I have used netfiler_queue to create a NFQUEUE module for iptables that handles all outgoing UDP packets.
I want to modify all UDP packets that match a certain pattern, and reinject them into the network.
Here is some example code:
...
static int Callback( nfq_q_handle *myQueue, struct nfgenmsg *msg, nfq_data *pkt, void *cbData) {
uint32_t id = 0;
nfqnl_msg_packet_hdr *header;
if ((header = nfq_get_msg_packet_hdr(pkt))) {
id = ntohl(header->packet_id);
}
// Get the packet payload
unsigned char *pktData;
int len = nfq_get_payload(pkt, &pktData);
// The following is an example.
// In reality, it involves more parsing of the packet payload.
if (len && pktData[40] == ') {
// Modify byte 40
pktData[40] = 'Y';
}
// Pass through the (modified) packet.
return nfq_set_verdict(myQueue, id, NF_ACCEPT, 0, NULL);
}
...
int main(){
...
struct nfq_handle nfqHandle;
nfq_create_queue(nfqHandle, 0, &Callback, NULL)
...
return 0;
}
I am not allowed to share the full source code, so this example is made specifically for this question, I hope this example code is not too dumbed down.
The modified packet does not get reinjected into the stream. How would I inject the modified version of the packet?
Aucun commentaire:
Enregistrer un commentaire