Hi all, Sorry for this elementary question, but I am new to the world of packet modification. I browsed the recent netfilter-devel archives and couldn't find much on this topic. I am trying to modify TCP packets in userspace. I know it is inefficient to do it in userspace, but I just need a prototype to test for now. I couldn't find much documentation on doing this, except for the documentation on the following URL, the nfqnl_test.c file and some modifications on some mailing lists: http://www.nufw.org/doc/libnetfilter_queue/ I have gotten this far: 1. Have set up iptables rules to send the TCP packets I want to intercept down a NFQUEUE queue. 2. Am able to use nfqnl_test.c to receive and print out packet info. 3. Used netinet/tcp.h and sample code to check TCP headers 4. Able to print out TCP payload using TCP and IP header information 5. Able to modify the TCP payload (or at least the copy) However, the modified packets are not really being transmitted! I assume this is because I am getting a copy of the packets or the packet data. Other than getting/setting the TCP and payload data, the rest of the code to intercept the packet is still the basic nfqnl_test.c code. How do I actually modify the packet in userspace so that it is sent out over the network? Also, if I modify the TCP packets and add more data to the payload, what would I change? I assume that I would only have to change the following: - TCP payload length - Checksum - IP length (?, would I have to touch this field) Is there anything else that I am not thinking of? By the way, the documentation available out there is a little hard for a newcomer to the world of iptables/netfilter. I'm getting a little lost with all the talk about libipq, libiptc, etc. Is there any documentation on the history of iptables/netfilter and which libraries have been retired or are still active? Sorry for this long e-mail. Thank you, Suman -- Falun Gong: www.falundafa.org | www.faluninfo.net Peaceful meditation faces persecution in mainland China -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
