Hi everyone, please I need some help!!
I'm developing a program that needs to intercept an UDP traffic generated locally by another application. It's like a tunnel. My program will intercept the outgoing packets from the application (in the same machine) and will send to a tcp tunnel.
I am using Libipq to do that, but I have a BIG problem. I need to DROP the packet because I don't want these UDP packets to be sent over the network. So I used:
ipq_set_verdict(handle, m->packet_id, NF_DROP, 0, NULL);
But the problem is that when I drop the packet, the application that generated the packet remains blocked in sendto() until the packet is accepted. How could I drop a packet silently, without blocking the application?
The same happens with NFS. For example:
$ iptables -A OUTPUT -p udp -j DROP
$ /etc/init.d/nfs start
Starting NFS services: [ OK ]
Starting NFS quotas: Cannot register service: RPC: Unable to send; errno = Operation not permitted
rpc.rquotad: unable to register (RQUOTAPROG, RQUOTAVERS, udp).
[FAILED]
Starting NFS daemon: [FAILED]
Starting NFS mountd: Cannot register service: RPC: Unable to send; errno = Operation not permitted
[FAILED]
How can I intercept outgoing packets locally without let the applications know about it?
Thanks
Guilherme Ruppert
