ok, I see what radar is doing... Most of the "magic" is going to happen in
a perl script that he is piping the stream into. His tcpdump and stdbuf all
pretty much give the same stuff as the ngrep/sed stuff I have been trying
to use (spread across multiple lines still) and then he has a perl script
that glues them all together.
I already wasn't super thrilled about having to run the helper script
outside the driver to sniff the data, and I really want to avoid a third
I am brushing up on my iptables... hoping that some combination of a TEE
and a DNAT or REDIRECT can sniff off the relevant stream and change the
dest ip/port. That then feeds into the interceptor driver as normal. If I
cant get that to work, I am thinking about bringing in the libpcap stuff I
had added to my hackulink driver and eliminating the helper script all
If I got the libpcap working, is that something we'd be interesting in
bringing into the driver itself?
On Saturday, October 15, 2016 at 3:04:22 PM UTC-5, mwall wrote:
> On Saturday, October 15, 2016 at 12:21:13 PM UTC-4, Jerome Helbert wrote:
>> Two things here...
>> 1. I need some way to get ngrep or tcpdump to piece together the http
>> stream properly... I tried to use sed, but since sed operates on a line
>> line basis - it is not very easy (if possible) for it to remove
>> have you tried radar's approach with stdbuf and strings? once the
> fragments are reassembled, you should be able to send the data along using
>> 1. I seem to have found a bug with the version reporting... since it
>> reported a different version than what was in it the bridge went into
>> reprogramming mode and would *not* leave until it updated firmware
>> (undid the DNS Hijack, etc and let it re-update to 224 even though it was
>> already at that version)
>> there is an (untested) fix for this at commit b27acc1 (interceptor driver
> firmware_version = 224
You received this message because you are subscribed to the Google Groups
To unsubscribe from this group and stop receiving emails from it, send an email
For more options, visit https://groups.google.com/d/optout.