[LARTC] Snooping

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I'm try to insert a snooping/modifying application in a network without changing the network. That is, I want to take a linux box with two ethernet ports and put it between two existing systems without changing the original IPs. So, I want to change (for example) this:

host(192.168.253.1)
         |
         |
target(192.168.253.2)

to:

host(192.168.253.1)
         |
         |
     snooper
         |
         |
target(192.168.253.2)

The snooper needs an interface to listen on (socket) that looks to the host like 192.168.253.2 and it needs to talk to the real target on 192.168.253.2. It's not a bridge, packets do not go from the host to the target, the snooper is It seems that it should be possible to do this with some combination of proxyARP, iptables and routing, any suggestions appreciated.

Jim

--

Jim Redman
(505) 662 5156 x85
http://www.ergotech.com

[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux