Solved

Packet Injector in C

Posted on 2004-08-20
3
267 Views
Last Modified: 2010-04-15
My question is simple yet it is urgent;

I am using Redhat Linux 8 with kernel 2.4.18 (original supplied). I will write a program that reads from and writes raw data to network interfaces. The method should be absolutely "raw";

As an example I should be able to;

- Get any arbitrary data from interface eth0 (as tcpdump does but without any formatting)
- Put any arbitrary data to interface eth0 (also without any formatting)

Also as a sub-question I should ask this;

How the system knows that one packet ends and the other packet starts, I mean how the data is separated as packets? Is there a terminator at the end of each packet ? When I program this application, how will my application know that when a packet terminates ?
0
Comment
Question by:Xephyr
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 1

Accepted Solution

by:
iagorubio earned 500 total points
ID: 11859987
Hi  Xephyr,

To get incoming packets you can use the libpcap library - also used by tcpdump - and to write raw data to the network device you can use the linet library, that supports packet wire injection.

http://www.tcpdump.org/ - libpcap
http://libnet.sourceforge.net/ - libnet

For your sub-question, as you're using raw packets you know you have 65.535 bytes each with header ( 65.515 of data ), you must set yourself the data terminator and let unused bytes as pad data.
0
 

Author Comment

by:Xephyr
ID: 11860086
Well I also had found out these two libraries on the net. I think they should do what I want, but I have to do something quickly. Any source code to begin with would be greatly appreciated. If the main code is supplied, I think I can do necessary additions. Any reference to a source that does the following;

- Get the packet from an interface (eth0 inbound for example)
- Inject the same packet without any modification back to this interface, but the data will not be sent over the line, it will be just re-injected back to eth0's inbound path. That means the system will receive the packet once again. (It is like choosing a packet that has arrived at the system and re-inject it back to system using Commview for Windows)

If I get this source code, I can write some custom additions to manipulate the data, the scheme I require could be depiceted as such;

---- > Packet #1 ----> Eth0 ----> System ----> Application
                                 |               ^
                              Pcap -------> |

This way the original packet will also arrive at the system, but it is not an issue since I could create some firewall rules to tell the system to drop it. Instead the system will receive the packet received by libpcap, manipulated by my code and re-injected back to system by Libnet.

I think it is a simple operation, but the problem is that I have never used these two libraries before. I think I can take care of the manipulation part using standard C libraries, but I have no knowledge on devices and low-level protocols to handle packet capture and packet injection.

So any source code I can compile right away to test whether it works  ?
0
 
LVL 22

Expert Comment

by:grg99
ID: 11863691
One way is to look at another packet-filtering application, like ipchains or ipfilter, source code available with any Linux distribution CD.

0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Problem with MFCApp 78 467
C hashtable library 3 113
Programming Arduino to control a Max7219 using C 2 157
Reactjs with .NET 3 124
Summary: This tutorial covers some basics of pointer, pointer arithmetic and function pointer. What is a pointer: A pointer is a variable which holds an address. This address might be address of another variable/address of devices/address of fu…
This is a short and sweet, but (hopefully) to the point article. There seems to be some fundamental misunderstanding about the function prototype for the "main" function in C and C++, more specifically what type this function should return. I see so…
The goal of this video is to provide viewers with basic examples to understand opening and reading files in the C programming language.
The goal of this video is to provide viewers with basic examples to understand and use conditional statements in the C programming language.
Suggested Courses

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question