1

I need to create a moderatly large application that changes the content of forwarded packets quite drastically. I was wondering whether or not I could alter the content of a packet that is intended for routing (kind of performing a man in the middle) using a userspace application based around something like queues from nft or iptables.

all that i've seen in the documentation revolves around accepting or dropping the packet and not altering it's content, and i've read somewhere that the library that is in charge of the queues only copies the packets from kernelspace and thus renders me unable to alter them, but i was wondering maybe I was missing something or there was a known hack about doing something of the sort.

i'd really appriciate your input and thanks a bunch.

Archop
  • 11
  • 3
  • example showing it can be done there: https://stackoverflow.com/questions/27293924/change-tcp-payload-with-nfqueue-scapy . Depending on your needs you might consider a transparent proxy instead using TPROXY: https://www.kernel.org/doc/Documentation/networking/tproxy.txt, this way you won't have to maintain internal "deltas" between the states of incoming and changed packets in a stream. – A.B Mar 10 '18 at 15:46

0 Answers0