Can I make a "TCP packet modifier" using tun/tap and raw sockets?

Posted by benhoyt on Stack Overflow See other posts from Stack Overflow or by benhoyt
Published on 2010-04-19T02:46:45Z Indexed on 2010/04/19 2:53 UTC
Read the original article Hit count: 504

Filed under:
|
|
|
|

I have a Linux application that talks TCP, and to help with analysis and statistics, I'd like to modify the data in some of the TCP packets that it sends out. I'd prefer to do this without hacking the Linux TCP stack.

The idea I have so far is to make a bridge which acts as a "TCP packet modifier". My idea is to connect to the application via a tun/tap device on one side of the bridge, and to the network card via raw sockets on the other side of the bridge.

My concern is that when you open a raw socket it still sends packets up to Linux's TCP stack, and so I couldn't modify them and send them on even if I wanted to. Is this correct?

A pseudo-C-code sketch of the bridge looks like:

tap_fd = open_tap_device("/dev/net/tun");
raw_fd = open_raw_socket();
for (;;) {
    select(fds = [tap_fd, raw_fd]);
    if (FD_ISSET(tap_fd, &fds)) {
        read_packet(tap_fd);
        modify_packet_if_needed();
        write_packet(raw_fd);
    }
    if (FD_ISSET(raw_fd, &fds)) {
        read_packet(raw_fd);
        modify_packet_if_needed();
        write_packet(tap_fd);
    }
}

Does this look possible, or are there other better ways of achieving the same thing? (TCP packet bridging and modification.)

© Stack Overflow or respective owner

Related posts about tcp

Related posts about sockets