Re: [tcpdump-workers] Can libcap be used as a packet interceptor?
On Wed, May 12, 2010 at 1:41 PM, Eloy Paris wrote: > > libdnet's firewall interface is a great idea. Unfortunately, libdnet's > support for modern Linux firewall capabilities is non-existent. It seems > like libdnet was never updated for iptables, which replaced ipchains in > Linux 2.4, and is what is used today. > Although, if the program only needs to run on Linux, you could interface with iptables directly without going through an abstraction library. - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Re: [tcpdump-workers] Can libcap be used as a packet interceptor?
Hi Aaron, On 05/12/2010 01:13 PM, Aaron Turner wrote: [...] Look at libdnet. It has a cross platform API to modify the firewall rules on various OS's to drop packets. libdnet's firewall interface is a great idea. Unfortunately, libdnet's support for modern Linux firewall capabilities is non-existent. It seems like libdnet was never updated for iptables, which replaced ipchains in Linux 2.4, and is what is used today. Because of this, building libdnet in a modern Linux environment will use src/fw-none.c as the implementation of libdnet's firewall API, which basically returns ENOSYS for all API functions :-( I don't think it would be hard to add support for iptables, but I haven't had a strong-enough need to want to tackle that myself. Cheers, Eloy Paris.- netexpect.org - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Re: [tcpdump-workers] Can libcap be used as a packet interceptor?
On Tue, May 11, 2010 at 5:25 PM, WANGRUNGVICHAISRI, SHIVESH wrote: > Hi, > > > > If I want to write an application that prevents any TCP packets from > being sent to a localhost web server, may I use libpcap for this > purpose? > > > > To put the question differently, is libpcap: > > > > 1) an observer of the packet traffic (not what I'm looking for, > since packets will still be sent to the localhost web server). > > 2) or does it actually sit in between all packet traffic? (this is > what I'm looking for since I can then drop the packets that I want to > drop). > > > > Thank you for your kind attention, > Look at libdnet. It has a cross platform API to modify the firewall rules on various OS's to drop packets. -- Aaron Turner http://synfin.net/ Twitter: @synfinatic http://tcpreplay.synfin.net/ - Pcap editing and replay tools for Unix & Windows Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. -- Benjamin Franklin "carpe diem quam minimum credula postero" - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Re: [tcpdump-workers] Can libcap be used as a packet interceptor?
libpcap is only packet observer, it can not drop the packets. Prasanna Kumar.N, Software Engineer, IMImobile Plot 770, Rd. 44 Jubilee Hills, Hyderabad - 500033 M +91 916358 T +91 40 2355 5945 - Ext: 220 www.imimobile.com = This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error, please notify the sender immediately by e-mail and delete this e-mail from your system. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Finally, the recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any attachment with this email. IMImobile, Plot No:770, Road No : 44, Jubilee Hills, Hyderabad, India, 500033. www.imimobile.com == This e-mail message has been scanned for Viruses and Content and cleared by Symantec Mail Security -Original Message- From: tcpdump-workers-ow...@lists.tcpdump.org [mailto:tcpdump-workers-ow...@lists.tcpdump.org] On Behalf Of WANGRUNGVICHAISRI, SHIVESH Sent: Wednesday, May 12, 2010 5:55 AM To: tcpdump-workers@lists.tcpdump.org Subject: [tcpdump-workers] Can libcap be used as a packet interceptor? Hi, If I want to write an application that prevents any TCP packets from being sent to a localhost web server, may I use libpcap for this purpose? To put the question differently, is libpcap: 1) an observer of the packet traffic (not what I'm looking for, since packets will still be sent to the localhost web server). 2) or does it actually sit in between all packet traffic? (this is what I'm looking for since I can then drop the packets that I want to drop). Thank you for your kind attention, S. - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe. - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
[tcpdump-workers] Can libcap be used as a packet interceptor?
Hi, If I want to write an application that prevents any TCP packets from being sent to a localhost web server, may I use libpcap for this purpose? To put the question differently, is libpcap: 1) an observer of the packet traffic (not what I'm looking for, since packets will still be sent to the localhost web server). 2) or does it actually sit in between all packet traffic? (this is what I'm looking for since I can then drop the packets that I want to drop). Thank you for your kind attention, S. - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
