03-09-2011
You can easily delay packets
leaving the system using traffic control, but
entering? That's a ton harder and much less stable: It has to store everything before it lets it enter, you get the potential for states where the kernel can't store as fast as it's receiving and has no way to tell the other end to slow down. In-kernel memory is also limited.
I'm not sure you need driver hacking to do it anyway. Doing it in userspace avoids most of the above problems. I'd try this:
- Create a tun/tap interface (see Documentation/networking/tuntap.txt in the linux kernel)
- Configure your ethernet device for 0.0.0.0, remove it from the routing table, and just read/write raw packets with a userspace program.
- Write raw packets from the ethernet adaptor to the tun/tap device. Write raw packets from the tun/tap device to the ethernet adaptor. Your program can store them for how long you want inbetween.
- Use your tun/tap device for normal traffic. Add it to the routing table, etc. so normal programs use it.
This User Gave Thanks to Corona688 For This Post:
9 More Discussions You Might Find Interesting
1. Red Hat
I have a linux redhat box , our security department in my company informed me that my server's IP sends So many traffic in my network ,
This box I am using it as FTP server to store the other servers logs .
My question briefly is how to check my outbound packets which are going from my PC to the... (1 Reply)
Discussion started by: DarkSoul
1 Replies
2. Cybersecurity
Hello,
I am currently trying to limit incoming UDP length 20 packets on a per IP basis to 5 a second using IPTables on a Linux machine (CentOS 5.2).
Basically, if an IP is sending more than 5 length 20 UDP packet a second to the local machine, I would like the machine to drop the excess... (1 Reply)
Discussion started by: tomboy123
1 Replies
3. UNIX for Dummies Questions & Answers
Hi all,
I am new to Linux kernel.
we have a c file that counts the no. of sends and received packets in each interface, and indicate the user about the error/drop ration of incoming and outgoing packets.
in our Linux box , the incoming packets are dropped at random interval.
we have our... (1 Reply)
Discussion started by: kannandv
1 Replies
4. IP Networking
hello,
i am searching a way to delay the incoming packets before it goes out of the system may i know how can i approach to this problem? (3 Replies)
Discussion started by: sameer kulkarni
3 Replies
5. Linux
I am looking for an iptables command to allow incoming UDP packets for my Linux server
also is there a command I can use to set the default action for outgoing packets to accept?
Thank you (1 Reply)
Discussion started by: crimputt
1 Replies
6. Cybersecurity
Hi!
I have a debian linux VPS and i am wondering how would someone be able to hack into it , in what ways ?
I've asked a more knowledgeable friend and he said the only way someone would be able to get into my VPS is via FTP or SSH, are there some other ways someone can enter my machine ?
I... (18 Replies)
Discussion started by: ParanoiaUser
18 Replies
7. IP Networking
Hello, I'm trying to route all packets arriving at a particular interface by entering the same interface
the virtual interface eth1: 2 and now everything is routed by default gw configured on eth1.
eth1 Link encap:Ethernet HWaddr 0a:0e:64:18:52:72
inet addr:192.168.10.15
eth1:2 ... (1 Reply)
Discussion started by: faka
1 Replies
8. Red Hat
HI,
I have a Centos linux box and there is interface connect to internet.
I stop the iptables in this box .
After a few day , I find the linux box have been hacked and install some perl script into the box .
Could anyone tell me how the hacker can login into the centos box without knowing... (1 Reply)
Discussion started by: chuikingman
1 Replies
9. IP Networking
Hi folks,
I have a debian server running an Apache daemon on the eth0 interface. Now from time to time the server has to open an openvpn connection (tun0) to other networks to get some data from there. During this period the Apache is no longer reachable under it's IP address on eth0 because all... (6 Replies)
Discussion started by: flyingwalrus
6 Replies
LEARN ABOUT NETBSD
etherip
ETHERIP(4) BSD Kernel Interfaces Manual ETHERIP(4)
NAME
etherip -- EtherIP tunneling device
SYNOPSIS
pseudo-device etherip
DESCRIPTION
The etherip interface is a tunneling pseudo device for Ethernet frames. It can tunnel Ethernet traffic over IPv4 and IPv6 using the EtherIP
protocol specified in RFC 3378.
The only difference between an etherip interface and a real Ethernet interface is that there is an IP tunnel instead of a wire. Therefore,
to use etherip the administrator must first create the interface and then configure protocol and addresses used for the outer header. This
can be done by using ifconfig(8) create and tunnel subcommands, or SIOCIFCREATE and SIOCSLIFPHYADDR ioctls.
Packet format
Ethernet frames are prepended with a EtherIP header as described by RFC 3378. The resulting EtherIP packets will be encapsulated in an outer
packet, which may be either an IPv4 or IPv6 packet, with IP protocol number 97.
Ethernet address
When a etherip device is created, it is assigned an Ethernet address of the form f2:0b:a5:xx:xx:xx. This address can later be changed
through a sysctl node.
The sysctl node is net.link.etherip.<iface>. Any string of six colon-separated hexadecimal numbers will be accepted. Reading that node will
provide a string representation of the current Ethernet address.
Security
The EtherIP header of incoming packets is not checked for validity. This is because there seems to be some confusion about how such a header
has to look like. For outgoing packets, the header is set up the same way as done in OpenBSD, FreeBSD, and Linux to be compatible with those
systems.
Converting from previous implementation
A tunnel configured for the previous (undocumented) implementation will work with just renaming the device from gif to etherip.
SEE ALSO
bridge(4), gif(4), inet(4), inet6(4), tap(4), ifconfig(8)
HISTORY
The etherip device first appeared in NetBSD 4.0, it is based on tap(4), gif(4), and the former gif-based EtherIP implementation ported from
OpenBSD.
BUGS
Probably many. There is lots of code duplication between etherip, tap(4), gif(4), and probably other tunnelling drivers which should be
cleaned up.
BSD
November 23, 2006 BSD