1RAW(7)                     Linux Programmer's Manual                    RAW(7)
2
3
4

NAME

6       raw, SOCK_RAW - Linux IPv4 raw sockets
7

SYNOPSIS

9       #include <sys/socket.h>
10       #include <netinet/in.h>
11       raw_socket = socket(PF_INET, SOCK_RAW, int protocol);
12
13

DESCRIPTION

15       Raw  sockets  allow new IPv4 protocols to be implemented in user space.
16       A raw socket receives or sends the  raw  datagram  not  including  link
17       level headers.
18
19       The  IPv4 layer generates an IP header when sending a packet unless the
20       IP_HDRINCL socket option is enabled on the socket.  When it is enabled,
21       the  packet  must contain an IP header.  For receiving the IP header is
22       always included in the packet.
23
24       Only processes with an effective user ID of 0 or the CAP_NET_RAW  capa‐
25       bility are allowed to open raw sockets.
26
27       All  packets  or  errors matching the protocol number specified for the
28       raw socket are passed to this socket.  For a list of the allowed proto‐
29       cols see RFC 1700 assigned numbers and getprotobyname(3).
30
31       A  protocol  of  IPPROTO_RAW  implies enabled IP_HDRINCL and is able to
32       send any IP protocol that is specified in the passed header.  Receiving
33       of all IP protocols via IPPROTO_RAW is not possible using raw sockets.
34
35
36       ┌───────────────────────────────────────────────────┐
37       │IP Header fields modified on sending by IP_HDRINCL │
38       ├──────────────────────┬────────────────────────────┤
39       │IP Checksum           │Always filled in.           │
40       ├──────────────────────┼────────────────────────────┤
41       │Source Address        │Filled in when zero.        │
42       ├──────────────────────┼────────────────────────────┤
43       │Packet Id             │Filled in when zero.        │
44       ├──────────────────────┼────────────────────────────┤
45       │Total Length          │Always filled in.           │
46       └──────────────────────┴────────────────────────────┘
47       If IP_HDRINCL is specified and the IP header has a non-zero destination
48       address then the destination address of the socket is used to route the
49       packet.  When MSG_DONTROUTE is specified the destination address should
50       refer to a local interface, otherwise a routing table  lookup  is  done
51       anyway but gatewayed routes are ignored.
52
53       If  IP_HDRINCL isn't set then IP header options can be set on raw sock‐
54       ets with setsockopt(2); see ip(7) for more information.
55
56       In Linux 2.2 all IP header fields and  options  can  be  set  using  IP
57       socket  options. This means raw sockets are usually only needed for new
58       protocols or protocols with no user interface (like ICMP).
59
60       When a packet is received, it is passed to any raw sockets  which  have
61       been  bound  to its protocol before it is passed to other protocol han‐
62       dlers (e.g. kernel protocol modules).
63
64

ADDRESS FORMAT

66       Raw sockets use the standard sockaddr_in address structure  defined  in
67       ip(7).   The  sin_port  field  could be used to specify the IP protocol
68       number, but it is ignored for sending in Linux 2.2 and should be always
69       set  to 0 (see BUGS) For incoming packets sin_port is set to the proto‐
70       col of the packet.  See the <netinet/in.h> include file  for  valid  IP
71       protocols.
72
73

SOCKET OPTIONS

75       Raw socket options can be set with setsockopt(2) and read with getsock‐
76       opt(2) by passing the IPPROTO_RAW family flag.
77
78
79       ICMP_FILTER
80              Enable  a  special  filter  for  raw  sockets   bound   to   the
81              IPPROTO_ICMP  protocol.   The  value has a bit set for each ICMP
82              message type which should be filtered out.  The  default  is  to
83              filter no ICMP messages.
84
85
86       In  addition  all  ip(7)  IPPROTO_IP  socket options valid for datagram
87       sockets are supported.
88
89

NOTES

91       By default raw sockets do path MTU (Maximum Transmission Unit)  discov‐
92       ery.   This  means  the kernel will keep track of the MTU to a specific
93       target IP address and return EMSGSIZE when a raw packet  write  exceeds
94       it.  When this happens the application should decrease the packet size.
95       Path MTU discovery can be also turned  off  using  the  IP_MTU_DISCOVER
96       socket  option  or  the  ip_no_pmtu_disc sysctl, see ip(7) for details.
97       When turned off raw sockets will fragment outgoing packets that  exceed
98       the interface MTU.  However disabling it is not recommended for perfor‐
99       mance and reliability reasons.
100
101       A raw socket can be bound to a specific local address using the bind(2)
102       call.  If it isn't bound all packets with the specified IP protocol are
103       received.  In addition a RAW socket can be bound to a specific  network
104       device using SO_BINDTODEVICE; see socket(7).
105
106       An  IPPROTO_RAW socket is send only.  If you really want to receive all
107       IP packets use a packet(7) socket with the ETH_P_IP protocol. Note that
108       packet sockets don't reassemble IP fragments, unlike raw sockets.
109
110       If  you  want  to  receive all ICMP packets for a datagram socket it is
111       often better to use IP_RECVERR on that particular socket; see ip(7).
112
113       Raw sockets may tap all IP protocols in Linux, even protocols like ICMP
114       or  TCP  which  have a protocol module in the kernel.  In this case the
115       packets are passed to both the kernel module  and  the  raw  socket(s).
116       This  should  not  be  relied upon in portable programs, many other BSD
117       socket implementation have limitations here.
118
119       Linux never changes headers passed from the user (except for filling in
120       some  zeroed  fields  as  described for IP_HDRINCL).  This differs from
121       many other implementations of raw sockets.
122
123       RAW sockets are generally rather unportable and should  be  avoided  in
124       programs intended to be portable.
125
126       Sending  on raw sockets should take the IP protocol from sin_port; this
127       ability was lost in Linux 2.2.  The workaround is to use IP_HDRINCL.
128
129

ERROR HANDLING

131       Errors originating from the network are only passed to  the  user  when
132       the  socket  is  connected  or the IP_RECVERR flag is enabled. For con‐
133       nected sockets only EMSGSIZE and EPROTO are passed  for  compatibility.
134       With IP_RECVERR all network errors are saved in the error queue.
135

ERRORS

137       EMSGSIZE
138              Packet  too  big.  Either  Path  MTU  Discovery  is enabled (the
139              IP_MTU_DISCOVER socket flag) or the packet size exceeds the max‐
140              imum allowed IPv4 packet size of 64KB.
141
142       EACCES User  tried  to  send  to a broadcast address without having the
143              broadcast flag set on the socket.
144
145       EPROTO An ICMP error has arrived reporting a parameter problem.
146
147       EFAULT An invalid memory address was supplied.
148
149       EOPNOTSUPP
150              Invalid flag has been passed to a socket call (like MSG_OOB).
151
152       EINVAL Invalid argument.
153
154       EPERM  The user doesn't have permission to open raw sockets. Only  pro‐
155              cesses  with  a  effective  user  ID  of  0  or  the CAP_NET_RAW
156              attribute may do that.
157
158

VERSIONS

160       IP_RECVERR and ICMP_FILTER are new in Linux 2.2. They are Linux  exten‐
161       sions and should not be used in portable programs.
162
163       Linux  2.0  enabled  some  bug-to-bug compatibility with BSD in the raw
164       socket code when the SO_BSDCOMPAT socket option was set —  since  Linux
165       2.2, this option no longer has that effect.
166
167

BUGS

169       Transparent proxy extensions are not described.
170
171       When  the IP_HDRINCL option is set datagrams will not be fragmented and
172       are limited to the interface MTU.
173
174       Setting the IP protocol for sending in sin_port got lost in Linux  2.2.
175       The  protocol that the socket was bound to or that was specified in the
176       initial socket(2) call is always used.
177
178

AUTHORS

180       This man page was written by Andi Kleen.
181
182

SEE ALSO

184       recvmsg(2), sendmsg(2), capabilities(7), ip(7), socket(7)
185
186       RFC 1191 for path MTU discovery.
187
188       RFC 791 and the <linux/ip.h> include file for the IP protocol.
189
190
191
192Linux Man Page                    1998-10-02                            RAW(7)
Impressum