Menu
▾
▴
Re: [Divert] Basic questions about functionaly of divert sockets
|
From: Ilia B. <ib...@pi...> - 2001-06-27 17:36:33
|
Victor Foitzik wrote: > Hello folks, > > I am currently working on a divert based filtering software for HTTP requests. > This should work this way: > > SERVER -> DIVERT -> CLIENT > > The software catches the entire HTTP stream from a server destined for a certain > client and filters it based on several criterias. The main aspect is, that this > is completely transparent, the server sees request coming from the client and > vice versa, the software between is completely invisible. In order to achieve > this, src and dest ip are corrected, but also sequence numbers, etc. Since some > of the HTTP data must be cached before sending it to the client, fake ACK > packets are sent to the server. > > Now my questions: > 1. What exactly happens to packets reinserted into the TCP stack which cannot be > delivered to the client ? Do I have to resend them manually, or does the TCP > stack take care for this ? The packets reinserted into the IP stack behave like any other packets. If they cannot be delivered, regular TCP mechanisms are envolved (sending an RST and all that). > 2. Is the order of inserted packets relevant ? For TCP it is. Best if you reinsert in the same order you receive them. > > 3. Does anyone know of a similar software ? > Don't know. > > Thank you for your time > > Victor Foitzik > > ------------------------------------------------------------------------- > Divert Sockets for Linux List > mailto:di...@li... > http://www.anr.mcnc.org/~divert > ------------------------------------------------------------------------- Remember: divert sockets are an IP mechanism - they don't care about the transport protocol in the IP datagrams, so its up to you to insure everything is sane. -ilia -- -------------------------------------+---------------------- Ilia Baldine, PhD | ib...@an... Network Research Engineer, | ph#:(919)248-1847 Advanced Networking Research, MCNC | FAX:(919)248-1455 http://people.anr.mcnc.org/~ibaldin | -------------------------------------+---------------------- "I used to think the brain was the most important part of the body, but then I realized who was telling me that." -Emo Philips ------------------------------------------------------------ ------------------------------------------------------------------------- Divert Sockets for Linux List mailto:di...@li... http://www.anr.mcnc.org/~divert ------------------------------------------------------------------------- |
