7. Advanced issues
7.1 Packet Mangling
After you intercept a packet, it is possible to change its header or contents before reinjecting it back. Here are a few rules you might need to keep in mind:
- IP header checksum is always recalculated on injection
- IP ID field is filled in for you if you leave it 0.
- The length of the packet is updated for you.
7.2 Injection with no interception
It is not necessary to intercept a packet in order to inject it. You can form your own packets and inject them into an open and bound divert socket. The header rules from above apply.
In addition, you need to pass to the divert socket a sockaddr_in
structure
(see example program), which will tell the socket where to inject. If you
leave the structure 0-ed out or pass a NULL - the divert socket will attempt
to inject the packet in the outbound direction (on the wire). If instead
you fill the sockaddr_in
structure with the address of one of the local interfaces,
the divert socket will attempt to inject the packet inbound, as if it came from
that interface. All addresses, of course, should be in network byte order.
Injection of packets that look like they are being forwarded by your host must include an address of the incoming interface (actually - any valid interface address will probably work).
7.3 Fragmentation
As of this reading, the divert sockets do not handle the defragmentation and fragmentation of diverted packets - you always get the fragments as they are on the wire and you should not inject fragments larger than PMTU. It is anticipated that the fragmentation/defragmentation capability will be added in the near future.
Next Previous Contents