1RAW(7) Linux Programmer's Manual RAW(7)
2
6 raw - Linux IPv4 raw sockets
7
9 #include <sys/socket.h>
10 #include <netinet/in.h>
11 raw_socket = socket(AF_INET, SOCK_RAW, int protocol);
12
14 Raw sockets allow new IPv4 protocols to be implemented in user space.
15 A raw socket receives or sends the raw datagram not including link
16 level headers.
17 The IPv4 layer generates an IP header when sending a packet unless the
19 IP_HDRINCL socket option is enabled on the socket. When it is enabled,
20 the packet must contain an IP header. For receiving the IP header is
21 always included in the packet.
22 Only processes with an effective user ID of 0 or the CAP_NET_RAW capa‐
24 bility are allowed to open raw sockets.
25 All packets or errors matching the protocol number specified for the
27 raw socket are passed to this socket. For a list of the allowed proto‐
28 cols see RFC 1700 assigned numbers and getprotobyname(3).
29 A protocol of IPPROTO_RAW implies enabled IP_HDRINCL and is able to
31 send any IP protocol that is specified in the passed header. Receiving
32 of all IP protocols via IPPROTO_RAW is not possible using raw sockets.
33 ┌───────────────────────────────────────────────────┐
35 │IP Header fields modified on sending by IP_HDRINCL │
36 ├──────────────────────┬────────────────────────────┤
37 │IP Checksum │Always filled in. │
38 ├──────────────────────┼────────────────────────────┤
39 │Source Address │Filled in when zero. │
40 ├──────────────────────┼────────────────────────────┤
41 │Packet Id │Filled in when zero. │
42 ├──────────────────────┼────────────────────────────┤
43 │Total Length │Always filled in. │
44 └──────────────────────┴────────────────────────────┘
45 If IP_HDRINCL is specified and the IP header has a nonzero destination
47 address then the destination address of the socket is used to route the
48 packet. When MSG_DONTROUTE is specified, the destination address
49 should refer to a local interface, otherwise a routing table lookup is
50 done anyway but gatewayed routes are ignored.
51 If IP_HDRINCL isn't set, then IP header options can be set on raw sock‐
53 ets with setsockopt(2); see ip(7) for more information.
54 In Linux 2.2, all IP header fields and options can be set using IP
56 socket options. This means raw sockets are usually needed only for new
57 protocols or protocols with no user interface (like ICMP).
58 When a packet is received, it is passed to any raw sockets which have
60 been bound to its protocol before it is passed to other protocol han‐
61 dlers (e.g., kernel protocol modules).
62 Address format
64 Raw sockets use the standard sockaddr_in address structure defined in
65 ip(7). The sin_port field could be used to specify the IP protocol
66 number, but it is ignored for sending in Linux 2.2 and should be always
67 set to 0 (see BUGS). For incoming packets, sin_port is set to the pro‐
68 tocol of the packet. See the <netinet/in.h> include file for valid IP
69 protocols.
70 Socket options
72 Raw socket options can be set with setsockopt(2) and read with getsock‐
73 opt(2) by passing the IPPROTO_RAW family flag.
74 ICMP_FILTER
76 Enable a special filter for raw sockets bound to the
77 IPPROTO_ICMP protocol. The value has a bit set for each ICMP
78 message type which should be filtered out. The default is to
79 filter no ICMP messages.
80 In addition, all ip(7) IPPROTO_IP socket options valid for datagram
82 sockets are supported.
83 Error handling
85 Errors originating from the network are passed to the user only when
86 the socket is connected or the IP_RECVERR flag is enabled. For con‐
87 nected sockets, only EMSGSIZE and EPROTO are passed for compatibility.
88 With IP_RECVERR, all network errors are saved in the error queue.
89
91 EACCES User tried to send to a broadcast address without having the
92 broadcast flag set on the socket.
93 EFAULT An invalid memory address was supplied.
95 EINVAL Invalid argument.
97 EMSGSIZE
99 Packet too big. Either Path MTU Discovery is enabled (the
100 IP_MTU_DISCOVER socket flag) or the packet size exceeds the max‐
101 imum allowed IPv4 packet size of 64KB.
102 EOPNOTSUPP
104 Invalid flag has been passed to a socket call (like MSG_OOB).
105 EPERM The user doesn't have permission to open raw sockets. Only pro‐
107 cesses with an effective user ID of 0 or the CAP_NET_RAW
108 attribute may do that.
109 EPROTO An ICMP error has arrived reporting a parameter problem.
111
113 IP_RECVERR and ICMP_FILTER are new in Linux 2.2. They are Linux exten‐
114 sions and should not be used in portable programs.
115 Linux 2.0 enabled some bug-to-bug compatibility with BSD in the raw
117 socket code when the SO_BSDCOMPAT socket option was set — since Linux
118 2.2, this option no longer has that effect.
119
121 By default, raw sockets do path MTU (Maximum Transmission Unit) discov‐
122 ery. This means the kernel will keep track of the MTU to a specific
123 target IP address and return EMSGSIZE when a raw packet write exceeds
124 it. When this happens, the application should decrease the packet
125 size. Path MTU discovery can be also turned off using the IP_MTU_DIS‐
126 COVER socket option or the /proc/sys/net/ipv4/ip_no_pmtu_disc file, see
127 ip(7) for details. When turned off, raw sockets will fragment outgoing
128 packets that exceed the interface MTU. However, disabling it is not
129 recommended for performance and reliability reasons.
130 A raw socket can be bound to a specific local address using the bind(2)
132 call. If it isn't bound, all packets with the specified IP protocol
133 are received. In addition, a RAW socket can be bound to a specific
134 network device using SO_BINDTODEVICE; see socket(7).
135 An IPPROTO_RAW socket is send only. If you really want to receive all
137 IP packets, use a packet(7) socket with the ETH_P_IP protocol. Note
138 that packet sockets don't reassemble IP fragments, unlike raw sockets.
139 If you want to receive all ICMP packets for a datagram socket, it is
141 often better to use IP_RECVERR on that particular socket; see ip(7).
142 Raw sockets may tap all IP protocols in Linux, even protocols like ICMP
144 or TCP which have a protocol module in the kernel. In this case, the
145 packets are passed to both the kernel module and the raw socket(s).
146 This should not be relied upon in portable programs, many other BSD
147 socket implementation have limitations here.
148 Linux never changes headers passed from the user (except for filling in
150 some zeroed fields as described for IP_HDRINCL). This differs from
151 many other implementations of raw sockets.
152 RAW sockets are generally rather unportable and should be avoided in
154 programs intended to be portable.
155 Sending on raw sockets should take the IP protocol from sin_port; this
157 ability was lost in Linux 2.2. The workaround is to use IP_HDRINCL.
158
160 Transparent proxy extensions are not described.
161 When the IP_HDRINCL option is set, datagrams will not be fragmented and
163 are limited to the interface MTU.
164 Setting the IP protocol for sending in sin_port got lost in Linux 2.2.
166 The protocol that the socket was bound to or that was specified in the
167 initial socket(2) call is always used.
168
170 recvmsg(2), sendmsg(2), capabilities(7), ip(7), socket(7)
171 RFC 1191 for path MTU discovery. RFC 791 and the <linux/ip.h> header
173 file for the IP protocol.
174
176 This page is part of release 3.53 of the Linux man-pages project. A
177 description of the project, and information about reporting bugs, can
178 be found at http://www.kernel.org/doc/man-pages/.
179Linux 2012-05-10 RAW(7)