I intend to find specific data packets in the kernel and intercept it (either drop certain packets or redirect them). The natural way is to somehow capture all the packets, check their data and drop / redirect certain packets.
I tried to intercept them directly in the kernel code ( here , on point , to copy the data to user space), but the data that is pressed by the server without requests cannot be accessed there.
Another option might be network hooks such as this post . However, such a hook is below the TCP layer, and it seems that reordering and packet loss have not yet been resolved.
So, I wonder if there are any elegant solutions for catching packets and working with them at the TCP level?
Thank!
source
share