[Jack Jackson <jack@xxxxxxxxxxxxxxx>]

At 11:34 PM 8/16/2005, Ryan Detert wrote:
> I am currently playing around with raw sockets and am writing my own 
> packets. I'm using all three of operating systems: OS X, XP and Linux 
> kernel 2.6 to both send and receive to and from one another.
>
> I am trying to inject packets into a program I have running but I can't 
> tell if my raw packets are working. They are getting sent at least from 
> the source to the destination. Ethereal is displaying the contents of the 
> packet that I'm sending, but the program I have running isn't picking up 
> the packets.
>
> Ethereal reports that the TCP and IP checksums are correct. Is it possible 
> that the destination computer is just dropping my packet? Any suggestions 
> as to why this is so, or how I could check to see if the packet is being 
> accepted onto the TCP stack?

Injecting into a TCP stream is not easy, and almost certainly will cause 
the existing connection to stop working.  I would expect the following to 
be checked (besides the checksums): possibly IP identification, IP source 
and dest addrs, TCP source and dest ports, TCP sequence number, possibly 
TCP acknowledgement number.

If your packet is accepted you will see an ack sent to acknowledge it.