我可以在Linux中使用原始套接字创建侦听TCP套接字吗? [英] Can I create a listening TCP socket using raw sockets in Linux?
问题描述
我想创建一个侦听TCP套接字,在它接收到来自客户端的初始SYN数据包后,可以控制它何时使用第一个SYN + ACK响应客户端.
I would like to create a listening TCP socket where I could control when it responds to the client with the first SYN+ACK after it receives the initial SYN packet from the client.
我想这样做是为了引入一些延迟或忽略一些初始的SYN数据包.目前,我可以使用iptables进行此操作,但我想知道是否可以使用OS套接字接口来完成此操作.
I want to do this to introduce some delays or ignore some initial SYN packets. I can do this using iptables at the moment, but I'm wondering if this could be done using the OS socket interface.
请注意,如果我使用普通的TCP套接字,则服务器一旦在套接字描述符上调用listen(),操作系统就会在客户端连接到它时建立连接.
Note that if I use a normal TCP socket, once the server calls listen() on the socket descriptor, the OS will establish the connection when a client connects to it.
我想知道我是否可以使用原始套接字来实现此行为.到目前为止,我所看到的有关原始套接字的所有示例都是关于主动套接字(客户端到服务器)而不是被动套接字(侦听套接字).
I am wondering then if I could use raw sockets to implement this behavior. All the examples I have seen so far about raw sockets are about active sockets (client to server) and not passive sockets (listening sockets).
推荐答案
从理论上讲,您可以在原始套接字上编写自己的TCP实现.但是内核仍会在原始套接字获得副本之前响应所有传入的TCP数据包.因此,您必须使用iptables或其他阻止内核查看您感兴趣的数据包的方法来解决此问题.
You could theoretically write your own TCP implementation over raw sockets. But the kernel will still respond to any incoming TCP packets before your raw socket gets a copy. So you'd have to work around this by using iptables or something to block the kernel from seeing the packets you're interested in.
我认为通过netfilter接口在内核模块中执行此操作会更容易(这可能是您已经在执行的操作).您还可以签出libnetfilter_queue
,如果您真的想在用户空间中这样做,它可能会起作用.
I think it would be easier to do this in a kernel module via the netfilter interface (which may be what you're already doing). You could also check out libnetfilter_queue
which might work if you really want to do it in userspace.
这篇关于我可以在Linux中使用原始套接字创建侦听TCP套接字吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!