I'm working on a TCP/IP implementation, for an embedded device, that I want to test from a Linux user space process using raw sockets.
raw(7) says that
Raw sockets may tap all IP protocols in Linux, even protocols like ICMP or TCP which have a protocol module in the kernel. In this case, the packets are passed to both the kernel module and the raw socket(s).
I need to disable this kernel processing (at least on a specific destination port) in order to test my implementation. I think there's some manipulation involving iptables which can do this, but frankly I'm no Linux guru. I appreciate any help.
Best Answer
Kernel handles TCP handshake by default
Try to make a TCP connection
Here connection is refused by kernel directly.
To stop kernel handling TCP connections, you can add netfilter rules. Following command makes kernel ignore TCP packets coming to port
8877
Now try doing a TCP connection again
Kernel does not do the TCP handshake now, and you should be able to implement TCP in userspace as you will still see the packets 1.
To cleanup the netfilter rule after you are done, use