I am trying to create a simple C# app which does port forwarding, and need to know how to use the IP_HDRINCL socket option to try to fake out the receiving end to think the connection is really to the source. Any examples would be greatly appreciated.
A:
IP_HDRINCL
.NET's Socket type does support RAW, and there is SocketOptionName.HeaderIncluded for use with Socket.SetSocketOption.
You may want to use Reflector to double check the .NET implementation aligns with the enum values.
Richard
2009-02-21 12:55:28
+1
A:
sock = new Socket( AddressFamily.InterNetwork, SocketType.Raw, ProtocolType.IP );
sock.Bind( new IPEndPoint( IPAddress.Parse( "10.25.2.148" ), 0 ) );
sock.SetSocketOption( SocketOptionLevel.IP, SocketOptionName.HeaderIncluded, 1 );
byte[] trueBytes = new byte[] { 1, 0, 0, 0 };
byte[] outBytes = new byte[] { 0, 0, 0, 0 };
sock.IOControl( IOControlCode.ReceiveAll, trueBytes, outBytes );
sock.BeginReceive( data, 0, data.Length, SocketFlags.None, new AsyncCallback( OnReceive ), null );
The only problem is that I've been able to successfully receive data from a raw socket like this, (including the IP header) but not send it.
dviljoen
2009-07-22 13:16:14
A:
I found this website, but not sure how well the code works: http://www.winsocketdotnetworkprogramming.com/clientserversocketnetworkcommunication8h.html
Jeff
2010-09-17 18:40:45
A:
Newer versions of windows do not allow the use of raw sockets do to malware heavily abusing them.
Quoted from the MSDN
On Windows 7, Windows Server 2008 R2, Windows Vista, and Windows XP with Service Pack 2 (SP2), the ability to send traffic over raw sockets has been restricted in several ways:
- TCP data cannot be sent over raw sockets.
- UDP datagrams with an invalid source address cannot be sent over raw sockets. The IP source address for any outgoing UDP datagram must exist on a network interface or the datagram is dropped. This change was made to limit the ability of malicious code to create distributed denial-of-service attacks and limits the ability to send spoofed packets (TCP/IP packets with a forged source IP address).
- A call to the bind function with a raw socket is not allowed.
These above restrictions do not apply to Windows Server 2008 , Windows Server 2003, or to versions of the operating system earlier than Windows XP with SP2.
Scott Chamberlain
2010-09-17 18:47:29