2 .\" Don't change the first line, it tells man that we need tbl.
3 .\" This man page is Copyright (C) 1999 Andi Kleen <ak@muc.de>.
4 .\" Permission is granted to distribute possibly modified copies
5 .\" of this page provided the header is included verbatim,
6 .\" and in case of nontrivial modification author and date
7 .\" of the modification is added to the header.
8 .\" $Id: raw.7,v 1.6 1999/06/05 10:32:08 freitag Exp $
9 .TH RAW 7 2008-11-20 "Linux" "Linux Programmer's Manual"
11 raw, SOCK_RAW \- Linux IPv4 raw sockets
13 .B #include <sys/socket.h>
15 .B #include <netinet/in.h>
17 .BI "raw_socket = socket(AF_INET, SOCK_RAW, int " protocol );
19 Raw sockets allow new IPv4 protocols to be implemented in user space.
20 A raw socket receives or sends the raw datagram not
21 including link level headers.
23 The IPv4 layer generates an IP header when sending a packet unless the
25 socket option is enabled on the socket.
26 When it is enabled, the packet must contain an IP header.
27 For receiving the IP header is always included in the packet.
29 Only processes with an effective user ID of 0 or the
31 capability are allowed to open raw sockets.
33 All packets or errors matching the
36 for the raw socket are passed to this socket.
37 For a list of the allowed protocols see RFC\ 1700 assigned numbers and
38 .BR getprotobyname (3).
44 and is able to send any IP protocol that is specified in the passed
46 Receiving of all IP protocols via
48 is not possible using raw sockets.
54 IP Header fields modified on sending by \fBIP_HDRINCL\fP
55 IP Checksum:Always filled in.
56 Source Address:Filled in when zero.
57 Packet Id:Filled in when zero.
58 Total Length:Always filled in.
65 is specified and the IP header has a nonzero destination address then
66 the destination address of the socket is used to route the packet.
69 is specified, the destination address should refer to a local interface,
70 otherwise a routing table lookup is done anyway but gatewayed routes
75 isn't set, then IP header options can be set on raw sockets with
81 In Linux 2.2, all IP header fields and options can be set using
83 This means raw sockets are usually only needed for new
84 protocols or protocols with no user interface (like ICMP).
86 When a packet is received, it is passed to any raw sockets which have
87 been bound to its protocol before it is passed to other protocol handlers
88 (e.g., kernel protocol modules).
90 Raw sockets use the standard
92 address structure defined in
96 field could be used to specify the IP protocol number,
97 but it is ignored for sending in Linux 2.2 and should be always
101 is set to the protocol of the packet.
104 include file for valid IP protocols.
106 Raw socket options can be set with
112 .\" Or SOL_RAW on Linux
116 Enable a special filter for raw sockets bound to the
119 The value has a bit set for each ICMP message type which
120 should be filtered out.
121 The default is to filter no ICMP messages.
126 socket options valid for datagram sockets are supported.
128 Errors originating from the network are only passed to the user when the
129 socket is connected or the
132 For connected sockets, only
136 are passed for compatibility.
139 all network errors are saved in the error queue.
143 User tried to send to a broadcast address without having the
144 broadcast flag set on the socket.
147 An invalid memory address was supplied.
154 Either Path MTU Discovery is enabled (the
156 socket flag) or the packet size exceeds the maximum allowed IPv4
160 Invalid flag has been passed to a socket call (like
164 The user doesn't have permission to open raw sockets.
165 Only processes with an effective user ID of 0 or the
167 attribute may do that.
170 An ICMP error has arrived reporting a parameter problem.
175 are new in Linux 2.2.
176 They are Linux extensions and should not be used in portable programs.
178 Linux 2.0 enabled some bug-to-bug compatibility with BSD in the
179 raw socket code when the
181 socket option was set \(em since Linux 2.2,
182 this option no longer has that effect.
184 By default, raw sockets do path MTU (Maximum Transmission Unit) discovery.
185 This means the kernel
186 will keep track of the MTU to a specific target IP address and return
188 when a raw packet write exceeds it.
189 When this happens, the application should decrease the packet size.
190 Path MTU discovery can be also turned off using the
193 .I /proc/sys/net/ipv4/ip_no_pmtu_disc
197 When turned off, raw sockets will fragment outgoing packets
198 that exceed the interface MTU.
199 However, disabling it is not recommended
200 for performance and reliability reasons.
202 A raw socket can be bound to a specific local address using the
205 If it isn't bound, all packets with the specified IP protocol are received.
206 In addition, a RAW socket can be bound to a specific network device using
207 .BR SO_BINDTODEVICE ;
214 If you really want to receive all IP packets, use a
219 Note that packet sockets don't reassemble IP fragments,
222 If you want to receive all ICMP packets for a datagram socket,
223 it is often better to use
225 on that particular socket; see
228 Raw sockets may tap all IP protocols in Linux, even
229 protocols like ICMP or TCP which have a protocol module in the kernel.
230 In this case, the packets are passed to both the kernel module and the raw
232 This should not be relied upon in portable programs, many other BSD
233 socket implementation have limitations here.
235 Linux never changes headers passed from the user (except for filling
236 in some zeroed fields as described for
238 This differs from many other implementations of raw sockets.
240 RAW sockets are generally rather unportable and should be avoided in
241 programs intended to be portable.
243 Sending on raw sockets should take the IP protocol from
245 this ability was lost in Linux 2.2.
246 The workaround is to use
249 Transparent proxy extensions are not described.
253 option is set, datagrams will not be fragmented and are limited to
256 Setting the IP protocol for sending in
258 got lost in Linux 2.2.
259 The protocol that the socket was bound to or that
260 was specified in the initial
264 .\" This man page was written by Andi Kleen.
268 .BR capabilities (7),
273 for path MTU discovery.
278 include file for the IP protocol.