Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: how to hack linux driver to delay incoming packets
Special Forums IP Networking how to hack linux driver to delay incoming packets Post 302503009 by Corona688 on Wednesday 9th of March 2011 12:33:09 PM
Old 03-09-2011
You can easily delay packets leaving the system using traffic control, but entering? That's a ton harder and much less stable: It has to store everything before it lets it enter, you get the potential for states where the kernel can't store as fast as it's receiving and has no way to tell the other end to slow down. In-kernel memory is also limited.

I'm not sure you need driver hacking to do it anyway. Doing it in userspace avoids most of the above problems. I'd try this:
  • Create a tun/tap interface (see Documentation/networking/tuntap.txt in the linux kernel)
  • Configure your ethernet device for 0.0.0.0, remove it from the routing table, and just read/write raw packets with a userspace program.
  • Write raw packets from the ethernet adaptor to the tun/tap device. Write raw packets from the tun/tap device to the ethernet adaptor. Your program can store them for how long you want inbetween.
  • Use your tun/tap device for normal traffic. Add it to the routing table, etc. so normal programs use it.
This User Gave Thanks to Corona688 For This Post:
sameer kulkarni
 

9 More Discussions You Might Find Interesting

1. Red Hat

How to check the outbound packets in Linux

I have a linux redhat box , our security department in my company informed me that my server's IP sends So many traffic in my network , This box I am using it as FTP server to store the other servers logs . My question briefly is how to check my outbound packets which are going from my PC to the... (1 Reply)
Discussion started by: DarkSoul
1 Replies

2. Cybersecurity

~ IPTables : Limit Incoming UDP Packets With a Certain Length ~

Hello, I am currently trying to limit incoming UDP length 20 packets on a per IP basis to 5 a second using IPTables on a Linux machine (CentOS 5.2). Basically, if an IP is sending more than 5 length 20 UDP packet a second to the local machine, I would like the machine to drop the excess... (1 Reply)
Discussion started by: tomboy123
1 Replies

3. UNIX for Dummies Questions & Answers

Linux box drops the incoming packets

Hi all, I am new to Linux kernel. we have a c file that counts the no. of sends and received packets in each interface, and indicate the user about the error/drop ration of incoming and outgoing packets. in our Linux box , the incoming packets are dropped at random interval. we have our... (1 Reply)
Discussion started by: kannandv
1 Replies

4. IP Networking

how to delay the outgoing packets ??

hello, i am searching a way to delay the incoming packets before it goes out of the system may i know how can i approach to this problem? (3 Replies)
Discussion started by: sameer kulkarni
3 Replies

5. Linux

how to allow incoming UDP packets with iptables

I am looking for an iptables command to allow incoming UDP packets for my Linux server also is there a command I can use to set the default action for outgoing packets to accept? Thank you (1 Reply)
Discussion started by: crimputt
1 Replies

6. Cybersecurity

How can someone hack into a Linux server ?

Hi! I have a debian linux VPS and i am wondering how would someone be able to hack into it , in what ways ? I've asked a more knowledgeable friend and he said the only way someone would be able to get into my VPS is via FTP or SSH, are there some other ways someone can enter my machine ? I... (18 Replies)
Discussion started by: ParanoiaUser
18 Replies

7. IP Networking

How to route all incoming packets from one virtual interface?

Hello, I'm trying to route all packets arriving at a particular interface by entering the same interface the virtual interface eth1: 2 and now everything is routed by default gw configured on eth1. eth1 Link encap:Ethernet HWaddr 0a:0e:64:18:52:72 inet addr:192.168.10.15 eth1:2 ... (1 Reply)
Discussion started by: faka
1 Replies

8. Red Hat

Hack a centos Linux box

HI, I have a Centos linux box and there is interface connect to internet. I stop the iptables in this box . After a few day , I find the linux box have been hacked and install some perl script into the box . Could anyone tell me how the hacker can login into the centos box without knowing... (1 Reply)
Discussion started by: chuikingman
1 Replies

9. IP Networking

How to route packets back to incoming interface?

Hi folks, I have a debian server running an Apache daemon on the eth0 interface. Now from time to time the server has to open an openvpn connection (tun0) to other networks to get some data from there. During this period the Apache is no longer reachable under it's IP address on eth0 because all... (6 Replies)
Discussion started by: flyingwalrus
6 Replies

LEARN ABOUT NETBSD

etherip

ETHERIP(4)						   BSD Kernel Interfaces Manual 						ETHERIP(4)

NAME

     etherip -- EtherIP tunneling device

SYNOPSIS

     pseudo-device etherip

DESCRIPTION

     The etherip interface is a tunneling pseudo device for Ethernet frames.  It can tunnel Ethernet traffic over IPv4 and IPv6 using the EtherIP
     protocol specified in RFC 3378.

     The only difference between an etherip interface and a real Ethernet interface is that there is an IP tunnel instead of a wire.  Therefore,
     to use etherip the administrator must first create the interface and then configure protocol and addresses used for the outer header.  This
     can be done by using ifconfig(8) create and tunnel subcommands, or SIOCIFCREATE and SIOCSLIFPHYADDR ioctls.

   Packet format
     Ethernet frames are prepended with a EtherIP header as described by RFC 3378.  The resulting EtherIP packets will be encapsulated in an outer
     packet, which may be either an IPv4 or IPv6 packet, with IP protocol number 97.

   Ethernet address
     When a etherip device is created, it is assigned an Ethernet address of the form f2:0b:a5:xx:xx:xx.  This address can later be changed
     through a sysctl node.

     The sysctl node is net.link.etherip.<iface>.  Any string of six colon-separated hexadecimal numbers will be accepted.  Reading that node will
     provide a string representation of the current Ethernet address.

   Security
     The EtherIP header of incoming packets is not checked for validity.  This is because there seems to be some confusion about how such a header
     has to look like.	For outgoing packets, the header is set up the same way as done in OpenBSD, FreeBSD, and Linux to be compatible with those
     systems.

   Converting from previous implementation
     A tunnel configured for the previous (undocumented) implementation will work with just renaming the device from gif to etherip.

SEE ALSO

     bridge(4), gif(4), inet(4), inet6(4), tap(4), ifconfig(8)

HISTORY

     The etherip device first appeared in NetBSD 4.0, it is based on tap(4), gif(4), and the former gif-based EtherIP implementation ported from
     OpenBSD.

BUGS

     Probably many.  There is lots of code duplication between etherip, tap(4), gif(4), and probably other tunnelling drivers which should be
     cleaned up.

BSD
								 November 23, 2006							       BSD
All times are GMT -4. The time now is 05:24 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy