I'm doing a project where I must write a network library for a device connected to a Windows machine. The complication comes in that I may only communicate with the device using ethernet frames. So there is no TCP/UDP/IP at all. I don't think the bind/listen/accept approach can be applied here, but maybe I am wrong. Also, there is no routing or switching involved.
I have a few questions. How do I use a socket to communicate with this device? Does winsock have any support for just frames? I haven't been able to find many resources on this. Does anyone have any ideas about how I should proceed?
Is using sockets even a good idea or can I just send out the information with the appropriate headers?
Use WinPCap, it has an an API to send and listen to raw data.
You can build your communicate layer with it.
Give the WinAoE code a look-see - it says it lets Windows talk to ATA over Ethernet devices which means it has to communicate without any of the upper layers of the network stack.
Edited:
As near as I can tell, if you want to send raw ethernet frames, you want NdisSend and friends.
As well as winpcap and NDIS you could also look at raw sockets which are a standard part of the Windows API and don't require you to write driver code http://msdn.microsoft.com/en-us/library/ms740548(v=vs.85).aspx.
Related
I'm interested in the answer to this question above because I'm trying to setup my Lab so I can send data from an ESP32 device over wifi to Influx DB hosted on my local network with a raspberry pi.
I've tried doing this with udp but the arduino libraries are very poorly documented (and didn't work)
and I couldn't find anything from Influx about what and how the data sending format should be...
Also is there a way to quickly find the network method used to transmit communicate with Python and influxDB?
According to the documentation here they support several methods.
Looking in particular to the upd listener seems that you need to enable the listener on the influx db server first.
I am using libnodave and s7netplus to read and write data blocks to my simatic s7-300.
Everything is working fine but I want to understand how libnodave or s7netplus are workingso that I can implement something similar in c++ or c# myself based on plain tcp/ip sockets, just for fun.
On the library websites or source code itself I could not find any information about how they are implemented only that they are using tcp/ip sockets (I know in libnodave you can also use other ways but for now I am only focused on tcp/ip).
On my researches on other websites I found that I can use open tcp/ip or modbus tcp/ip.
But I could not really find any specifications related to simatic s7-300 which are telling me how to establish a connection or what to send to start a data transfer....
Please don't understand me wrong.
For example for modbus tcp/ip itself I can find specifications but these specifications are not telling me anything about what to send to the plc if I want to read 10 bytes from data block 17 or write 3 bytes to data block 1.
So my question is which possibilities on top of tcp/ip I have to exchange data from a pc with my plc and where I can find exact specifications related to simatic s7-300?
The communication protocol to a Siemens PLC is discribed on the site of Snap7.
http://snap7.sourceforge.net/siemens_comm.html
(Maybe better to use Snap7 instead of Libnodave for support of newer PLC's!)
Could i inject packets to Linux TCP stack without modifying the ethernet driver? Could i do this with using a library or sth ?
Thank you,
If by 'inject packets to Linux TCP stack' you mean send some data that the Linux kernel will treat as a frame coming from an Ethernet interface then you can use a 'tap' device. If an IP packet (layer 3) is good enough, then use a 'tun' device.
http://en.wikipedia.org/wiki/TUN/TAP
http://www.kernel.org/pub/linux/kernel/people/marcelo/linux-2.4/Documentation/networking/tuntap.txt
Libnet
Libnet is a generic networking API that provides access to several protocols. It is not designed as a 'all in one' solution to networking. Currently many features that are common in some network protocols are not available with Libnet, such as streaming via TCP/IP. We feel that Libnet should not provide specific features that are possible in other protocols. If we restrict Libnet to the minimal needed to communicate (datagram/packets) then this allows it to support more interfaces.
Otherwise, if you're just wondering about injecting hand-crafted packets into the network, read the man pages and look for online help with raw sockets. Some good places to start are man 7 raw, man packet, and there are some ok tutorials at security-freak.net, though the code there is not written particularly well for my tastes.
Hy folks,
I'm kinda new to low level networking. I need to intercepts all TCP/UDP packets and potentially filter or substitute them with new ones.
What would be the best way to intercept these packets and inject new one? I'm only targeting Windows platforms.
You want WinPcap if you're on Windows. What you're going to need to do is intercept (and filter) packets with WinPcap and then write a program that does packet creation when/if you want it.
Write a program that uses libpcap at TCPDump contains tons of API for messing with low-level networking
I want to develop a program, not just use a tool
This page has some references to other pages which introduce the network device driver architectures: NDIS Intermediate driver interface.
You can use tools like wireshark to intercept traffic.
If you planning to write a program which will do all this stuff , then you may need to go to driver level to intercept all traffic.
wireshark uses libpcap . I am not sure but that may help
I have 2 network devices that talk to each other over Ethernet. I would like to sniff the traffic using Wireshark. But the devices are going through a switch. The switch routes the traffic to only the ports that need the data.
At another location I have a hub. All the traffic is repeated across all the ports.
Is there a way to tell the switch to send the traffic down my port also?
EDIT: This is an unmanaged switch.
You might want to look into ARP spoofing.
http://en.wikipedia.org/wiki/ARP_poisoning
Since this is an unmanaged switch, the only way that I can think of is to temporarily put a hub between the switch and one of the devices you want to monitor, then plug a laptop into that hub to do the monitoring. The laptop should now see all traffic between the device and the switch.
This is pretty easy since you can do it at the location of one of the devices. You just need a hub, two more lengths of CAT cable and the computer you are using to monitor with.
The switch may have a management interface that lets you do that. Be warned that if you do, you'll wreck performance on the switch since everything attached to it will now have to deal with collisions.
If the switch is a managed switch, it likely has a mode to act like a hub. Just be careful not to leave it like that.
Some will also have ways to mirror ports and such as well. You need to find out what kind of switch it is.
RE Edit: If it is unmanaged, then you are boned. Use a hub, a managed switch or run wireshark on the computer(s) affected.
You could try a port redirector, like this one. You would configure one device to talk to your computer instead of the other device, and the redirector will send the data to the real target. There are several programs like this out there, or you could write your own.