Hi All, I am a beginner user of tcpdump. What I want to do is to write my own version of tcpdump (or just extend it) to drop/reject network packets. AFAIK, tcpdump and libpcap can only sniff packets. Is there any available tool to do this?
I am aware of netfilter's iptables and ebtables, but they only work if the packets reach INPUT, FORWARD, or OUTPUT stage in the routing process. What I need to do is sniff the packet directly (like what tcpdump does), and drop it right away if it matches my specified pattern, e.g. source, destination, port number, etc. Any help is highly appreciated! Thank you very much! -- Kind regards, Rahmadi Trimananda _______________________________________________ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
