How to disable TCP/IP on Linux interface
Short Version:
Does anyone know if there is a way to disable TCP/IP on an interface in Linux? Its easy enough on Windows...as all you have to do is uncheck the box under the interface settings...but not sure how in Linux...
***NOTE*** I do not want to disable the interface ('ifconfig eth0 down' will NOT work here)...I just don't want TCP/IP running
Long Version:
I am attempting to reprogram the functions of the eth0 interface, via Python script and Scapy (a raw packet crafting tool). The problem is, the Linux kernel is independent and remains unaware of my use of Scapy. Because of this, TCP/IP is interfering with some of the stuff I'm trying to do. For example...if I send a SYN packet to a remote TCP port via Scapy, that service then replies with a SYN-ACK packet (as it should). But then, when my system recieves the SYN-ACK packet, because the Kernel is unaware that I sent the SYN packet with Scapy, it sees the SYN-ACK packet as an unsolicited response and replies automatically with an RST packet. <-- This is what I'm trying to avoid.
Any help is greatly appreciated!!!
Does anyone know if there is a way to disable TCP/IP on an interface in Linux? Its easy enough on Windows...as all you have to do is uncheck the box under the interface settings...but not sure how in Linux...
***NOTE*** I do not want to disable the interface ('ifconfig eth0 down' will NOT work here)...I just don't want TCP/IP running
Long Version:
I am attempting to reprogram the functions of the eth0 interface, via Python script and Scapy (a raw packet crafting tool). The problem is, the Linux kernel is independent and remains unaware of my use of Scapy. Because of this, TCP/IP is interfering with some of the stuff I'm trying to do. For example...if I send a SYN packet to a remote TCP port via Scapy, that service then replies with a SYN-ACK packet (as it should). But then, when my system recieves the SYN-ACK packet, because the Kernel is unaware that I sent the SYN packet with Scapy, it sees the SYN-ACK packet as an unsolicited response and replies automatically with an RST packet. <-- This is what I'm trying to avoid.
Any help is greatly appreciated!!!
Comments
-
ChooseLife
Member Posts: 941 ■■■■■■■□□□
That's an interesting question... Here I found a suggestion to remove the IP from the interface (ip addr flush dev eth0) - would that work?“You don’t become great by trying to be great. You become great by wanting to do something, and then doing it so hard that you become great in the process.” (c) xkcd #896
GetCertified4Less - discounted vouchers for certs -
fiftyo
Member Posts: 71 ■■□□□□□□□□
There maybe some option in /proc/sys to turn tcp off. You could perhaps hack it via ip tables, something like this may work;
iptables -A INPUT -p tcp ! --syn -m state --state NEW -j ACCEPT
Basically allowing through new packets which do not have the syn flag set. -
YFZblu
Member Posts: 1,462 ■■■■■■■■□□
Agree on the IP tables hack - Isn't TCP/IP part of the kernel itself? -
nogamble
Member Posts: 8 ■□□□□□□□□□
Wonder if that could be taken care of in inittab? Just adjust when the network service starts.
or chkconfig network/ing off -
paul78
Member Posts: 3,016 ■■■■■■■■■■
If you want to disable TCP/IP entirely, you can do something similar in Linux as you mentioned in Windows. If you are using a kernel that uses kernel modules, simply don't load the IP module. Personally, I don't use kernel modules so if I needed to disable TCP/IP - I would simply not compile it.
As far as disabling TCP/IP only on a specific interface, I don't actually think you can do that - what I would do in that case is to not bind an IP to that interface.
The actually problem that you are trying to solve isn't actually related to the TCP module (i.e. RST packet generation) - that's most likely because you are using a host filter like iptables. You will have to search to see if have DROP's confgured.