在Go中使用原始套接字 [英] Use raw sockets in Go
问题描述
我试图编写一个接收DHCP发现(UDP)的程序,并根据DHCP数据包中特定字段(GIADDR)的内容使用不同的源IP地址将它们转发到给定的IP地址。
我可以开始接收和发送数据,但是我在使用IP源地址时遇到了一个问题,那就是本地计算机上没有配置的IP地址。
我相信这只能使用Raw套接字完成;真的吗 ?
有没有关于如何在Go中执行此操作的示例?
我花了几天的时间四处寻找,但找不到太多。
干杯,
Sal
安全
一般来说,能够为数据包设置源IP地址可能是一种非常危险的安全方式。在linux下,为了伪造自己的原始 DHCP 信息包使用自定义标题,您需要以root用户身份运行应用程序,或者使用 CAP_NET_RAW功能(请参阅 setcap )。
Go中的原始套接字
标准网络库不提供原始套接字功能,因为它非常专业化,并且API可能会随着人们开始在愤怒中使用它。
go.net subrepository提供了一个ipv4和一个ipv6软件包,前者应该满足您的需求: http://godoc.org/code.google.com/p/go.net/ipv4#NewRawConn
标题欺骗
您需要使用 ipv4.RawConn 的 ReadFrom 方法读取您的源数据包。然后,您应该可以使用大部分这些字段以及GIADDR逻辑来为 WriteTo 调用。它可能是这样的:
for {
hdr,payload,_,err:= conn.ReadFrom( buf)
if err!= nil {...}
hdr.ID = 0
hdr.Checksum = 0
hdr.Src = ...
hdr .Dst = ...
if err:= conn.WriteTo(hdr,payload,nil); err!= nil {...}
}
I'm trying to write a program that receives DHCP discoveries (UDP) and forwards them on to a given IP address using a different source IP address depending on the content of a specific field (GIADDR) in the DHCP packet.
I could get working the receiving and sending bit but I'm having an issue with using as IP source address anything that is not a configured IP address on the local machine.
I believe that this can only be done using Raw sockets; is that true ?
Are there any examples out there on how to do that in Go ?
I've spent a couple of days looking around but could not find much.
Cheers,
Sal
解决方案 There are a number of hurdles to jump with what you propose:
Security
In general, being able to set the source IP address for a packet could be a very dangerous thing security wise. Under linux, in order to forge your own raw DHCP packets with custom headers, you will need to run your application as root or from an application with the CAP_NET_RAW capability (see setcap).
Raw Sockets in Go
The standard net library does not provide raw socket capability because it is very specialized and the API may be subject to change as people begin to use it in anger.
The go.net subrepository provides an ipv4 and an ipv6 package, the former of which should suit your needs:
http://godoc.org/code.google.com/p/go.net/ipv4#NewRawConn
Header Spoofing
You will need to use ipv4.RawConn's ReadFrom method to read your source packet. You should then be able to use most of those fields, along with your GIADDR logic, to set up the headers for the WriteTo call. It will probably look something like:
for {
hdr, payload, _, err := conn.ReadFrom(buf)
if err != nil { ... }
hdr.ID = 0
hdr.Checksum = 0
hdr.Src = ...
hdr.Dst = ...
if err := conn.WriteTo(hdr, payload, nil); err != nil { ... }
}
这篇关于在Go中使用原始套接字的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
标准网络库不提供原始套接字功能,因为它非常专业化,并且API可能会随着人们开始在愤怒中使用它。
go.net subrepository提供了一个ipv4和一个ipv6软件包,前者应该满足您的需求: http://godoc.org/code.google.com/p/go.net/ipv4#NewRawConn
标题欺骗
您需要使用 ipv4.RawConn 的 ReadFrom 方法读取您的源数据包。然后,您应该可以使用大部分这些字段以及GIADDR逻辑来为 WriteTo 调用。它可能是这样的:
for {
hdr,payload,_,err:= conn.ReadFrom( buf)
if err!= nil {...}
hdr.ID = 0
hdr.Checksum = 0
hdr.Src = ...
hdr .Dst = ...
if err:= conn.WriteTo(hdr,payload,nil); err!= nil {...}
}
I'm trying to write a program that receives DHCP discoveries (UDP) and forwards them on to a given IP address using a different source IP address depending on the content of a specific field (GIADDR) in the DHCP packet. I could get working the receiving and sending bit but I'm having an issue with using as IP source address anything that is not a configured IP address on the local machine. I believe that this can only be done using Raw sockets; is that true ? Are there any examples out there on how to do that in Go ? I've spent a couple of days looking around but could not find much.
Cheers, Sal
There are a number of hurdles to jump with what you propose:
Security
In general, being able to set the source IP address for a packet could be a very dangerous thing security wise. Under linux, in order to forge your own raw DHCP packets with custom headers, you will need to run your application as root or from an application with the CAP_NET_RAW capability (see setcap).
Raw Sockets in Go
The standard net library does not provide raw socket capability because it is very specialized and the API may be subject to change as people begin to use it in anger.
The go.net subrepository provides an ipv4 and an ipv6 package, the former of which should suit your needs:
http://godoc.org/code.google.com/p/go.net/ipv4#NewRawConn
Header Spoofing
You will need to use ipv4.RawConn's ReadFrom method to read your source packet. You should then be able to use most of those fields, along with your GIADDR logic, to set up the headers for the WriteTo call. It will probably look something like:
for {
hdr, payload, _, err := conn.ReadFrom(buf)
if err != nil { ... }
hdr.ID = 0
hdr.Checksum = 0
hdr.Src = ...
hdr.Dst = ...
if err := conn.WriteTo(hdr, payload, nil); err != nil { ... }
}
这篇关于在Go中使用原始套接字的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!