Date: Mon, 27 Aug 2007 09:55:50 +1000 From: Norberto Meijome <freebsd@meijome.net> To: Alexander Motin <mav@FreeBSD.org> Cc: FreeBSD Net ML <freebsd-net@freebsd.org> Subject: Re: Netgraph node to replace packet contents? Message-ID: <20070827095550.0be62785@localhost> In-Reply-To: <46D17813.8090205@FreeBSD.org> References: <1188123847.00792375.1188111626@10.7.7.3> <46D17813.8090205@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 26 Aug 2007 15:54:43 +0300
Alexander Motin <mav@FreeBSD.org> wrote:
> Hi.
>
> Norberto Meijome wrote:
> > is there any already existing Netgraph node that would allow me to replace bytes in the data part of a packet? I'm talking about generic "foo" for "BAR" replacement, though different lengths would be good too.
>
> There is no such node.
>
> This is not an easy task to alter some abstract packet. Even in
> simpliest case you should take into account TCP/UDP checksumms.
Yes, of course.
> There
> could be problems with fragmented packets. In more complicated cases may
> be required other modifications.
yes..i had thought of this
>
> To replace string with different length one you should also correct
> packet length. It is possible for UDP (except for the not first packet
> fragments), but for TCP it is probably completely impossible without
> doing complete TCP proxying to modify sequence numbers.
yes, TCP keeps rearing its problematic head ;)
Anyway, thanks a lot for the insights :)
B
_________________________
{Beto|Norberto|Numard} Meijome
Law of Conservation of Perversity:
we can't make something simpler without making something else more complex
I speak for myself, not my employer. Contents may be hot. Slippery when wet. Reading disclaimers makes you go blind. Writing them is worse. You have been Warned.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070827095550.0be62785>