1RAW(7) Linux Programmer's Manual RAW(7)
2
3
4
6 raw - Linux IPv4 raw sockets
7
9 #include <sys/socket.h>
10 #include <netinet/in.h>
11 raw_socket = socket(AF_INET, SOCK_RAW, int protocol);
12
14 Raw sockets allow new IPv4 protocols to be implemented in user space.
15 A raw socket receives or sends the raw datagram not including link
16 level headers.
17
18 The IPv4 layer generates an IP header when sending a packet unless the
19 IP_HDRINCL socket option is enabled on the socket. When it is enabled,
20 the packet must contain an IP header. For receiving, the IP header is
21 always included in the packet.
22
23 In order to create a raw socket, a process must have the CAP_NET_RAW
24 capability in the user namespace that governs its network namespace.
25
26 All packets or errors matching the protocol number specified for the
27 raw socket are passed to this socket. For a list of the allowed proto‐
28 cols, see the IANA list of assigned protocol numbers at
29 ⟨http://www.iana.org/assignments/protocol-numbers/⟩ and getprotoby‐
30 name(3).
31
32 A protocol of IPPROTO_RAW implies enabled IP_HDRINCL and is able to
33 send any IP protocol that is specified in the passed header. Receiving
34 of all IP protocols via IPPROTO_RAW is not possible using raw sockets.
35
36 ┌───────────────────────────────────────────────────┐
37 │IP Header fields modified on sending by IP_HDRINCL │
38 ├──────────────────────┬────────────────────────────┤
39 │IP Checksum │ Always filled in │
40 ├──────────────────────┼────────────────────────────┤
41 │Source Address │ Filled in when zero │
42 ├──────────────────────┼────────────────────────────┤
43 │Packet ID │ Filled in when zero │
44 ├──────────────────────┼────────────────────────────┤
45 │Total Length │ Always filled in │
46 └──────────────────────┴────────────────────────────┘
47 If IP_HDRINCL is specified and the IP header has a nonzero destination
48 address, then the destination address of the socket is used to route
49 the packet. When MSG_DONTROUTE is specified, the destination address
50 should refer to a local interface, otherwise a routing table lookup is
51 done anyway but gatewayed routes are ignored.
52
53 If IP_HDRINCL isn't set, then IP header options can be set on raw sock‐
54 ets with setsockopt(2); see ip(7) for more information.
55
56 Starting with Linux 2.2, all IP header fields and options can be set
57 using IP socket options. This means raw sockets are usually needed
58 only for new protocols or protocols with no user interface (like ICMP).
59
60 When a packet is received, it is passed to any raw sockets which have
61 been bound to its protocol before it is passed to other protocol han‐
62 dlers (e.g., kernel protocol modules).
63
64 Address format
65 For sending and receiving datagrams (sendto(2), recvfrom(2), and simi‐
66 lar), raw sockets use the standard sockaddr_in address structure
67 defined in ip(7). The sin_port field could be used to specify the IP
68 protocol number, but it is ignored for sending in Linux 2.2 and later,
69 and should be always set to 0 (see BUGS). For incoming packets,
70 sin_port is set to zero.
71
72 Socket options
73 Raw socket options can be set with setsockopt(2) and read with getsock‐
74 opt(2) by passing the IPPROTO_RAW family flag.
75
76 ICMP_FILTER
77 Enable a special filter for raw sockets bound to the
78 IPPROTO_ICMP protocol. The value has a bit set for each ICMP
79 message type which should be filtered out. The default is to
80 filter no ICMP messages.
81
82 In addition, all ip(7) IPPROTO_IP socket options valid for datagram
83 sockets are supported.
84
85 Error handling
86 Errors originating from the network are passed to the user only when
87 the socket is connected or the IP_RECVERR flag is enabled. For con‐
88 nected sockets, only EMSGSIZE and EPROTO are passed for compatibility.
89 With IP_RECVERR, all network errors are saved in the error queue.
90
92 EACCES User tried to send to a broadcast address without having the
93 broadcast flag set on the socket.
94
95 EFAULT An invalid memory address was supplied.
96
97 EINVAL Invalid argument.
98
99 EMSGSIZE
100 Packet too big. Either Path MTU Discovery is enabled (the
101 IP_MTU_DISCOVER socket flag) or the packet size exceeds the max‐
102 imum allowed IPv4 packet size of 64 kB.
103
104 EOPNOTSUPP
105 Invalid flag has been passed to a socket call (like MSG_OOB).
106
107 EPERM The user doesn't have permission to open raw sockets. Only pro‐
108 cesses with an effective user ID of 0 or the CAP_NET_RAW
109 attribute may do that.
110
111 EPROTO An ICMP error has arrived reporting a parameter problem.
112
114 IP_RECVERR and ICMP_FILTER are new in Linux 2.2. They are Linux exten‐
115 sions and should not be used in portable programs.
116
117 Linux 2.0 enabled some bug-to-bug compatibility with BSD in the raw
118 socket code when the SO_BSDCOMPAT socket option was set; since Linux
119 2.2, this option no longer has that effect.
120
122 By default, raw sockets do path MTU (Maximum Transmission Unit) discov‐
123 ery. This means the kernel will keep track of the MTU to a specific
124 target IP address and return EMSGSIZE when a raw packet write exceeds
125 it. When this happens, the application should decrease the packet
126 size. Path MTU discovery can be also turned off using the IP_MTU_DIS‐
127 COVER socket option or the /proc/sys/net/ipv4/ip_no_pmtu_disc file, see
128 ip(7) for details. When turned off, raw sockets will fragment outgoing
129 packets that exceed the interface MTU. However, disabling it is not
130 recommended for performance and reliability reasons.
131
132 A raw socket can be bound to a specific local address using the bind(2)
133 call. If it isn't bound, all packets with the specified IP protocol
134 are received. In addition, a raw socket can be bound to a specific
135 network device using SO_BINDTODEVICE; see socket(7).
136
137 An IPPROTO_RAW socket is send only. If you really want to receive all
138 IP packets, use a packet(7) socket with the ETH_P_IP protocol. Note
139 that packet sockets don't reassemble IP fragments, unlike raw sockets.
140
141 If you want to receive all ICMP packets for a datagram socket, it is
142 often better to use IP_RECVERR on that particular socket; see ip(7).
143
144 Raw sockets may tap all IP protocols in Linux, even protocols like ICMP
145 or TCP which have a protocol module in the kernel. In this case, the
146 packets are passed to both the kernel module and the raw socket(s).
147 This should not be relied upon in portable programs, many other BSD
148 socket implementation have limitations here.
149
150 Linux never changes headers passed from the user (except for filling in
151 some zeroed fields as described for IP_HDRINCL). This differs from
152 many other implementations of raw sockets.
153
154 Raw sockets are generally rather unportable and should be avoided in
155 programs intended to be portable.
156
157 Sending on raw sockets should take the IP protocol from sin_port; this
158 ability was lost in Linux 2.2. The workaround is to use IP_HDRINCL.
159
161 Transparent proxy extensions are not described.
162
163 When the IP_HDRINCL option is set, datagrams will not be fragmented and
164 are limited to the interface MTU.
165
166 Setting the IP protocol for sending in sin_port got lost in Linux 2.2.
167 The protocol that the socket was bound to or that was specified in the
168 initial socket(2) call is always used.
169
171 recvmsg(2), sendmsg(2), capabilities(7), ip(7), socket(7)
172
173 RFC 1191 for path MTU discovery. RFC 791 and the <linux/ip.h> header
174 file for the IP protocol.
175
177 This page is part of release 4.15 of the Linux man-pages project. A
178 description of the project, information about reporting bugs, and the
179 latest version of this page, can be found at
180 https://www.kernel.org/doc/man-pages/.
181
182
183
184Linux 2017-09-15 RAW(7)