Find the answer to your Linux question:
Results 1 to 4 of 4
Hello all, I want to intercept a packet, Change the data, source IP and Destination IP and then send it on its way again. How do I do this? Currently ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Jul 2008
    Posts
    11

    IP Tables, Packet Changin


    Hello all,

    I want to intercept a packet, Change the data, source IP and Destination IP and then send it on its way again. How do I do this?

    Currently I am intercepting the packet on the Filter/Input Table/Chain. Then I change the data, the source IP, and destination IP and then do a NF_Accept on it. However, the packet never shows up at the destination. What am I doing wrong here? Do I have to drop the packet and then generate a completely new packet w/ my desired contents?

    Thanks for any help.

  2. #2
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    Look at PREROUTE and POSTROUTE.

    http://iptables.rlworkman.net/chunkyhtml/index.html

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  3. #3
    Just Joined!
    Join Date
    Jul 2008
    Posts
    11
    Quote Originally Posted by Lazydog View Post
    That's just purely doing it in iptables though. I need it in C. Maybe this will help:

    Code:
    /sbin/iptables --insert INPUT 1 --in-interface eth+ -s 192.168.20.50 -j QUEUE
    /sbin/iptables --insert INPUT 1 --in-interface eth+ -s 192.168.100.2 -j QUEUE
    Code:
    m = ipq_get_packet(buf);
    
    iph = (struct ip *) m->payload;
    
    iph->ip_src.s_addr = inet_addr("192.168.100.1");
    iph->ip_dst.s_addr = inet_addr("192.168.100.2");
    iph->ip_sum = csum((unsigned short*) iph, sizeof(struct iphdr));
    
    status = ipq_set_verdict(h, m->packet_id, NF_ACCEPT, m->data_len, m->payload);
    However, when I do the NF_ACCEPT, it never shows up at the other end.

    Is this because at that point the kernel sees this packet is not for it and just drops it? As a workaround, I currently drop the packet and generate a new one w/ the modified contents. It just seems to me that there might be a more efficient way. I could be wrong though.

    Thanks for the reply.

  4. $spacer_open
    $spacer_close
  5. #4
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    I can help you out with IPTABLES setup but not with what you are trying to do. Sorry.

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •