about the ip packet intercepting
I want to do something in this way:
All ip packets sent to a host A will be captured in A before the packets are passed to the high layer, i.e. the TCP or APP. And, all ip packets sent from A to some other host will be captured in low layer in A, i.e. Link layer, then the packet will be transferd. that means i can do something before a packet is passed to the TCP or APP and the same as before it is passed to the Link layer. I think, if i rewrite the ip stack in kernel, i can do it. but, is there a simple method to do this? for example, writing a module or a program, when i load the module or run the program, all will be ok. it is seem to be more difficult. and what is about the windows. i can't rebuild the windows. would you like to give me some suggestions? |
What about looking some firewall source code and see how it is done ?
|
good idea. but that is a different way.
i want do it on the source host, not a intermedia host. How? |
This is not a different way, a firewall can sit anywhere, on the server, the client, or a machine between.
|
you are right, and that is a very good way to do this,
i am so sorry for my ignorantness. and, would you like to give me some directions about how to get some source code about a firewall. thx any way. |
You should first tell on what O/S you want your intercepting code to run.
Then I'm sure google will help you finding source code. |
I have found one from google.
So kind of you. |
I have read some firewall source code of linux, but almost of them base on
the linux utility iptables, that means i can't change any ip packet and only can make a decision of droping of accepting. that is so discouraged. is there one which does not base on iptables? where to get it? |
Try googling for "Roll your own firewall with netfilter", it's a Linuxjournal article that does something similar.
Also, I believe phrack.... 55 was it? had something on the matter too... |
All times are GMT -5. The time now is 03:31 PM. |