How to capture and change packet using linux? - TCP-IP

This is a discussion on How to capture and change packet using linux? - TCP-IP ; How to capture and change packet using linux? I want to capture and change the packets when they pass through my linux firewall. I know the "Iptables" can do some of this job, but I want to fullly control every ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: How to capture and change packet using linux?

  1. How to capture and change packet using linux?

    How to capture and change packet using linux?

    I want to capture and change the packets when they pass through my
    linux firewall. I know the "Iptables" can do some of this job, but I
    want to fullly control every packet, I want to change the packet's
    data and source ip etc, but I found Iptables can not give me fullly
    control, he can not let me edit the packet data as my will.

    I want a method or a tool can capture and change the packet and then
    send them as it would, and I want the tool has a friendly interface--
    it analyse the packet for me, and I just do my change, I do not want
    to analyse the every packet header and options.

    Now, I want to know is there in linux has such tools or how to use
    "iptables" to do it? I like iptables, it has a friendly user
    interface, but it do not give (at least I do not found) the programmer
    a hook point to link my own packet process functions, but it analyse
    the packet for me, and I can just use some keywords to refer packet
    parts, good.


    PS: the packet data I need do a lot of things to reconstruct a valid
    packet data. for example: I need to unencrypt and then encrypt the
    data.

    Thanks.


  2. Re: How to capture and change packet using linux?

    quakewang@mail.whut.edu.cn wrote:
    > How to capture and change packet using linux?

    ....
    >
    > I want a method or a tool can capture and change the packet and then
    > send them as it would, and I want the tool has a friendly interface--
    > it analyse the packet for me, and I just do my change, I do not want
    > to analyse the every packet header and options.


    I know of a commercial system that might do what you want. It basically
    applies specific changes to packets that match designated criteria. I'm not
    aware of any open source tools that do what you want "as is". A few are
    close, but I think would require learning their code and modifying it.

  3. Re: How to capture and change packet using linux?

    On Sat, 23 Jun 2007 00:49:00 -0700, quakewang wrote:

    > How to capture and change packet using linux?
    >
    > I want to capture and change the packets when they pass through my
    > linux firewall. I know the "Iptables" can do some of this job, but I
    > want to fullly control every packet, I want to change the packet's data
    > and source ip etc, but I found Iptables can not give me fullly control,
    > he can not let me edit the packet data as my will.
    >
    > I want a method or a tool can capture and change the packet and then
    > send them as it would, and I want the tool has a friendly interface-- it
    > analyse the packet for me, and I just do my change, I do not want to
    > analyse the every packet header and options.
    >
    > Now, I want to know is there in linux has such tools or how to use
    > "iptables" to do it? I like iptables, it has a friendly user interface,
    > but it do not give (at least I do not found) the programmer a hook point
    > to link my own packet process functions, but it analyse the packet for
    > me, and I can just use some keywords to refer packet parts, good.


    IPtables (or rather netfilter) has those hooks you search. Google for
    "netfilter hooks" will probably turn up more info.

    Alternatively, you could write a custom target to do the mangling.

    Finally, you could use a tun device, fwmark and some routing tricks to
    achieve your goals.

    HTH,
    M4

+ Reply to Thread