> I have tried to receive ISO protocol pkts (Prot Type 0xfefe) on a raw
> socket, but I am only able to receive them if I create the socket as
> follows:
>
> fd = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL));
>
> with ETH_P_ALL as the 3rd argument.
>
> If I do
>
> fd = socket(PF_PACKET, SOCK_RAW, htons(0xfefe));
>
> Any ideas why?
I'm not sure just glancing at it, but the kernel code you want to look
at is fairly simple. When the packet socket is created, you go through
sys_socket() -> sock_create() and end up in packet_create(), which adds
the passed protocol to the socket's packet_type and calls
dev_add_pack(). The packet_type is hashed into the ptype_base hash by
dev_add_pack(). When a new sk_buff is received by the net interface,
it's dequeued in net_rx_action() and its skb->protocol is looked up in
that hash with this loop:
for (ptype=ptype_base[ntohs(type)&15];ptype;ptype=ptype->next) {
So it seems that the protocol type is checked in host byte order, both
here and when the packet_type is inserted into the hash with
hash=ntohs(pt->type)&15;
pt->next = ptype_base[hash];
ptype_base[hash] = pt;
So it at least looks correct that you're calling htons() before calling
socket. Of course, it doesn't seem that byte order would matter with
0xfefe being a palindrome, but I'm still kind of hazy on byte ordering
issues like that. I'm sure someone will be kind enough to correct me if
i'm confused.
happy exploring,
--
Jason Lunz Trellis Network Security
j@trellisinc.com http://www.trellisinc.com/
-
: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.kernel.org
