I have written a custom packet sniffer (in C) as part of a research project, but what I am confused on how to do is how to divert incoming packets away from the kernel's IP stack and route them through my application instead.

I am currently utilizing raw sockets for my packet sniffer, but they only provide my application a copy of the packet, while the original packet is still processed by the kernel. I do not want this to happen. I want my application to get the original packet so that any SYN+ACK's must come from my packet sniffer instead of the kernel.

I have looked into "divert sockets" and also using a TUN/TAP interface, but I am really unsure as to how to accomplish this.

Can anyone point me in the right direction?