Wednesday, April 15, 2020

How to catch TCP packets going through interface and completely change them?

I am exploring the problem of TCP over TCP. Specifically the situation when a TCP connection is wrapped into TCP tunnel (Tor, HTTP tunnel, WebSocket tunnel) because UDP tunnel can not be used (DPI blocks VPN).

I thought that application whose traffic is tunelled usually doesn't require TCP with it's guaranted delivery (and slowdown) because a tunnel already handles network issues. The only thing that application wants is a transport which establishes connection, that's why it uses TCP socket.

I decided to implement a software which sits on both sides of a tunnel, catches TCP packets on tunnel network interface (e.g. tun0), prevents them from being sent, wraps them into UDP and sends to it's instance on the other side.

How can I catch packets? I've looked at iptables and libpcap but I can't find the solution.



No comments:

Post a Comment