Hi Kifah, I tried doing something similiar a little while ago and couldn't find any good ways to stop the packets from getting to the network stack. I found two possible ways, one was to catch them at the kernel level using a LKM(loadable kernel module), and the other was to use iptables to drop them and since libpcap captures them before iptables drops them you can retransmit the packets. I cant remember the name of the library to interact with iptables but if you need it email me offline and i'll look it up, i'm in class right now. And if you find a better way let me know.
john fastabend On Sun, 2 Nov 2003, Kifah Abbad wrote: > Hi all, > > i am currently doing my thesis, and i have about 70 days to go. > > Well as part of my thesis i need to do something looking like this: > > I have 2 ipsec-bridges (openbsd 3.3) conntected together, both > standing infront of 2 clients who wanna communicate.(clients are > windows-xp) > > [client1]-----[ipsec-bridge-1]-------------[ipsec-bridge-2]----[client2] > > Now the scenario is: client-1 wants to communicate with client 2 (say > open a telnet connection). > for each packet happens the following on ipsec-bridge-1: > > 1. Capture all packets coming from Client1 to client2.(thats not > making a copy of the packet, but actually grabbing it) > > 2.Add a string (security label, clearance) to each packet. ( let's say > "securitystage1") > > 3. "shove" packet into the IPSEC tunnel (connected to ipsec-bridge-2) > > > Now i have been trying to find a c-library or soution to get step 1 > and 2 to work...which lead me to "libpcap"...but there are hardly any > examples where the packets are actually captured and then changed > (mnipulated). Most things i found are about generation of packets, or > capturing "copies" of packets and watching the. (tcpdump). > > How would i realize this solution? any code examples? is there a good > code-protal to search for such things? > > thanks > > - > This is the TCPDUMP workers list. It is archived at > http://www.tcpdump.org/lists/workers/index.html > To unsubscribe use mailto:[EMAIL PROTECTED] > -- -- "Dependence on computers is apparently making a significant fraction of the population incurably stupid." -- Fritz Whittington - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:[EMAIL PROTECTED]
