RAW(7)              Linux Programmer's Manual              RAW(7)



NAME

       raw, SOCK_RAW - Linux IPv4 raw sockets


SYNOPSIS

       #include <sys/socket.h>
       #include <netinet/in.h>
       raw_socket = socket(PF_INET, SOCK_RAW, int protocol);



DESCRIPTION

       Raw  sockets allow new IPv4 protocols to be implemented in
       user space.  A raw socket receives or sends the raw  data-
       gram not including link level headers.

       The  IPv4  layer  generates  an  IP  header when sending a
       packet unless the IP_HDRINCL socket option is  enabled  on
       the  socket.   When it is enabled, the packet must contain
       an IP header.  For  receiving  the  IP  header  is  always
       included in the packet.

       Only  processes  with  an  effective  user  id of 0 or the
       CAP_NET_RAW capability are allowed to open raw sockets.

       All packets or errors matching the protocol number  speci-
       fied  for the raw socket are passed to this socket.  For a
       list of the allowed protocols see RFC1700 assigned numbers
       and getprotobyname(3).

       A  protocol  of IPPROTO_RAW implies enabled IP_HDRINCL and
       receives all IP protocols. Sending is not allowed.

       tab(:) allbox; c s l l.   IP  Header  fields  modified  on
       sending   by  IP_HDRINCL  IP  Checksum:Always  filled  in.
       Source Address:Filled in when zero.  Packet  Id:Filled  in
       when zero.  Total Length:Always filled in.


       If  IP_HDRINCL  is  specified and the IP header has a non-
       zero destination address then the destination  address  of
       the socket is used to route the packet. When MSG_DONTROUTE
       is specified the destination address  should  refer  to  a
       local  interface, otherwise a routing table lookup is done
       anyways but gatewayed routes are ignored.

       If IP_HDRINCL isn't set then IP header options can be  set
       on  raw  sockets  with  setsockopt(2);  see ip(7) for more
       information.

       In Linux 2.2 all IP header fields and options can  be  set
       using  IP  socket options. This means raw sockets are usu-
       ally only needed for new protocols or  protocols  with  no
       user interface (like ICMP).

       When a packet is received, it is passed to any raw sockets



Linux Man Page              2 Oct 1998                          1





RAW(7)              Linux Programmer's Manual              RAW(7)


       which have been bound to its protocol before it is  passed
       to other protocol handlers (e.g. kernel protocol modules).



ADDRESS FORMAT

       Raw sockets use the standard sockaddr_in address structure
       defined in ip(7).  The The sin_port field could be used to
       specify the IP protocol number,  but  it  is  ignored  for
       sending  in  Linux  2.2 and should be always set to 0 (see
       BUGS) For incoming packets sin_port is set to the protocol
       of  the  packet.   See the <netinet/in.h> include file for
       valid IP protocols.



SOCKET OPTIONS

       Raw socket options can be set with setsockopt(2) and  read
       with getsockopt(2) by passing the SOL_RAW family flag.


       ICMP_FILTER
              Enable  a  special  filter for raw sockets bound to
              the IPPROTO_ICMP protocol.  The value has a bit set
              for each ICMP message type which should be filtered
              out. The default is to filter no ICMP messages.


       In addition all ip(7)  SOL_IP  socket  options  valid  for
       datagram sockets are supported.



NOTES

       Raw  sockets  fragment  a  packet  when  its  total length
       exceeds the interface MTU (but see BUGS).  A more  network
       friendly  and  faster alternative is to implement path MTU
       discovery as described in the IP_PMTU_DISCOVER section  of
       ip(7).

       A  raw  socket  can  be  bound to a specific local address
       using the bind(2) call. If it isn't bound all packets with
       the specified IP protocol are received.  In addition a RAW
       socket can be bound to a  specific  network  device  using
       SO_BINDTODEVICE; see socket(7).

       An IPPROTO_RAW socket is send only.  If you really want to
       receive all IP packets use a  packet(7)  socket  with  the
       ETH_P_IP protocol. Note that packet sockets don't reassem-
       ble IP fragments, unlike raw sockets.

       If you want to receive all ICMP  packets  for  a  datagram
       socket  it  is often better to use IP_RECVERR on that par-
       ticular socket; see ip(7).

       Raw sockets may tap all IP protocols in Linux, even proto-
       cols  like ICMP or TCP which have a protocol module in the



Linux Man Page              2 Oct 1998                          2





RAW(7)              Linux Programmer's Manual              RAW(7)


       kernel. In this case the packets are passed  to  both  the
       kernel  module  and  the raw socket(s). This should not be
       relied upon in portable programs, many  other  BSD  socket
       implementation have limitations here.

       Linux  never  changes headers passed from the user (except
       for  filling  in  some  zeroed  fields  as  described  for
       IP_HDRINCL).  This differs from many other implementations
       of raw sockets.

       RAW sockets are generally rather unportable and should  be
       avoided in programs intended to be portable.

       Sending  on  raw  sockets should take the IP protocol from
       sin_port; this ability was lost in Linux 2.2. Work  around
       is to use IP_HDRINCL.



ERROR HANDLING

       Errors originating from the network are only passed to the
       user when the socket is connected or the  IP_RECVERR  flag
       is enabled. For connected sockets only EMSGSIZE and EPROTO
       are passed for compatibility. With IP_RECVERR all  network
       errors are saved in the error queue.


ERRORS

       EMSGSIZE
              Packet  too  big.  Either  Path  MTU  Discovery  is
              enabled (the IP_PMTU_DISCOVER socket flag)  or  the
              packet size exceeds the maximum allowed IPv4 packet
              size of 64KB.

       EACCES User tried to send to a broadcast  address  without
              having the broadcast flag set on the socket.

       EPROTO An  ICMP  error  has  arrived reporting a parameter
              problem.

       EFAULT An invalid memory address was supplied.

       EOPNOTSUPP
              Invalid flag has been passed to a socket call (like
              MSG_OOB).

       EINVAL Invalid argument.

       EPERM  The  user doesn't have permission to open raw sock-
              ets. Only processes with a effective user id  of  0
              or the CAP_NET_RAW attribute may do that.



VERSIONS

       IP_RECVERR  and ICMP_FILTER are new in Linux 2.2. They are
       Linux extensions  and  should  not  be  used  in  portable



Linux Man Page              2 Oct 1998                          3





RAW(7)              Linux Programmer's Manual              RAW(7)


       programs.

       Linux  2.0  enabled some bug-to-bug compatibility with BSD
       in the raw socket code when the SO_BSDCOMPAT flag was  set
       - that has been removed in 2.2.



BUGS

       Transparent proxy extensions are not described.

       When  the  IP_HDRINCL  option is set datagrams will not be
       fragmented and are limited to the interface MTU.  This  is
       a limitation in Linux 2.2.

       Setting  the  IP protocol for sending in sin_port got lost
       in Linux 2.2. The protocol that socket  was  bound  to  or
       that was specified in the initial socket(2) call is always
       used.



AUTHORS

       This man page was writen by Andi Kleen.



SEE ALSO

       ip(7), socket(7), recvmsg(2), sendmsg(2).

       RFC1191 for path MTU discovery.

       RFC791 and the <linux/ip.h> include file for the IP proto-
       col.


























Linux Man Page              2 Oct 1998                          4