LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 09-14-2004, 09:28 PM   #1
blackzone
Member
 
Registered: Jun 2004
Posts: 256

Rep: Reputation: 30
capturing internet packet


Basically I have a program which would send out IP packet periodically.

without modifying the original program, I want to write another program that could capture the IP packet before it is send through the NIC, modify it and send it out.

that means the original program would still call the sendto function but I just dont' send it. I'll capture it, modify it than send it out.

Anyone have an idea how to do it?
================================================

The exact detail is. I am doing a DNS server project. Using MaraDNS I want to do incoming traffic load balancing.

Right now I modified the original MaraDNS source code, and change the DNS reply packet manually.

For intuitive reason, I'm hoping that I don't need to modify the MaraDNS source code in anyway. Moreover I'm hoping that I can make it portable, that is running on other DNS server program also. So best way is directly modifying the packet before it is send. Can someone give a hand?
 
Old 09-15-2004, 09:24 AM   #2
r0b0
Member
 
Registered: Aug 2004
Location: Europe
Posts: 608

Rep: Reputation: 50
Check iptables + QUEUE target + libipq. This should allow you to intercept packets to userspace, modify them and return to the kernel for further processing.
 
Old 09-15-2004, 09:31 AM   #3
prell
Member
 
Registered: Jul 2004
Posts: 73

Rep: Reputation: 15
Smile

You could also:

Write a library that has the same stub exported for socket( ), but has code in it such that you wrap the actual call to socket( ) and return a file descritor which you can watch. I wrote code to do this and it was pretty easy.

Last edited by prell; 09-15-2004 at 04:08 PM.
 
Old 09-15-2004, 10:57 AM   #4
prell
Member
 
Registered: Jul 2004
Posts: 73

Rep: Reputation: 15
--deleted--

Last edited by prell; 09-15-2004 at 04:08 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Kernel Filter Failed error while compiling packet capturing code on FC2 Prakhardeep Programming 3 08-10-2011 04:55 AM
Internet gateway with ip packet forwarding GiX Linux - Networking 10 07-29-2005 10:33 AM
Problem in transferring packet capturing code fron RH9 to FC2 Prakhardeep Linux - Networking 0 02-01-2005 03:57 AM
lot of problem in capturing packet in promisc mode masood_gandhi Linux - Networking 2 11-26-2004 09:53 AM
modifying internet packet blackzone Programming 0 09-14-2004 05:31 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 01:16 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration