Linux use interface for raw socket only
Question
I'm having a OpenWrt Linux distribution for my embedded system. The device has 3 network interfaces: eth0, eth1 and wlan0.
One of the network interface (eth0) should be used for raw socket programming only. I'm able to create a socket with the parameters AF_PACKET , SOCK_RAW , ETH_P_ALL . The socket receives all network traffic, I can send packets and everything is OK.
But my problem is, that the OS is also using the interface for sending an reciving (eg ARP and ICMP requests/responses).
Is there any option that the interface is only used by my program and not by the OS itself?
1 answers
solution1
2 2017-07-05 19:00:05
This is not possible to achieve with a vanilla kernel. But this can come close:
First, ignore all arp requests on that interface:
echo 8 > /proc/sys/net/ipv4/conf/eth0/arp_ignore
Then, disable IPv6:
echo 1 > /proc/sys/net/ipv6/conf/eth0/disable_ipv6
Finally, filter all IPv4 packets coming on that interface
iptables -I INPUT -i eth0 -j DROP
And do not set an IP-address or routes on that interface. This is of course not perfect, certain packets will still be processed by the kernel, but I don't think there is a much better solution.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.