packet modification

[Kifah Abbad <kifah () prz tu-berlin de>]

Hi all,

i am currently doing my thesis, and i have about 70 days to go.

Well as part of my thesis i need to do something looking like this:

I have 2 ipsec-bridges (openbsd 3.3) conntected together, both
standing infront of 2 clients who wanna communicate.(clients are
windows-xp)

[client1]-----[ipsec-bridge-1]-------------[ipsec-bridge-2]----[client2]

Now the scenario is: client-1 wants to communicate with client 2 (say
open a telnet connection).
for each packet happens the following on ipsec-bridge-1:

1. Capture all packets coming from Client1 to client2.(thats not
making a copy of the packet, but actually grabbing it)

2.Add a string (security label, clearance) to each packet. ( let's say
"securitystage1")

3. "shove" packet into the IPSEC tunnel (connected to ipsec-bridge-2) 


Now i have been trying to find a c-library or soution to get step 1
and 2 to work...which lead me to "libpcap"...but there are hardly any
examples where the packets are actually captured and then changed
(mnipulated). Most things i found are about generation of packets, or
capturing "copies" of packets and watching the. (tcpdump).

How would i realize this solution? any code examples? is there a good
code-protal to search for such things?

thanks

-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe