LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices


Reply
 
Search this Thread
Old 02-14-2014, 03:19 AM   #1
kikilinux
Member
 
Registered: Sep 2012
Posts: 108

Rep: Reputation: Disabled
Question IP packet sniffer and modification tools


Hi
I need to capture IP packets and modifying them in userspace or anywhere it can possible (for example adding some additional information to the end of packets).
I know some library such as Libnetfilter_queue to send packets to user-space but i don't know how much we are free to modify packets with this library.
or using libpcap for sniffing the packets in gateway and modify them then re injecting to network.

for additional information i need to add a bit array to the and of packet.

any help would be greatly appreciated.
 
Old 02-18-2014, 07:42 AM   #2
rtmistler
Senior Member
 
Registered: Mar 2011
Location: Milford, MA. USA
Distribution: MINT Debian, Angstrom, SUSE, Ubuntu
Posts: 1,973
Blog Entries: 8

Rep: Reputation: 714Reputation: 714Reputation: 714Reputation: 714Reputation: 714Reputation: 714Reputation: 714
You are free to write code which searches for certain Ethernet packets, modify those packets, and then send those packets back out of your network interface. You are also free to write code which can generate an entire Ethernet packet and send it out of your network interface.

If there are libraries available which assist you in locating certain packets and getting them to your code for modification; I believe you are free to use those, providing the code is either public domain, owned by you, or granted for your use by other agreement.
 
Old 02-28-2014, 04:19 AM   #3
kikilinux
Member
 
Registered: Sep 2012
Posts: 108

Original Poster
Rep: Reputation: Disabled
Dear rtmistler, thanks to answer but i just need some tools to do this.
what is the best tools to perform this work?
is it possible to write a program in user space which is listen to a specific port and define a rule in iptables to redirect the ip packet traffic to that port ?
if some tools exist to perform this which is not needed to do socket programming can u introduce them for me ?

best.
 
Old 02-28-2014, 05:40 AM   #4
rtmistler
Senior Member
 
Registered: Mar 2011
Location: Milford, MA. USA
Distribution: MINT Debian, Angstrom, SUSE, Ubuntu
Posts: 1,973
Blog Entries: 8

Rep: Reputation: 714Reputation: 714Reputation: 714Reputation: 714Reputation: 714Reputation: 714Reputation: 714
Sorry, in your place I would just write the code, I do not know of anything suitable that you could use; however there are plenty of network coding examples out there. I would review the manual pages for the IP socket library functions to ensure that I was using them correctly. Checking return values is extremely important. If the socket() call doesn't work, then clearly the receive() call is going to fail, but you may see the receive() call failing when you test, not realizing that it's a case of "garbage in, garbage out". I would also search for source examples on the web which performed similar functions to what I was looking to do. To capture packets which are not directed at your address, or multicast you likely will have to set the adapter for promiscuous mode. And the examples are good, but do modify them for correctness and completeness - back to the part of checking return codes. You could grab this example which shows you all steps, but doesn't check some things, and in your case one part fails, but you don't know; so you get to your final step and you end up debugging the wrong thing.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
coding of packet sniffer sarojkujoor Linux - Newbie 2 02-24-2011 06:53 AM
Packet sniffer lyonsd Linux - Networking 2 12-28-2004 09:45 AM
What is the best for Packet Sniffer alexr186 Linux - Software 5 02-07-2004 08:34 AM
Packet Sniffer gauge73 Linux - Networking 3 07-20-2003 10:32 PM
Suggestions for packet sniffer w/ packet viewing? TruckStuff Linux - Networking 5 05-31-2002 09:50 AM


All times are GMT -5. The time now is 03:58 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration