2001-07-20 19:13:07

by Dipak

[permalink] [raw]
Subject: Please suggest me

Hi All,
I'm quite new to linux world. I've a very awkard question for you.
That is: I'm writting an user process, where I need all outgoing
IP packets to be blocked and captured. First, is it really possible? If
yes, how? I don't want to make any kernel source code changes. A wild
guess: by configuration changes, is it possible to make IP process write
on to a particular FD which I can read when I require?

Thanks,
dipak


2001-07-20 19:19:17

by Richard B. Johnson

[permalink] [raw]
Subject: Re: Please suggest me

On Fri, 20 Jul 2001, Dipak Biswas wrote:

> Hi All,
> I'm quite new to linux world. I've a very awkard question for you.
> That is: I'm writting an user process, where I need all outgoing
> IP packets to be blocked and captured. First, is it really possible? If
> yes, how? I don't want to make any kernel source code changes. A wild
> guess: by configuration changes, is it possible to make IP process write
> on to a particular FD which I can read when I require?
>
> Thanks,
> dipak
>

Get the source-code of `tcpdump` and see how packet capturing is done.
You can also look at `ipchains` to see how to block packets.

Cheers,
Dick Johnson

Penguin : Linux version 2.4.1 on an i686 machine (799.53 BogoMips).

I was going to compile a list of innovations that could be
attributed to Microsoft. Once I realized that Ctrl-Alt-Del
was handled in the BIOS, I found that there aren't any.


2001-07-20 19:21:27

by Matti Aarnio

[permalink] [raw]
Subject: Re: Please suggest me

On Fri, Jul 20, 2001 at 02:13:00PM -0400, Dipak Biswas wrote:
> Hi All,
> I'm quite new to linux world. I've a very awkard question for you.
> That is: I'm writting an user process, where I need all outgoing
> IP packets to be blocked and captured. First, is it really possible? If
> yes, how? I don't want to make any kernel source code changes. A wild
> guess: by configuration changes, is it possible to make IP process write
> on to a particular FD which I can read when I require?

Look at how tools like tcpdump and etherreal do it.
It has been done over and over again -- in userspace tool.

> Thanks,
> dipak

/Matti Aarnio

2001-07-21 03:58:45

by Aaron Smith

[permalink] [raw]
Subject: Re: Please suggest me

On Fri, Jul 20, 2001 at 03:18:44PM -0400, Richard B. Johnson wrote:
> On Fri, 20 Jul 2001, Dipak Biswas wrote:
>
> > Hi All,
> > I'm quite new to linux world. I've a very awkard question for you.
> > That is: I'm writting an user process, where I need all outgoing
> > IP packets to be blocked and captured. First, is it really possible? If
> > yes, how? I don't want to make any kernel source code changes. A wild
> > guess: by configuration changes, is it possible to make IP process write
> > on to a particular FD which I can read when I require?
> >
> > Thanks,
> > dipak
> >
>
> Get the source-code of `tcpdump` and see how packet capturing is done.
> You can also look at `ipchains` to see how to block packets.
>
> Cheers,
> Dick Johnson
>
> Penguin : Linux version 2.4.1 on an i686 machine (799.53 BogoMips).
>
> I was going to compile a list of innovations that could be
> attributed to Microsoft. Once I realized that Ctrl-Alt-Del
> was handled in the BIOS, I found that there aren't any.
>
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to [email protected]
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/

I would suggest using IPTables, personally, that's what I use for all of my firewall-type needs.

--
-Aaron

Don't hate yourself in the morning, sleep till noon