I would like to make multicast traffic pass through WANem but I have seen that there is a lack of multicast support and I have to write a program to sniff incoming multicast packets and re-send them using raw sockets. Then, I have some questions related to this.
First of all, since I'm using the LiveCD, how do I run a program on WANem? Should I perform an HDD install of WANEM first?
And concerning to sniffing incoming multicast packets, what are the best practises for doing that? Should I use netfilter hooks? Where should I re-inject packets sniffed?
I would be grateful if someone could help me.
Thanks in advance,
Mari Carmen
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Here is how you can run your program in WANem Live CD. Boot through CD. When WANem is up 'n running, do a 'exit2shell' from the WANem command prompt. FTP your program/code to WANem and then run it as a normal program.
Thank you very much. I'll try what you suggest to run a program.
However, these best practises aren't what I was asking for. My question was related to what mknambiar said in another post:
"Wanem does not forward multicast packets. If you badly need to do this then you have to write a program which will run on wanem, which will sniff incoming multicast packets and re-send them using raw sockets."
I would like to know what are the best practises for this sniffing: where I should re-inject packets sniffed, if I have to use netfilter hooks, …, because I don't know exactly how to do it.
Thanks,
Mari Carmen
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
If you look at a previous post of mine. If you install the latest version of Knoppix then do the software updates, you can also do an "apt-get install pimd". After this you just need to modify sysctl will enable multicast forwarding. If you are doing bridging then you need to make a script to set multicast_snooping to 0 in on bootup.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hello,
I would like to make multicast traffic pass through WANem but I have seen that there is a lack of multicast support and I have to write a program to sniff incoming multicast packets and re-send them using raw sockets. Then, I have some questions related to this.
First of all, since I'm using the LiveCD, how do I run a program on WANem? Should I perform an HDD install of WANEM first?
And concerning to sniffing incoming multicast packets, what are the best practises for doing that? Should I use netfilter hooks? Where should I re-inject packets sniffed?
I would be grateful if someone could help me.
Thanks in advance,
Mari Carmen
Here is how you can run your program in WANem Live CD. Boot through CD. When WANem is up 'n running, do a 'exit2shell' from the WANem command prompt. FTP your program/code to WANem and then run it as a normal program.
Please refer the links below for some multicasting best practices;
http://www.netcraftsmen.net/resources/archived-articles/283-ip-multicast-best-practices-and-control.html
You may want to google for more information about the multicasting best practices.
Thank you very much. I'll try what you suggest to run a program.
However, these best practises aren't what I was asking for. My question was related to what mknambiar said in another post:
"Wanem does not forward multicast packets. If you badly need to do this then you have to write a program which will run on wanem, which will sniff incoming multicast packets and re-send them using raw sockets."
I would like to know what are the best practises for this sniffing: where I should re-inject packets sniffed, if I have to use netfilter hooks, …, because I don't know exactly how to do it.
Thanks,
Mari Carmen
Hi,
You can try this piece of c code. Just replace the MAC address in it to the MAC address of your WANem outgoing interface.
Compile it with the -lpcap flag.
All the best.
Regards,
M.K.Nambiar
#include<stdio.h>
#include<sys/types.h>
#include<sys/socket.h>
#include<netinet/tcp.h>
#include<netinet/in.h>
#include<netinet/ip.h>
#include<arpa/inet.h>
#include<net/if.h>
#include<netinet/if_ether.h>
#include<pcap.h>
#include<netdb.h>
#include<stdlib.h>
#define MAXLINE 1600
/* Setting Packet Filter-Only TCP Packets are allowed */
#define CMD "ip multicast and not ether src 00:0E:0C:42:64:37" //Your WANem MAC address here
int sockfd,datalink,dlen;
int snaplen=1600;
pcap_t *pd;
unsigned int len;
char datagram;
char *device;
/* struct pcap_pkthdr pcap_t; */
struct tcpiphdr *tcp_check(char *ptr,unsigned int *);
struct tcpiphdr *tcp_read(void);
struct sockaddr_in sip,dip;
struct sockaddr_in emuladdr;
char *next_pcap(int *);
struct sockaddr *dest,*sa;
struct addrinfo *aip;
int DLHLength;
main(void)
{
sockfd=socket(AF_INET,SOCK_RAW,IPPROTO_TCP);
printf("\nSocket Created……..");
{
int one = 1;
const int *val = &one;
if (setsockopt (sockfd, IPPROTO_IP, IP_HDRINCL, val, sizeof (one)) < 0)
printf ("Warning: Cannot set HDRINCL!\n");
}
open_pcap();
}
static char sstr,dstr;
void process_packet(unsigned char *user, const struct pcap_pkthdr *h, const unsigned char *p)
{
char *ptr;
struct ether_header *eptr;
struct ip *ip;
ptr = (char *)p;
ptr=ptr+DLHLength;
ip = (struct ip *) ptr;
len=ntohs(ip->ip_len);
sip.sin_addr.s_addr = (ip->ip_src.s_addr);
dip.sin_addr.s_addr = (ip->ip_dst.s_addr);
dlen=sizeof(emuladdr);
sendto(sockfd,ip,len,0,(struct sockaddr *) &dip,dlen);
}
open_pcap(void)
{
unsigned int localnet, netmask;
char cmd, errbuf,str1, str2;
struct bpf_program fcode;
struct ether_header *eptr;
if (device == NULL) {
if ( (device = pcap_lookupdev(errbuf)) == NULL)
printf("pcap_lookup: %s", errbuf);
}
/* 4hardcode: promisc=0, to_ms=0 */
if ( (pd = pcap_open_live(device, snaplen,0, 0, errbuf)) == NULL)
printf("pcap_open_live: %s", errbuf);
if (pcap_lookupnet(device, &localnet, &netmask, errbuf) < 0)
printf("pcap_lookupnet: %s", errbuf);
strcpy(cmd,CMD);
if (pcap_compile(pd, &fcode, cmd, 0, netmask) < 0)
printf("pcap_compile: %s", pcap_geterr(pd));
if (pcap_setfilter(pd, &fcode) < 0)
printf("pcap_setfilter: %s", pcap_geterr(pd));
if ( (datalink = pcap_datalink(pd)) < 0)
printf("pcap_datalink: %s", pcap_geterr(pd));
switch (datalink)
{
case DLT_NULL: /* loopback header = 4 bytes */
DLHLength=4;
break;
case DLT_EN10MB:
DLHLength=14;
break;
case DLT_SLIP: /* SLIP header = 24 bytes */
DLHLength=24;
break;
case DLT_PPP: /* PPP header = 24 bytes */
DLHLength=24;
break;
}
if (pcap_loop(pd, -1, process_packet, NULL) < 0) {
printf("pcap loop falied for reason = %s\n", pcap_geterr(pd));
exit(1);
}
pcap_close(pd);
}
/* end open_pcap */
Thank you very much M.K.Nambiar.
I am going to try with this piece of c code. It will be very helpful surely.
Best regards,
Mari Carmen.
Hi Mari Carmen.
If you write a program to make it work with multicast, please tell me.
I am very interested in it!!!
Good luck!
If you look at a previous post of mine. If you install the latest version of Knoppix then do the software updates, you can also do an "apt-get install pimd". After this you just need to modify sysctl will enable multicast forwarding. If you are doing bridging then you need to make a script to set multicast_snooping to 0 in on bootup.
Any chance someone with a working multicast patch will send that back to the developers, maybe get an updated wanem released with multicast support?