[clug] multiple network ports on one machine

Michael Cohen scudette at gmail.com
Mon Mar 30 12:30:18 GMT 2009

Hi Bob,
  You are sending raw packets - Thats all a udp packet is - a sequence
of ones and zeros on the wire. Scappy is nice because it fills in the
values you dont care about with sensible data. You can send any packet
you want on any interface regardless of routing tables if you send at
layer 2 (you can also just send at layer 3 and i think scapy will then
use a normal socket and will therefore route things).

You can also sniff on any interface and look for a particular response
to your packet. This is pretty much exactly what the OP wanted - send
a udp packet on one interface, and receive it on another regardless of
routing tables etc.

Its also interesting that scapy is pure python and the source code is
a nice introduction to linux raw sockets - before i looked at it i had
no idea how simple raw socket programming was on linux. I always
thought you need libpcap to sniff on an interface, but in reality the
native linux raw socket is _much_ easier to use. I virtually never
bother with libpcap anymore. I guess it would be nice for portability
but I dont need that. The libpcap API is a weird callback based
concoction which makes structuring your program a total pain.


2009/3/30 Robert Edwards <bob at cs.anu.edu.au>:
> Hi Michael,
> scapy looks pretty cool - thanks for the pointer.
> But, seems to me that you are not really sending UDP packets as much
> as sending raw Ethernet frames dressed up to look like UDP datagrams.
> Not sure if that counts as far as the OP is concerned...
> I'll have to have a closer look at scapy in any case.
> Cheers,
> Bob Edwards.
> Michael Cohen wrote:
>> Hi Robert,
>>  Thats not exactly correct as its pretty easy to send a packet using
>> a raw socket on any interface you want bypassing any internal routing
>> tables. A good quick tool for this would be to use scapy:
>> http://www.secdev.org/projects/scapy/demo.html
>> For example:
>> scapy.sendp( Ether()/IP(dst="www.slashdot.org")/UDP(dport = 53)/"Some
>> data", iface="eth1")
>> May not be exactly right - just have a play.
>> Scapy is not quick but its great for rapid prototyping - i have some C
>> code for raw sockets around here somewhere if anyone wants (I had to
>> write a working multicast router a while ago).
>> Michael.
>> 2009/3/30 Robert Edwards <bob at cs.anu.edu.au>:
>>> Adrian wrote:
>>>> To do some testing I wish to send UDP packets out on one Ethernet
>>>> interface, through a switch, and back in on another interface of a 4
>>>> port machine.  What would be the basic server and client code to do this
>>>> or point me to some basic docs.
>>>> Adrian
>>> Not really all that easy from the set-up point of view as the (Linux?)
>>> IP routing code (UDP runs over IP) will detect that the outgoing
>>> datagram is destined for an IP address on the same kernel instance
>>> and so will route it directly internally instead of sending it out
>>> on the physical link. You may be able to do it with virtual machines
>>> etc. but then all the virtualisation overheads will hurt any
>>> performance measurements etc.
>>> Writing code to send/receive UDP datagrams is generally trivial. NetCat
>>> (nc) can do it for you with no code involved, otherwise see Beej's
>>> network programming guide for examples in C and elsewhere on the web
>>> for examples in Java, Python, Perl etc.
>>> Cheers,
>>> Bob Edwards.
>>> --
>>> linux mailing list
>>> linux at lists.samba.org
>>> https://lists.samba.org/mailman/listinfo/linux

More information about the linux mailing list