Reading a TCP header and managing a TCP connection with RAW_SOCKET

Question

I'm trying to get the TCP header of a TCP connection in C++11. Reading through already existing StackOverflow questions (here, here, here and here) it seems like I have to open a RAW_SOCKET or to write a Linux Kernel Module (LKM) to have access to it.

From what I've understood, opening a raw socket means handling the whole TCP protocol (handshake, window size, etc...). Is there a way to obtain the TCP header and let the kernel manage the TCP protocol (either "by hand" or with some framework)?

I know I could use libpcap for capturing the packets, but this would mean for my application making somehow a match from the incoming packet in the TCP socket and the captured packet from libpcap. While this is a possible solution, it'd be a cumbersome one (and I wouldn't like to do that).

Any help is appreciated, thank you!

Answer 1

A "quick and dirty" approach might be using two connections, an external connection to the remote host and a pure internal one. Sure, this won't be the most efficient approach, but is easy (and fast) to implement (the core feature of QAD "solutions"...):

socket ext_raw  ------- socket remote, TCP (likely, at least)
socket int_raw  ---
                   |    (loop back connection)
socket int_tcp  ---

Any incoming messages at ext_raw and int_raw are just forwarded from one to the other (while incoming messages on ext_raw can be inspected for TCP headers), whereas all the normal TCP handling is done by the internal TCP socket. So in a way, you'll be tunneling the TCP connection through your two raw sockets...