-4

Greets,

I have a CentOS installed as a gateway, and some clients connect to internet via this gateway(NAT).

Now I want to insert some string to each webpage that clients requested. How to achieve this? netfilter, winpcap or something else ?

Any comments will be appreciated:-)

xYZ
  • 107
  • 1
  • 9
  • You want to inject Application Layer information to the network packet ?, so need to open till you reach the application layer , modify it and then repack it. – Amir Naghizadeh Nov 26 '12 at 06:29

2 Answers2

1

Ideally, don't. Doing this blindly will break a lot of web pages, especially ones which make heavy use of AJAX. (Because your inserted strings will end up in places where they will cause errors, like JSON responses.)

If you must, the term for what you're trying to do is "transparent proxying". Squid supports this: http://wiki.squid-cache.org/SquidFaq/InterceptionProxy

  • 1
    +1 Agree. You cannot successfully modify HTTP responses for all cases, and you will break a lot of things. What will you do for HTTPS, which you cannot decrypt? What about AJAX calls over HTTP that return XML or JSON, as @duskwuff suggested? – Jim Garrison Nov 26 '12 at 06:24
0

Modifying the response content requires something that knows how to parse and correctly change that content. That means you can't do it at the packet layer (layer 3, where NAT is also implemented) but you need something at the application layer (layer 7). Application level gateways are usually called proxies :-)

And since this question is actually in the wrong forum I will stop answering for now :-) Please move it to i.e. Server Fault.

Community
  • 1
  • 1
Sander Steffann
  • 9,509
  • 35
  • 40