I have started coding a packet injector and read up a bit on what one has to do. One thing I'm wondering though is when I create the IP header the h_source and h_dest fields should contain the mac address of the sender and receiver. Do I have to do this and is there a quick way to find out the mac address of the destination? Let's say I craft a ICMP ping packet or some arbitrary TCP packet. Would be nice to just be able to s开发者_运维知识库ay "send it to 192.168.0.10 from 192.168.0.1" and not having to care about the mac addresses. I guess the kernel normaly fills this in but letting it interfere here would not allow me complete control over the packet.
I'm afraid you've got that wrong, IP has no knowledge of the MAC adress, only the ethernet layer knows that. That's why you need the ARP protocol to determine which mac adress to send an IP packet to. Normally, you know which subnet you belong to, if your destination IP is local, you ARP for the MAC and send it diretly (this is usually done at a much lower level though). If it's not on your local subnet, you ARP for the gateway IP and send it there instead, which will forward it somehow.
The only source and destination present in the IP header are the source and destination IP addresses.
HTH.
EDIT:
For clarification. When sending via the gateway, the IP packet is normally not touched (except TTL, and, because of that, the checksum). There are situations where the IP packet must be fragmented, but that's a different issue. The point is the source and destination addresses remain the same, it's only on the layer below where we're actually saying it should be sent via some gateway or router.
Yes, you will need to fill this in. You can use ARP to determine the MAC address of a given IP address: http://en.wikipedia.org/wiki/Address_Resolution_Protocol
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论