Reading and manipulating traffic between two ethernet nodes

Question

I have two machines, directly connected via LAN cable. Each has their own IP, and they are communicating in their own VLAN.

10.10.10.99/25 for machine #1, 10.10.10.16/25 for machine #2, vlan 0x50. I cannot change any of the IPs, netmasks, vlans.

The goal is to route or rather bridge (L2) everything that is running between both nodes, except for one thing: '#1' is sending a certain frame to '#2', I want to change the content of this frame. Or, if changing is not possible, have this specific frame dropped and send my own frame from a machine in the middle, with two ethernet interfaces.

I think that bridging is the correct term here, because routing would include layer3 and it would also mean that the machine in the middle has two different IPs at its interfaces.

I am used to setting up routers and vlans etc, but I never used bridging. At first I configured a switch to get rid of the VLAN tags, to simplify my problem. Then I configured the switch to send all the traffic to a mirror port, in order to make sure that that specific frame is there. WireShark says: It is there. Now I have two distinct ports, taking care of the tags, connected to two distinct ethernet ports on a linux vm.

So, what do I need in this case? How would I configure a setup like that, and how is this even called?

I can program in C, and perl, also some python.

Answer 1

Moving packets between two different subnets is called routing. A bridge is a layer 2 device only.

The technique you are talking about is the man in the middle attack. There are a lot of variation and application. You can simple search for you end goal and someone has probably written it and you can find some examples.

https://en.m.wikipedia.org/wiki/Man-in-the-middle_attack

Also note most people use different techniques on the network to fool the target in sending packets to a different destination then the man in middle attack and proceed.