Passing a source ip to the server

[RLQ]

Hello,

i'm programming a small tcp client, but i need that the server knows the source ip. My client receives a external connection and forwards, but the ip seen by the server, of course, is the client ip. I would like, change this ip to original source ip.

I don't know how to do this. I tried with the connect and select function.
thanks.

[voidpointer69]

Hello rlq.

Well offhand, I don't know any way to pass any "data" up to the server on the connect phase.

It begs the question of why you would want to do this anyhow?

Do you need to have the server validate that the originating ip is a valid client or do you want it to make an independent connection to the originator?

How come you need to be the "man in the middle"?

As with most IP stuff, anything like this needs to be done at the application layer so I would suggest you organize some kind of message protocol so that, after the connect from you has been accepted, you can enter some kind of "login" phase to tell the server who the originator is and take it from there.

Alternatively, you need to establish a "NAT"/Routing service whereby you accept the originating connection, make your own to the server and, thereafter, act as a pass-through between the originator and the server.

Cheers - VP

[RLQ]

VP,

I need to be "man in the middle", but I also need to treat the packages and the server must believe that the source ip the of packages is the origin client ip as well as a nat.

I can to change packages between origin client and the target server, but the server belives seen source ip of the operational system of my pc that runs my program.

Cheers.

[saulius2]

i'm programming a small tcp client, but i need that the server knows the source ip.

This should be called tcp proxy at least or something like that, not a client : )

My client receives a external connection and forwards, but the ip seen by the server, of course, is the client ip. I would like, change this ip to original source ip.

Then the ACK-packet would travel back directly to original IP address. Avoiding your program. And what if there is no such IP route on the net at all?

And this sounds more like violation of standard TCP/IP routing (OSI layer 3: )

I need to be "man in the middle", but I also need to treat the packages

I believe you mean packets.

and the server must believe that the source ip the of packages is the origin client ip as well as a nat.

This is clearly IP/ARP spoofing; )

I can to change packages between origin client and the target server, but the server belives seen source ip of the operational system of my pc that runs my program.

To be successful, it should be done one the lower level -- at OSI layer 2.
Because otherwise altering IP addresses would influence the route of the packet -- could make forward and backward routes assymetrical.

There are lots of tutorial on ARP spoofing technologies on the net. Go google for arp+spoof+nmap for example. You will need to know net communication at OSI layers 2-3 anyway for your success : )

[RLQ]

Saulius2, are you fine?

How does works a nat server? Receive and forward packets (i'm sorry is packets :)) change origin IP is a snat not a nat. When a tcp handshake occurs on the connection through the firewall in a nat, the target server believes that to talking with a client directly.

My program makes a SNAT, i want that it makes a NAT.

[voidpointer69]

RLQ,

With respect, I think you are missing the point.

You could build your own tcp headers and such by running the you-server connection over raw socket. However, as sal points out, the server will only be able to respond to the source address(es) of the packet so if you changed that to be the original client instead of you, you will never see the response.

As he further points out, there are routing issues also.

Sounds like you need to do this at the application layer. Have a protocol that says "this msg on behalf of xxx" and so on.

Cheers - VP