I want to make a device "tunnel box" that you plug an input ethernet line, and an output ethernet line, and all the traffic that goes through it gets modified in a special way. This is similar to how a firewall, IDS, VPN, or similar boxes are connected inline in a network. I think you can just assume that I am writing a custom VPN in Python for the purpose of this question:

LAN computer <--\
LAN computer <---> [LAN switch] <--> ["tunnel box"] <--> [internet modem] <-->
LAN computer <--/

My question is, what is a good way to program this "tunnel box" from python? My application needs to see TCP flows at the network layer, not as individual ethernet frames. Non-TCP/IP traffic such as ICPM and other types should just be passed through.

Example Twisted-like Code for my "tunnel box" tunnel appliance:

from my_code import special_data_conversion_function

class StreamInterceptor(twisted.Protocol):
    def dataReceived(self,data):
        data=special_data_conversion_function(data)
        self.outbound_connection.send(data)

My initial guesses:

• TUN/TAP with twisted.pair.tuntap.py - Problem: This seems to only work at the ethernet frame level, not like my example?

• Socks proxy - Problem: Not transparent as in my diagram. Programs have to be specifically setup for it.

Thanks!