C# 原始套接字端口转发
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/567954/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
C# Raw Sockets Port Forwarding
提问by Superman
I am trying to create a simple C# app which does port forwarding, and need to know how to use the IP_HDRINCL socket option to try to fake out the receiving end to think the connection is really to the source. Any examples would be greatly appreciated.
我正在尝试创建一个简单的 C# 应用程序,它执行端口转发,并且需要知道如何使用 IP_HDRINCL 套接字选项来尝试假装接收端认为连接确实是到源。任何例子将不胜感激。
采纳答案by dviljoen
sock = new Socket( AddressFamily.InterNetwork, SocketType.Raw, ProtocolType.IP );
sock.Bind( new IPEndPoint( IPAddress.Parse( "10.25.2.148" ), 0 ) );
sock.SetSocketOption( SocketOptionLevel.IP, SocketOptionName.HeaderIncluded, 1 );
byte[] trueBytes = new byte[] { 1, 0, 0, 0 };
byte[] outBytes = new byte[] { 0, 0, 0, 0 };
sock.IOControl( IOControlCode.ReceiveAll, trueBytes, outBytes );
sock.BeginReceive( data, 0, data.Length, SocketFlags.None, new AsyncCallback( OnReceive ), null );
The only problem is that I've been able to successfully receive data from a raw socket like this, (including the IP header) but not send it.
唯一的问题是我已经能够成功地从这样的原始套接字接收数据(包括 IP 标头)但不能发送它。
回答by Richard
IP_HDRINCL
IP_HDRINCL
.NET's Socket type does support RAW, and there is SocketOptionName.HeaderIncludedfor use with Socket.SetSocketOption.
.NET 的 Socket 类型确实支持 RAW,并且SocketOptionName.HeaderIncluded可以与Socket.SetSocketOption.
You may want to use Reflector to double check the .NET implementation aligns with the enum values.
您可能希望使用 Reflector 来仔细检查 .NET 实现是否与枚举值对齐。
回答by Jeff
I found this website, but not sure how well the code works: http://www.winsocketdotnetworkprogramming.com/clientserversocketnetworkcommunication8h.html
我找到了这个网站,但不确定代码的工作情况:http: //www.winsocketdotnetworkprogramming.com/clientserversocketnetworkcommunication8h.html
回答by Scott Chamberlain
Newer versions of windows restrict the use of raw sockets due to malware heavily abusing them.
由于恶意软件严重滥用原始套接字,较新版本的 Windows 限制了原始套接字的使用。
Quoted from the MSDN
引用自MSDN
On Windows 7, Windows Vista, and Windows XP with Service Pack 2 (SP2), the ability to send traffic over raw sockets has been restricted in several ways:
- TCP data cannot be sent over raw sockets.
- UDP datagrams with an invalid source address cannot be sent over raw sockets. The IP source address for any outgoing UDP datagram must exist on a network interface or the datagram is dropped. This change was made to limit the ability of malicious code to create distributed denial-of-service attacks and limits the ability to send spoofed packets (TCP/IP packets with a forged source IP address).
- A call to the bind function with a raw socket for the IPPROTO_TCP protocol is not allowed. NoteThe bind function with a raw socket is allowed for other protocols (IPPROTO_IP, IPPROTO_UDP, or IPPROTO_SCTP, for example.
These above restrictions do not apply to Windows Server 2008 R2, Windows Server 2008 , Windows Server 2003, or to versions of the operating system earlier than Windows XP with SP2.
在 Windows 7、Windows Vista 和带有 Service Pack 2 (SP2) 的 Windows XP 上,通过原始套接字发送流量的能力受到以下几种方式的限制:
- TCP 数据不能通过原始套接字发送。
- 具有无效源地址的 UDP 数据报不能通过原始套接字发送。任何传出 UDP 数据报的 IP 源地址必须存在于网络接口上,否则数据报将被丢弃。进行此更改是为了限制恶意代码创建分布式拒绝服务攻击的能力,并限制发送欺骗数据包(具有伪造源 IP 地址的 TCP/IP 数据包)的能力。
- 不允许使用 IPPROTO_TCP 协议的原始套接字调用绑定函数。 注意其他协议(例如 IPPROTO_IP、IPPROTO_UDP 或 IPPROTO_SCTP)允许使用原始套接字绑定函数。
上述限制不适用于 Windows Server 2008 R2、Windows Server 2008、Windows Server 2003 或早于 Windows XP SP2 的操作系统版本。
