Security News
Maven Central Adds Sigstore Signature Validation
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.
By Sarah Gooding - Feb 06, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
github.com/dennisping/tcp-ip-raw-sockets
- Version published
- Created
TCP/IP Raw Sockets
Overview
TL;DR - Make an HTTP GET request from scratch; from the network layer to the application layer.
This project was originally done in Python and converted to Go for self-learning purposes.
This program called rawhttpget takes one URL, downloads the target URL page, and saves it into the current directory. The TCP/IP network stack is custom implemented, and all incoming & outgoing data packets utilize raw sockets. Due to the low-level details and bitwise operations of this project, unit testing was done to ensure correctness. Manual debugging was also done on Wireshark.
Requirements
Go 1.21+
This project only works on Linux.
Required System Changes
- Modify iptables rule
sudo iptables -A OUTPUT -p tcp --tcp-flags RST RST -j DROP
- Find your "network interface" name using:
ifconfig -aand disable gro, tx, rx
sudo ethtool -K <network interface> gro off
sudo ethtool -K <network interface> tx off rx off
- Example
sudo iptables -A OUTPUT -p tcp --tcp-flags RST RST -j DROP
sudo ethtool -K wlp4s0 gro off
sudo ethtool -K wlp4s0 tx off rx off
How to Build
make
How to Run
Usage: sudo ./rawhttpget [-v] URL
Options:
-p string
available profilers: cpu, mem
-v verbose output
The optional flag -v is for verbose output.
Examples
sudo ./rawhttpget -v http://david.choffnes.com/classes/cs4700sp22/project4.php
sudo ./rawhttpget http://david.choffnes.com/classes/cs4700sp22/10MB.log
Testing
Standard mode
go test ./...
Verbose mode
go test -v ./...
Show test coverage
go test ./... -coverprofile=coverage.out
go tool cover -html=coverage.out
Example Run in Verbose Mode
> sudo ./rawhttpget -v http://david.choffnes.com/classes/cs4700sp22/project4.php
Remote IP: 204.44.192.60
Local IP: 192.168.0.237
--> send 48 bytes Flags: SYN seq: 2123832061, ack: 0
<-- recv 48 bytes Flags: SYN ACK seq: 2154816049, ack: 2123832062
--> send 40 bytes Flags: ACK seq: 2123832062, ack: 2154816050
--> send 157 bytes Flags: ACK seq: 2123832062, ack: 2154816050
<-- recv 40 bytes Flags: ACK seq: 2154816050, ack: 2123832179
<-- recv 40 bytes Flags: ACK seq: 2154816050, ack: 2123832179
--> send 40 bytes Flags: ACK seq: 2123832179, ack: 2154816050
<-- recv 1500 bytes Flags: ACK seq: 2154816050, ack: 2123832179
--> send 40 bytes Flags: ACK seq: 2123832179, ack: 2154817510
<-- recv 1500 bytes Flags: ACK seq: 2154817510, ack: 2123832179
--> send 40 bytes Flags: ACK seq: 2123832179, ack: 2154818970
<-- recv 1500 bytes Flags: ACK seq: 2154818970, ack: 2123832179
--> send 40 bytes Flags: ACK seq: 2123832179, ack: 2154820430
<-- recv 1500 bytes Flags: ACK seq: 2154820430, ack: 2123832179
--> send 40 bytes Flags: ACK seq: 2123832179, ack: 2154821890
<-- recv 1500 bytes Flags: ACK seq: 2154821890, ack: 2123832179
--> send 40 bytes Flags: ACK seq: 2123832179, ack: 2154823350
<-- recv 1061 bytes Flags: PSH ACK seq: 2154823350, ack: 2123832179
--> send 40 bytes Flags: ACK seq: 2123832179, ack: 2154824371
<-- recv 1500 bytes Flags: ACK seq: 2154824371, ack: 2123832179
--> send 40 bytes Flags: ACK seq: 2123832179, ack: 2154825831
<-- recv 804 bytes Flags: PSH ACK seq: 2154825831, ack: 2123832179
--> send 40 bytes Flags: ACK seq: 2123832179, ack: 2154826595
<-- recv 40 bytes Flags: FIN ACK seq: 2154826595, ack: 2123832179
--> send 40 bytes Flags: FIN ACK seq: 2123832179, ack: 2154826596
<-- recv 40 bytes Flags: ACK seq: 2154826596, ack: 2123832180
200 OK
Wrote 22576 bytes to project4.php
Design Details
- All the details about wrapping and unwrapping of packets have been abstracted away into 2 functions in the
rawsocketpackage:Wrap(IPHeader, TCPHeader) -> packetUnwrap(packet) -> IPHeader, TCPHeader, error
- When a packet is unwrapped, the TCP and IP checksums are automatically checked. If there is an error, it will return the error back to the client to handle. Likewise, when a packet is wrapped, its checksum is automatically calculated into the packet.
- The
httppackage loosely mimics the Go std libnetlibrary. - The window scale is set at 5 which means a max transfer speed of 2 MiB/sec.
- Ideally, the window scale is 7 which means a max transfer speed of 8 MiB/sec. However, this would require utilizing an application layer buffer so that the network layer buffer doesn't overflow.
Random Notes
- This program uses HTTP/1.0 instead of HTTP/1.1 because HTTP/1.1 may contain "chunked encoding" which is a pain to decode. Since this program does not use the
keep-aliveheader, HTTP/1.0 is sufficient for our use case, and it greatly simplifies decoding. - This program accepts gzip encoding if the server wants to send compressed data.
FAQs
Unknown package
Package last updated on 06 Feb 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
38% of CISOs Fear They’re Not Moving Fast Enough on AI
CISOs are racing to adopt AI for cybersecurity, but hurdles in budgets and governance may leave some falling behind in the fight against cyber threats.
By Sarah Gooding - Feb 04, 2025
Research
Security News
Go Supply Chain Attack: Malicious Package Exploits Go Module Proxy Caching for Persistence
Socket researchers uncovered a backdoored typosquat of BoltDB in the Go ecosystem, exploiting Go Module Proxy caching to persist undetected for years.
By Kirill Boychenko - Feb 04, 2025