Go Back   TechArena Community > Software > Software Development
Become a Member!
Forgot your username/password?
Tags Active Topics RSS Search Mark Forums Read

Reply
 
Thread Tools Search this Thread
  #1  
Old 07-11-2008
Member
 
Join Date: Oct 2008
Posts: 83
how can I modify the network packet payload?

I captured the packets I'm sending out by "iptables -A OUTPUT -j QUEUE" And use C code with libipq to parse the packet structure, and change every character into '!' as below:

ipq_packet_msg_t *m = ipq_get_packet(buf);
struct iphdr *iph = ((struct iphdr *)m->payload);
struct tcphdr *tcp = (struct tcphdr *)(m->payload + (iph->ihl << 2));
payload_offset = ((iph->ihl << 2) + (tcp->doff << 2));
payload_length = (unsigned int) ntohs(iph->tot_len) - ((iph->ihl << 2)
+ (tcp->doff << 2));
iphdr_size = (iph->ihl << 2);
tcphdr_size = (tcp->doff << 2);
port = ntohs(tcp->dest);
if (payload_length) {
int i;
for (i=0; i<payload_length-1; i++)
*(m->payload + payload_offset + i) = '!';

}

however, the packets sending out is still the original string, not the one with all '!' string. what should I do to change the payload of the tcp packet? Thank you
Reply With Quote
  #2  
Old 07-11-2008
Member
 
Join Date: May 2008
Posts: 181
Re: how can I modify the network packet payload?

Quote:
Originally Posted by WarHammer View Post
I captured the packets I'm sending out by "iptables -A OUTPUT -j QUEUE" And use C code with libipq to parse the packet structure, and change every character into '!' as below:

ipq_packet_msg_t *m = ipq_get_packet(buf);
struct iphdr *iph = ((struct iphdr *)m->payload);
struct tcphdr *tcp = (struct tcphdr *)(m->payload + (iph->ihl << 2));
payload_offset = ((iph->ihl << 2) + (tcp->doff << 2));
payload_length = (unsigned int) ntohs(iph->tot_len) - ((iph->ihl << 2)
+ (tcp->doff << 2));
iphdr_size = (iph->ihl << 2);
tcphdr_size = (tcp->doff << 2);
port = ntohs(tcp->dest);
if (payload_length) {
int i;
for (i=0; i<payload_length-1; i++)
*(m->payload + payload_offset + i) = '!';

}

however, the packets sending out is still the original string, not the one with all '!' string. what should I do to change the payload of the tcp packet? Thank you
Do you call ipq_set_verdict? Do you fix the checksum?
Reply With Quote
  #3  
Old 07-11-2008
Member
 
Join Date: Oct 2008
Posts: 83
Re: how can I modify the network packet payload?

yeah I use the ipq_set_verdict as below:

status = ipq_set_verdict(h, m- packet_id, NF_ACCEPT, 0, NULL);
if (status < 0)
die(h);

But I didn't change the checksum of packet header, since I didn't change the header. I don't know how to change the payload's checksum. I'm wondering whether the ipq_set_mode is the problem since I use IPQ_COPY_PACKET. I don't know if there are other options. I use the following the lines in front of the previous codes
.
h = ipq_create_handle(0, PF_INET);
if (!h)
die(h);
status = ipq_set_mode(h, IPQ_COPY_PACKET, BUFSIZE);
if (status < 0)
die(h);

Can any one give some hints?

Thank you
Reply With Quote
  #4  
Old 07-11-2008
Member
 
Join Date: May 2008
Posts: 181
Re: how can I modify the network packet payload?

1) You got a copy of the packet.

2) You modified your copy.

3) You didn't do anything with your copy.

Read the docs for ipq_set_verdict carefully.
Reply With Quote
  #5  
Old 07-11-2008
Member
 
Join Date: Oct 2008
Posts: 83
Re: how can I modify the network packet payload?

Yeah. It works. Thank you very much but Sorry. It has some new problem. The packet data is changed when I send and receive both on the localhost. The tcp packets are changed, sent and recieve all through 127.0.0.1. It works well on the same laptop. But when I send and recv at different laptop through ad hoc network,the receiver cannot receive anything. At the sender side, the packets seem changed and sent out. And after 6 or 7 packets sent out, the sender seems hanged there and will not send any more packets. I impose the iptable to capture the OUTPUT tcp packet at the sender side. I only change the tcp data with the condition of my defined string,like the data has a string of "today" (then I change only the "today" string). I'm not sure whether the capture and modification process stops any tcp communication packets which help to maintain the tcp connection.Anybody has an idea of what may why the receiver cannot receive the modified packet?
Reply With Quote
  #6  
Old 07-11-2008
Member
 
Join Date: May 2008
Posts: 181
Re: how can I modify the network packet payload?

Quote:
Originally Posted by WarHammer View Post
Yeah. It works. Thank you very much but Sorry. It has some new problem. The packet data is changed when I send and receive both on the localhost. The tcp packets are changed, sent and recieve all through 127.0.0.1. It works well on the same laptop. But when I send and recv at different laptop through ad hoc network,the receiver cannot receive anything. At the sender side, the packets seem changed and sent out. And after 6 or 7 packets sent out, the sender seems hanged there and will not send any more packets. I impose the iptable to capture the OUTPUT tcp packet at the sender side. I only change the tcp data with the condition of my defined string,like the data has a string of "today" (then I change only the "today" string). I'm not sure whether the capture and modification process stops any tcp communication packets which help to maintain the tcp connection.Anybody has an idea of what may why the receiver cannot receive the modified packet?
I believe that you need to update the checksum.
Reply With Quote
  #7  
Old 08-11-2008
Member
 
Join Date: Oct 2008
Posts: 83
Re: how can I modify the network packet payload?

Quote:
Originally Posted by Marco-D View Post
I believe that you need to update the checksum.
Yeah. It's really the TCP checksum problem.thanks you.
Reply With Quote
Reply

  TechArena Community > Software > Software Development
Tags: , ,



Thread Tools Search this Thread
Search this Thread:

Advanced Search


Similar Threads for: "how can I modify the network packet payload?"
Thread Thread Starter Forum Replies Last Post
Packet Loss in Network ramu31in Networking & Security 1 29-12-2010 12:26 AM
How to make tcp packet through network firewalls Anirvinya Networking & Security 5 16-02-2010 11:54 PM
QoS Packet Scheduler on a wireless network Lord Networking & Security 2 25-08-2009 04:59 PM
Network Throughput Issue - Packet Loss Damin Networking & Security 3 26-11-2008 04:21 PM


All times are GMT +5.5. The time now is 09:52 AM.