Home > Archive > Unix Programming > December 2007 > ARP question
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
| Norman Baz 2007-12-15, 7:11 pm |
| Hi All,
I am working on a small project in which
requires processing incoming ARP packets.
In short I have the situation in which unix machine
(linux) have 2 IP address (A,B)on the interface.
MAC address of the 1st IP (A) is delivered from NIC,
whereas the 2nd IP(B) should use when transmitting a
special mac address.
Linux should also be able to receive packets addressed to "B",
and respond to any ARP requests.
I would appreciate if anybody could point out, what will be needed
to achieve that goal.
Regards,
--
Norman Baz
| |
| Rainer Weikusat 2007-12-16, 8:11 am |
| Norman Baz <nospam@nospam.nospam> writes:
> In short I have the situation in which unix machine
> (linux) have 2 IP address (A,B)on the interface.
> MAC address of the 1st IP (A) is delivered from NIC,
> whereas the 2nd IP(B) should use when transmitting a
> special mac address.
> Linux should also be able to receive packets addressed to "B",
> and respond to any ARP requests.
I do not quite understand the first paragraph. The 'arptables' program
could be of use to you. The second goal could easily be accomplished
by binding a second ip to the interface, eg
ip addr add 1.2.3.4 dev <ifname>
| |
| Norman Baz 2007-12-16, 7:12 pm |
| > I do not quite understand the first paragraph. The 'arptables' program
> could be of use to you. The second goal could easily be accomplished
> by binding a second ip to the interface, eg
>
> ip addr add 1.2.3.4 dev <ifname>
Hi Rainer,
Thanks for replay.
The whole problem I came across is that you basically
can change mac address for whole device but not per IP address
configured on the device, which is basically want I want to achieve.
I basically don't want to use any external tools like mentioned arptables.
What I considered is either the use of libpcap for intercepting
incoming ARPs and send replies ( I heard that pcap is also capable
of sending packets) or use something else for this job.
For example socket with PF_PACKET type, but I rather keep this
program as much OS independent as possible.
Comments how to solve this problem are welcomed.
Regards,
--
Norman Baz
| |
| Wei-Chiang Lim 2007-12-17, 4:30 am |
| > What I considered is either the use of libpcap for intercepting
> incoming ARPs and send replies ( I heard that pcap is also capable
> of sending packets) or use something else for this job.
> For example socket with PF_PACKET type, but I rather keep this
> program as much OS independent as possible.
Libpcap IS an abstraction layer for packet capturing across multiple
platforms. It is supported on most, if not all Unices and also Windows
(via WinPcap). Without it, you'd have to have to dig into the guts of
each OS in a different manner each time to get packet capture running.
If you actually decide to build your own OS independent packet capture
library, the end result would probably look and function much like
libpcap anyway.
| |
| Rainer Weikusat 2007-12-17, 4:30 am |
| Wei-Chiang Lim <weichiang@gmail.com> writes:
>
> Libpcap IS an abstraction layer for packet capturing across multiple
> platforms.
Libpcap is the tcpdump engine abstracted out into a library. tcpdump
is a powerful, general network traffic inspection program. Just
processing ARP requests and replies needs much less sophistication[*],
turning most of libpcap into completely useless overhead.
[*] I have a small program here which I use to do ARP
probes, ie send out queries and either print the replies
or compare the replying MAC address with a certain value
passed in the command line. Including everything, these
are 358 lines of code.
> It is supported on most, if not all Unices and also Windows
> (via WinPcap). Without it, you'd have to have to dig into the guts of
> each OS in a different manner each time to get packet capture
> running.
Eliminating the loaded terms from this text, it condense into 'if you
are not using the libpcap generic interface, you will need to use a
target-OS specific interface'. For Linux, this would amount to opening
a PF_PACKET socket and binding it to a particular interface and
ethernet protocol.
> If you actually decide to build your own OS independent packet capture
> library, the end result would probably look and function much like
> libpcap anyway.
The assumption that there is exactly one sensible way to design and
implement an 'OS indepedent packet capture library' and that this
happens to be the libpcap design and implementation would need to be
proven.
| |
| Norman Baz 2007-12-17, 7:17 pm |
| On Mon, 17 Dec 2007 11:12:17 +0100, Rainer Weikusat wrote:
Thanks guys, so basically I will use libpcap.
One more question, since my program will run "select"
in order process multiple file descriptors.
Is it somehow possible to treat packets coming from
network intercepted by libpcap pcap_loop() function to act as
as data send to regular socket so that I could run select on
file descriptor?
Not sure if you understand what I mean. I basically have
two TCP sockets (something else), and also would like
to be able to receive those mentioned ARP packets
via libpcap. Is it somehow possible to use select() to pull
them all and wait for an event - in this scenario?
Regards,
--
Norman Baz
| |
| Norman Baz 2007-12-17, 7:17 pm |
| On Mon, 17 Dec 2007 22:31:13 +0000, Norman Baz wrote:
hello,
it looks like I found appropriate functions to do that job i.e.
pcap_fileno()
and
pcap_get_selectable_fd()
will try them.
Once again guys many thanks for your help.
--
Norman Baz
| |
| Wei-Chiang Lim 2007-12-17, 10:15 pm |
| > Once again guys many thanks for your help.
Cheers mate, glad we could help! ;-)
|
|
|
|
|