On Thu, 2005-10-27 at 12:25 +0200, Marcin Giedz wrote: > Dnia czwartek, 27 października 2005 12:04, Oskar Andreasson napisał: > > Hi Marcin, > > > > iptables and netfilter will not do the job, unless you are willing to > > sacrifice stability and security. The problem is that the strings that > > netfilter will see are broken down into smaller pieces. So the string > > "iptables and netfilter" might actually be transmitted as "iptables and" > > and then "netfilter" in a separate packet. On top of this, people might > > try to intentionally break your filters by fragmenting the above string > > into "i", "p", "t", ... etc packets. > > > > The good thing to do in this case, is to wait until the TCP stream has > > reached the application layer and has been reassembled properly. Hence, > > you will want to either write your own proxy, or to use someone elses > > proxy. > > > > If you want to use it, I just uploaded a tunnel/proxy program to > > http://www.frozentux.net/stunnel.tgz. This is an unfinished program I > > started on a couple of years ago. It is written in C. It is horribly > > coded and pretty much sucks, but it has no memory leaks and might serve > > as a starting point. > > Great!!! Really thanks but I just can't reach your program - above address > doesn't work :( Could you please do something or send the program on my > private mail. > Sorry about that, I got an urgent task on my desk and forgot to upload the file:). It's uploaded now. Do note that this is just a very ugly framework really, you need to do all the parsing etc on your own, and I have a bad habit of not commenting work in progress projects... =) > Thanks once again, > Marcin > > > > > Have a nice day;). > > > > On Thu, 2005-10-27 at 11:40 +0200, Marcin Giedz wrote: > > > Dnia czwartek, 27 października 2005 11:09, Ruprecht Helms napisał: > > > > Marcin Giedz wrote: > > > > > I don't get it :( > > > > > How with tcpdump as tcpdump is only dump traffic tool - as I know it > > > > > can't change anything or I'm wrong? > > > > > > > > You are right. As I know it only dump. > > > > What you need is a hexeditor or you are looking for a tool that do > > > > hexediting in the fly. > > > > > > Absolutely! > > > > > > > But that is offtopic in this list. > > > > > > But I really don't know where to start? Perhaps some did it earlier. > > > > > > Marcin > > > > > > > Regards, > > > > Ruprecht
Attachment:
signature.asc
Description: This is a digitally signed message part