Reputation: 2980
Drop captured packet
The project I am working has the requirement of dropping captured packets. I am successfully captuing packets with the use of libpcap like so,
pcap_loop(handle, num_packets, got_packet, NULL);
Where in the callback function I capture the given number of packets in the num_packets argument. My requirement is to drop the captured packets.
I tried checking for help and ended up empty handed. Any reference of code snippets to perform this requirement of dropping captured packets via libpcap is much appreciated. :)
EDIT
Alternative suggestions are welcome if this is not possible via libpcap.
NOTE that before dropping the packet I need to obtain the destination/ source ip address and payload of the packet to be dropped.
Upvotes: 0
Views: 698
Answers (1)
Reputation: 74028
I don't know, if there's a library. Libpcap is for network packet capture only, AFAIK.
From my limited knowledge, I would say dropping a packet is just ignoring or not forwarding it. However this is not done in some program, but the kernel's network stack.
You can accomplish this, by defining appropriate rules in netfilter. There, you will also find libnftnl, which allows to communicate with the Linux netfilter subsystem. But as I read it, you can only define rules and not drop individual packets.
Upvotes: 1
Related Questions
- How to deliberately lose packets originating from an executable
- packet capture c code doesn't terminate showing number of packets captured
- create PCAP file for captured packet in c
- Drop sniffed packet on matching content
- How to drop tcp packet in linux kernel but do not receive again and again?
- Drop packet with libpcap
- stop capture data with libpcap and save it in a file
- How to capture packets with netfilter?
- Packet capturing with C in Windows
- capture packets then drop packet IPS system