Next Previous Contents

7. Advanced issues

7.1 Packet Mangling

After you intercept a packet, it is possible to change its header or contents before reinjecting it back. Here are a few rules you might need to keep in mind:

  • IP header checksum is always recalculated on injection
  • IP ID field is filled in for you if you leave it 0.
  • The length of the packet is updated for you.
All other parts of the IP header can be modified and its up to you to insure their sanity.

7.2 Injection with no interception

It is not necessary to intercept a packet in order to inject it. You can form your own packets and inject them into an open and bound divert socket. The header rules from above apply.

In addition, you need to pass to the divert socket a sockaddr_in structure (see example program), which will tell the socket where to inject. If you leave the structure 0-ed out or pass a NULL - the divert socket will attempt to inject the packet in the outbound direction (on the wire). If instead you fill the sockaddr_in structure with the address of one of the local interfaces, the divert socket will attempt to inject the packet inbound, as if it came from that interface. All addresses, of course, should be in network byte order.

Injection of packets that look like they are being forwarded by your host must include an address of the incoming interface (actually - any valid interface address will probably work).

7.3 Fragmentation

As of this reading, the divert sockets do not handle the defragmentation and fragmentation of diverted packets - you always get the fragments as they are on the wire and you should not inject fragments larger than PMTU. It is anticipated that the fragmentation/defragmentation capability will be added in the near future.


Next Previous Contents
Copyright © 2010-2024 Platon Technologies, s.r.o.           Home | Man pages | tLDP | Documents | Utilities | About
Design by styleshout