Hi people, Firstly, I'll explain what I'm aiming to do. I need to intercept network packets sent by a VirtualBox Guest OS, to log the information(and do some transformation) if the communication is ocurring between two guest OSs running over VBox. But I want to intercept it before it pass through the TCP stack.
So, my first solution was to read the VBox source code and find out how are made the network calls into vbox. If I'm not wrong, it's a task made by slirp, in the source code "vbox/src/VBox/Devices/Network/slirp/tcp_output.c" at "tcp_output" function. Then, to intercept the call to memcpy() made by "tcp_output" function, I'm using an interposition of memcpy, that logs the calls, gathering useful data to my logger. OK, let's directly to the problem. The interception is OK, but I'm having some trouble to identify precisely what is a tcp operation and what is not. I'm trying to identify a tcp header comparing the size of the tcphdr struct with the data being written with memcpy(), but it's not totally secure. Does anybody have some idea of how can I do this? regards, stumm. _______________________________________________ vbox-dev mailing list [email protected] http://vbox.innotek.de/mailman/listinfo/vbox-dev
