Hi,

I would really appreciate if any one could help me sort this out.
I am trying to work with raw sockets as following:

I have three machines... machine(1) acting as a source, machine(3) acting as a destination, machine(2) acting as an intermediate default router so that all packets leaving machine(1) goes through machine(2).

I am sending UDP packets from machine(1) to machine(3) using raw sockets(I included UDP header and IP header in the packet using IPHDRINCL option). I also have some IP options set in the IP header. Now what I have to do is, I have to intercept that packet on machine(2), decrement its TTL value and re-send it to machine(3) after examining the IP header options.

what I am not able to achieve is that when I send the packet from machine(1) to machine(3) , I am not able to catch the packet on machine(2). I am able to copy the packet using sock(AF_INET,SOCK_PACKET) but that is what I need. I need to have the kernel give me the entire packet(and not just a copy) so that I can resend it myself to machine(3) without changing the source IP in the header fields.

I would greatly appreciate if any one could help on this.
Any sample code would be much better.

Thanks in advance,
-raj

I'm not sure I understand your distinction between "catching"
the packet versus getting a "copy" of it...

But, if you're doing IP_HDRINCL, you can supply your own
source IP of whatever you want on your outgoing packet, so
I'm not sure why you say you are unable to keep the source
IP the same as it originally was... Are you saying you're not
capturing the IP header of the original packet?? If so, you
must be doing something weird...

There are several examples of this sort of thing around...
But, most of them tend to use higher-level libraries, like
libpcap (http://www.tcpdump.org/) and libnet (http://www.packetfactory.net/libnet/), for the portability they provide... I
can't think of anything right offhand directly using raw sockets
and/or AF_PACKET sockets that does user-space routing
(which is basically what you're trying to do)...

What i mean by "catching" the packet is that the kernel on machine(2) should give the packet to the higher level appln, without creating any duplicates. From Richard Stevens , Unix Net'ing book i feel that using a socket of SOCK_PACKET type at the link layer level would just duplicate an incoming packet and give it to the appln, and still the kernel would process the packet and forward it (AS in this case , the machine(2) is not destination address of the packet).

My problem put in simple words is this, my appln should be able to pull the packet if the packet has certain IP options in its header(in my case it is router alert) though machine(2) is not the final destination of the packet (provided in the IP header dest. field)

Thank for your help,
-raj.

The machine would only forward it, if it were configured to act
as a router itself... But, if you want to prevent the packet from
continuing on, I'm not sure of any way of doing that, short of
setting up some firewall rules, or modifying your kernel, or
something... *shrug*

The machine would only forward it, if it were configured to act
as a router itself... But, if you want to prevent the packet from
continuing on, I'm not sure of any way of doing that, short of
setting up some firewall rules, or modifying your kernel, or
something... *shrug*

This is correct. And if I fully understand your issue, you want to actually do packet routing at YOUR app level. Disabling routing in your system will do the trick ;)