Date: Tue, 19 Jan 2010 17:28:19 +0300 From: q q <lsimakov@gmail.com> To: Max Laier <max@love2party.net> Cc: freebsd-hackers@freebsd.org Subject: Re: Q:possibility PFIL+mbuf use for packet spawning Message-ID: <e78f41ed1001190628m9096452o208909c156282c9b@mail.gmail.com> In-Reply-To: <e78f41ed1001190625n1d98eb4dp8a6fd79830742383@mail.gmail.com> References: <e78f41ed1001150326t5df1a5bam4be5bc49492a57e5@mail.gmail.com> <201001151711.23061.max@love2party.net> <e78f41ed1001190625n1d98eb4dp8a6fd79830742383@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Error: line And server got message:"Test Message.Qnd message" should read
as line
And server got message:"Test Message.G\0d message".
Sent you last logs, big Apologises :(
2010/1/19 q q <lsimakov@gmail.com>
>
> I coded all checksum calculations code. All works ok when i just modifying
> data of packets(like all T letters to Q letters)
>
> But now i get some strange error:
> packet1: TestMessage.
> packet2: 2nd message
>
> im using on first packet only next code(data is a pointer to char* from
> mbuf containing strings):
>
> TEST[0]='G';
> TEST[1]='\0';
> int res=m_append(*m,2,TEST);
> m_fixhdr(*m);
> printf("res cames from m_append:%d \n",res);
> printf("new data string is %s \n",data);
> iph->ip_len+=2;//modifying IP header length
>
> Then recalculatin IP and TCP cheksums(correctly seems because network
> doesnt drop packets)
>
> And server got message:"Test Message.Qnd message" As well server reply with
> ACK=25. So seems no new chars were added.
> Seems like im overwriting 2nd packet. But why this happening?
>
> Thank you :)
>
> Yours, Qspirit.
>
> PS sorry Max for double mail, forgot to add cc hackers.
>
> 2010/1/15 Max Laier <max@love2party.net>
>
>> On Friday 15 January 2010 12:26:06 q q wrote:
>>
>> > I'm using pfil as packet filter for packet modifications.
>> >
>> > Is it possible to spawn new packets to network from pfil using mbuf?
>>
>> You can call into ip_output with a new mbuf to send a new packet. See for
>> example pf_send_tcp in contrib/pf/net/pf.c
>>
>> > Another question: im using m_append to change packet length and add
>> > data(its working, at least server got longer message) but when i
>> wireshark
>> > clients packets(win machine) i see that i got acknoledge on older
>> length
>> > not on new one. Am i missunderstanding something?
>>
>> Assuming you are talking about tcp packets (otherwise there wouldn't be an
>> ack), you have to alter the tcp header, checksums, etc. as well. Just
>> adding
>> data doesn't work.
>>
>> Regards,
>> --
>> Max
>>
>
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?e78f41ed1001190628m9096452o208909c156282c9b>