Re: Help!! How to steal UDP traffic?

[George Alexandru Dragoi <waruiinu@gmail.com>]

Why not MARK-ing it with iptables and send it to the tunnel with iproute ? 


On Mon, 24 Jan 2005 22:12:04 -0200 (BRST), Guilherme Cesar Soares
Ruppert <ruppert@las.ic.unicamp.br> wrote:
> 
> 
>   Hi everyone, please I need some help!!
> 
>   I'm developing a program that needs to intercept an UDP traffic generated
>   locally by another application. It's like a tunnel. My program will steal the
>   outgoing packets from the application (in the same machine) and will send to
>   a tcp tunnel.
> 
>   I am using Libipq to do that, but I have a BIG problem. After send the UDP
>   packets to my tunnel, I need to DROP the packets because I don't want them to
>   be sent over the network. So I am doing:
>   ipq_set_verdict(handle, m->packet_id, NF_DROP, 0, NULL);
> 
>   But the problem is that when I drop the packet, the application that
>   generated the packet remains blocked in sendto() until the packet is
>   accepted. When I change to NF_ACCEPT, the application doesn't block but the
>   packets are sent to the network and I don't want it.
> 
>   How could I drop a packet silently, without blocking the application? Is
>   there any way to intercept outgoing packets locally without let the
>   applications notice that their packet were stolen?
> 
>   Here is the same example using netcat:
>   $ iptables -A OUTPUT -p udp -j QUEUE
>   $ echo "Test" | nc -n -u 10.1.1.23 800
>   And this last remains blocked, not returning to shell.
> 
>   I tested will ping (icmp echo) also and the same happened, but ping didn't
>   block. Instead, it said "operation not permitted".
> 
>   Please give me some hope!!! :-)
> 
>   Thanks
> 
>   Guilherme Ruppert
> 
> 


-- 
Bla bla