Section (7) raw
raw — Linux IPv4 raw sockets
#include <sys/socket.h> #include <netinet/in.h>
Raw sockets allow new IPv4 protocols to be implemented in user space. A raw socket receives or sends the raw datagram not including link level headers.
The IPv4 layer generates an IP header when sending a
packet unless the
socket option is enabled on the socket. When it is enabled,
the packet must contain an IP header. For receiving, the IP
header is always included in the packet.
In order to create a raw socket, a process must have the
CAP_NET_RAW capability in the
user namespace that governs its network namespace.
All packets or errors matching the
protocol number specified for
the raw socket are passed to this socket. For a list of the
allowed protocols, see the IANA list of assigned protocol
numbers at http://www.iana.org/assignments/protocol-numbers/
A protocol of
is able to send any IP protocol that is specified in the
passed header. Receiving of all IP protocols via
IPPROTO_RAW is not possible using raw
IP Header fields modified on sending by
IP Checksum Always filled in Source Address Filled in when zero Packet ID Filled in when zero Total Length Always filled in
IP_HDRINCL is specified
and the IP header has a nonzero destination address, then the
destination address of the socket is used to route the
specified, the destination address should refer to a local
interface, otherwise a routing table lookup is done anyway
but gatewayed routes are ignored.
Starting with Linux 2.2, all IP header fields and options can be set using IP socket options. This means raw sockets are usually needed only for new protocols or protocols with no user interface (like ICMP).
When a packet is received, it is passed to any raw sockets which have been bound to its protocol before it is passed to other protocol handlers (e.g., kernel protocol modules).
For sending and receiving datagrams (sendto(2), recvfrom(2), and
similar), raw sockets use the standard
structure defined in ip(7). The
sin_port field could be
used to specify the IP protocol number, but it is ignored
for sending in Linux 2.2 and later, and should be always
set to 0 (see BUGS). For incoming packets,
sin_port is set to
Enable a special filter for raw sockets bound to the
IPPROTO_ICMPprotocol. The value has a bit set for each ICMP message type which should be filtered out. The default is to filter no ICMP messages.
In addition, all ip(7)
IPPROTO_IP socket options valid for
datagram sockets are supported.
User tried to send to a broadcast address without having the broadcast flag set on the socket.
An invalid memory address was supplied.
Packet too big. Either Path MTU Discovery is enabled (the
IP_MTU_DISCOVERsocket flag) or the packet size exceeds the maximum allowed IPv4 packet size of 64 kB.
Invalid flag has been passed to a socket call (like
The user doesn_zsingle_quotesz_t have permission to open raw sockets. Only processes with an effective user ID of 0 or the
CAP_NET_RAWattribute may do that.
An ICMP error has arrived reporting a parameter problem.
ICMP_FILTER are new in Linux 2.2. They are
Linux extensions and should not be used in portable
Linux 2.0 enabled some bug-to-bug compatibility with BSD
in the raw socket code when the
SO_BSDCOMPAT socket option was set; since
Linux 2.2, this option no longer has that effect.
By default, raw sockets do path MTU (Maximum Transmission
Unit) discovery. This means the kernel will keep track of the
MTU to a specific target IP address and return EMSGSIZE when a raw packet write exceeds
it. When this happens, the application should decrease the
packet size. Path MTU discovery can be also turned off using
option or the
see ip(7) for details. When
turned off, raw sockets will fragment outgoing packets that
exceed the interface MTU. However, disabling it is not
recommended for performance and reliability reasons.
A raw socket can be bound to a specific local address
using the bind(2) call. If it isn_zsingle_quotesz_t
bound, all packets with the specified IP protocol are
received. In addition, a raw socket can be bound to a
specific network device using
SO_BINDTODEVICE; see socket(7).
IPPROTO_RAW socket is
send only. If you really want to receive all IP packets, use
a packet(7) socket with the
ETH_P_IP protocol. Note that
packet sockets don_zsingle_quotesz_t reassemble IP fragments, unlike raw
If you want to receive all ICMP packets for a datagram
socket, it is often better to use
IP_RECVERR on that particular socket; see
Raw sockets may tap all IP protocols in Linux, even protocols like ICMP or TCP which have a protocol module in the kernel. In this case, the packets are passed to both the kernel module and the raw socket(s). This should not be relied upon in portable programs, many other BSD socket implementation have limitations here.
Linux never changes headers passed from the user (except
for filling in some zeroed fields as described for
IP_HDRINCL). This differs from
many other implementations of raw sockets.
Raw sockets are generally rather unportable and should be avoided in programs intended to be portable.
Sending on raw sockets should take the IP protocol from
ability was lost in Linux 2.2. The workaround is to use
Transparent proxy extensions are not described.
is set, datagrams will not be fragmented and are limited to
the interface MTU.
Setting the IP protocol for sending in
sin_port got lost in Linux
2.2. The protocol that the socket was bound to or that was
specified in the initial socket(2) call is always
RFC 1191 for path
MTU discovery. RFC 791
header file for the IP protocol.
This page is part of release 4.16 of the Linux
man-pages project. A
description of the project, information about reporting bugs,
and the latest version of this page, can be found at
This man page is Copyright (C) 1999 Andi Kleen <akmuc.de>.
Permission is granted to distribute possibly modified copies
of this page provided the header is included verbatim,
and in case of nontrivial modification author and date
of the modification is added to the header.
$Id: raw.7,v 1.6 1999/06/05 10:32:08 freitag Exp $
Section (8) raw
raw — bind a Linux raw character device
raw is used to bind a Linux raw character device to a block device. Any block device may be used: at the time of binding, the device driver does not even have to be accessible (it may be loaded on demand as a kernel module later).
raw is used
in two modes: it either sets raw device bindings, or it
queries existing bindings. When setting a raw device,
is the device name of an existing raw device node in the
filesystem. The block device to which it is to be bound can
be specified either in terms of its
minor device numbers, or as a
/dev/<blockdev> to an
existing block device file.
The bindings already in existence can be queried with the
−q option, which is used
either with a raw device filename to query that one device,
or with the
−a option to
query all bound raw devices.
Unbinding can be done by specifying major and minor 0.
Once bound to a block device, a raw device can be opened, read and written, just like the block device it is bound to. However, the raw device does not behave exactly like the block device. In particular, access to the raw device bypasses the kernel_zsingle_quotesz_s block buffer cache entirely: all I/O is done directly to and from the address space of the process performing the I/O. If the underlying block device driver can support DMA, then no data copying at all is required to complete the I/O.
Because raw I/O involves direct hardware access to a process_zsingle_quotesz_s memory, a few extra restrictions must be observed. All I/Os must be correctly aligned in memory and on disk: they must start at a sector offset on disk, they must be an exact number of sectors long, and the data buffer in virtual memory must also be aligned to a multiple of the sector size. The sector size is 512 bytes for most devices.
Set query mode. raw will query an existing binding instead of setting a new one.
−q, specify that all bound raw devices should be queried.
Display help text and exit.
Display version information and exit.
The Linux dd(1) command should be
used without the
bs= option, or the blocksize
needs to be a multiple of the sector size of the device (512
bytes usually), otherwise it will fail with Invalid
Argument messages (EINVAL).
Raw I/O devices do not maintain cache coherency with the Linux block device buffer cache. If you use raw I/O to overwrite data already in the buffer cache, the buffer cache will no longer correspond to the contents of the actual storage device underneath. This is deliberate, but is regarded either a bug or a feature depending on who you ask!
Rather than using raw devices applications should prefer open(2) devices, such as /dev/sda1, with the O_DIRECT flag.
Stephen Tweedie ([email protected])