zawalida
Reputation: 21
How can I recvive the ICMP packet (ICMP_PORT_UNREACH)?
I can find udp packet and ICMP packet in Wireshark, but recvfrom() return -1 when I use it to recvive ICMP packet in my program. I use GetLastError() and the error code is 10022.
send_sa.sin_family = AF_INET;
send_sa.sin_addr.s_addr = inet_addr(treeRoot);
SOCKET sockSend = socket(AF_INET, SOCK_DGRAM, 0);
……
send_sa.sin_port = htons(portCurr);
SOCKET sockRecv = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP);
……
//int res = sendto(sockSend, NULL, 0, 0, (struct sockaddr*)&send_sa, sizeof(send_sa));
connect(sockSend, (struct sockaddr*)&send_sa, sizeof(send_sa));
send(sockSend, NULL, 0, 0);
……
re = recvfrom(sockRecv, buff, sizeof(buff), 0, (struct sockaddr*)&send_sa, (socklen_t*)&structlen);
Upvotes: 0
Views: 102
Answers (1)
HP_perfect
Reputation: 93
To read packets and detect ICMP messages for unreachable ports, you can use raw sockets.
When a UDP packet is sent to a closed port, the session layer will generate an ICMP "Port Unreachable" message back to the source.
Here’s an example code snippet that demonstrates how to capture these packets using a raw socket:
#include <iostream>
#include <sys/socket.h>
#include <netinet/in.h>
#include <netinet/ip.h>
#include <netinet/if_ether.h>
#include <netinet/ip_icmp.h>
#include <netinet/udp.h>
#include <arpa/inet.h>
#include <cstring>
constexpr int SOCK_BUF_SIZE = 65536;
int sockFd_;
uint8_t buffer_[SOCK_BUF_SIZE];
const int ethHeaderSize_ = sizeof(struct ether_header);
int main() {
struct sockaddr_ll sa;
socklen_t sa_len = sizeof(sa);
// Create a raw socket
sockFd_ = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL));
if (sockFd_ < 0) {
std::cerr << "Socket creation error" << std::endl;
exit(EXIT_FAILURE);
}
while (true) {
ssize_t packet_len = recvfrom(sockFd_, buffer_, SOCK_BUF_SIZE, 0, reinterpret_cast<struct sockaddr *>(&sa), &sa_len);
if (packet_len < 0) {
std::cerr << "Error receiving packet" << std::endl;
continue;
}
const auto* eth = reinterpret_cast<const ether_header *>(buffer_);
if (ntohs(eth->ether_type) == ETHERTYPE_IP) {
const auto* ipHeader = reinterpret_cast<const ip*>(buffer_ + ethHeaderSize_);
if (ipHeader->ip_p == IPPROTO_ICMP) {
const auto* icmpHeader = reinterpret_cast<const icmphdr*>(buffer_ + ethHeaderSize_ + ipHeader->ip_hl * 4);
if (icmpHeader->type == ICMP_DEST_UNREACH && icmpHeader->code == ICMP_PORT_UNREACH) {
const auto* origIph = reinterpret_cast<const ip*>(buffer_ + ethHeaderSize_ + ipHeader->ip_hl * 4 + sizeof(struct icmphdr));
const auto* origUdph = reinterpret_cast<const udphdr*>(reinterpret_cast<const uint8_t*>(origIph) + origIph->ip_hl * 4);
std::cout << "Unreachable port in ICMP message: " << ntohs(origUdph->uh_dport) << std::endl;
}
}
}
}
close(sockFd_);
return 0;
}
Upvotes: 0
Related Questions
- Receiving a part of packet via recvfrom (UDP)
- Access UDP from ICMP message
- How to get the client's IP after receiving a UDP packet with recvfrom() in C?
- How to listen to data packets using UDP in C?
- How to read the UDP data payload coming from a port using C program
- how to get icmp on udp socket on UNIX
- ICMP "destination unreachable" packet on udp connected socket
- How to listen for UDP datagrams from a certain host using recvfrom?
- How to retrieve the source port from a UDP packet while using recvmsg()
- Responsing on ICMP in select