Date: Mon, 27 Aug 2007 09:55:50 +1000 From: Norberto Meijome <freebsd@meijome.net> To: Alexander Motin <mav@FreeBSD.org> Cc: FreeBSD Net ML <freebsd-net@freebsd.org> Subject: Re: Netgraph node to replace packet contents? Message-ID: <20070827095550.0be62785@localhost> In-Reply-To: <46D17813.8090205@FreeBSD.org> References: <1188123847.00792375.1188111626@10.7.7.3> <46D17813.8090205@FreeBSD.org>
index | next in thread | previous in thread | raw e-mail
On Sun, 26 Aug 2007 15:54:43 +0300
Alexander Motin <mav@FreeBSD.org> wrote:
> Hi.
>
> Norberto Meijome wrote:
> > is there any already existing Netgraph node that would allow me to replace bytes in the data part of a packet? I'm talking about generic "foo" for "BAR" replacement, though different lengths would be good too.
>
> There is no such node.
>
> This is not an easy task to alter some abstract packet. Even in
> simpliest case you should take into account TCP/UDP checksumms.
Yes, of course.
> There
> could be problems with fragmented packets. In more complicated cases may
> be required other modifications.
yes..i had thought of this
>
> To replace string with different length one you should also correct
> packet length. It is possible for UDP (except for the not first packet
> fragments), but for TCP it is probably completely impossible without
> doing complete TCP proxying to modify sequence numbers.
yes, TCP keeps rearing its problematic head ;)
Anyway, thanks a lot for the insights :)
B
_________________________
{Beto|Norberto|Numard} Meijome
Law of Conservation of Perversity:
we can't make something simpler without making something else more complex
I speak for myself, not my employer. Contents may be hot. Slippery when wet. Reading disclaimers makes you go blind. Writing them is worse. You have been Warned.
home |
help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070827095550.0be62785>