Im writing my Master-Thesis, and I have a small problem with my Implementation.
One part of the thesis, is to encrypt a network packet on PC A and send it to PC B. The reciever should now decrypt it and reinject it to the network stack, so that other application can work with the package.
For the first test case I used ICMP (request). Nftables are uses to filter the traffic, on System A, for outgoing packages. If there is an outgoing package which matches, I queue it with nft to userspace. My C-Application encrypts it, and sends it out with raw sockets . The package is received from PC B. On PC B I have a filter application, based on raw sockets. This application sees the incomming frame and decrypts it. When I check the result with wireshark, everything seems to be fine. Each bit of the decrypted frame equals the bits of ther original frame. Now the decrypted packet should be reinjected into the network stack. As I mentioned before, this is done by RAW-Sockets. I would expect now, that this reinjected package should be processed like a normal ICMP-Request packet. But this is not the case. The system receives the decrypted package, but no respond is send.
Is there any idea whats going worng? Is it possible to inject a packet with raw sockets into the own network stack?
In the last days I read something about TUN/TAP. would this be the right way to reinject my packages?
Thanks for your help!
Kind regards, Andreas
