64 lines
2.6 KiB
HTML
64 lines
2.6 KiB
HTML
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
|
|
<HTML>
|
|
<HEAD>
|
|
<META NAME="GENERATOR" CONTENT="SGML-Tools 1.0.9">
|
|
<TITLE>Divert Sockets mini-HOWTO: Advanced issues</TITLE>
|
|
<LINK HREF="Divert-Sockets-mini-HOWTO-8.html" REL=next>
|
|
<LINK HREF="Divert-Sockets-mini-HOWTO-6.html" REL=previous>
|
|
<LINK HREF="Divert-Sockets-mini-HOWTO.html#toc7" REL=contents>
|
|
</HEAD>
|
|
<BODY>
|
|
<A HREF="Divert-Sockets-mini-HOWTO-8.html">Next</A>
|
|
<A HREF="Divert-Sockets-mini-HOWTO-6.html">Previous</A>
|
|
<A HREF="Divert-Sockets-mini-HOWTO.html#toc7">Contents</A>
|
|
<HR>
|
|
<H2><A NAME="s7">7. Advanced issues</A></H2>
|
|
|
|
<H2><A NAME="ss7.1">7.1 Packet Mangling</A>
|
|
</H2>
|
|
|
|
<P>After you intercept a packet, it is possible to change its header or contents
|
|
before reinjecting it back. Here are a few rules you might need to keep in mind:
|
|
<UL>
|
|
<LI>IP header checksum is always recalculated on injection</LI>
|
|
<LI>IP ID field is filled in for you if you leave it 0.</LI>
|
|
<LI>The length of the packet is updated for you.</LI>
|
|
</UL>
|
|
|
|
All other parts of the IP header can be modified and its up to you to insure their
|
|
sanity.
|
|
<P>
|
|
<H2><A NAME="ss7.2">7.2 Injection with no interception</A>
|
|
</H2>
|
|
|
|
<P>It is not necessary to intercept a packet in order to inject it. You can form
|
|
your own packets and inject them into an open and bound divert socket. The
|
|
header rules from above apply.
|
|
<P>
|
|
<P>In addition, you need to pass to the divert socket a <CODE>sockaddr_in</CODE> structure
|
|
(see example program), which will tell the socket where to inject. If you
|
|
leave the structure 0-ed out or pass a NULL - the divert socket will attempt
|
|
to inject the packet in the outbound direction (on the wire). If instead
|
|
you fill the <CODE>sockaddr_in</CODE> structure with the address of one of the local interfaces,
|
|
the divert socket will attempt to inject the packet inbound, as if it came from
|
|
that interface. All addresses, of course, should be in network byte order.
|
|
<P>
|
|
<P>Injection of packets that look like they are being forwarded by your host
|
|
must include an address of the incoming interface (actually - any valid interface
|
|
address will probably work).
|
|
<P>
|
|
<H2><A NAME="ss7.3">7.3 Fragmentation</A>
|
|
</H2>
|
|
|
|
<P>As of this reading, the divert sockets do not handle the defragmentation and
|
|
fragmentation of diverted packets - you always get the fragments as they are on
|
|
the wire and you should not inject fragments larger than PMTU. It is anticipated
|
|
that the fragmentation/defragmentation capability will be added in the near future.
|
|
<P>
|
|
<HR>
|
|
<A HREF="Divert-Sockets-mini-HOWTO-8.html">Next</A>
|
|
<A HREF="Divert-Sockets-mini-HOWTO-6.html">Previous</A>
|
|
<A HREF="Divert-Sockets-mini-HOWTO.html#toc7">Contents</A>
|
|
</BODY>
|
|
</HTML>
|