd==-1)
printf("Error opening socket");
if(ioctl(fd,SIOCGIFINDEX,&ifr)==-1){
printf("Error getting index name");
}*/
//int ifindex = ifr.ifr_ifindex;
int ifindex = if_nametoindex("enp0s3");
printf("The interface number is : %d \n",ifindex);
remote_addr.sll_ifindex = ifindex;
remote_addr.sll_halen = ETH_ALEN;
remote_addr.sll_addr[0] = 0x08;
remote_addr.sll_addr[1] = 0x00;
remote_addr.sll_addr[2] = 0x27;
remote_addr.sll_addr[3] = 0xe8;
remote_addr.sll_addr[4] = 0xb5;
remote_addr.sll_addr[5] = 0x12;
if(setsockopt(ping_sockfd, SOL_SOCKET, SO_RCVTIMEO,
(const char*)&tv_out, sizeof tv_out) < 0)
{
printf("Setting socket options failed for SO_RCVTIMEO\n");
return;
}
/*if(setsockopt(ping_sockfd, IPPROTO_RAW, IP_HDRINCL, &on, sizeof(on)) < 0)
{
printf("Setting socket options failed for IP_HDRINCL");
return;
}*/
while(pingloop)
{
pkt_sent=1;
memset(&g_pckt, 0, sizeof(g_pckt));
/*ETHERNET Header*/
eth = (struct ethhdr *)&g_pckt;
fill_eth(eth);
/*IP Header*/
ip = (struct ip *)(eth + 1);
fill_ip_h(ip, ctx);
/*ICMP Header*/
icmph = (struct icmphdr*)(ip + 1);
fill_icmp_h(icmph, &msg_count);
/*Data*/
data = (unsigned char *)(icmph + 1);
fill_data(data);
/*ICMP Checksum*/
icmph->checksum = checksum(icmph, PING_PKT_S);
usleep(PING_SLEEP_RATE);
/*TX*/
clock_gettime(CLOCK_MONOTONIC, &time_start);
if ( sendto(ping_sockfd, &g_pckt, sizeof(g_pckt), 0,
(struct sockaddr*) &remote_addr,
sizeof(remote_addr)) <= 0)
{
printf("\nPacket Sending Failed!\n");
pkt_sent=0;
}
/*RX*/
/*addr_len=sizeof(r_addr);
if ( recvfrom(ping_sockfd, icmph, PING_PKT_S, 0,
(struct sockaddr*)&r_addr, &addr_len) <= 0
&& msg_count>1)
{
printf("\nPacket receive failed!\n");
} */
else
{
clock_gettime(CLOCK_MONOTONIC, &time_end);
double timeElapsed = ((double)(time_end.tv_nsec -
time_start.tv_nsec))/1000000.0;
rtt_msec = (time_end.tv_sec-
time_start.tv_sec) * 1000.0
+ timeElapsed;
// if packet was not sent, don't receive
if(pkt_sent)
{
if(!(g_pckt.hdr.type ==69 && g_pckt.hdr.code==0))
{
printf("Error..Packet received with ICMP"
"type %d code %d\n",
g_pckt.hdr.type, g_pckt.hdr.code);
}
else
{
printf("%d bytes Received reply from %s: icmp_seq=:%d ttl=%d time=%Lf ms\n",PING_PKT_S, ctx->dstIP, msg_count, ctx->ttl, rtt_msec);
msg_received_count++;
}
}
}
}
clock_gettime(CLOCK_MONOTONIC, &tfe);
double timeElapsed = ((double)(tfe.tv_nsec -
tfs.tv_nsec))/1000000.0;
total_msec = (tfe.tv_sec-tfs.tv_sec)*1000.0+
timeElapsed ;
printf("\n%d packets sent, %d packets received, %f percent "
"packet loss. Total time: %Lf ms.\n\n",
msg_count, msg_received_count,
((msg_count - msg_received_count)/msg_count) * 100.0,
total_msec);
}
int main(int argc, char *argv[])
{
ping_ctx ctx = {0};
if(argc!=3)
{
printf("sudo ./myping 10.117.157.6 10.39.51.117\n");
return 0;
}
signal(SIGINT, intHandler);
ctx.r_sock = socket(AF_PACKET, SOCK_RAW, IPPROTO_RAW);
if(ctx.r_sock <0)
{
printf("\nSocket file descriptor not received\n");
return 0;
}
ctx.tos = 0;
ctx.ttl = 64;
strncpy(ctx.dstIP, argv[1],strlen(argv[1]));
strncpy(ctx.srcIP, argv[2],strlen(argv[2]));
send_ping(&ctx);
return 0;
}
When the packets are captured using tcpdump and the capture is opened in wireshark, no ICMP packet is seen.

Your ethernet header has some Wrongly filled.
I run your program and use wireshark capture some wrongly packages.
Your program can send package but that is not match ICMP protocol .So if you use filter ICMP , then nothing will be catch. On ethernet header has some error that causes subsequent protocols(ICMP) to be unresolved.
//Wireshark capture packet like below
Linux cooked capture
Packet type: Send by us (4)
Link-layer address type: 1
Link-layer address length: 6
Source: PcsCompu_e8:b5:12(08:00:27:e8:b5:12)
Unused: 0000
Protocol: Unknown (0xd370)

I finally figured out all the problems with the code. Okay so the problem were -
The Destination and Source MAC were same which shouldn't be.
The IP Checksum were not provided.
The complete solution is - Why is the echo ping not reaching the destination? (If it helps anybody)

Custom IP header for ICMP packet not working

I'm trying to make an ICMP packet with a custom IP header.
When I disable IP_HDRINCL to use the default IP header and cut out all the IP header related code, it works (I checked the checksums of the code below and the code that works with default headers, the ICMP packet is definitely valid in the code below).
The issue arrives when trying to use my own IP header, I don't receive any ICMP packets, indicating the packet didn't properly transmit or something went wrong.
I'm on Ubuntu 16.04 and compiling with GCC with the flags -std=c11 -Wall -Wextra -pedantic
#include <errno.h>
#include <sys/socket.h>
#include <netdb.h>
#include <netinet/in.h>
#include <netinet/ip.h>
#include <netinet/udp.h>
#include <netinet/ip_icmp.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include <sys/time.h>
#include <arpa/inet.h>
#define PACKETSIZE 256
// Packet struct
struct packet {
struct iphdr ip; // IP Header
struct icmphdr hdr; // ICMP Header
char msg[PACKETSIZE - sizeof(struct icmphdr) - sizeof(struct iphdr)]; // Message
};
// Checksum function
unsigned short checksum(void *b, int len) {
unsigned short *buf = b;
unsigned int sum = 0;
unsigned short result;
for (sum = 0; len > 1; len -= 2) {
sum += *buf++;
}
if (len == 1) sum += *(unsigned char*)buf;
sum = (sum >> 16) + (sum & 0xFFFF);
sum += (sum >> 16);
result = ~sum;
return result;
}
int main(int argc, char* argv[])
{
// Enough arguments
if (argc < 2) {
printf("usage: ./tracert <server>\n");
return EXIT_FAILURE;
}
// Variables
struct hostent *hname;
struct sockaddr_in addr;
unsigned int i;
int sockfd, seq = 1;
struct packet pckt;
socklen_t len;
char buf[1024];
// Get host from domain
hname = gethostbyname(argv[1]);
memset(&addr, 0, sizeof(addr));
addr.sin_family = hname->h_addrtype;
addr.sin_port = htons(6969);
addr.sin_addr.s_addr = *(long *)hname->h_addr_list[0];
// Create ICMP RAW socket
sockfd = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP);
if (sockfd < 0) {
printf("error on socket creation\n");
return EXIT_FAILURE;;
}
if (setsockopt(sockfd, IPPROTO_IP, IP_HDRINCL, &seq, sizeof(seq)) < 0) {
printf("error on default ip header settings\n");
return EXIT_FAILURE;
}
// Loop and receive/send packets
while (1) {
// Make packet
memset(&pckt, 0, sizeof(pckt));
// IP Header
pckt.ip.version = 4;
pckt.ip.ihl = 5;
pckt.ip.tot_len = htons(sizeof(pckt));
pckt.ip.ttl = 255;
pckt.ip.protocol = IPPROTO_ICMP;
pckt.ip.saddr = inet_addr("192.168.1.1");
pckt.ip.daddr = addr.sin_addr.s_addr;
pckt.ip.check = checksum(&pckt, sizeof(struct iphdr));
// ICMP Header
pckt.hdr.type = ICMP_ECHO;
pckt.hdr.un.echo.id = 0;
for (i = 0; i < sizeof(pckt.msg) - 1; i++) {
pckt.msg[i] = i+'0';
}
pckt.msg[i] = 0;
pckt.hdr.un.echo.sequence = seq;
pckt.hdr.checksum = checksum(&pckt.hdr, sizeof(struct icmphdr) + sizeof(pckt.msg));
// Send packet
if (sendto(sockfd, &pckt, sizeof(pckt), 0, (struct sockaddr*)&addr, sizeof(addr)) <= 0) {
printf("error on sending packet\n");
return EXIT_FAILURE;
}
// Receive packet
len = sizeof(addr);
memset(buf, 0, sizeof(buf));
if (recvfrom(sockfd, buf, sizeof(buf), 0, (struct sockaddr*)&addr, &len) > 0) {
printf("packet received\n");
// Do more stuff here later...
}
// The while is there for later, for now I just want to send one packet
return EXIT_SUCCESS;
}
close(sockfd);
return EXIT_SUCCESS;
}

Why does recvfrom create additional IP header?

Why does recvfrom create additional IP header?
I am sending:
-------------
- IP header -
-------------
- Data -
-------------
But when I try to receive data, it looks like there is
-------------
- IP header -
-------------
- IP header -
-------------
- Data -
-------------
Client code:
#include <sys/socket.h>
#include <netinet/in.h>
#include <stdio.h>
#include <stdlib.h>
#include <arpa/inet.h>
#include <unistd.h>
#include <string.h>
#include <netinet/ip.h>
#define DEBUG 1
int main(void) {
// Create File descrptor for socket
int socket_fd;
if ((socket_fd = socket(AF_INET, SOCK_RAW, IPPROTO_IPV6)) < 0) {
perror("ERROR Socket");
exit(2);
}
char *srcIP = "127.0.0.1";
char *dstIP = "127.0.0.1";
// Create address structure
struct sockaddr_in daddr;
daddr.sin_family = AF_INET;
daddr.sin_port = 0; // Raw sockets can't use ports
inet_pton(AF_INET, "127.0.0.1", &daddr.sin_addr);
memset(daddr.sin_zero, 0, sizeof(daddr.sin_zero));
// Create a Packet
char packet[50];
memset(packet, 0, sizeof(packet));
// Structure packet
struct iphdr *ip_header = (struct iphdr *) packet;
// Data to be appended at the end of the ip header
char *data = (char *) (packet + (sizeof(struct iphdr)));
ip_header->version = 4; // IPv4
ip_header->tos = 0; // Type of service
ip_header->ihl = 5; // 5 x 32-bit words
// ip_header->tot_len = htons(sizeof(struct iphdr) + strlen(data)); // Total IP packet length
ip_header->tot_len = sizeof(packet); // Total IP packet length
ip_header->protocol = IPPROTO_IPV6; // 6in4 protocol
ip_header->frag_off = 0x00; //16 bit field = [0:2] flags + [3:15] offset = 0x0
ip_header->ttl = 0xFF; // Max number of hops 16bit
// ip_header->id = htons(54321); // 0x00; //16 bit id
ip_header->check = 0; //16 bit checksum of IP header. Can't calculate at this point
ip_header->saddr = inet_addr(srcIP);
ip_header->daddr = inet_addr(dstIP);
data[0] = 'T';
data[1] = 'E';
data[2] = 'S';
data[3] = 'T';
data[4] = '7';
data[5] = '\0';
// ip_header->check = csum((unsigned short *) packet, ip_header->tot_len);
#if DEBUG
printf("\nIP header checksum: %d\n", ip_header->check);
#endif
while (1) {
sleep(1);
if (sendto(socket_fd, (char *) packet, sizeof(packet), 0,
(struct sockaddr *) &daddr, (socklen_t) sizeof(daddr)) < 0)
perror("Packet send error");
}
return 0;
}
Server code:
/*** IPPROTO_RAW receiver ***/
#include <sys/socket.h>
#include <sys/types.h>
#include <netinet/ip.h>
#include <arpa/inet.h>
#include <string.h>
#include <stdio.h>
#include <stdlib.h>
int main(void)
{
int socket_fd;
struct sockaddr_in saddr;
char packet[50];
if ((socket_fd = socket(AF_INET, SOCK_RAW, IPPROTO_IPV6)) < 0) {
perror("socket_fd");
exit(EXIT_FAILURE);
}
memset(packet, 0, sizeof(packet));
socklen_t len = (socklen_t) sizeof(saddr);
while(1) {
if (recvfrom(socket_fd, packet, sizeof(packet), 0,
(struct sockaddr *)&saddr, &len) < 0)
perror("recvfrom");
int i = sizeof(struct iphdr); ////// WHY IS DATA PAYLOAD ON packet[sizeof(struct iphdr) * 2]
while (i < sizeof(packet)) {
fprintf(stderr, "%c", packet[i]);
i++;
}
printf("\n");
}
exit(EXIT_SUCCESS);
}

In your sender, you need to set the IP_HDRINCL socket option. That tells the API that you're manually supplying the IP header. Because you're not setting this option, you're effectively putting your own copy of the IP header after the one the system adds.

IP_HDRINCL socket option is normally implicitly set only in the case of usage of IPPROTO_RAW. If you are not using IPPROTO_RAW, then the header will be generated as IP_HDRINCL will not be set implicitly.
Refer to man7.org/linux/man-pages/man7/raw.7.html.

Raw Socket Linux send/receive a packet

Have some problems in receiving packets.
I can receive and read incoming packets, but I think i do not get a handshake with any host.
I only want to send a packet to a remote computer with an open port on receiving an answer to see the TTL(time to live) and the window size.
Does anyone have an idea where the errors are? (I don't have very deep knowledge in C programming)
CODE:
#include <sys/types.h>
#include <stdio.h>
#include <stdlib.h>
#include <sys/socket.h>
#include <errno.h>
#include <unistd.h>
#include <arpa/inet.h>
#include <net/ethernet.h>
#include <netinet/in.h>
#include <netinet/ip.h>
#include <netinet/tcp.h>
struct pseudohdr {
u_int32_t src_addr;
u_int32_t dst_addr;
u_int8_t padding;
u_int8_t proto;
u_int16_t length;
};
struct data_4_checksum {
struct pseudohdr pshd;
struct tcphdr tcphdr;
char payload[1024];
};
unsigned short comp_chksum(unsigned short *addr, int len) {
long sum = 0;
while (len > 1) {
sum += *(addr++);
len -= 2;
}
if (len > 0)
sum += *addr;
while (sum >> 16)
sum = ((sum & 0xffff) + (sum >> 16));
sum = ~sum;
return ((u_short) sum);
}
int main(int argc, char *argv[]) {
int sock, bytes, on = 1;
char buffer[1024];
struct iphdr *ip;
struct tcphdr *tcp;
struct sockaddr_in to;
struct pseudohdr pseudoheader;
struct data_4_checksum tcp_chk_construct;
if (argc != 2) {
fprintf(stderr, "Usage: %s ", argv[0]);
fprintf(stderr, "<dest-addr>\n");
return 1;
}
sock = socket(AF_INET, SOCK_RAW, IPPROTO_TCP);
if (sock == -1) {
perror("socket() failed");
return 1;
}else{
printf("socket() ok\n");
}
if (setsockopt(sock, IPPROTO_IP, IP_HDRINCL, &on, sizeof(on)) == -1) {
perror("setsockopt() failed");
return 2;
}else{
printf("setsockopt() ok\n");
}
ip = (struct iphdr*) buffer;
tcp = (struct tcphdr*) (buffer + sizeof(struct tcphdr));
int iphdrlen = sizeof(struct iphdr);
int tcphdrlen = sizeof(struct tcphdr);
int datalen = 0;
printf("Typecasting ok\n");
ip->frag_off = 0;
ip->version = 4;
ip->ihl = 5;
ip->tot_len = htons(iphdrlen + tcphdrlen);
ip->id = 0;
ip->ttl = 40;
ip->protocol = IPPROTO_TCP;
ip->saddr = inet_addr("192.168.165.135");
ip->daddr = inet_addr(argv[1]);
ip->check = 0;
tcp->source = htons(12345);
tcp->dest = htons(80);
tcp->seq = random();
tcp->doff = 5;
tcp->ack = 0;
tcp->psh = 0;
tcp->rst = 0;
tcp->urg = 0;
tcp->syn = 1;
tcp->fin = 0;
tcp->window = htons(65535);
pseudoheader.src_addr = ip->saddr;
pseudoheader.dst_addr = ip->daddr;
pseudoheader.padding = 0;
pseudoheader.proto = ip->protocol;
pseudoheader.length = htons(tcphdrlen + datalen);
tcp_chk_construct.pshd = pseudoheader;
tcp_chk_construct.tcphdr = *tcp;
int checksum = comp_chksum((unsigned short*) &tcp_chk_construct,
sizeof(struct pseudohdr) + tcphdrlen + datalen);
tcp->check = checksum;
printf("TCP Checksum: %i\n", checksum);
printf("Destination : %i\n", ntohs(tcp->dest));
printf("Source: %i\n", ntohs(tcp->source));
to.sin_addr.s_addr = ip->daddr;
to.sin_family = AF_INET;
to.sin_port = tcp->dest;
bytes = sendto(sock, buffer, ntohs(ip->tot_len), 0, (struct sockaddr*) &to,
sizeof(to));
if (bytes == -1) {
perror("sendto() failed");
return 1;
}
recv(sock, buffer, sizeof(buffer), 0);
printf("TTL= %d\n", ip->ttl);
printf("Window= %d\n", tcp->window);
printf("ACK= %d\n", tcp->ack);
printf("%s:%d\t --> \t%s:%d \tSeq: %d \tAck: %d\n",
inet_ntoa(*(struct in_addr*) &ip->saddr), ntohs(tcp->source),
inet_ntoa(*(struct in_addr *) &ip->daddr), ntohs(tcp->dest),
ntohl(tcp->seq), ntohl(tcp->ack_seq));
return 0;
}

You're receiving and storing packets in buffer, but you're printing data from ip and tcp without parsing that buffer. You should parse the packet from buffer after receiving it, and before printing.
Your code assumes all packets are TCP, which is not the case. RAW sockets only support Layer 3 protocols (IP, ICMP, etc). In other words, using IPPROTO_TCP is misleading when creating a RAW socket. Stick to IPPROTO_IP, and add the necessary conditions to your code for each protocol you care about (TCP, UDP, etc). This happens to be working because the Linux Kernel validates the protocol number, and fallbacks to IPPROTO_IP. However, this might not work in other systems.
Review if your network communication is using the correct byte-order. The network-byte-order is Big-Endian, while the host-byte-order depends on your architecture, so you may need to convert multi-byte fields back and forth.
Your tcp->seq might have an invalid value, because TCP only accepts values up to 65535, while random() returns values from 0 to RAND_MAX (0x7fffffff). Try tcp->seq = htonl(random() % 65535);
Your offset calculation for the TCP header is incorrect. It should be sizeof(struct iphdr) rather than sizeof(struct tcphdr).

ip = (struct iphdr*) buffer;
tcp = (struct tcphdr*) (buffer + sizeof(struct tcphdr)); //This is wrong
Here to get array index of tcp header in buffer, you need to add sizeof(struct iphdr) to buffer like mentioned below.
ip = (struct iphdr*) buffer;
tcp = (struct tcphdr*) (buffer + sizeof(struct iphdr)); //This is correct

Raw socket sendto failed using C on Linux

I'm trying to send a raw packet using UDP, with the IP and UDP headers that I have constructed in my code. Raw packet successfully initialized with socket(PF_INET, SOCK_RAW, IPPROTO_UDP) and socket option set using setsockopt(sd, IPPROTO_IP, IP_HDRINCL, val, sizeof(int)).
The problem is when I send the packet using sendto(), I get the error 'Message too long'.
My IP header is 20 bytes and UDP header 8 bytes and my data is 12 bytes. So the total is only 40 bytes. This can't possibly be too long for a single UDP packet. Can someone help?
The type of val is a pointer to an int
Here is my code:
#include <unistd.h>
#include <stdio.h>
#include <sys/socket.h>
#include <netinet/ip.h>
#include <netinet/udp.h>
#include <string.h>
#include <stdlib.h>
#include <arpa/inet.h>
#include <netinet/in.h>
//The packet length in byes
#define PCKT_LEN 50
//Date size in bytes
#define DATA_SIZE 12
//PseudoHeader struct used to calculate UDP checksum.
typedef struct PseudoHeader{
unsigned long int source_ip;
unsigned long int dest_ip;
unsigned char reserved;
unsigned char protocol;
unsigned short int udp_length;
}PseudoHeader;
// Ripped from Richard Stevans Book
unsigned short ComputeChecksum(unsigned char *data, int len)
{
long sum = 0; /* assume 32 bit long, 16 bit short */
unsigned short *temp = (unsigned short *)data;
while(len > 1){
sum += *temp++;
if(sum & 0x80000000) /* if high order bit set, fold */
sum = (sum & 0xFFFF) + (sum >> 16);
len -= 2;
}
if(len) /* take care of left over byte */
sum += (unsigned short) *((unsigned char *)temp);
while(sum>>16)
sum = (sum & 0xFFFF) + (sum >> 16);
return ~sum;
}
int BindRawSocketToInterface(int rawsock, char *addr, short int port)
{
struct sockaddr_in s_addr;
s_addr.sin_family = AF_INET;
s_addr.sin_addr.s_addr = inet_addr(addr);
s_addr.sin_port = htons(port);
if((bind(rawsock, (struct sockaddr *)&s_addr, sizeof(s_addr)))== -1)
{
perror("Error binding raw socket to interface\n");
exit(-1);
}
return 1;
}
// Fabricate the IP header or we can use the
// standard header structures but assign our own values.
struct ip *CreateIPHeader(char *srcip, char *destip)
{
struct ip *ip_header;
ip_header = (struct ip *)malloc(sizeof(struct ip));
ip_header->ip_v = 4;
ip_header->ip_hl = 5;
ip_header->ip_tos = 0;
ip_header->ip_len = htons(sizeof(struct ip) + sizeof(struct udphdr) + DATA_SIZE);
ip_header->ip_id = htons(111);
ip_header->ip_off = 0;
ip_header->ip_ttl = 111;
ip_header->ip_p = IPPROTO_TCP;
ip_header->ip_sum = 0; /* We will calculate the checksum later */
inet_pton(AF_INET, srcip, &ip_header->ip_src);
inet_pton(AF_INET, destip, &ip_header->ip_dst);
/* Calculate the IP checksum now :
The IP Checksum is only over the IP header */
ip_header->ip_sum = ComputeChecksum((unsigned char *)ip_header, ip_header->ip_hl*4);
return (ip_header);
}
// Creates a the UDP header.
struct udphdr *CreateUdpHeader(char *srcport, char *destport )
{
struct udphdr *udp_header;
/* Check netinet/udp.h for header definiation */
udp_header = (struct udphdr *)malloc(sizeof(struct udphdr));
udp_header->source = htons(atoi(srcport));
udp_header->dest = htons(atoi(destport));
udp_header->len = htons(sizeof(struct udphdr) + DATA_SIZE); //TODO: need to specify this
udp_header->check = htons(0);
return (udp_header);
}
void CreatePseudoHeaderAndComputeUdpChecksum(struct udphdr *udp_header, struct ip *ip_header, unsigned char *data)
{
/*The TCP Checksum is calculated over the PseudoHeader + TCP header +Data*/
/* Find the size of the TCP Header + Data */
int segment_len = ntohs(ip_header->ip_len) - ip_header->ip_hl*4;
/* Total length over which TCP checksum will be computed */
int header_len = sizeof(PseudoHeader) + segment_len;
/* Allocate the memory */
unsigned char *hdr = (unsigned char *)malloc(header_len);
/* Fill in the pseudo header first */
PseudoHeader *pseudo_header = (PseudoHeader *)hdr;
pseudo_header->source_ip = ip_header->ip_src.s_addr;
pseudo_header->dest_ip = ip_header->ip_dst.s_addr;
pseudo_header->reserved = 0;
pseudo_header->protocol = ip_header->ip_p;
pseudo_header->udp_length = htons(segment_len);
/* Now copy TCP */
memcpy((hdr + sizeof(PseudoHeader)), (void *)udp_header, 8);
/* Now copy the Data */
memcpy((hdr + sizeof(PseudoHeader) + 8), data, DATA_SIZE);
/* Calculate the Checksum */
udp_header->check = ComputeChecksum(hdr, header_len);
/* Free the PseudoHeader */
free(hdr);
}
// Source IP, source port, target IP, target port from the command line arguments
int main(int argc, char *argv[])
{
int sd;
char buffer[PCKT_LEN];
char *data = "Hello World!";
// Source and destination addresses: IP and port
struct sockaddr_in to_addr;
int one = 1;
const int *val = &one;
printf("IP Header Size: %lu \n", sizeof(struct ip));
printf("UDP Header Size: %lu \n", sizeof(struct udphdr));
printf("Data Size: %d\n", DATA_SIZE);
printf("IP Total: %lu \n", sizeof(struct ip) + sizeof(struct udphdr) + DATA_SIZE);
memset(buffer, 0, PCKT_LEN);
if(argc != 5)
{
printf("- Invalid parameters!!!\n");
printf("- Usage %s <source hostname/IP> <source port> <target hostname/IP> <target port>\n", argv[0]);
exit(-1);
}
// Create a raw socket with UDP protocol
sd = socket(PF_INET, SOCK_RAW, IPPROTO_UDP);
if(sd < 0)
{
perror("socket() error");
exit(-1);
}
else
printf("socket() - Using SOCK_RAW socket and UDP protocol is OK.\n");
//Bind the socket to the source address and port.
BindRawSocketToInterface(sd, argv[1], atoi(argv[2]));
// Inform the kernel do not fill up the packet structure. we will build our own...
if(setsockopt(sd, IPPROTO_IP, IP_HDRINCL, val, sizeof(int)) < 0)
{
perror("setsockopt() error");
close(sd);
exit(-1);
}
else
printf("setsockopt() is OK.\n");
// The source is redundant, may be used later if needed
// The address family
to_addr.sin_family = AF_INET;
to_addr.sin_addr.s_addr = inet_addr(argv[3]);
to_addr.sin_port = htons(atoi(argv[4]));
//Create the IP header.
struct ip *ip_header = CreateIPHeader(argv[1], argv[3]);
//Create the UDP header.
struct udphdr *udp_header = CreateUdpHeader(argv[2], argv[4]);
//Compute UDP checksum
CreatePseudoHeaderAndComputeUdpChecksum(udp_header, ip_header, (unsigned char*)data);
//Copy IP header, UDP header, and data to the packet buffer.
memcpy(buffer, ip_header, sizeof(struct ip));
memcpy(buffer + sizeof(struct ip), udp_header, 8 /*sizeof(struct udphdr)*/);
memcpy(buffer + sizeof(struct ip) + 8, data, DATA_SIZE);
printf("Using raw socket and UDP protocol\n");
printf("Using Source IP: %s port: %u, Target IP: %s port: %u.\n", argv[1], atoi(argv[2]), argv[3], atoi(argv[4]));
if(sendto(sd, buffer, htons(20)/*ip_header->ip_len*/, 0, (struct sockaddr *)&to_addr, sizeof(to_addr)) < 0)
{
perror("sendto() error");
}
else
{
printf("sendto() is OK.\n");
}
free(ip_header);
free(udp_header);
close(sd);
return 0;
}

if(sendto(sd, buffer, htons(20)/*ip_header->ip_len*/, 0, (struct sockaddr *)&to_addr, sizeof(to_addr)) < 0)
The length here is wrong, you should not specify that in network byte order.
A simple 20 is enough. htons(20) will be a very large number on a little endian machine.
( if you want to send other things that just the IP header, you should include that too in the length,, sounds like your buffer is 40 bytes, not 20)

You can use my own function that i don't have your problem:
#define NDEBUG
#define COUNTMAX 3000
#define MAX_FAKE 100
#define ERROR -1
#define TYPE_A 1
#define TYPE_PTR 12
#define CLASS_INET 1
#define ERROR -1
#ifndef IPVERSION
#define IPVERSION 4
#endif /* IPVERISON */
#ifndef IP_MAXPACKET
#define IP_MAXPACKET 65535
#endif /* IP_MAXPACKET */
#define DNSHDRSIZE 12
#ifndef IP_MAXPACKET
#define IP_MAXPACKET 65535
#endif /* IP_MAXPACKET */
#define IPHDRSIZE sizeof(struct iphdr)
#define UDPHDRSIZE sizeof(struct udphdr)
int udp_send(int s, unsigned long saddr, unsigned long daddr,unsigned short sport,unsigned short dport,char *datagram, unsigned datasize)
{
struct sockaddr_in sin;
struct iphdr *ip;
struct udphdr *udp;
unsigned char *data;
unsigned char packet[4024];
ip = (struct iphdr *)packet;
udp = (struct udphdr *)(packet+IPHDRSIZE);
data = (unsigned char *)(packet+IPHDRSIZE+UDPHDRSIZE);
memset(packet,0,sizeof(packet));
udp->source = htons(sport);
udp->dest = htons(dport);
udp->len = htons(UDPHDRSIZE+datasize);
udp->check = 0;
memcpy(data,datagram,datasize);
ip->saddr.s_addr = saddr;
ip->daddr.s_addr = daddr;
ip->version = 4; /*ip version*/
ip->ihl = 5;
ip->ttl = 245;
ip->id = random()%5985;
ip->protocol = IPPROTO_UDP; /*protocol type*/
ip->tot_len = htons((IPHDRSIZE + UDPHDRSIZE + datasize));
ip->check = 0;
ip->check = in_cksum((char *)packet,IPHDRSIZE);
sin.sin_family=AF_INET;
sin.sin_addr.s_addr=daddr;
sin.sin_port=udp->dest;
printf ("socket: %d, packet: %s,size: %d, struct addr: %p, size: %i", s, packet, IPHDRSIZE+UDPHDRSIZE+datasize, (struct sockaddr*)&sin, sizeof(struct sockaddr));
return sendto(s, packet, IPHDRSIZE+UDPHDRSIZE+datasize, 0, (struct sockaddr*)&sin, sizeof(struct sockaddr));
}// end of udp_send function

The call to sendto() doesn't appear to be right as shown, even corrected per the comments:
Original: sendto(sd, buffer, htons(20)/ip_header->ip_len/,...);
Orr as corrected: sendto(sd, buffer, 20/ip_header->ip_len/,...);
The data length parameter should be the sum of header and data lengths: 20+8+12 = 40. A general solution could be:
sendto(sd, buffer, sizeof(struct ip) + sizeof(struct udphdr) + DATA_SIZE,...);
With this change it started working for me.