Results 1 to 1 of 1
I have written a custom packet sniffer (in C) as part of a research project, but what I am confused on how to do is how to divert incoming packets ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 01-16-2010 #1
- Join Date
- Jan 2010
Divert packets away from kernel
I have written a custom packet sniffer (in C) as part of a research project, but what I am confused on how to do is how to divert incoming packets away from the kernel's IP stack and route them through my application instead.
I am currently utilizing raw sockets for my packet sniffer, but they only provide my application a copy of the packet, while the original packet is still processed by the kernel. I do not want this to happen. I want my application to get the original packet so that any SYN+ACK's must come from my packet sniffer instead of the kernel.
I have looked into "divert sockets" and also using a TUN/TAP interface, but I am really unsure as to how to accomplish this.
Can anyone point me in the right direction?