tcpdump mailing list archives
Re: Can libcap be used as a packet interceptor?
From: Eloy Paris <peloy () chapus net>
Date: Wed, 12 May 2010 13:41:59 -0400
Hi Aaron, On 05/12/2010 01:13 PM, Aaron Turner wrote: [...]
Look at libdnet. It has a cross platform API to modify the firewall rules on various OS's to drop packets.
libdnet's firewall interface is a great idea. Unfortunately, libdnet's support for modern Linux firewall capabilities is non-existent. It seems like libdnet was never updated for iptables, which replaced ipchains in Linux 2.4, and is what is used today.
Because of this, building libdnet in a modern Linux environment will use src/fw-none.c as the implementation of libdnet's firewall API, which basically returns ENOSYS for all API functions :-(
I don't think it would be hard to add support for iptables, but I haven't had a strong-enough need to want to tackle that myself.
Cheers, Eloy Paris.- netexpect.org - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Current thread:
- Can libcap be used as a packet interceptor? WANGRUNGVICHAISRI, SHIVESH (May 12)
- Re: Can libcap be used as a packet interceptor? Prasanna Kumar Nelam (May 12)
- Re: Can libcap be used as a packet interceptor? Aaron Turner (May 12)
- Re: Can libcap be used as a packet interceptor? Eloy Paris (May 12)
- Re: Can libcap be used as a packet interceptor? Rob Hasselbaum (May 12)
- Re: Can libcap be used as a packet interceptor? Eloy Paris (May 12)