How to disable TCP/IP on Linux interface

Short Version:
Does anyone know if there is a way to disable TCP/IP on an interface in Linux? Its easy enough on Windows...as all you have to do is uncheck the box under the interface settings...but not sure how in Linux...
***NOTE*** I do not want to disable the interface ('ifconfig eth0 down' will NOT work here)...I just don't want TCP/IP running

Long Version:
I am attempting to reprogram the functions of the eth0 interface, via Python script and Scapy (a raw packet crafting tool). The problem is, the Linux kernel is independent and remains unaware of my use of Scapy. Because of this, TCP/IP is interfering with some of the stuff I'm trying to do. For example...if I send a SYN packet to a remote TCP port via Scapy, that service then replies with a SYN-ACK packet (as it should). But then, when my system recieves the SYN-ACK packet, because the Kernel is unaware that I sent the SYN packet with Scapy, it sees the SYN-ACK packet as an unsolicited response and replies automatically with an RST packet. <-- This is what I'm trying to avoid.

Any help is greatly appreciated!!!

Find more posts tagged with

Comments

ChooseLife

That's an interesting question... Here I found a suggestion to remove the IP from the interface (ip addr flush dev eth0) - would that work?

fiftyo

There maybe some option in /proc/sys to turn tcp off. You could perhaps hack it via ip tables, something like this may work;
iptables -A INPUT -p tcp ! --syn -m state --state NEW -j ACCEPT
Basically allowing through new packets which do not have the syn flag set.

YFZblu

Agree on the IP tables hack - Isn't TCP/IP part of the kernel itself?

nogamble

Wonder if that could be taken care of in inittab? Just adjust when the network service starts.

or chkconfig network/ing off

paul78

If you want to disable TCP/IP entirely, you can do something similar in Linux as you mentioned in Windows. If you are using a kernel that uses kernel modules, simply don't load the IP module. Personally, I don't use kernel modules so if I needed to disable TCP/IP - I would simply not compile it.

As far as disabling TCP/IP only on a specific interface, I don't actually think you can do that - what I would do in that case is to not bind an IP to that interface.

The actually problem that you are trying to solve isn't actually related to the TCP module (i.e. RST packet generation) - that's most likely because you are using a host filter like iptables. You will have to search to see if have DROP's confgured.