All geek questions in one place

Intercept traffic over the transport layer

Firstly, I am relatively new to network programming. I want to intercept and delay HTTP traffic before it gets to the server application. I delved into libnetfilter_queue, which gives me all the information I need to delay, but at a too low level. I can delay the traffic there, but if I do not accept IP datagrams almost immediately (so I send them to the stack when I want to postpone them), they will be indignant (when the ACK does not come), which I do not want.

I do not want or should deal with TCP, but only the payload that it delivers. So my question is how to intercept traffic on a specific port before it is assigned, but after TCP has confirmed and verified it?

thanks

Edit: Hope this is obvious from the tag and libnetfilter_queue is for Linux

+3
source share
2 answers

Remove connections through an HTTP proxy. Google is a good way to do this if you can’t just install HTTP_PROXY on the client or configure your filter that works with the IP number and port number of the current server, moving the real server to a different IP address.

Thus, the actual TCP connections are between the client and you, and then from you to the server. Then you do not need to deal with ACK, because TCP always sees a completed mission.

edit: I see that comments on the original have already come up with this idea, using iptables to redirect traffic through a transparent proxy process on the same computer.

+1

, , , , .

() , - , , , localhost. , , ( , , !). - ?

, ? HTTP- - , ? , , , NAT, .

0

Source: https://habr.com/ru/post/1724329/

More articles:


All Articles