I am hand-crafting ethernet packets using socket(AF_PACKET, SOCK_RAW, htons(ETH_P_IP))
, and have successfully sent UDP packets from my PC to my router this way. Using tcpdump
on both ends, I can see that the PC sends out a packet with the intended contents, and the router receives it. Specifically, I am using the following command to watch for my constructed packets with source port = 0
and dest port = 34567
: sudo tcpdump -i any -e -x udp port 34567 -vvv
I am seeing some unexpected behavior, however, depending on what I put in the source and dest IPs in the v4 header. Specifically, if I set the source and dest IP both to the PC address, I see the outbound packet on the PC, but I don't see any message on the router that the nic received it. If I set source = <pc>
and dest = <router>
I see a message (obviously), and if I set source = 0.0.0.0
and dest = <pc>
, I see the message, too. But in no cases does the router send the packet back to the PC.
So my questions are:
- Why does having
source = dest = <pc>
in the IPv4 header preventtcpdump
from showing the packet? - Why isn't my router forwarding on the packet with
dest = <pc>
? Note that I tried adding an iptables rule-A FORWARD -i enp2s0 -o enp2s0 -j ACCEPT
whereenp2s0
is my LAN-connected nic, but it didn't help.
For additional context, see my earlier question: Route Local-Interface-Destined Packets to Gateway
Best Answer
I was finally able to get it to work. There were a number of reasons things weren't getting through:
tcpdump
. I was able to work around it by spoofing a public IP.FORWARD
chain only had rules for LAN>WAN and WAN>LAN. Adding a newACCEPT
rule for LAN>LAN allowed the packet to be sent back to the PC.INPUT
chain allowingESTABLISHED
/RELATED
packets, but because of the address spoofing, the firewall did not classify the forwarded packet asNEW
, even though it was just sent as an outgoing packet. Adding a new rule to explicitlyACCEPT
the packet fixed it.Proof for posterity: