1RAW(7)                     Linux Programmer's Manual                    RAW(7)


6       raw - Linux IPv4 raw sockets


9       #include <sys/socket.h>
10       #include <netinet/in.h>
11       raw_socket = socket(AF_INET, SOCK_RAW, int protocol);


14       Raw  sockets  allow new IPv4 protocols to be implemented in user space.
15       A raw socket receives or sends the  raw  datagram  not  including  link
16       level headers.
18       The  IPv4 layer generates an IP header when sending a packet unless the
19       IP_HDRINCL socket option is enabled on the socket.  When it is enabled,
20       the  packet must contain an IP header.  For receiving, the IP header is
21       always included in the packet.
23       In order to create a raw socket, a process must  have  the  CAP_NET_RAW
24       capability in the user namespace that governs its network namespace.
26       All  packets  or  errors matching the protocol number specified for the
27       raw socket are passed to this socket.  For a list of the allowed proto‐
28       cols,   see   the   IANA   list   of   assigned   protocol  numbers  at
29http://www.iana.org/assignments/protocol-numbers/⟩   and   getprotoby‐
30       name(3).
32       A  protocol  of  IPPROTO_RAW  implies enabled IP_HDRINCL and is able to
33       send any IP protocol that is specified in the passed header.  Receiving
34       of all IP protocols via IPPROTO_RAW is not possible using raw sockets.
36              ┌───────────────────────────────────────────────────┐
37              │IP Header fields modified on sending by IP_HDRINCL 
38              ├──────────────────────┬────────────────────────────┤
39              │IP Checksum           │ Always filled in           │
40              ├──────────────────────┼────────────────────────────┤
41              │Source Address        │ Filled in when zero        │
42              ├──────────────────────┼────────────────────────────┤
43              │Packet ID             │ Filled in when zero        │
44              ├──────────────────────┼────────────────────────────┤
45              │Total Length          │ Always filled in           │
46              └──────────────────────┴────────────────────────────┘
47       If  IP_HDRINCL is specified and the IP header has a nonzero destination
48       address, then the destination address of the socket is  used  to  route
49       the  packet.   When MSG_DONTROUTE is specified, the destination address
50       should refer to a local interface, otherwise a routing table lookup  is
51       done anyway but gatewayed routes are ignored.
53       If IP_HDRINCL isn't set, then IP header options can be set on raw sock‐
54       ets with setsockopt(2); see ip(7) for more information.
56       Starting with Linux 2.2, all IP header fields and options  can  be  set
57       using  IP  socket  options.   This means raw sockets are usually needed
58       only for new protocols or protocols with no user interface (like ICMP).
60       When a packet is received, it is passed to any raw sockets  which  have
61       been  bound  to its protocol before it is passed to other protocol han‐
62       dlers (e.g., kernel protocol modules).
64   Address format
65       For sending and receiving datagrams (sendto(2), recvfrom(2), and  simi‐
66       lar),  raw  sockets  use  the  standard  sockaddr_in  address structure
67       defined in ip(7).  The sin_port field could be used to specify  the  IP
68       protocol  number, but it is ignored for sending in Linux 2.2 and later,
69       and should be always set  to  0  (see  BUGS).   For  incoming  packets,
70       sin_port is set to zero.
72   Socket options
73       Raw socket options can be set with setsockopt(2) and read with getsock‐
74       opt(2) by passing the IPPROTO_RAW family flag.
76       ICMP_FILTER
77              Enable  a  special  filter  for  raw  sockets   bound   to   the
78              IPPROTO_ICMP  protocol.   The  value has a bit set for each ICMP
79              message type which should be filtered out.  The  default  is  to
80              filter no ICMP messages.
82       In  addition,  all  ip(7)  IPPROTO_IP socket options valid for datagram
83       sockets are supported.
85   Error handling
86       Errors originating from the network are passed to the  user  only  when
87       the  socket  is  connected or the IP_RECVERR flag is enabled.  For con‐
88       nected sockets, only EMSGSIZE and EPROTO are passed for  compatibility.
89       With IP_RECVERR, all network errors are saved in the error queue.


92       EACCES User  tried  to  send  to a broadcast address without having the
93              broadcast flag set on the socket.
95       EFAULT An invalid memory address was supplied.
97       EINVAL Invalid argument.
99       EMSGSIZE
100              Packet too big.  Either  Path  MTU  Discovery  is  enabled  (the
101              IP_MTU_DISCOVER socket flag) or the packet size exceeds the max‐
102              imum allowed IPv4 packet size of 64 kB.
104       EOPNOTSUPP
105              Invalid flag has been passed to a socket call (like MSG_OOB).
107       EPERM  The user doesn't have permission to open raw sockets.  Only pro‐
108              cesses  with  an  effective  user  ID  of  0  or the CAP_NET_RAW
109              attribute may do that.
111       EPROTO An ICMP error has arrived reporting a parameter problem.


114       IP_RECVERR and ICMP_FILTER are new in Linux 2.2.  They are Linux exten‐
115       sions and should not be used in portable programs.
117       Linux  2.0  enabled  some  bug-to-bug compatibility with BSD in the raw
118       socket code when the SO_BSDCOMPAT socket option was  set;  since  Linux
119       2.2, this option no longer has that effect.


122       By default, raw sockets do path MTU (Maximum Transmission Unit) discov‐
123       ery.  This means the kernel will keep track of the MTU  to  a  specific
124       target  IP  address and return EMSGSIZE when a raw packet write exceeds
125       it.  When this happens, the  application  should  decrease  the  packet
126       size.   Path MTU discovery can be also turned off using the IP_MTU_DIS‐
127       COVER socket option or the /proc/sys/net/ipv4/ip_no_pmtu_disc file, see
128       ip(7) for details.  When turned off, raw sockets will fragment outgoing
129       packets that exceed the interface MTU.  However, disabling  it  is  not
130       recommended for performance and reliability reasons.
132       A raw socket can be bound to a specific local address using the bind(2)
133       call.  If it isn't bound, all packets with the  specified  IP  protocol
134       are  received.   In  addition,  a raw socket can be bound to a specific
135       network device using SO_BINDTODEVICE; see socket(7).
137       An IPPROTO_RAW socket is send only.  If you really want to receive  all
138       IP  packets,  use  a packet(7) socket with the ETH_P_IP protocol.  Note
139       that packet sockets don't reassemble IP fragments, unlike raw sockets.
141       If you want to receive all ICMP packets for a datagram  socket,  it  is
142       often better to use IP_RECVERR on that particular socket; see ip(7).
144       Raw sockets may tap all IP protocols in Linux, even protocols like ICMP
145       or TCP which have a protocol module in the kernel.  In this  case,  the
146       packets  are  passed  to  both the kernel module and the raw socket(s).
147       This should not be relied upon in portable  programs,  many  other  BSD
148       socket implementation have limitations here.
150       Linux never changes headers passed from the user (except for filling in
151       some zeroed fields as described for  IP_HDRINCL).   This  differs  from
152       many other implementations of raw sockets.
154       Raw  sockets  are  generally rather unportable and should be avoided in
155       programs intended to be portable.
157       Sending on raw sockets should take the IP protocol from sin_port;  this
158       ability was lost in Linux 2.2.  The workaround is to use IP_HDRINCL.


161       Transparent proxy extensions are not described.
163       When the IP_HDRINCL option is set, datagrams will not be fragmented and
164       are limited to the interface MTU.
166       Setting the IP protocol for sending in sin_port got lost in Linux  2.2.
167       The  protocol that the socket was bound to or that was specified in the
168       initial socket(2) call is always used.


171       recvmsg(2), sendmsg(2), capabilities(7), ip(7), socket(7)
173       RFC 1191 for path MTU discovery.  RFC 791 and the  <linux/ip.h>  header
174       file for the IP protocol.


177       This  page  is  part of release 4.15 of the Linux man-pages project.  A
178       description of the project, information about reporting bugs,  and  the
179       latest     version     of     this    page,    can    be    found    at
180       https://www.kernel.org/doc/man-pages/.
184Linux                             2017-09-15                            RAW(7)