Packet Manipulation advice request.
This is a discussion on Packet Manipulation advice request. within the Linux Security forums, part of the System Security and Security Related category; Hi, I'm looking for a mechanism which would enable me to manipulate the payload of a known UDP packet. ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
08-09-2004
|
|||
|
|||
Packet Manipulation advice request.
Hi,
I'm looking for a mechanism which would enable me to manipulate the payload of a known UDP packet. Ideally I'm looking for solutions that maybe already available, not sure whether IPTables could be used. Here's the scenario. I have a dual-homed Linux gateway. The gateway will be looking for a certain packet/s on one of its interfaces. On receipt of the packet it will manipulate the payload of the packet by replacing current padding within the payload with some other data. It will then send the packet out of it's other interface to the intended recipient. If I had the time I'd probably implement my own IPTables type of approach but as with most things I needed to have done this by yesterday. Is it possible to use iptables/netfilter to perform the task? Identifying the packet is no problem its simply the payload manipulation I'm really concerned with. 
|
|
08-09-2004
|
|||
|
|||
|
Re: Packet Manipulation advice request.
richardbs2000@yahoo.co.uk (Richard Stone) wrote in message news:<b0ea5a30.0408090237.54e710b1@posting.google. com>...
> Hi, > I'm looking for a mechanism which would enable me to manipulate the > payload of a known UDP packet. Ideally I'm looking for solutions that > maybe already available, not sure whether IPTables could be used. > > Here's the scenario. > I have a dual-homed Linux gateway. The gateway will be looking for a > certain packet/s on one of its interfaces. On receipt of the packet it > will manipulate the payload of the packet by replacing current padding > within the payload with some other data. It will then send the packet > out of it's other interface to the intended recipient. > > If I had the time I'd probably implement my own IPTables type of > approach but as with most things I needed to have done this by > yesterday. > > Is it possible to use iptables/netfilter to perform the task? > Identifying the packet is no problem its simply the payload > manipulation I'm really concerned with. Off the top of my head ... It sounds like you need a proxy on the GW to handle these packets -- netfilter will handle headers and the like, but to read _and_ rewrite the payload you're going to have to roll your own. BTW, by rewriting the payload you'll also need to recalculate the crc of the FCS. Then, of course, what is the listener on the other end going to do with this munged payload? Sounds like you'll need a proxy at that end also unless you have reason to believe it can properly handle "arbitrary" payloads by parsing out the munged part or blindly accepting whatever it is sent. Perhaps there is a better way to accomplish your needs? hth, prg email above disabled
|
Linear Mode
