Raw packet creation causing IP fields to be incorrect order

Question

Simply said, I am having trouble with endiness and raw packets inside the IP protocol, when I am dealing with the flags and offset fields.

I am attempting to create my own packets using UDP raw packets. I am using C style structs with bitfields.

I am having problems with the IP flags and Fragment Offset fields of the IP protocol. This is because of the ordering of the bytes is different. I think want to be able to use the htons() function to change the order of the bits, but when I do so, I believe I mess things up.

Here is a quick output of the packet I am creating. What interests us is byte 6 and byte 7. (The bold and italicized bits).

0 0100 0101 0001 0000 0001 1100 0000 0000 1101 0100 0011 0001 0000 0001 0000 1000

8 0100 0000 0001 0001 0110 0111 1000 1010 0000 0001 0000 0001 0000 0001 0000 0001

16 0000 0011 0000 0011 0000 0011 0000 0011 0000 1000 1010 1110 0001 0001 0101 1100

24 0000 0000 0000 1000 0000 0000 0000 0000

I have the following structure inplace... (Take note of the bitfields for the three flags and the offset.

struct IPHeader
{
    unsigned char iph_ihl:4, iph_ver:4;     
    unsigned char iph_tos;                  
    unsigned short int iph_len;             
    unsigned short int iph_ident;           
    unsigned char iph_flag_X:1;                
    unsigned char iph_flag_D:1;
    unsigned char iph_flag_M:1;
    unsigned short int iph_offset:13;         
    unsigned char iph_ttl;                 
    unsigned char iph_protocol;            
    unsigned short int iph_chksum;          
    unsigned int iph_sourceip;              
    unsigned int iph_destip;                
};

In my code, I am attempting to set the offset to the value of 1, whilte having the D flag set. (just for example) One would think that my code then could be...

ipheader->iph_flag_X = 1;
ipheader->iph_flag_M = 0;
ipheader->iph_flag_D = 0;
ipheader->iph_offset = htons(1);

This results in the following printout for bytes 6 and 7.... 0000 0001 0000 0001

What I would like to see for this code is the following... 1000 0000 0000 0001

The second set of byteam attempting to create my own packets using UDP raw packets. I am using C style structs with bitfields. s accuratly reflects the X flag set and the Fragment Offset to the value of 1. Keep in mind the fragment offset takes up 13 bits, and the three flags are each 1 bit.

Answer 1

Bit-fields behaviour is implemention defined. According to K&R

"fields are assigned left to right on some machines and right to left on others"

So, your structure definition must take that into consideration. Although you may or may not be developing on a "Little-Endian" machine, a peek at UBUNTU's IP Header definition may get you started on a more portable course (and solve your problem along the way):

struct ip
  {
#if __BYTE_ORDER == __LITTLE_ENDIAN
    unsigned int ip_hl:4;               /* header length */
    unsigned int ip_v:4;                /* version */
#endif
#if __BYTE_ORDER == __BIG_ENDIAN
    unsigned int ip_v:4;                /* version */
    unsigned int ip_hl:4;               /* header length */
#endif
    u_int8_t ip_tos;                    /* type of service */
    u_short ip_len;                     /* total length */
    u_short ip_id;                      /* identification */
    u_short ip_off;                     /* fragment offset field */
#define IP_RF 0x8000                    /* reserved fragment flag */
#define IP_DF 0x4000                    /* dont fragment flag */
#define IP_MF 0x2000                    /* more fragments flag */
#define IP_OFFMASK 0x1fff               /* mask for fragmenting bits */
    u_int8_t ip_ttl;                    /* time to live */
    u_int8_t ip_p;                      /* protocol */
    u_short ip_sum;                     /* checksum */
    struct in_addr ip_src, ip_dst;      /* source and dest address */
  };