Macos OSX上的AF_数据包
在Linux上,可以使用AF_数据包创建套接字,以从套接字接收原始数据,并在应用程序中进行IP过滤。但是OSX中的手册页没有:Macos OSX上的AF_数据包,macos,sockets,Macos,Sockets,在Linux上,可以使用AF_数据包创建套接字,以从套接字接收原始数据,并在应用程序中进行IP过滤。但是OSX中的手册页没有: PF_LOCAL Host-internal protocols, formerly called PF_UNIX, PF_UNIX Host-internal protocols, deprecated, use PF_LOCAL, PF_INET Internet version
PF_LOCAL Host-internal protocols, formerly called PF_UNIX,
PF_UNIX Host-internal protocols, deprecated, use PF_LOCAL,
PF_INET Internet version 4 protocols,
PF_ROUTE Internal Routing protocol,
PF_KEY Internal key-management function,
PF_INET6 Internet version 6 protocols,
PF_SYSTEM System domain,
PF_NDRV Raw access to network device
这不是POSIX标准接口吗?如何在OSX上实现同样的功能?不幸的是,OSX上不存在AF\U数据包。相反,您应该使用
/dev/bpfXAF_PACKET如果您确实希望发送原始IP数据包(无论是IPv4还是IPv6),则使用原始IP套接字是最方便的:
int soc = socket(PF_INET, SOCK_RAW, IPPROTO_IP);
int yes = 1;
setsockopt(soc, IPPROTO_IP, IP_HDRINCL, &yes, sizeof(yes));
0.0.0.0: ip->ip_v = IPVERSION;
ip->ip_hl = hlen >> 2;
ip->ip_id = 0; /* 0 means kernel set appropriate value */
ip->ip_off = offset;
ip->ip_len = len;
ip\u offip\u lenINADDR\u ANYip_sumIPPROTO\u IPIPPROTO\u RAWIPPROTO\u RAWIP\u HDRINCLIPPROTO\u RAWIP\u HDRINCLIPPROTO_RAWIPPROTO\u原始套接字
在macOS上,您可以使用IPPROTO_IP
,您将收到所有IP数据包,但在Linux上,这可能不起作用,因此创建了一个新的套接字PF_数据包
socket类型。在这两个系统上都应该使用的是指定一个子协议:
int soc = socket(PF_INET, SOCK_RAW, IPPROTO_UDP);
当然,现在您只能通过该套接字发送/接收UDP数据包。如果再次设置IP_HDRINCL
,则需要在发送时提供完整的IP头,在接收时将收到完整的IP头。如果不进行设置,只需在发送时提供UDP报头,系统将添加一个IP报头本身,也就是说,如果套接字已连接并可选择绑定,那么系统将知道在该报头中使用哪些地址。由于接收该选项不起任何作用,因此您始终会获得在此类套接字上接收的每个UDP数据包的IP头
如果人们想知道为什么我使用PF_INET
而不是AF_INET
:PF表示协议族,AF表示地址族。通常这些都是相同的(例如,AF\u INET==PF\u INET
),因此您使用什么并不重要,但是严格来说,套接字应该用PF_
创建,并且sockaddr
结构中的族应该用AF_
设置,因为有一天可能会有一个协议支持两种不同的地址,然后会有AF_XXX1
和AF_XXX2
,并且两者都不可能是相同的PF_XXX
如果您想在Mac OS X上发送原始以太网帧(例如,您自己的链路级协议,而不是IP),则可以使用类似于PF_raw的套接字:
#include <sys/socket.h>
#include <net/if.h>
#include <net/ndrv.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <unistd.h>
#include <net/ethernet.h>
int main (int argc, char **argv) {
if (geteuid()) { fprintf(stderr,"No root, no service\n"); exit(1); }
int s = socket(PF_NDRV,SOCK_RAW,0);
if (s < 0) { perror ("socket"); exit(2); }
uint16_t etherType = ntohs(atoi(argv[1]));
struct sockaddr_ndrv sa_ndrv;
strlcpy((char *)sa_ndrv.snd_name, "en0", sizeof (sa_ndrv.snd_name));
sa_ndrv.snd_family = PF_NDRV;
sa_ndrv.snd_len = sizeof (sa_ndrv);
rc = bind(s, (struct sockaddr *) &sa_ndrv, sizeof(sa_ndrv));
if (rc < 0) { perror ("bind"); exit (3);}
char packetBuffer[2048];
#ifdef LISTENER
struct ndrv_protocol_desc desc;
struct ndrv_demux_desc demux_desc[1];
memset(&desc, '\0', sizeof(desc));
memset(&demux_desc, '\0', sizeof(demux_desc));
/* Request kernel for demuxing of one chosen ethertype */
desc.version = NDRV_PROTOCOL_DESC_VERS;
desc.protocol_family = atoi(argv[1]);
desc.demux_count = 1;
desc.demux_list = (struct ndrv_demux_desc*)&demux_desc;
demux_desc[0].type = NDRV_DEMUXTYPE_ETHERTYPE;
demux_desc[0].length = sizeof(unsigned short);
demux_desc[0].data.ether_type = ntohs(atoi(argv[1]));
if (setsockopt(s,
SOL_NDRVPROTO,
NDRV_SETDMXSPEC,
(caddr_t)&desc, sizeof(desc))) {
perror("setsockopt"); exit(4);
}
/* Socket will now receive chosen ethertype packets */
while ((rc = recv (s, packetBuffer, 2048, 0) ) > 0 ) {
printf("Got packet\n"); // remember, this is a PoC..
}
#else
memset(packetBuffer, '\xff', 12);
memcpy(packetBuffer + 12, ðerType, 2);
strcpy(packetBuffer,"NDRV is fun!");
rc = sendto (s, packetBuffer, 20, 0,
(struct sockaddr *)&sa_ndrv, sizeof(sa_ndrv));
if (rc < 0) { perror("sendto"); }
#endif
}
#包括
#包括
#包括
#包括
#包括
#包括
#包括
#包括
int main(int argc,字符**argv){
if(geteuid()){fprintf(stderr,“没有根,没有服务”\n”);退出(1);}
int s=插座(PF_NDRV,SOCK_RAW,0);
如果(s<0){perror(“socket”);退出(2);}
uint16_t etherType=ntohs(atoi(argv[1]);
结构sockaddr_ndrv sa_ndrv;
strlcpy((char*)sa_ndrv.snd_name,“en0”,sizeof(sa_ndrv.snd_name));
sau ndrv.snd_family=PF_ndrv;
sa_ndrv.snd_len=sizeof(sa_ndrv);
rc=bind(s,(struct sockaddr*)和sau ndrv,sizeof(sau ndrv));
如果(rc<0){perror(“bind”);退出(3);}
char packetBuffer[2048];
#ifdef侦听器
结构ndrv_协议描述;
结构ndrv_demux_desc demux_desc[1];
memset(&desc,'\0',sizeof(desc));
memset(&demux_desc,'\0',sizeof(demux_desc));
/*请求内核对所选ethertype进行解复用*/
desc.version=NDRV_协议_desc_VERS;
desc.protocol_family=atoi(argv[1]);
desc.demux_count=1;
desc.demux_list=(结构ndrv_demux_desc*)和dem
#include <sys/socket.h>
#include <net/if.h>
#include <net/ndrv.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <unistd.h>
#include <net/ethernet.h>
int main (int argc, char **argv) {
if (geteuid()) { fprintf(stderr,"No root, no service\n"); exit(1); }
int s = socket(PF_NDRV,SOCK_RAW,0);
if (s < 0) { perror ("socket"); exit(2); }
uint16_t etherType = ntohs(atoi(argv[1]));
struct sockaddr_ndrv sa_ndrv;
strlcpy((char *)sa_ndrv.snd_name, "en0", sizeof (sa_ndrv.snd_name));
sa_ndrv.snd_family = PF_NDRV;
sa_ndrv.snd_len = sizeof (sa_ndrv);
rc = bind(s, (struct sockaddr *) &sa_ndrv, sizeof(sa_ndrv));
if (rc < 0) { perror ("bind"); exit (3);}
char packetBuffer[2048];
#ifdef LISTENER
struct ndrv_protocol_desc desc;
struct ndrv_demux_desc demux_desc[1];
memset(&desc, '\0', sizeof(desc));
memset(&demux_desc, '\0', sizeof(demux_desc));
/* Request kernel for demuxing of one chosen ethertype */
desc.version = NDRV_PROTOCOL_DESC_VERS;
desc.protocol_family = atoi(argv[1]);
desc.demux_count = 1;
desc.demux_list = (struct ndrv_demux_desc*)&demux_desc;
demux_desc[0].type = NDRV_DEMUXTYPE_ETHERTYPE;
demux_desc[0].length = sizeof(unsigned short);
demux_desc[0].data.ether_type = ntohs(atoi(argv[1]));
if (setsockopt(s,
SOL_NDRVPROTO,
NDRV_SETDMXSPEC,
(caddr_t)&desc, sizeof(desc))) {
perror("setsockopt"); exit(4);
}
/* Socket will now receive chosen ethertype packets */
while ((rc = recv (s, packetBuffer, 2048, 0) ) > 0 ) {
printf("Got packet\n"); // remember, this is a PoC..
}
#else
memset(packetBuffer, '\xff', 12);
memcpy(packetBuffer + 12, ðerType, 2);
strcpy(packetBuffer,"NDRV is fun!");
rc = sendto (s, packetBuffer, 20, 0,
(struct sockaddr *)&sa_ndrv, sizeof(sa_ndrv));
if (rc < 0) { perror("sendto"); }
#endif
}