My application is running on CentOS 5.5
I need to send raw packets using libpcap API:
pcap_inject() or pcap_sendpacket()
To the specific IP address
How can I determinate MAC address belongs to a specific target?
It looks like what you want is ioctl and SIOCGARP. That should let you query your arp cache.
I'm assuming that the host in question is on your local network or all you're going to get is your router.
You can also read from /proc/net/arp, which seems easier. You'll need to get an arp request returned first but you'll be doing that whether your tool does it or some third-party makes the request.
In general, MAC addresses don't matter for remote targets. They are not routable; a router here at my office doesn't know the MAC addresses of network cards across the Internet. That's what IP addresses are for. Do you mean local only?
Related
In wireshark I can see Membership Query, general IGMPv2 requests coming over and over from 0.0.0.0 source which suggests ( according to RFC ) machine that hasn't received address yet. My question is how in Linux environment I can find such machine. This query triggers many answers and causes significant network communication slowdown.
When a machine is connected to a network for the first time, it will try to find the DHCP servers in order to get an IP address configuration. Untill then, as you already said, it has no IP address and the only identifier it has is it's MAC address, which is used to keep a comunication alive while it negotiates with the DHCP server (during this period it does not have an IP address until the very last).
Answering your question, you'd find the machine you are looking for making use of the MAC address. If you are on a small network, a manual check (ifconfig) will do it but, if you are on a big one, you better check the ARP table of your switch(es) to have a better idea where it could be.
I want to build a service like gmail or yahoomail.
It will be open for all.
For security purpose i can save the IP address for each action i.e sending mail, reading mail, deleting mail and all other actions.
I also want to save mac address of the computer from which mail is sent and i also want to
save mac address of the computer which is used to read the mail.
I am sure that i can build a program like this , but i have very little knowledge in the area
web security. Please suggest me how can i save mac address. Is it possible or not.
Where can i study about it.
Thank You
The MAC address of the client is part of the layer 2 protocol, and is used for address resolution (ARP) only on the subnet local to the client. Internetworking is done with TCP/IP (layers 3 & 4), which are transparent to layer 2. In other words, the protocols and equipment between your server and your clients make it impossible for your server to learn the MAC of your clients. This is by design.
If you are looking for a unique identifier for your clients, you should adopt the standard methods like cookies, certificates and the like. Both MAC and IP addresses can be spoofed.
Suppose I have the following situation. I have a Linux box sitting inside a local network, and that box will periodically ping the ip addresses of other devices on the network to make sure they are up. Also assume I know the MAC addresses of these devices, which I obtained via ARP at some point in the past. Now assume that one of the devices goes down and when it comes back up it is assigned a new ip address. How can I modify my periodic ping check to ping the new ip address? Yes I know I can check the arp table on my Linux box to get the new ip address if the record exists. But what guarantee do I have that the arp able on that box has been updated properly? Is there any way to quckly force the arp table on my Linux box to update and somehow find the new ip address for the known mac address?
My initial thoughts would be to disable DHCP and set these addresses statically unless it is critical that they cycle through different addresses.
I need to generate an Ethernet header that includes the destination MAC address, (since libnfnetlink gives only the IP header before prerouting takes place), the outgoing interface number is also known, so the lookup can be made in the correct network.
What's the library/function to resolve the MAC address from an IP address?
It's unclear why you need the MAC address, since that's usually handled for you at a lower level.
However, assuming your target is on your local Ethernet segment, you can use the arp command to look up values in the local cache. If the value is not cached... Well, that's a problem. Perhaps arping would help...
(Normally you'd send a packet to, for example, IP address 10.10.10.10, and your system would send an ARP packet out querying who-has 10.10.10.10, and a response would come back from that target system with its MAC address, and then it would be cached. (You can watch this happening with tcpdump.) Or when a system comes on line it would send out a broadcast message informing everyone else of its MAC address. Naturally, if your destination is on another Ethernet segment, you're routing to a gateway rather than directly to the destination, and no destination-MAC address is available.)
You might read further at:
http://linux.die.net/man/8/arp
http://linux.die.net/man/8/arping
http://linux.die.net/man/7/arp
http://www.kernel.org/doc/man-pages/online/pages/man7/arp.7.html
Obviously you can only find the MAC address for directly connected IP addresses, but there's no platform-independent way of doing it. On Linux, you can look in /proc/net/arp after sending something to the target to trigger the kernel to send the ARP.
Edit to add you could also use the SIOCGARP ioctl() though that just looks in the ARP cache, so it won't send an ARP if there isn't one already there.
Otherwise, you would have to craft your own ARP request packet. You could probably reuse a bunch of code from arping if you go that route.
You cannot in general get the MAC address from the IP address, and in fact as IP can run on data link protocols other than ethernet, some IP addresses have no corresponding MAC address.
The MAC address is only available and only relevant on the same ethernet segment. On that segment, it can be retrieved by an ARP request.
I have a Linux server with multiple ips (so, multiple eth0, eth0:0, eth0:1 etc).
The script I'm trying to start is a php CLI script which is downloading stuff from an another server API, and I would like to change the IP based on different parameters. Once the script is started, I don't need anymore to change the ip OF THAT SPECIFIC script until his end.
Do you have any clue if it is possible to achieve it?
My other solution was to install Xen or OpenVZ and create N different VPS per each IP, but as you can see is definitely a PITA :-)
You don't specify how you connect to the other server, but with sockets you can try socket_bind.
EDIT:
With curl you can try curl_setopt.
CURLOPT_INTERFACE The name of the outgoing network interface to use. This can be an interface name, an IP address or a host name.
I know how to do it in C - you use bind() on your socket before you call connect(), and you bind to the IP address assigned to the desired interface, passing 0 for port. I don't know how to do it in PHP.