This is an IP-level protocol. Only root is allowed to access this
special file. It is meant to be the basis for implementing
and experimenting with transport-level protocols.1
In the most general case,
the sender has to supply the encapsulating header bytes in front of the
packet and the receiver has to strip the additional bytes from the message.
RAW receivers cannot receive packets sent with TCP or UDP because the operating system does not deliver the packets to a RAW receiver. The operating system knows about some of the protocols on top of IP and decides on its own which packet to deliver to which process. (d.c.) Therefore, the UDP receiver must be used for receiving UDP datagrams sent with the RAW sender. This is a dark corner, not only of gawk, but also of TCP/IP.
For extended experimentation with protocols, look into the approach implemented in a tool called SPAK. This tool reflects the hierarchical layering of protocols (encapsulation) in the way data streams are piped out of one program into the next one. It shows which protocol is based on which other (lower-level) protocol by looking at the command-line ordering of the program calls. Cleverly thought out, SPAK is much better than gawk's /inet for learning the meaning of each and every bit in the protocol headers.
The next example uses the RAW protocol to emulate the behavior of UDP. The sender program is the same as above, but with some additional bytes that fill the places of the UDP fields:
BEGIN {
Message = "Hello world\n"
SourcePort = 0
DestinationPort = 8888
MessageLength = length(Message)+8
RawService = "/inet/raw/0/localhost/0"
printf("%c%c%c%c%c%c%c%c%s",
SourcePort/256, SourcePort%256,
DestinationPort/256, DestinationPort%256,
MessageLength/256, MessageLength%256,
0, 0, Message) |& RawService
fflush(RawService)
close(RawService)
}
Since this program tries to emulate the behavior of UDP, it checks if the RAW sender is understood by the UDP receiver but not if the RAW receiver can understand the UDP sender. In a real network, the RAW receiver is hardly of any use because it gets every IP packet that comes across the network. There are usually so many packets that gawk would be too slow for processing them. Only on a network with little traffic can the IP-level receiver program be tested. Programs for analyzing IP traffic on modem or ISDN channels should be possible.
Port numbers do not have a meaning when using /inet/raw. Their fields
have to be `0'. Only TCP and UDP use ports. Receiving data from
/inet/raw is difficult, not only because of processing speed but also
because data is usually binary and not restricted to ASCII. This
implies that line separation with RS does not work as usual.