当我进行套接字编程时,我无法清楚地理解
RAW_SOCKET我的理解:
如果我使用此选项打开套接字
AF_INETRAW_SOCKETAF_INETAF_INET在每一层中,数据包都有两个不相交的部分:标头和有效负载。
非原始套接字意味着您可以只确定传输层有效负载。即,创建传输、网络和数据链路层标头是操作系统的任务。
原始套接字意味着您可以确定数据包的每个部分,无论是标头还是有效负载。请注意,原始套接字是一个通用词。我将原始套接字分类为:网络套接字和数据链路套接字(或者 L3 套接字和 L2 套接字)。
在 L3 Socket 中,您可以在网络层设置数据包的标头和负载。例如:如果网络层协议是 IPv4,则可以确定 IPv4 标头和负载。因此,您可以设置传输层标头/有效负载、ICMP 标头/有效负载、路由协议标头/有效负载....
在 L2 Socket 中,您可以在数据链路层设置数据包的标头和负载,即数据包中的所有内容。因此,您可以使用 L3 Socket 完成所有操作 + 确定 ARP 标头/有效负载、PPP 标头/有效负载、PPPOE 标头/有效负载,....
现在正在编程:
第三个参数指定有效负载协议。
RAW_SOCKET 允许用户在互联网(IP)级别之上实现自己的传输层协议。您负责创建和解析传输级标头及其背后的逻辑。数据包看起来像:
-------------------------------------------------------------------
| Ethernet (typically) header | IP header | Your header | payload |
-------------------------------------------------------------------
您还可以将 SOCK_RAW 与“数据包套接字”一起使用,这将允许您对 L2(以太网)和 L3(IP)层进行完全控制。这意味着您可以完全自定义渲染数据包,因为它来自网卡..
详情请看这里:
http://www.kernel.org/doc/man-pages/online/pages/man7/packet.7.html
它也用于 ICMP (ping) 等协议,您必须了解 ICPM 数据包的结构才能创建它。而且内核不会修改你的数据包
Once the application creates RAW socket is used to send and
receive packets from source to destination those all packets are
treated as datagram on an unconnected socket
when sending IPv4 data, an application has a choice on
whether to specify the IPv4 header at the front of the outgoing
datagram for the packet.
If the IP_HDRINCL socket option is set to true for an IPv4
socket (address family of AF_INET), the application must supply the
IPv4 header in the outgoing data for send operations.
If this socket option is false (the default setting), then
the IPv4 header should not be in included the outgoing data for
send operations.
It is important to understand that some sockets of type
SOCK_RAW may receive many unexpected datagrams. For example, a PING
program may create a socket of type SOCK_RAW to send ICMP echo
requests and receive responses. While the application is expecting
ICMP echo responses, if several SOCK_RAW sockets are open on a
computer at the same time, the same datagrams may be delivered to
all the open sockets. An application must have a mechanism to
recognize and to ignore all others.
For a PING program, such a mechanism might include
inspecting the received IP header for unique identifiers in the
ICMP header (the application's process ID, for example)
TCP data cannot be sent by using raw socket
Referred from below link :
https://msdn.microsoft.com/en-us/library/windows/desktop/ms740548%28v=vs.85%29.aspx