[oclug]Problem with raw Ethernet (Hoping David Skoll is reading)

[Greg Franks]

>>>>> "tim" == tim  <tim at trhosking.com> writes:

    tim> Hi.  First of all, this is a BSD/Mac OS X question.

    tim> I have been trying to send some raw ethernet packets onto the
    tim> wire with libdnet. The catch is that the packet type is
    tim> proprietary. The packet is a simple broadcast to
    tim> ff:ff:ff:ff:ff:ff and hopes to elicit a response from any
    tim> devices on the subnet that recognise it. I should then be
    tim> able to capture the reponses with a Berkeley Packet Filter
    tim> and establish a dialog with said devices.

I don't know libdnet .. maybe that's your problem.  Anyway, you should
be able to write anything you want to the wire by simply opening
/dev/eth0 (whatever) for write.  The write the raw packet (including
the 32 byte (I need to check this...) ethernet header.  IP is
ether-proto 0x0800, so don't use this!  IEEE has another format, so
don't use 0-0x0800 either.  :-)  

Writing to the raw device works like a charm on Linux.  On
Solaris/BSD, look up the DLP (?)  (streams) device.  Dig out the
source for libpcap and modify as necessary.  On the receiving side,
read the raw device.  With BSD (DLP), you can even inject your packets
into the IP stack :-)

OT: Regrettably, on Linux, one must be ROOT to monkey with writing raw
ethernet.  Solaris/BSD got this one right because they look at the
persmissions of the device file to grant access -- if world has write
access, the writer doesn't have to be root.  This makes debugging this
sort of stuff a hell of a lot easier because you don't have to be root
to do so.
-- 
   __@               Greg Franks              <|       _~@ __O 
 _`\<,_         Ottawa, Ontario, Canada        |O\   -^\<;^\<, 
(*)/ (*)                                       (*)--(*)%---/(*)
          "Where do you want to go today?"   Outside.