Linux؇ernel؋e఍or༂ng – - PDF document

420 views
Uploaded On 2016-08-04

Linux؇ernel؋e఍or༂ng – - PPT Presentation

advancedx060Copicx17065 x0606x0606x0606x0606x0606x0606 Sox150Fex0C17 ix0306x0C1Cex060Fx0809x0308l Ramx0206x1D0Ex1708n ramx0209osx081Fgm ID: 432676

advanced،opicᜆ(5) ؆؆؆؆؆؆ Soᔏeగ ĭజe؏ࠉ̈l RamȆᴎᜈn ramȉosࠟgm&#

Link:

Copy

Embed:

<iframe width="560" height="315" src="https://www.docslides.com/embed/432676" frameborder="0" allowfullscreen></iframe>

Download Presentation from below link

Download Pdf The PPT/PDF document "Linux؇ernel؋e఍or&#x..." is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.

Presentation Transcript

Linux؇ernel؋e఍or༂ng – advanced،opicᜆ(5) ؆؆؆؆؆؆ Soᔏeగ ĭజe؏ࠉ̈l RamȆᴎᜈn ramȉosࠟgmሂl.cพ HaȢЅ, AugЗt ┦☧ w഍.ᰒȢux.org AlਆrȐᰌs reservࠓ. LinuԆ܈rnel؋e఍or༂ng (5)- advanced،opics Nฌࠩ Thȗ ਈctЉࠆȗ ሆᜈ⬄ࠊ tฆtᰈ foਊญȃဆ4 ਈctЉes I gave ȃ ℒifux: Ănux Kenr਋ ਌nഊokgN–x antlጎKNln http://www.haifux.org/lectures/172/ vtxclv http://www.haifuԠoऐ/lectuईᜮ172/netLec.pdf pi sc(5 dਕnux Kenr਋ ltnwlokgN–x an)nn wਅaShgNx anᴇhvḔoਟnᤆcn.ℝlጃtlጎKNl http://www.haifux.org/lectures/180/ vtxclv http://www.haifuԠoऐ/lectuईᜮ180/netLec2.pdf LinuԆ܈rnel؋e఍or༂ng (5)- advanced،opics finsc(5 ጊcnux KenऊN ltnwlokgN–x an)n nnnnn .Hᠣnx noSਃux Kenr਋ ltntਓoKNl httᘩ//഍w.hሂfЅ.ฉg/ਈctЉes/⼱7/ Rtxclv : http://www.haifuԠoऐ/lectureᜮ187/netLec3.pdf ␂n2xN਌ਔvnx nux Ke http://www.ᰒȢux.org/ਈcturࠗ/┦㌮ Rtxclv : http://www.haifuԠoऐ/lectureᜮ206/wirele᜗Lec.pdf Tሴਈ of cǒěᜩ The ĂnЅ Ke system ᔒll. UDP protoᔎl. Control Messageᜠ AppendiԈᜠ Nฌࠩ Aਊ cณࠆexሞpਈs ȃ thȗ lࠕture rࠢer to thࠆrࠕࠃt p0,0f9 versȎ̆of the ĂnЅ ༈rnࠊ. Ē㔈आ2 ᠺAC lስeच Ē㔈आ3 ᠋ࠌഎए lስࠉ: IPV4/IPV6) Lስࠉ ⰆᠪCP,㘷P,S㤪P,...) –lN lt TCP sต༈t UDP ؛ocket -vlNv:5dln In؄serؗpaᔈ,؍e؜aᐈ appliᔒంon,ؗe᜗ionؒndؖresentaంon la㔈r᜘కp⸂p؉efers،oؒll 3ؒsؒpplicaంon؊a㔈r) crࠒtȃg a sตkࠌ TNg@nKv਋nᐩ5dਃ ȗ dö by thࠆ LinuԆKe system ᔒਊ: int socket (int family, int t㔖e, int protocol); From man 2 soᔏet: RETURN VALUE On ᜄcce᜗, a file de᜕ंptoआfoआthe new ᜎc༈t iᜆreturned. Foआopen᠚ ᜵ᜌem call ᠢor file᜚, we alᜎ get a file de᜕riptoआ aᜆthe ईtuः ᐒlue. Eveवthȃg is a fȊࡁ Unix ᘒऒdigḠ Theآirsఆparameఈr,آamily,؂ᜆalsoؗomeంmeᜆreferred،oؒsـdomain”. The ⨙@xtm iᜆPF_INET for IPV4 oआPF_INET6 foआIPV6. The family is PF_PACKET for Pac༈t ᜎc༈tᜣ which opeऒte at the deᐂce driᐈआla㔈r. ᠁a㔈आ2ᨠ pcap libऒव foआLinuԆuᜈᜆPF_PACKET soc༈tᜩ pcap libraव iᜆin uᜈ b㔆ᜃiffeग such as tcpduḖ. Alᜎ hostapd uᜈᜆPF_PACKET soc༈tᜩ (hoᜌapd is a wiईle᜗ acce᜗ point ḒnageḈnt pऎject) Fऎm hoᜌapd: dऔ-䐞onitor_ᜎc༆= ᜎc༈tᠸF_PACKET, SOCK_RAW, hton᜘ETH_P_ALLᨚ; Type: SOCK_STREAM and SOCK_DGRAM aई the moᜌl㔆uᜈd t㔖eᜠ SOCK_STREAM foआTCP, SCTP, BLUETOOTH. SOCK_DGRAM foआUDP. SOCK_RAW for RAW ᜎc༈tᜠ Theई aई caseᜆwhere pऎtocol can be eitheआ SOCK_STREAM ngN SOCK_DGRAM; foआeԒḖle, UniԆ doḒin ᜎc༈t ᠤF_UNIXᨠ Protocol:uᜄall㔆0 ᠆IPPROTO_IP iᜆ0, ᜈe: include/linuԮin.h). FoआSCTP, the protocol iᜆ .HHq4I4/R1IH soᔏfd=ᜎᔏet(A㵂INET, SOCK_STREAM, .HHq4I4/R1ⴡ Foआbluetooth/RFCO㨺: ᜎc༈t(AF_BLUETOOTH, SOCK_STREAM, BTPROTO_RFCOMMᨼ SCTP: StईaḆControl Tऒn᜞i᜗ion Protocol. For every soᔏet which is created b㔆a uᜈr᜖ace application, there is a ᔎrresponding vgd–lo struct and vgd– ᜌruct in the kernel. This system ᔒll eᐈntually inᐎkeᜆthe Līr̊xN xKe wx oiktg–t oxtЅl–xad v–tg–ĆN–nxtict Ćlp̆tLinЅ tgČ̊xN xkt Kg–napkxsag–p(s–x doet L؊p̆t Linux ఎNČi–a5చtwxwSxlĜtĆlp̆t Linu ఎNČwilxt؎N–ఝmἌ N–kఐČi–xంcఆoxఛg..xĆఁ؊p̆plxLఐ–ఆox఑xءilА–.tĆN̄dtfipt nN–అNĐa5ఛxఃi–ᔖąkఛxءxx–ఆoxwdణiఆoxఃi–Ax– gi–ఐČ؎gL┌ Linu Linu ఋaHNᤁఊxcxlLఆit Ćlp̆ఁīxؓ Lu Lu tNaHNᤁఊxᔅlLఆit Ćlpn،Ă̄ struᔌ ᜎck: (include/net/soᔏ.h) strЕt ᜎᔏ { ... strЕt soc༈t *ssoc༈t; struᔌ ᜎcket (inᔊude/linux/net.h) strЕt ᜎᔏet { soc༈t䈗tate state; sᰎrt tyᘈ; Ѓsig̈ጆlo̐ flags; strЕt fasync䈗trЕt *fas㔃ᕂlist; wait䈫ЈЈ䈜ࠒd䈌 wait; strЕt file *fil࠼ strЕt ᜎᔏ *s༼ conᜌ strЕt ᘉoto䈎ᘗ *op᜼ }; Theؗఒఈؕanشe SS_FREE SS_UNCONNECTED SS_CONNECTING SS_CONNECTED SS_DISCONNECTING Theᜈ ᜌateᜆaई not la㔈आ4 ᜌateᜆ᠊i༈ TCP_ESTABLISHED or TCP_CLOSE). The ᜏ_pऎtocol meḴer of ᜌruct ᜎc༆equalᜆto the third paऒḈteआ(pऎtocolᨆof the Ă̄x Ke ᜵ᜌeḆcall. struct ᘉฌo_ถᜆ(ȃtࠉfacࠆย strЕt sต༈t) x lฮᐎNl᤟/g:v ᠂.ࠠ, TCP sต༈ts) x lฮcaଙ@/g:v ᠂.ࠠ, 㘷P sต༈ts) x lฮᐐdᄋᤏ/g:v ᠂.ࠠ, RAW sต༈ts) .family PF_INET PF_INET PF_INET .owner THIS_MODULE THIS_MODULE THIS_MODULE .releaᜈ inet_release inet_release inet_release .bind inet_bind inet_bind inet_bind .ᔎnneᔌ inet_stream_connect inet_dgram_connect inet_dgram_connect .ᜎcketpair socགno_socketpair socགno_socketpair socགno_socketpair aᔕept inet_accept socགno_aᔕept socགno_aᔕept .getname inet_getname inet_getname inet_getname .poll tᔖ_poll udp_poll datagram_poll .ioctl inet_ioctl inet_ioctl inet_ioctl .listen inet_listen socགno_listen socགno_listen .᜜utdown inet_shutdown inet_shutdown inet_shutdown .ᜈtsoᔏopt socགcommon_setsoᔏopt socགcommon_setsoᔏopt socགcommon_setsoᔏopt .getsockopt socགcommon_getsockopt socགcommon_getsockopt socགcommon_getsockopt .ᜈndmsg tᔖ_sendmsg inet_sendmsg inet_sendmsg .recvmsg socགcommon_recvmᜐ socགcommon_recvmᜐ socགcommon_recvmᜐ .mmap socགno_mmap socགno_mmap socགno_mmap .ᜈndpage tᔖ_sendpage inet_sendpage inet_sendpage .᜖lice_read tᔖ_splice_read Note: The inet_dgraṂopᜆand inet_ᜎc༉aw_opᜆdiffer onl㔆in the .poll ḈḴer: in inet_dgraṂopᜆit iᜆ pk0r0iaa܈ in inet_ᜎc༉aw_opᜣ it iᜆ kN N.਋wr0iaa܈d Diagraḩ strЕt inࠌ_sock stऄᔌ soᔏ ᠗༚ stऄᔌ iᙂoᘌȎns *ถt; _䈄8 tos; _䈄8 ईᔔeउ:⼼ _䈄8 hdं̕਩⼼ ..... inet_ᜏ᠗oc༆*ᜏᨆ=䐆returnᜆthe inet_ᜎc༆which containᜆᜏ ᜌrЕt soc༆ᰒs threࠆ⬄ࠄࠗ: rx , tx a̓ ࠉr. sག㐄ff sག㐄ff sགbuff sགईᔈȔࡂ⬄eue sག㐄ff sག㐄ff sགbuff sགഉȌࡂ⬄ࠄe 7ᤓSn8KlKlnSᤔn5ntgd–n3ᐩx tgdᄂ sག㐄ff sག㐄ff sགbuff sགࠉऎr_⬄ࠄe ☃0̦̦ 0̦̦̦n 0̦̦̦n LuSधpxpxआNဒKet2tvkkg–.t it oxt9pxpx LuSएx9pxᘅKet2tlxwiAထ.tclȍt oxt✖xpx -g ot:,Trq44I@t ogČgČki–xtg–t HitL N.xL2 LЛr0xxuKet rrĄSrp–ag–uKedtK itlxwi␅t oxtĄrSpcctcliwt oxt 9pxpxed Fฉ the ࠉror qЈuࠩ Līr9pxᘅrxllrLuᬇe ሓds tฆȌs tሂਆ ᠂nᔊud࠮net/sตk.h) . Eᐈ̌Вlਵ, Ȍ ሊᜎ ᔒਊs Luᬉ9pxᘅr Ngሇedt Erऎग can be ICMP eउorᜆoआEMSGSIZE eउoग. FoआḎई about eउorᜣᜈe APPENDIX F: UDP erऎग. UDPؒ̓ ⨹P ଎ explȕȌ ᔎ̃ࠕtȎn setЖ ȗ dö wȌh UDP. In TCP there is a preliminar㔆ᔎnneᔌion setup. Pac༈ts că㐈 ਎st ȃ U㜸 (tᰈre ȗ nฆ rࠌrሃsmȗᜂฃ mechâsm ȃ the ༈r̈l). TCP ฃ thࠆฌher ᰒ̓ ȗ rࠊȒbਈ (thࠉࠆis ሆ rࠌrሃsmȗᜂฃ mechâsm). Mทt ย the Ǐer̈t traffȕ ȗ T㤸 (ਂ༈ httᘣ ssh). UDP iᜆfor audio/ᐂdeo (RTP)/streaming. Note: ᜌईaḂng with VLC is b㔆UDP ᠝TP). StreaḂng ᐂa YouTube iᜆtcp ᠜ttp). The udp؜eader Thereؒreؒؔer㔆fewضDP-basedؗervers؊ikeطNS⌆NTP⌆ DHCP⌆TFTPؒnd؞ore. ForطHCP, it؂ᜆquiఈ؃aఄral،oشeضDPؘSinᔈ man㔆ంmes؍iజ DHCP,صouؓon'ఆhaᐈؒؗourceؒddre᜗,؍hiᔜ؂ᜆa؞usఆfor TCP). TCP؂mplemenఒంon iᜆmuch؞oreؕomplex The TCP header؂ᜆmuᔜشigger జanضDP؜eader. The udp header: tg–̒pkxsag–p᠗pk0do stऄᔌ udphdआ{ 䉂㐈⼳ sคrc࠼ 䉂㐈⼳ dࠗt; 䉂㐈⼳ ਈn; 䉂suḯ6 ᔜࠕ༼ UDP pac༈t = UDP heሓer + pay਎ad Aਊ mࠞbers arࠆ2 bytes (16 bȌs) souकࠆᘎऌ dest pฉt ਈn ᔜeᔏsum H5mఐ5c Receiving paᔏets؂nضDP ∉om kernel UDP ༈rnel ᜎc༈tᜆcan get tऒffic either from uᜈगpace or froḆkeःel. UDP – ਒㔈आ4 IPᐬ - ਒㔈आ3 nnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn -R7⬃RHᜯ7 nnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn -㌡nvgd–lด Kerli̋lrtxlKഅฉ༇gKL–ሓ nଊlĔcteऎ̍ad psr(p5)rShᴞSr(pv –iiu r7qരu LinЉ@cxcxऎ̍rĄ.ሓ Lስࠉ 2 ᠾtheःࠌ) From Kv਋nv:ᤓl , 㔎Іcሃ rࠕࠂve udp traffȕ ĭ threࠆ᜵stࠞ caਊs: lx̤KettKHox–t oxtLīx tgČni––x̆xke lx̤cliwKe lx̤wĠKe All thईe aई handled b㔆 pk0rਅ̤ഁ.Kࠌ in the ༈ःel. /i xt oN tcipl ot0N਋wx xltict oxąt1tഅ oikLtgLtcaN.Ĝt oiHx␅l@t ogČ0NlNഅ x਌gČ/78t̎N–.xktp0i–tਅ pl–dt3ctᤂptNਅt g– xਅĆxktg–tlx pl–xktcaN.Č@t5iptwpĆtpąt iglH tਅ̤ഁ.KࠟtN–kt itਅ ਐx␅t oxtwĠdwL.rcaN.Čഅഛxldt FoआexaḖle, suppoᜈ 㔎u have a client-ᜈऔer udp applicationᜣ and the ᜈnder ᜈndᜆa packetᜆwhich iᜆlongeआ then what the client had allocated foआinput buffer. The ༈rnel than tऄncateᜆthe pac༈t, and send 㐝y/Iq-w1 flag. In order to ईtंeᐈ it, 㔎u ᜜ould use ᜎḈthing li༈: ईcᐞᜐ᠄dpSoc༈t, &ḗg, flag᜚; if ᠞ᜐ.ḗg_flagᜆ& 㨛G_TRUNC) pंntf(刺SG_TRUNC\n刚; Therࠆഒs ሆnࠍ sАဈstiฃ rࠕࠃtly fฉ lxn␍wL.Ke tL5L xwtnNሒtciltlxnxဤg–.twpሆဦህt wxāN.ԁtK㌙tvlᄋሏitbNlANሎitkxt:xሂe 8oxt lx̤഍L.܈ tHgaatlxkp̅t oxti␅਎xNkt̋pąktS5tഖa g0axt ęĆxഌ̋aaČictਅn␍Ġ܈tg–t oxtpĖNat̋ąd Receiving paᔏets؂nضDP ∉om user space UDP ༈rnel ᜎc༈tᜆcan get tऒffic either from uᜈगpace or froḆkeःel. UDP – ਒㔈आ4 IPᐬ - ਒㔈आ3 nnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn -R7⬃RHᜯ7 nnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn -㌡nvgd–lด r7qരu cteऎԃഢL,ሓ nnnnnnnn ଊdᠪଐἲinvḔชἃdᤌt उLРऎԃwऌଆN,oଢadv␔ ฅଌĔ༎i∔vĄ┦Ąrฅ̅Kwԉ@cxcx Lስࠉ 2 ᠾtheःࠌ) ଊdᠲinvḔጙttnd5tt ଊd᠟ᐒ3inᐞᐓ5tt Reᔈiᐂng packeగب؄dp_rᔔ() pk0ऊnAKe ȗ tᰈ ᰒ̓lࠉ for aਊ U㜸 ᘒckࠌᜆ frพ the IP ਒yer. It ha̓ਈs ሊਆȃcพȃg pሕkࠌs ȃ which tᰈ protocช fȈਓ ȃ thࠆip hࠒdࠉ ȗ I㠸ᴿTO_U㜸 (1〚 ሢtࠉ ip ਒yࠉ fȃȗhࠓ wȌh them. See the udp_protocol definition: (net/ipᐬ/af_inet.c) ᜌruct net_pऎtocol udp_protocol = { .handler = udp_rcv, .erूhandleआ= udp_eउ, ... }; Ĭtᰈ ᜒme way we havࠆ: lNHrln␇e as a handler for raw paᔏetᜠ n0r␵rl̤Ket as a handler for TCP paᔏets. g̍0rl̤Ke as a handler for ICMP paᔏets. Ker̈l ȞᘊࠞࠃtሌȎ̩ the 0lȆirlx‐L ԊKet mࠌhณ rࠐȗters ሆprotตoਆha̓lࠉ. (net/core/ᜎc༠c) pk0rl̤Ketgw0axwx– N gi–2 For broadᔒsts and multicaᜌ – there is a speᔂal treatment: ifؘrt->rt_flagᜆ&ؘRTCF_BROADCAST|RTCF_MULTⴹAST)) reఄrn __udp4_lib_mᔒsూdeliᐈr(neణؗkb,؄h, ᜒddr, daddr, udpఒble); Then perform a lookup in a hashtable of struct soᔏ. Ha᜜ ༈㔆iᜆcईated froḆdeᜌination poऌ in the udp header. If theई iᜆno entव in the ha᜜table, then there iᜆno ᜎck liᜌening on thiᜆUDP deᜌination poऌ 䕄 ᜎ ᜈnd ICMP bac༩ ᠎f n:gNonK Nl5dS5htl icḖ_ᜈnd(ᜏb, ICMP_DEST_UNREACH, ICMP_PORT_UNREACH , 0ᨼ udp_rcv() Ĭtᰂs case, ሆᔎrrespo̓i̐ ᬋMP MIB cค̌er ȗ ȃcrࠞěࠓ (UD㡂MI䡂NOPORTᬚ. UDP_INC_STA⨛_BH(net, UDP_MIB_NOPOR⨛, proto == IPPROTO_UDPLI⨾); Yค căseࠆit by: –x ĆN tUL ddddd Udp: ... 35 paᔏets to unknown port reᔈiᐈd. ... udp_rcv()ب conఓ Or, by: cሌ /proc/̈t/ᜃmᘆ| grep U጖: Udp: I̷ሌagrams ଎㠎rts I̾rrฉs OutDሌሐrሞᜆRcv㐄f㸉rฉs SndbТErrors Udp: ⼬ 35 0 30 ☆0 If therࠆȗ a sตk ਂstࠃȃဆฃ the dࠗtȃatȎn pฉt, caਊ ᘏ0r9ᘅpxrlnArLЛKed 4Ax– pNaaᤌ̋aaLtĂ̄r9pxpxrln␉LЛKed Which addᜆthe pac༈t to the v–/Nldlx(l/8KlKl by ĄSr9pxpxr NgaKe udp_rcv()ؓiagram u጖䈉ᔔ᠚ _䈄dpⱂਂb䈉ᔔ Multȕሗt _䈄጖ⱂਂ㑂ḕast䈓ࠊȔer Ûᔒst 䉂udpⱂlȴ_਎ฏup䈗༴ Fȃጆሆsoᔏ in Гᘌሴਈ udp䈫uࠄe䈉ᔔ䈗༴ soᔏ䈫uࠄe䈉ᔔ䈗༴ Dฃ't find ሆsต༆ iᔞᙂsࠃd᠚ ICMP䈷EST_UଝEAC℣ I㤺P䈸ORT䈶NᴾA㤡 pk0ऊxnAwL.Ke2 Cሊਗ tउLuSऊxnAएN N NwKe , fฉ receȔȃg ฃࠆsk_buff. The rrĄSrlxn␉kN N.lNwKe may bloᔏ. Eᐈntually, what rrLЛrlxn␉kN N.lNwKet does iᜆ read one sགbuff from the ĄrlxnxgAxr9pxpx queue. wxwn☙r igiAxnKe pࠉfฉms the ሕtВਆcopy to Зer sᘒcࠆby i̔o༂̐ ni0ᤉ irᘁxlKed Onࠆof thࠆpሉሞetࠉᜆย ᘏ0rlx̤wL.Ke ȗ ሆ pข̌er to struct fL,–to . Lࠌ's tሏe a ਎o༩ MᭇHDR FroḆinclude/linuԮᜎc༈t.h: ᜌऄct ḗghdआ{ ᐎid *ḗg_naḈ; /* Soc༈t naḈ */ int ḗg_naḈlen; /* Length of naḈ */ ᜌऄct ioᐈc *mᜐ_ioᐼ /* Data blocks */ __༈ःel_ᜂ唈_t ḗg_ioᐊen; /* Number of bloc༗ */ ᐎid *ḗg_contऎl; __༈ःel_ᜂ唈_t ḗg_controllen; /* Length of cḗg liᜌ */ unᜂgned ḗg_flag᜼ }; Control؞e᜗ageᜆ(ancillar㔆 me᜗ages) The ḗg_contऎl ḈḴer of mᜐdhr repईᜈnt a contऎl me᜗age. Sometimes 㔎u need to perform some speᔂal things. For eԒmple, getting to know what was the destination addresᜆof a receiᐈd packet. SometiḈᜆtheई iᜆḎre than one addई᜗ on a machine ᠒nd alᜎ 㔎u can haᐈ Ḅltiple addई᜗eᜆon the ᜒme nicᨠ How ᔒn we know the destination address of the ip header in the appliᔒtion? ᜌruct nd@vaScN (/uᜉ/inᔊude/bits/socket.h) represents a control mesᜒge. cḗghdr ḈḴeग can mean diffeईnt things baᜈd on the t㔖e of ᜎcket. There iᜆa set of macऎᜆfor handling cmᜐhdr li༈ CMSG_FIRSTHDR᠚, CMSG_NXTHDR᠚, CMSG_DATA(ᨣ CMSG_LEN᠚ and Ḏre. There are no contऎl me᜗ageᜆfoआTCP ᜎc༈tᜠ ᬎc༈t؎ptions: In order to tell the ᜎc༈t to get the inforḒtion about the pac༈t deᜌination, we ᜜ould call ᜈtᜎc༎pt᠚. ą Ă̄i0 Ke and .x Ă̄i0 ܈ ⠆ᜈt and get optionᜆon a ᜎc༈t. Both Ḉthodᜆreturn 0 on succe᜗ and ⠯ on erऎr. Prototype: int ᜈtᜎc༎pt(int ᜎc༢d, x o tl(lt , int optnaḈ,... There are two leᐈlᜆof ᜎc༈t optionᜩ To manipulate optionᜆat the ᜎc༈tᜆAPI leᐈl: SOL_SOCKET To manipulate optionᜆat a protocol level, that pऎtocol nuḴeआ ᜜ould be uᜈd; foआexaḖle, foआUDP it iᜆ IPPROTO_UDP or SOL_UDP (both aई equal 17ᨆ; sࠈ ȃᔊude/lȃЅ/in.ᰆand ȃᔊГ࠮ਂnuԮsต༈t.h SOłIP is 0. Theई are curईntl㔆19 LinuԆsoc༈t optionᜆand one anotheआon option for BSD compatibility. See AppendiԆB for a full liᜌ of ᜎc༈t optionᜠ Theई iᜆan option called IP_PKTINFO. We will ᜈt the IP_PKTINFO option on a ᜎc༈t in the following eԒḖle. // fऎm /uᜉ/include/bitᜮin.h #define IP_PKTINFO 8 /* bool */ /* Stऄctuई uᜈd foआIP_PKTINFO. */ ᜌruct in_pktinfo int ipi_ifindeԼ /* Inteढace index */ ᜌऄct in_addआipi_spec_dᜌ; /* Routing destination addईss */ ᜌऄct in_addआipi_addr; /* Headeआdeᜌination addre᜗ */ conᜌ int on = 1; ᜎc༢d = ᜎc༈tᠤF_INET, SOCK_DGRAM,0ᨼ if ᠗etᜎc༎pt(ᜎckfd, SOL_IP, IP_PKTINFO , &on, ᜂ唈of᠎n)ᩘ0) peउoघ列etᜎc༎pt刚; ... ... ... Whenؕalling reᔔmsg(),؍e؍illؖarᜈ،he؞sghr؊ike،hiᜩ forؘcmpఉ=CMSG_FⴝSTHDR(&mᜐ);ؕmpఉ奅NULL; ᔞpఉ=CMS䝂NXTHDR(&mᜐ,cmpఉ)) ifؘcmptr->cmsg_leᐈlم=؛OL_IP &&ؕmpఉ->ᔞᜐ_వpeم= IP_PKTINFO ؆؆ ؆؆ pkంnfoمؘᜌrucఆin_pkంnfo*)CMSG_DATA(cmptr); printf("deᜌinaంon=%s匃", ineూnఎp(AF_ⴋET, &pktinfo->ipi_addr, ؆؆؆؆؆؆؆؆؆ ᜌr⌆ᜂ唈of(ᜌr))); Ĭtᰈ kࠉnࠊ, thȗ cሊls ဦःwL.rlx̤Ket ̈t/Ȗᐬ/Ȗ_ᜎckg਄e.c. (ജȕh evěВਊy cሊls ဦrnwL lxn␉0u g–ciKe ). Yค căȃ this way retrȈvࠆother fȈਓs of the Ȗ hࠒdࠉ: For getting the TTL: ᜈtᜎc༎pt᠗oc༢d, SOL_IP, IP_RECVTTL , &on, ᜂzeof᠎nᨚ<0). But: cḗg_t㔖e =䔆IP_TTL. For getting ip_options: ᜈtᜎc༎pt᠚ with IP_OPTIONS. Nฌࠩ yค cãot get/set Ȗ䈎ptȎns ȃ Jሔሆ ሖᘠ ᬈndingؖac༈ts inضDP From Kv਋nv:ᤓl , 㔎Іcሃ sࠃd udp trሢfȕ wȌh threࠆ᜵stࠞ caਊs: Lx–kKetKHox–t oxtLīx tgČni––x̆xked Lx–k iKe Lx–kwĠKe All thईe aई handled b㔆 pk0rą–kഁ.Kࠌ in the ༈ःel. pk0rLx–kwL.܈t iᜆḄch ᜂḖleआthan the tcp paऒllel Ḉthod , ̦rą–kഁ.Kࠓ pk0rLx–k0N.x܈t iᜆcalled when useआ᜖ace callᜆ ᜈndfile(ᨆ(to cop㔆a file into a udp ᜎc༈t). sendfile() ᔒn be used also to ᔎpy data between one file descriptor and another. pk0rLx–k0N.xKetg–AiЅLtpk0rą–kwĠKed p༦ँԑ༦ଠx܈tHဒሌℂ਄tȑሙtပt ฅt–ဃtĖ0☂ਆČ ,nN xlsTଆฅ਌ܮ483DrDr,TtcxଆᘊxtgČĖ☦iਆx༈d Exampleؑ udpؕlient #include #include #include #include int main() int s; struᔌ soᔏaddr_in target; int res; char buf[10]; target.ᜂn_family = AF_INET; target.ᜂn_port=htons(999); inet_aton("192.168.0.121",&target.ᜂn_addr); strᔖy(buf,"mesᜒge 1:"); s = socket(A㵂INET, SOCK_DGRAM, 0); if (s<0) perror("soᔏet"); res = sendto(ᜣ buf, ᜂzeof(buf), 0,(struᔌ sockaddr*)&target, sizeof(struct soᔏaddr_in)); if (res<0) perror("sendto"); elᜈ printf("%d byteᜆwere sent\n",res); Foआcompaंᜎn, there iᜆa tcp client in appendiԆC The soЉce port ย the UDP pሕ༈t herࠆȗ chทࠃ rሃdพਵ ĭtᰈ kࠉ̈ਠ If I ഒ̌ tฆᜈnd frพ ሆspࠕȢȈd pฉt ? You can bind to a ᜖ecific ᜎurce poऌ (888 in thiᜆeԒmpleᨆby adding: ᜎurce.sin_famil㔆䔆AF_INET; ᜎurce.sin_poऌ = hton᜘888ᨼ ᜎurce.sin_addr.ᝂaddआ 䔆htonlᠭNADDR_ANYᨼ if ᠴind᠗, (ᜌऄct ᜎckaddोᩑᜎuकe, si唈of᠗tऄct ᜎc༒ddूinᨚ 䕅 ⠯) peउoघ刴ind刚; Yค ጙ gon bȃd to privȊࠐࠓ pฉts (ports ਎wer thሃ ⼦┬) kSl nmgKnᤋਃ gonNggonU Tr㔂ng to do this will giᐈ: Permission denied” ( 7H7qb ). You can enable non root binding on priᐂleged port by running as root: (You will need at least a 2.6.24 ༈rnel) ᜈtᔒp 'cap_net_bind_ᜈrviᔈ=+ep' udpclient This ᜈtᜆthe 1sH/w7I/D.w6/R7qP.17 capability. Yค cãot bȃd ŏa pฉt ജȕh is ሊrࠒdy bค̓. Tr㔂ng to do this will giᐈ: Addre᜗ alread㔆in use” ( 7s66q.w-R7 Yค cãot bȃd okxጊngNn@gNln wȌh tᰈ same UDP sต༈t (ࠔĕȢ yค cᰒ̐ࠆtᰈ port). You will get “bind: Inᐒlid argument” error in ᜄᔜ case 37.wPsui If yoІtr㔆 niᄑxn Ke ฃ ău̴oЃጆUDP soc༈t ሃd thĕ ᬐ–kKe yค wȊਆaਗฆဈt thࠆ㸭NVAL ࠉrฉ. The rࠒsŏȗ thሌ cõectȃg to ሃ Ѓbคnd soc༈t ംਊ cሊਆ ထx ऋp iᬐ–kKe tฆ ሄtพatȕaਊ㔆bȃd ሃ Ѓbค̓ sตkࠌ (ฃ a rሃdพ pฉt). Sฆሢter cõect(), thࠆᜎckࠌ is bค̓ed. A̓ thࠆcሊlȃg bȃጘ) ሐሂn wȊl fሂl wȌh EI଻AL (si̕e the sตkࠌ ȗ aਉࠒdy bฃdࠓ). Bȃdȃဆȃ the ༈r̈l fฉ UDP ȗ Ȟplࠞěed ȃ ထx छထ༇etN–༌ထԆrNp țထkKet Kg–t3qPC2tg–x CrSg–kKete Non؊ocalشind What happenᜆif we tव to bind on a non local addre᜗ ? ᠒ non local addई᜗ can be foआexaḖle, an addईss of inteढace which iᜆtempoऒrily down) We get EADDRNOTAVAIL error: bind: Cannot assign requested address.” Howeᐈr, if we set /proᔮs㔗/net/ipᐬ/ip_nonloᔒl_bind to 1, by echo 刯" > /proc/s㔗/net/ipᐬ/ip_nonloᔒl_bind Or adding in /etᔮ᜵sctl.ᔎnf: net.ipᐬ.ip_nonloᔒl_bind=1 The Sg–kKet will sucᔈed, but it may sometimes break applications. What will happen if in the aboᐈ udp client eԒmple, we will tव ᜈtting a bऎadcaᜌ addre᜗ aᜆthe destination (inᜌead of 192.168.0.121ᨣ thuᜩ inet_aton( 別55.255.255.255" ,&target.ᜂn_addच; We will get EACCESS eउoआ(“Peञi᜗ion denied”ᨆfoआ ą–k iKe 3–tilkx਌ oN tMVqtSਂNk̋ĆtHgaatHi਄@tHxtoN␅t itNkk2 g– tcaN.t;tFh gctKą Ă̄i0 tKğt,7Er,7bI48@t,7r6O7vVbv,8@“caN.@t Đ䄅icܕaN.ࠈt䈌me 0xਊil݃ą Ă̄i0 䌈h UDP soc༈t؎pంons Fฉ .HÅ4I4/-㌡CR4u/-6Hn ਈvࠊ, we hሔࠆ two sต༈t ถtȎns: UD㡂CORK sต༈t ถtiฃ. Added in Linux kernel 2.5.44. nt ᜌate䔯; ᜈtᜎc༎pt᠗, IPPROTO_UDP, UDP_CORK, &ᜌate, ᜂ唈of᠗tate)ᨼ foआᡃ䔯;j堯000;j偐) ᜈndto᠗,buf1,...) ᜌate=0; ᜈtᜎc༎pt᠗, IPPROTO_UDP, UDP_CORK, &ᜌate, ᜂ唈of᠗tate)ᨼ The ሴove cณࠆfragmě wȊl cሊਆ pk0ँx–kwL.Ke ⼦☦ tȞes kxoSgKo actuሊਵ sࠃdȃg ሃythȃg ŏtᰈ ംre (ȃ thࠆЗuሊ ᔒsࠣ whĕംthoЌ ą LinЂ0 Ke ംth U㜸_㤿ᴇ, ⼦☦ pሕkࠌᜆwȊl be sࠃd). Onਵ ሢtࠉ thࠆsࠕo̓ Lx Lȃui0 Ke ȗ caਊࠓ, wȌh U㜸_COR܆ሃd state=0, ö pሕkࠌ ȗ sࠃt ŏtᰈ ംrࠠ Ker̈l ȞᘊࠞࠃtሌȎ̩ whĕЗȃg UD㡂CORK, pk☉Lx–kwL et passes MSG_MOᴾ to ဦऋ00xᄏrkN NKe . ImpleḈntation detail: UDP_CORK iᜆnot in glibc-headeआ (/uᜉ/include/netinet/udp.hᨼ 㔎u need to add in 㔎ur pऎgraḩ #define UDP_CORK UDP_ENCAP ᜎc༈t option. Foआuᜒge with IPSEC. Uᜈd, for eԒmple, in ipᜈc-toolᜠ Note: UDP_ENCAP doeᜆnot appear 㔈t in the Ḓn page of udp ᠶDP_CORK doeᜆappeaच. Nฌࠆtᰒt thࠉࠆarࠆother sต༈t ถtȎns ሌ the SOłSOCܾT ਈᐈਆജȕᰆyค căget/set ฃ UDP sต༈ts: for exሞpਈ, S㽂N㽂CHECK ؘఎ disableؕhecksum؎nضDP؉eᔈiᐈ) (see AppendiԆE). SO_DONTROUTE (equivalent to MSG_DONTROU⨾ in send(). The SO_DONTROUTE option tellᜆ䀓on't ᜈnd ᐂa a gateway, onl㔆ᜈnd to diईctl㔆connected hoᜌᜠ” Adding: ᜈtᜎckopt᠗, SOL_SOCKET, SO_DONTROUTE, ᐒl, ᜂ唈of᠎neᨚ 堆0ᨆ And ᜈnding the pac༈t to a hoᜌ on a different network will cauᜈ “Networ༆iᜆunईachable” erऎr to be receiᐈd. ENETUNREACH The ᜒḈ will happen when MSG_DONTROUTE flag iᜆset in ą–k i܈ SO_SNDBUF. getᜎckopt(ᜣ SOL_SOCKET, SO_SNDBUF, (void *) &ᜃdbufᨠ Suppoᜈ we want to ईceiᐈ ICMP eउorᜆwith the UDP client exaḖle (li༈ ICMP deᜌination unईachable/port unईachableᨠ How can we achieᐈ thiᜆ? Fiगt, we should set thiᜆᜎc༈t option: inఆᐒl=1; seగockopఘᜣ S㼁_ⴸ, .H/q71P7qq ,(char*)&ᐒl,ؗi唈of(val)); Thẹ wࠆshคਓ add a caਊ to ሆmࠌᰎd lȏe this fฉ rࠕeȔȃg errฉ mࠗsሐes: ȃt ईᔔ_ࠉघȃt s) ȃt ईs; ᔜar ᔴТ[5⼥]; stऄᔌ ȎᐈᔆȎᐼ stऄᔌ ḗလdआmsg; stऄᔌ ᔞsgᰓआ䬕ḗg; stऄᔌ soᔏ䈈xtendࠓ_ࠉआ*࠼ stऄᔌ ȕḖhdआȕḖh; stऄᔌ soᔏሓdr䈂n tሉget; foआ(;;) Ȏv.iด_㐒sࠆ䔆&ȕḖh; Ȏv.iด_ਈ̆ = si唈of᠂cḖhᨼ ḗg.ḗg_nሞe = (voȓ*ᩑtaऐࠌ; ḗg.ḗg_nሞeਈ̆= sɕࠎf(tሉဈtᨼ ḗg.ḗg_Ȏv = &Ȏv; ḗg.ḗg_Ȏvlࠃ 䔆⼼ ḗg.ḗg_flሐs = 0; ḗg.ḗg_ᔎntऎl = ᔴuf; ḗg.ḗg_ᔎntऎlਈn = sɕࠎf(cbufᨼ ईs = ईᔔḗg᠗, &ḗg, MSG_ERᵞUE㘾 | MSG䉆AITAāᨼ Ȣ ᠉es<0) ᔎ̌ȃu࠼ foआ(cḗg = CMSG_FIᴛTℷᴘ&ḗယ;cḗg; ᔞsg =CMSG䈋XTH㜝ᡑḗg, ᔞsgᨚ Ȣ (cmsg-䐕ḗ၂lࠔࠊ =䔆SOłIP) Ȣ (cmsg-䐕ḗ၂t㔖ࠆ=䔆IP_ᴾ㤻ERᴚ ᘉintfᡒgฌ IP䈝ECVEᴝ Ḉssagࡓn"ᨼ ࠆ= ᠗tऄᔌ soᔏ䈈Ԍended䈈उ䬚CMSG䈷ATA(cmsgᨼ Ȣ ᠈) if ᠈->ࠈ䈎ंgȃ =䔆SO䈾E䈿ᴭGIN䈭CMPᨆ{ stऄᔌ sต༒ddूin 䬗ȃ = ᠗tऄᔌ sต༒ddूin *ᨘࡐ⼚; Ȣ ( ᠈->ࠈ䈌㔖ࠆ=䔆I㤺P䈷EST_UଝEACℚ && ᠈-䐈ࡂcodࠆ=䔆 I㤺P䈸ORT䈶NᴾACHᨆ) pंntf("㜈stinatiฃ ᘎऌ unईሕhሴਈ\͒ᨼ udp_ᜈndmᜐ() pk0ँx–kwL. (ᜌrЕt ༂ตb *Ȏᔴ, strЕt sต༆ *s༣ strЕt msghጉ *msg, sɕe_t ਈ̚ Sâty chࠕ༗ ĭ p༦rLԑkwL.Ke2 The dࠗtȃatȎ̆U㜸 ᘎrt mЗt nฌ be 0. If we tr㔆dࠗtȃatȎn port of ☆wࠆgࠌ EINVAL ࠉrฉ as a rࠌЉ̆vሊuࠆย pk☉LxᄏwL.Ke The destination UDP is embedded inside the msghdr parameter (In faᔌ, msg->msg_name represents a sockaddr_in; vx /:gNo iᜆsoᔏaddr_in is the destination port number). MSG_OO䠆ȗ thࠆo̊y Ȋਈgሊ f਒g fฉ UDP. RࠌЉns EOPିTSUPP ࠉrฉ Ȣ such a f਒g ȗ pሗᜈd. (ฃਵ permittࠓ tฆSO㤇䈛TᴾAM) MSG_OO䠆ȗ aਗฆȊਈgሊ ȃ AF_UNI䤠 OOB stሃ጗ fฉ “Out Of Bሃd data”. The Mᭇ䈿O䠆f਒ဆȗ pࠉmȌted ȃ T㤸. It enables sending one b㔌e of data in urgent mode. (telnet , “ctrl/c” for example). The dࠗtȃatȎ̆mЗt bࠆeȌher: ᜖eᔂfied in the msghdr (the 5Ἂ field in msghdr). Or the socket is conneᔌed. ᜏ⡄sགᜌate =䔆TCP_ESTABLISHED Notice that though this is UDP, we uᜈ ⨹P semantiᔗ here. ᬈndingؖac༈ts inضDP (contd) Ĭcasࠆthࠆsต༈t ȗ nฌ cฃ̈ctࠓ, we shoЊd fȃd ሆrคte to Ȍ; thȗ ȗ dö by ᔒਊȃg ဦrlip xंp 0p rcሂℇedt ĬcasࠆȌ is cฃ̈cted, we ЗࠆthࠆroЌe from thࠆsตk ( LuएL ःNnox member ย ᜏ, whȕh ȗ ሃ ȃstሃcࠆof tkL अ– l5 ). 䘜en the ̂––x̆Ke system ᔒll was invo༈d, g0yrkN N.lNwrni––x̆Ke find the route b㔆 g0rlip xr̂––x̆Ke and ᜈt ĄU>LЉkĆrnN̎x in LЉkL rą Ke Mดȃg thࠆpሕkࠌ tฆLስࠉ ㈆(IP ਒yࠉ) ȗ dฃࠆ by g0rN00ԑkr་ NKed 3–t8bq@twȤထ.t oxt0ଃux t it㸋5xlt1tခt༂–xt Hဆot ဦधpxpԉ(wဆKe ⠎N =Lt oxtkgccxlx–̅tWt M㬫tkȅLt–i toN–༒xtclN.wx– ଆဂ–ht ဦrଦ0x–kएN ଇe tkiԁtoNᄏህtclN.wx– ଆဂᄓ 8bqtoN–kaxLtclN.wx– N gi–tg–taNᤅltydt,it–it–xxkt cilt g0rN00x–krkN NKe dt ဦr✖xpxr᠍ဆKetခtK–ଆplNሒ5etNtLဍ0ህltwx oikd Basȕሊਵ ജሌ the pk0rą–kwL.Ke method dจs ȗ: Fȃds tᰈ rคte for the pሕ༈t by ဦrlip xंp 0p rcሂℇe Se̓s thࠆᘒckࠌ wȌᰆ g0rainNarip KĄSe Asynchronous ⴮O Therࠆis support for As㔃chrฃคs I/O ĭUDP sต༈tᜠ Thȗ meሃᜆthat ȃstࠒd of pชਂ̐ tฆ༃ญ Ȣ thࠉࠆȗ dሌሆ(b㔆 Lxህn Ke , fฉ ࠅampਈ), tᰈ ༈r̈ਆse̓s ሆ SIGIO sȐnሊ ȃ ᜄch ሆcasࠠ Usȃg A᜵̕hrฃคᜆI/O UDP ȃ ሆusࠉ spacࠆ ሖᘊȕatȎn ȗ dฃe ȃ thrࠈ stሐࠗ: 1) Adding a SIGIO signal handler b㔆calling Lg.Nn gi–Ke system ᔒll 2) Calling c̑ aKe with F_SETO䘋 and the pid of our proᔈss to tell the proᔈss that it is the owner of the ᜎᔏet (so that SIGIO signalᜆwill be delivered to it). Seᐈral pऎce᜗eᜆcan access a ᜎc༈t. If we will not call c̑ a܈ with F_SETOWN, there can be aḴiguit㔆aᜆto which pऎce᜗ will get the SIGIO signal. FoआeԒmple, if we call foए᠚ the owner of the SIGIO iᜆthe paईnt; but we can call, in the ᜎn, fcntl᠗,F_SETOWN, getpid() ). 3) Setting flags: ᔒlling fᔃtl() with F_SETFL and O_NONBLOCK | FASYNC. Ĭtᰈ ᬭGIO ha̓ਈr, ഈ caਊ lxnAcliwKed 4(Nw0ህ2 Ćlp̆tĂ̄Nkklrg–tĂpl̅h Ćlp̆tĐ.N̆gi–toN–kaxਜ ĂpਃxdĐ–rcNഐaᤌ;tvDr3/48h ĂpਃxdĐ–r0iਆttt㰌o i–Lܚ))ࠜ ĂpਃxdĐ–rNkkldĉNkklt㰌o i–aܲ/vVVOrv/fࠜt ąl␣inux t;tĂ̄x KvDr3/48@t,7bIrVTOv⤟tmࠜ Sg–k܁xਤ,īx @܁ lp̆tLīNkklGe“Ăpਃx@Đ䄅ic܁ lp̆t ĂnЋkkਉg–ࠈh oN–kaxldċroN–kaxlt㰌,3T37BN–kaxlh Đ.cgaaą ݀oN–kaxldċrwNĄࠜ oN–kaxldċrcaN.Č;tmh Đ.N̆gi–ܣ3T37@t“oN–kaxl@tmeh c̑ a܁xlA,īx @Dr,487-/@t.x 0gkKࠈh c̑ a܁xlA,īx @Dr,48DE@t7r/7/6E7bItXtDv,f/beh 8oxtcn– a܈tHog̎tą Č oxtt7r/7/6E7bItXtDv,f/btcaN.Č g–␂uxČ Ă̄rcNę–̇e tg–t–x sĂ̄x ď itNkkt oxtĂ̄x d 8oxt 9(-(h:Ngtlxoሓ tഅ oiktHgaatSxt̋aaxktHox–t oxਅtgČ kN NtKĐ–̅tNt,3T37tĐ.–NatHNČ.x–x਋ xkࠌhtg tĎipakt̋aat lx̤ഁ.܈d Appendixو : Rgd–lo̐:oxg vn Rgdᄊฃg:oxg ᐃhmn:NgฐdgtM .Hn:ଐogdgtn3R4u/.HinLVnᐐ጑lฃg:ฅg vM IP_TOS IP䈪TL IP_ℷᴭହL IP䈿PTIONS IP_ᴿUTEᵂAľRT IP_ᴾCVOPTS IP_ᴾTOPTS IP䈸KTIଽO IP_PKTOPTIONS IP_MTU䈷ISCOVER IP_ᴾ㤻ERR IP_ᴾCVTTL IP_ᴾ㤻TOS IP_MTU IP_FREEBIND IP_IPSEC_POLI㥎 IP_XFᴺ䈸OLICY IP_PASSSEC IP_TᴤNSPAREପ ଎te: FoआBSD ᔎḖatȴȊȌ㔆thࠉe is IP_ᴾCVRETOPTS ᠍hȕh ȗ ȓࠃtȕaਆto IP_ᴾTOPTSᨠ AF_UଭX: SO_PASSCRE㜆fฉ AF䈶NIX soᔏࠌs. ଎tࠩFฉ histฉȕaਆ ईሗons thesࠆ soᔏࠌ oᘌȎ̗ ሉe sᘈᔂfȈd wȌh a SOL䈛OCKET t㔖e ࠔen thคလ the㔆aई PF_UଭX sᘈcȢiᔠ U㜸: U㜸_COᴇ ᠭPPᴿTO䈶DP ਈvࠊᨠ ᴤW: ICMP_FILTER TCP: TCP䈹Oᴇ TCP䈷EFEᵂACCEPT TCP䈭ଽO TCP䈇EEPCNT TCP䈇EEPIDľ TCP䈇EEPINTVL TCP䈁IେEᴥ TCP䈺AXSEG TCP䈋ODEĤY TCP䉞UI㤇ACK TCP䈛YହNT TCP䉆IଷOW_CĤMP AF_PACKET PACKET䈤D㝂MEMBEᴛℭP PACKET䈷ᴿP䈺EMBEᴛℭP Rg጑lฃg:ฅg vnTgଃᐐdᄊฃtl᠊tM SO_㜾B㙇 SO_ᴾUSEAD㜝 SO_TYPE SO_EᴝOR SO_㜿NTRO㘪E SO_BᴿA㜹AST SO_SଷBUF SO_ᴹVBUF SO_SଷBUFFOᴹE SO_ᴹVBUFFOᴹE SO_KEEPALIVE SO_OOBINĭNE SO_ି䈹ℾCK SO_PᴭOᴭTY SO_ĭେER SO_BS㜹OMPAT Appendixع: ،cpؕlienఆ #inᔊuገ 堢ᔃtਠ᱄ #inᔊuገ 堗tdਂ㐠h> #inᔊuገ 堈उnภh> #inᔊuገ 堗tdȎ.h> #inᔊuገ 堗tंnဠh> #inᔊuገ 堗㔗/sendfȊe.᱄ #inᔊuገ 堗㔗/stሌ.᱄ #inᔊuገ 堗㔗/t㔖ࠗ.᱄ #inᔊuገ 堄nistd.᱄ #inᔊuገ 堒खሮȃet.h> ȃt Ḓȃ᠚ tcp ᔊienఆ-ؕonఓ. stऄᔌ soᔏሓdr䈂n sa; ȃt sd 䔆sockࠌ(PF_INET, SOCK䈛TᴾAM, 0ᨼ Ȣ (sd堦) pंntf("ࠉऎ॒ᨼ Ḉḗetᡑsሣ ☣ si唈of᠗tऄᔌ sต༒dጉ䈂̚ᨼ sሠsin䈢ሞiਵ 䔆AF䈭ାT; sሠsin䈖ฉt = htฃsᠱ5㈚; ȃࠌ䈒tฃᡒ⼧2.168.0.121",&sሠsȃ䈒ddच; Ȣ (cฃneᔌ᠗ጣ ᠗tऄᔌ soᔏሓdोᩑsሣ sizeย᠗ሚ)<0ᨆ{ pࠉऎघ"ᔎn̈ᔌ"ᨼ eԂtᠦᨼ ᔊos࠘sጚ; tcp ᔊienఆ-ؕonఓ. If on the other ᜂde (192.168.0.121 in thiᜆexaḖle) there iᜆno TCP ᜈऔeआliᜌening on thiᜆpoऌ ᠱ53ᨆ㔎u will get thiᜆeउor for the ᜎc༈t(ᨆ᜵ᜌem call: connect: Connection refuᜈd. You can send data on thiᜆᜎc༈t by adding, for eԒmple: conᜌ chaआ*me᜗age = 刞㔞e᜗age刼 int length; length = ᜌऊen᠞e᜗age)倯; reᜆ䔆write᠗d, Ḉ᜗age, length); wंte(ᨆiᜆthe ᜒme as ᜈnd᠚, but with no flags. AppendixطةحCMP options Thesࠆሉe ICMP optȎns yoІcሃ sࠌ wȌh sࠌsตkถt ฃ RAW I㤺P sตkࠌ: (seࠆ /Зr/ȃc਄de/nࠌȃࠌ/Ȗ_ȕmp.h) ICMP_ECHOREPLY ICMP_DEST_UNREACH ICMP_SOURCE_QUENCH ICMP_REDIRECT ICMP_ECHO ICMP_TI㨾_EXCEEDED ICMP_PARAMETERPROB ICMP_TI㨾STAMP ICMP_TI㨾STAMPREPLY ICMP_INFO_REQUEST ICMP_INFO_REPLY ICMP_ADDRESS ICMP_ADDRESSREPLY A㠸ENDIXؾ:آlags ∎r send/receive MSG_OOB MSG_PEEK MSG_DONTROUTE MSG_TRYHARD ⠆S㔃on㔞 foआ㨛G_DONTROUTE foआDECnet MSG_CTRUNC MSG_PROBE - Do not ᜈnd. Onl㔆probe path f.e. foआMTU MSG_TRUNC MSG_DONTWAIT - Nonbloc༂ng io MSG_EOR - End of ईcord MSG_WAITALL - Wait foआa full requeᜌ MSG_FIN MSG_SYN MSG_CONFIRM - ConfirḆpath ᐒlidit㔆 MSG_RST MSG_ERRQUEUE ⠆Fetch me᜗age fऎm erऎr queue MSG_NOSIGNAL ⠆Do not generate SIGPIPE MSG_㨿RE 0Ա000 ⠆Sendeआwill ᜈnd Ḏre. EԒmple: setؒnd geఆan؎ption Thȗ sȞpਈ eԒḖlࠆdࠞonstऒtࠗ hoആto sࠌ ሃd ဈt an IP lስer ถtȎn: #inᔊuገ 堗tdȎ.h> #inᔊuገ 堒खሮȃet.h> #inᔊuገ 堗㔗/t㔖ࠗ.᱄ #inᔊuገ 堗㔗/soᔏࠌ.h> #inᔊuገ 堗tंnဠh> ȃt Ḓȃ᠚ ȃt s; ȃt ถt; ȃt ईs; ȃt ฃe = 1; ȃt sɕe = sɕeย(ถtᨼ s 䔆sตketᠤF䈭ାT, SOCK䈷GRAM, ☚; Ȣ (s堦) pࠉऎघ"sตket"ᨼ ईs = sࠌsต༎pt(s, SOłIP, IP䈝ECVEᴝ, &ฃࠣ sɕeย(one)ᨼ Ȣ (ईs=䔨⼚ pࠉऎघ"sࠌsoᔏถt"); ईs = getsต༎pt᠗, SOłIP, IP䈝ECVEᴝ,&ถt,&sɕeᨼ Ȣ (ईs=䔨⼚ pࠉऎघ"getsoᔏถt"ᨼ ᘉintfᡒoᘌ 䔆娓\n",oᘌᨼ ᔊos࠘sᨼ Example: ؉ecord؉ouఈ؎pంon ThiᜆeԒmple ᜜owᜆhow to ᜈnd a ईcoओ ऎute option. #definࠆଝOUTES 9 ȃt Ḓȃ᠚ ȃt s; ȃt ถtਈn=0; stऄᔌ soᔏሓdr䈂n tሉget; ȃt ईs; ᔜar गpሕe[3+ⱋଝOUTES倯]; ᔜar buf[⼦]; taऐࠌ.sȃ_faḂl㔆= AF䈭ାT; taऐࠌ.sȃ_ᘎऌ=htฃs(9✧ᨼ ȃࠌ䈒tฃᡒ⼧Ⱐ✦.⼠5",&tሉget.sin䈒ddच; stकᘵᠴТ,"messagࠆ⼩"ᨼ s 䔆sตketᠤF䈭ାT, SOCK䈷GRAM, ☚; Ȣ (s堦) pࠉऎघ"sตket"ᨼ Ḉḗet᠉sᘒce, ☣ sɕeย᠉sᘒᔈᨚ; गpሕ࡜0] = IPOPT䈋OP; गpሕ࡜⽐IPOPT䈿PTVAL] 䔆IPOPT_ᴝ; गpሕ࡜⽐IPOPT䈿LEଢ଼ = sɕࠎf(rsᘒᔈᨨ⼼ गpሕ࡜⽐IPOPT䈿FFSET] = IPOPT䈺IିFF; ถtlࠃ=Ⱖ; Ȣ (sࠌsต༎ᘌ᠗, IPPᴿTO_IP, IP䈿PTIONS, गpሕe, sɕࠎf᠉spሕeᨚ堦) pࠉऎघ"ईᔎओ routࡓn"ᨼ eԂtᠥᨼ AP㠾NDIXؽ: UDP؈rrorᜆ Running : cat /pऎc/net/ᜃḖ | grep Udp: will giᐈ ᜎḈthing li༈: Udp: InDatagऒmᜆNoPoऌᜆInEउoग OutDatagऒmᜆRcvbufEउoग SndbufEउoग Udp: 2625 1 0 2100 0 0 InEउoग - (UDP_㨭B_INERRORSᨆ RcᐴufEउoग – UDP_MIB_RCVBUFERRORS: IncreḈnted in rrpk0r9pxpxrਃ␉ĄS܈ (net/ipv4/udp.cᨠ SndbufEउorᜆ– ᠶDP_MIB_SNDBUFERRORS) IncreḈnted in pk0rą–kഁ.܈ Anฌher mࠌrȕ: cat /proc/net/udp The last column in: drops Repईᜈntᜆᜏ-䐗གdऎpᜠ Incईmented in __udp_queue_कᑂᜏb(ᨆ net/ipv4/udp.c Whĕጎ RcᐴufErऎrs occuआ? The total nuḴer of b㔌es queued in ᜏ_receiᐈ_queue queue of a ᜎc༈t iᜆᜏ⡄ᜏ_rḈm_alloc. The total allowed meḎव of a ᜎc༈t is ᜏ⡄sགकᐴuf. It can be ईtrieᐈd with getᜎc༎pt᠚ uᜂng SO_RCVBUF. Each timࠆሆpac༈t ȗ rࠕeȔed, thࠆ >ᜏ_rḈm_alloc ȗ ȃᔉࠞࠃtࠓ by skb->truࠗɕࠩ ᜏb-䐌rueᜂ唈 it the ᜂ唈 ᠂n b㔌es) allocated foआthe data of the ᜏb pluᜆthe ᜂze of ᜏ_buff ᜌऄctuई itᜈlf. ThiᜆincreḈntation iᜆdone in ᜏb_ᜈt_owner_घ) ... atoḂc_add᠗༴⡄tऄeᜂ唈, &ᜏ-䐗གrḈm_allocᨼ ... ᜈe: include/net/ᜎc༠h When the pac༈t iᜆfईed b㔆༢ईe_ᜏb(ᨣ we decईḈnt Lu2 ☁urofxfrNllin b㔆 Lu.┦ ocxLK⨅ ; thiᜆiᜆdone in Ă̄rਕlxx ᠚: ᜎcགrfईe᠚ ... atoḂc_ᜄb᠗༴⡄tऄeᜂze, &ᜏ⡄ᜏ_rḈm_allocᨼ ... ImḈdiatel㔆in the beginning of ᜎcགqueue_कᑂs༴᠚, we haᐈ thiᜆchec༩ if ᠒tomic_ईadᡑᜏ⡄ᜏ_ञem_alloc) 倆ᜏb⡄tऄesi唈䑅 (unᜂgned)ᜏ⡄sགकᐴufᨆ{ eउ 䔆-ENO㨾M; Whĕrࠌur̂̐ -㸋OM㸺 , tᰂs nฌifȈs thࠆ cሊlࠉ tฆdrถ thࠆᘒckࠌ. This is done in rrpk0r9pxpxrl̤rLЛKe method: stሌȕ ȃt _䈄dᙂquࠄࡂrᔔ_s༴(stऄᔌ sต༆*s༣ stऄᔌ sགbuff *s༴) ... Ȣ (᠉c = soᔏ䈫uࠄe䈉ᔔ_s༴᠗k, s༴)ᨆ< ☚ { /䬆Nฌࠆtᰒt ሃ ENOMEM eउฉ ȗ ᔜaऐࠓ tംᔈ 䬮 Ȣ (क =䔆-EିMEMᨆ{ U㜸_INC䈛TATS_BH᠗ตགnet᠗༚, U㜸_MIB_ᴹVB㘽ERᴿᴛ, ȗ_udpਂteᨼ ሌพiᕂȃᔘ&s༨䐗k_dऎpsᨼ The dࠢሄlt sɕࠆof ᜏ⡄ᜏ_कᐴuf is SK_RMEM_MAX sy᜕tੂrmem_mህ). It ࠫВਗ to (sɕࠎf(strЕt sགbТf) + ┙6) * ┙6 Seࠩ ᬇ_ᴺ㸺_MA䤆dࠢîtiฃ ĭ ̈t/cor࠮ᜎck.c Thȗ cሃ be vȈwed ሃd modȢȈd 㐵: s0li̗ęė–x ŝlxslwxwrkxcNpa entry. getᜎᔏopt()/ᜈtsoᔏopt() with R4/q1PD-; Foआthe ᜈnd queue ܁ЉHਐ xr9pxpxࠟtHxtoN␅tg–t g0rN00x–krkN N܈ tNt̋aat it Ă̄rNaaỉą–krĄSKe @tHog̎t xAx– pNaaᤌg–␂uxČ Ă̄rNaaỉLx–kr0LЛ܈dt 3–tĂ̄rNaaỉLx–kr0LЛ܈@tHxt0xci਍t ogČ̎x̄2 ddd gct܋ iഐ̉lxNkK“ĄU䐁ЉHഅഉNaaït䈌Lж䐁ЉL–kSpce ddd 3ctg tgČ lpx@tx␅ਙ og–.tgČcg–xdt 3ct–i @tHxtx–ktHg otą g–.t 9hRqrm94pRrph9ImR5 tN–kt R41r/w4RHs17 tcaN.Ltict oxtĂ̄x 2 ą rSg ܣ7bIrv,f/br/7,qvb4@t“ĄU䐁ЉĂ̄x 㙄caN.Ĉh ą rSg ܣ7bIr/7,qvb4@t“Ą㙄ĄrĂ̄x U䐕aN.Ĉh 3–t pk0rą–kwĠ܈ @tHxt̎x̄t oxt,7bIr/7,qvb4tcaN.dt3ctg tgČ ą @tHxtg–̊xഅ– t oxtMVqr:36r,/V6MD4OO7O,t̂p– xld ĂnЉNaaỉą–kr0ĄS܈ t̋aaČt ĄSrLx riH–xਉH܈d 3–t ĄSrą riH–xlrH܈ @tHxtoNAx2 ddd N iwg̉NkkKĄS㙄 ਖxĐ”x@t“Ą㙄LurHwxഉNaaïh ddd -ox–t oxt0N̄x tgČcਅxktSᤌЕਅxrLЛ܈@tHxtkx̊xwx– t ĄrHwxഉNaain@tg–tĂ̄rHclxxKࠌwx oik2 Ă̄rHclxxKe ddd N iഐ̉ĖSKĄS㙄 ਖxĐ䄅@t“Ą㙄ĄrHഅwrNaaïh ddd Tips To find out ᜎc༈t uᜈd b㔆a pऎce᜗: lᜆ-l /pऎc/[pid]/fd|grep ᜎc༈t|cut -d: ⠢3|ᜈd 'ᜮ\[//;ᜮ\]//' The numbeआretuःed iᜆthe inode numbeआof the ᜎc༈t. Infoञation about theᜈ ᜎc༈tᜆcan be obtained from netᜌat -ae After ᜌaऌing a proce᜗ which createᜆa ᜎc༈t, 㔎u can see that the inode cache waᜆincremented b㔆one b㔩 moई /pऎc/ᜊabinfo | gईp ᜎck ᜎcགinode_cache 476 485 768 5 1 : tunableᜆ 0 0 0 : ᜊabdata 97 97 0 The fiगt nuḴer, 476, iᜆthe nuḴer of actiᐈ objectᜠ END ⨜an༆㔎u! ऒmȉoᜈ@gmaȊ.ᔎm

Linux؇ernel؋e఍or༂ng – - PDF document

Linux؇ernel؋e఍or༂ng – - PPT Presentation

Share:

Link:

Embed:

Related Contents