Re: [developer] Raw ethernet packets

[Denis Kozadaev <denis@tambov.ru>]

[-- Attachment #1: Type: text/plain, Size: 3777 bytes --]

Ok, I tryed to reproduce your task.
Speaking shortly it works, see the attached file.
A test system is a VM undef FreeBSD bhyve, the global zone has an interface:
vioif0: flags=1000943<UP,BROADCAST,RUNNING,PROMISC,MULTICAST,IPv4> mtu 1500 
index 2
        inet 192.168.1.3 netmask ffffff00 broadcast 192.168.1.255
Over this nic I use VNIC and test it in a non-global zone:
LINK         OVER       SPEED    MACADDRESS        MACADDRTYPE VID  ZONE
dev0         vioif0     10000    2:8:20:2d:76:5d   fixed       0    dev01

Now the non-global zone:
dev01% ifconfig dev0
dev0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
        inet 192.168.1.10 netmask ffffff00 broadcast 192.168.1.255

dev01% gcc -o tst main.c
dev01% pfexec id
uid=0(root) gid=0(root) группы=0(root),1000(denis)
dev01% pfexec ./tst
result = 60; errno = 0

On the host the NIC is attached to a bridge via VMNET:
asus# ifconfig bridge0
bridge0: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> metric 
0 mtu 1500
	options=0
	ether 58:9c:fc:10:c6:27
	inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255
	id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
	maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
	root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
	member: vmnet0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
	        ifmaxaddr 0 port 4 priority 128 path cost 2000000
	groups: bridge
	nd6 options=9<PERFORMNUD,IFDISABLED>
asus# ifconfig vmnet0
vmnet0: flags=1008943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST,LOWER_UP> 
metric 0 mtu 1500
	options=80000<LINKSTATE>
	ether 58:9c:fc:10:0d:5d
	hwaddr 58:9c:fc:00:58:3f
	groups: vmnet
	media: Ethernet 1000baseT <full-duplex>
	status: active
	nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
	Opened by PID 4683
And the output of tcpdump on the bridge0:
asus# tcpdump -i bridge0 -n not port 22
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on bridge0, link-type EN10MB (Ethernet), snapshot length 262144 
bytes
17:05:02.479797 ARP, Request who-has 10.0.0.61 (ff:ff:ff:ff:ff:ff) tell 
10.0.0.13, length 46
^C
1 packet captured
17 packets received by filter
0 packets dropped by kernel

So, 10.0.0.61 and 10.0.0.13 are from your packet,
therefore it works (in my test env)

On Friday 31 May 2024 16:33:05 Marcel Telka wrote:
> On Fri, May 31, 2024 at 03:18:23PM +0300, Denis Kozadaev wrote:
> > On Friday 31 May 2024 15:07:13 Marcel Telka wrote:
> > > On Fri, May 31, 2024 at 02:23:04PM +0300, Denis Kozadaev wrote:
> > > > The send() function can be used only when the socket is in a
> > > > connected state. (c) manual page at
> > > > https://illumos.org/man/3SOCKET/send Use sendto(), Marcel.
> > >
> > >         sendto(s, buf, sizeof buf - 1, 0, NULL, 0);
> > >
> > > gives the same result: succeeds, but no packet on the network.
> >
> > it is because
> > send(sock, buf, len, flags)
> > could be equivalent to
> > sendto(sock, buf, len, flags, NULL, 0)
> > it depend of the implementation
> > You should specify a real address for sendto()
> > and yes, the packet and the address have duplicate of this data.
>
> I tried to add this:
>
>
>         llp.sll_pkttype = PACKET_BROADCAST;
>         llp.sll_hatype = ARPHRD_ETHER;
>         llp.sll_halen = 6;
>         llp.sll_addr[0] = 0xff;
>         llp.sll_addr[1] = 0xff;
>         llp.sll_addr[2] = 0xff;
>         llp.sll_addr[3] = 0xff;
>         llp.sll_addr[4] = 0xff;
>         llp.sll_addr[5] = 0xff;
>
>         sendto(s, buf, sizeof buf - 1, 0, (struct sockaddr *)&llp, sizeof
> llp);
>
> And the result is stil the same: the function succeeded, no packet on
> the network.


[-- Attachment #2: main.c --]
[-- Type: text/x-csrc, Size: 1933 bytes --]

#include <sys/types.h>
#include <sys/socket.h>
#include <sys/sockio.h>
#include <sys/ioctl.h>

#include <net/if.h>

#include <stdio.h>
#include <unistd.h>
#include <string.h>
#include <errno.h>

int
main(void)
{
        int                     sock;
        struct sockaddr_ll      sll, llp;
        struct lifreq           ifr;
        char                    buf[8192], dev[] = "dev0";
        ssize_t                 result;
        char pkt[] =
        "\xff\xff\xff\xff\xff\xff"
        "\x00\x1c\x25\xa0\xb7\x2e"
        "\x08\x06\x00\x01"
        "\x08\x00\x06\x04\x00\x01"
        "\x00\x1c\x25\xa0\xb7\x2e"
        "\x0a\x00\x00\x0d"
        "\xff\xff\xff\xff\xff\xff"
        "\x0a\x00\x00\x3d"
        "\x00\x00\x00\x00\x00\x00"
        "\x00\x00\x00\x00\x00\x00"
        "\x00\x00\x00\x00\x00\x00"
        ;
        sock = socket(AF_PACKET, SOCK_RAW, 0);
        if (sock < 0) {
                perror("socket");
                return (1);
        }

        strcpy(ifr.lifr_name, dev);
        result = ioctl(sock, SIOCGLIFINDEX, &ifr);
        sll.sll_family = AF_PACKET;
        sll.sll_ifindex = ifr.lifr_index;
        sll.sll_protocol = 0;
        result = bind(sock, (struct sockaddr *)&sll, sizeof(sll));

/*        llp.sll_pkttype = PACKET_BROADCAST;
        llp.sll_hatype = ARPHRD_ETHER;
        llp.sll_halen = 6;
        llp.sll_addr[0] = 0xff;
        llp.sll_addr[1] = 0xff;
        llp.sll_addr[2] = 0xff;
        llp.sll_addr[3] = 0xff;
        llp.sll_addr[4] = 0xff;
        llp.sll_addr[5] = 0xff; */

	result = send(sock, pkt, sizeof(pkt) - 1, 0);
	fprintf(stderr, "result = %d; errno = %d\n", result, errno);
/*        for (;;) {
                result = recvfrom(sock, buf, sizeof(buf), 0, NULL, NULL);
                fprintf(stderr, "received %d bytes\n", (int)result);
        } */

        close(sock);

        return (0);
}