doubts about how to detect an specific kind of tcp/ip packets.
Jorge Pereira
jpereiran at gmail.com
Thu Sep 18 13:02:29 PDT 2014
Hi folks,
I'm writing a software, that needs to detect and do something
always when arrive some specific kind of tcp packet. below i'll try to
explain using a "pseudo code".
<pseudocode>
ifaces = listen (eth0, eth1)
busy_loop() {
pkt = get_packet(ifaces);
if (pkt.header == ARP && pkt.src == client.src || pkt.header ==
47 /* Tunnel GRE */ && pkt.src == client.src ) {
if (check_client (pkt))
do_something();
}
}
</pseudocode>
kernel or userland? daemon maybe... needs to be "light", I would like
to get some suggestions about the best way/practice to do this, maybe
could be possible the using libn3, libpcap. if someone knows any
project/code that i can use as a base, tell me! :)
--
Jorge Pereira
More information about the libnl
mailing list