NetFilter
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Using Netfilter to modify the payload of an IP packet?

from [Michael Ransburg] [Permanent Link][Original]
To: netfilter@lists.netfilter.org
Subject: Using Netfilter to modify the payload of an IP packet?
From: "Michael Ransburg" <michael.ransburg@gmail.com>
Date: Thu, 12 Apr 2007 11:42:58 +0200
Delivered-to: sp-com-lists@consult.net
Delivered-to: netfilter-list1@securepoint.com
Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=UjhGeoNCxOgNOLP6q0v/0turQqAKzPxQ5ZUKyg2qOR2oDPn5fTkvhEVFZl4EhyJJTrTVqD8R5pCDSTIyh0ygopASw9/gvvd4/QITIgjyOij7BLWGl+E1IMjs7hewPvil82ZCBhIsxvkhdVZ5Lp8ngI5c3R5tyzbyzY0gqxcBf9w=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=eQgZig2uQrL1kgFwWXdOz+2EFT77yfaQZf4hPhcOfgLLtcE36Iy4ZenuanZdfqF9luZ/bqbkYGsNhjLkV9sTvyNwI6C698iaE3SB6n8Ctk8OPIg8Kb9/jLAT66buQggMFoIJB9lN5fwJbsatf6sjF4JS7gKDrqELMk5Fjk7oq3Y=
List-archive: </pipermail/netfilter>
List-help: <mailto:netfilter-request@lists.netfilter.org?subject=help>
List-id: General discussion and user questions <netfilter.lists.netfilter.org>
List-post: <mailto:netfilter@lists.netfilter.org>
List-subscribe: <https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=subscribe>
List-unsubscribe: <https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=unsubscribe>
Sender: netfilter-bounces@lists.netfilter.org 
Hi all,

I currently use the "winpkfilter" framework (www.ntkernel.com) on
Windows to discard parts of the payload of IP packets transparently to
the sender and receiver. I.e., I use the promiscious mode to
accomplish this on a computer B while the packets go from computer A
to computer C.

For this I need to:
1) Capture all ethernet frames which belong to a certain IP packet
2) Reassemble the payload of the IP packet from all the ethernet frame payloads
3) Remove parts of this payload according to my appliation
4) Update TCP/IP headers (length, checksums, ...)
5) Refragment the modified payload into ethernet frames
6) Send the ethernet frames to their original destination

As you can see, this is quite complex since the winpkfilter framework
is based on capturing ethernet frames.

I'm now investigating netfilter for the tasks outlined above and I
have two questions:

1) Can the actions described above be performed using a linux based
netfilter framework?

2) Will using the netfilter framework make my life easier, i.e., are
for example modifications of the payload based on IP level possible
(which would already take some complexity out of my appliation).

Any further hints / pointers which you can provide are highly appreciated.

Many thanks,
Michael
--
icq: 71772353 | skype: daneel1409 | msn: mike@unfolded.com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • Using Netfilter to modify the payload of an IP packet?, Michael Ransburg <=
Previous by Date:  IPtables l7 string, Stephan Higuti
Next by Date:  No timestamp on log entries., Steve
Previous by Thread:  IPtables l7 string, Stephan Higuti
Next by Thread:  No timestamp on log entries., Steve
Indexes:  [Date] [Thread] [Top] [All Lists]