|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Any way to automatically change arbitrary headers of IP packets on-the-fly?
Valdis.Kletnieks
vt.edu
Date: Thu Apr 14 2005 - 00:23:31 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Mon, 11 Apr 2005 19:39:25 -0300, =?ISO-8859-1?Q?Jo=E3o_Paulo_Caldas_Campello?= said:
> I've already read Netfilter documentation (specially the "Linux
> netfilter Hacking HOWTO") so I know this kind of packet mangling can
> be done in userspace. I thought it could be done in the "MANGLE" table
> of netfilter, but I found no TARGET that achieves that nor any
> documentation about altering arbitrary IP headers.
Currently, iptables doesn't seem to support that, probably to keep you from
shooting yourself in the foot. Consider for example how fast the kernel will
fold up if you change that first nybble of the packet from an x'4' to an x'6'
without changing the rest of the packet to match. Suddenly, that sk_buff is
a lot too short.. ;)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFCXf5QcC3lWbTT17ARAkyuAJ9yZWwjXhwJuQUteFxWnLLvuUockACg/eUc
O/mynKyCwewOMpPuEOPfGZI=
=o1nc
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]