Note that the interface between the application and TCP is just a stream of bytes. It's not broken up into discrete units (packets/segments/whatever).
That interface occurs when the application does a write() or whatever on a socket, so if you really want to intercept the data there, it's going to be *in the application*, (or kernel, but you probably don't want to do that).
A data-mutating proxy doesn't really intercept anything at the level that your original post described.
Here's an example of intercepting the data in the app:
I do agree that the proxy example is more interesting, but it's not what you described.#!/usr/bin/perl -w package IO::Socket::INET::Interceptor; use base qw(IO::Socket::INET); sub write { my ($self, $buf, $len, $offset) = @_; $buf =~ s/cats/dogs/g; $self->SUPER::write($buf, $len, $offset); } package main; my $sock = IO::Socket::INET::Interceptor->new("localhost:80") or die $ +!; $sock->write("GET /cats/cats/cats.html HTTP/1.0\r\n\r\n"); print <$sock>;
In reply to Re: Intercept segmets before arriving to the TCP stack from App Layer
by PreferredUserName
in thread Intercept segmets before arriving to the TCP stack from App Layer
by mosh
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |