IP Header, what it really looks like.
I wasn't sure how working on a Mac inside a VirtualBox vm running Ubuntu might work out, but so far things have been rolling along. As this is giving me a better understanding of how the IP header fits together as a structure. This is amazing since it is a structure from the early 80's and still widely used across the network.
The first thing,
Build the socket.
sock_raw = socket(AF_INET , SOCK_RAW, IPPROTO_TCP);
Read from socket.
data_size = recvfrom(sock_raw , buffer , 65536 , 0 , &saddr , &saddr_size);
I did a simple print to see some results.
And doing this I can see a repition of data, so this made me go and acutully lookup the RFC for IP. The first one to look at is RFC 791 and here we can begin to understand the break down of the header. Now the hard part is to start breaking down the groupings.
4=Ver, 5=IHL, 00=ToS, 002C=TL, 0C9B=ID, 0=Flags, 000=Frag Off, 40=TTL, 06=Prot, EA96=Hdr C_Sum, 42723517 = Source Address, 0A00 020f = Destination Address
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Version| IHL |Type of Service| Total Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Identification |Flags| Fragment Offset | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Time to Live | Protocol | Header Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Destination Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Options | Padding | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+