Packet processing---application level or kernel level
Posted on 2003-03-26
I have a project to develop a firewall with NAT..i want to receive the pkts from all interfaces of my machine, check the rulebase, NAT if reqd(that includes changing IP/TCP headers), send the pkt to the desired interface.....i am not able to conclude that should i do this at the application level or at the kernel level?
If i use sockets(or libpcap) at the application level, is it possible to alter the packets??Is it true that using sockets i'll just be able to get the packet copy and not the original packet??or i have to necessary program at the kernel level to make changes in the packet headers?If at the kernel level, could you guide me how to start as i am totally new to kernel programming..
Thanx in advance,