Reputation: 11
How to alter an Ethernet Packet (a packet that comes from the NIC)? Can I Use Netfilter Hooks?
I want to catch a packet before that packet come up tcp/ip layers and give it to user space with C++ and a UI.
How can I do this? Is Qt & Netfilter something that can do this?
Upvotes: 0
Views: 2841
Answers (3)
Reputation: 1
You can also use something called a Packet Socket. They are used to send or receive raw packets at Layer 2. So basically the packet will come directly to your program and you can implement your own layer 3 and 4 protocols over it. Check this official man page for packet socket.
http://man7.org/linux/man-pages/man7/packet.7.html
Upvotes: 0
Reputation: 11
You may use NFQUEUE and libnetfilter_queue.
iptables -t raw -I PREROUTING -p tcp -j NFQUEUE --queue-num 1
You can see an example in this site:
Upvotes: 0
Reputation: 5114
Qt is helpless there. What you need is to write an netlink NFQueue handler. When your packets are matched by a rule that says -j NFQUEUE, your userspace program will receive those packets, allowing you to accept, drop, or mangle (modify) the packet (only in the mangle table). If you can use GPLv2 libraries, you should use libnetfilter_queue to help you.
Note however, that the mac layer is not complete. This because the networking code need to support various device types, and some non-Ethernet devices do not have MAc addresses. On an Ethernet device, what you get is generally only the MAC address of the sender.
Upvotes: 3
Related Questions
- Intercept Ethernet packets before they reach kernel
- how to modify packet header(IP header, TCP Header) before the host send them into the network
- Modify header of a captured packet
- How to change packet before sending it to network card
- Add data to packet of a specific protocol
- Linux module for modify packets(Netfilter)
- How to append data on a packet from kernel space?
- Rewriting network packets on the fly using libnetfilter_queue
- How do I change incoming packet from NIC in C?
- Windows network packet modification