[Planetlab-users] Raw sockets & TCP
Guohan Lu
lgh at gradinfo.net.edu.cn
Fri Apr 27 13:20:40 EDT 2007
Hi,
Vitaliy Gleyzer wrote:
> from PlanetLab CVS server, and modified the probe packet to send a SYN, ACK, SYN/ACK, RST, RST/ACK and FIN packets. It seems the only ones that do not generate an "Operation not permitted" errors are SYN and ACK.
>
> Could anyone offer any suggestion or experience?
Basically if you want to send a TCP packet, you need emulate the TCP
setup process, send SYN first, then wait for the SYN/ACK, then send
data, and finally send RST or FIN. You cannot send data, RST, FIN,
SYN/ACK without first setup the connection.
If this is not enough to solve your problem, VNET is using Linux iptable
to check if a packet is legitimate or not, the ip_conntrack module to be
specific. I always find it useful by browsing the ip_conntrack code to
see why my packet is not permitted.
-Guohan
More information about the Users
mailing list