How to captuare an IP packet, change its content and resend it on Linux?

Question

My question is:

How to captuare an incoming IP packet from a network interface, change its content and resend it from another network interface?

score 5 · Accepted Answer · answered Apr 03 '12 at 15:27

The choice is yours, there is no preference (and hence no "normal").

using libnetfilter_queue to deliver to userspace and do extensive modification there.
or an xtables module, also works (since it's called by NF anyway). Allows for sufficient fine-grained configuration with help from userspace.
nfhook module, if you must. All configuration you must implement yourself.
well and finally, if you like things that hurt, you might as well implement your own virtual NIC driver.

Kimvais · Answer 2 · 2012-04-03T16:04:03.283

3

The usual way of doing something like this is to create a netfilter hook module.

See this example for a quick start.

edited Apr 03 '12 at 16:04

answered Apr 03 '12 at 12:02

Kimvais

score 0 · Answer 3 · answered Apr 04 '12 at 11:19

0

You don't mention what you intend to change exactly, which makes it difficult to answer your question properly.

For content substitution on a router kind of device (guess), netsed might be the simplest approach available.

answered Apr 04 '12 at 11:19

marsch

3 Answers3