Results 1 to 3 of 3

Thread: python raw sockets

  1. #1
    Join Date
    Feb 2014
    Beans
    55

    python raw sockets

    I'm trying to create a simple raw socket python program, and it was my
    understanding that raw sockets do not transverse the netfilter tables
    when they are formed. But when I have an iptables rule like
    Code:
    -A OUTPUT -j NFQUEUE --queue-num 0
    it seems to be grabbing the raw socket packet and sending it through
    the iptables and it gets caught by this rule. My question is:
    Can I create raw packets that will be sent 'as is' without being affected
    by this iptables rule?

  2. #2
    Join Date
    Jul 2013
    Location
    Wisconsin
    Beans
    1,414

    Re: python raw sockets

    A raw (non-TCP, non-UDP) packet should be ignored by iptables.
    Are you unintentionally using TCP/UDP sockets? Python's socket module tends to expect that.

    Code:
    sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)          # socket.AF_INET will use iptables
    
    sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)          # socket.AF_UNIX won't use iptables
    Last edited by ian-weisser; February 25th, 2014 at 01:53 PM.

  3. #3
    Join Date
    Feb 2014
    Beans
    55

    Re: python raw sockets

    Quote Originally Posted by ian-weisser View Post
    A raw (non-TCP, non-UDP) packet should be ignored by iptables.
    Are you unintentionally using TCP/UDP sockets? Python's socket module tends to expect that.

    Code:
    sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)          # socket.AF_INET will use iptables
    
    sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)          # socket.AF_UNIX won't use iptables
    Ah thank you, I think I was using (socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_IP) or something, thinking I was using using raw sockets. I will try AF_UNIX as soon as I get a chance! I also just read something about AF_PACKET which I'll need too look into as well.
    Thank you again!

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •