You don't say what operating system you are using and what problem you are trying to solve, but the easy solution is to set up a proxy and make your browser use that proxy. There is a convenient proxy package availble with HTTP::Proxy. On the other, harder side, there is the low-level manipulation possible with libnet and libpcap (Net::PCap), both of which have injection and manipulation callbacks, and if you're using a BSD (-based operating system), you might find the port filters by Stephanie Wehner useful.

Hi,
Thanks for the swift answer.

I'm planning testing system that takes captured data on L7 and injects it as a real data, so I have to be able manipulating the TCP stack.
I still not sure about the OS, it will be either WinXP or LinuxRH9.
Do you think it will be much difficult to do it with WinXP and active perl ?

The example you gave above of S.Wehber is great !
Is it only valid on BSD OS ?
Thanks,
Mosh.

Note that the interface between the application and TCP is just a stream of bytes. It's not broken up into discrete units (packets/segments/whatever).

That interface occurs when the application does a write() or whatever on a socket, so if you really want to intercept the data there, it's going to be *in the application*, (or kernel, but you probably don't want to do that).

A data-mutating proxy doesn't really intercept anything at the level that your original post described.

Here's an example of intercepting the data in the app:

#!/usr/bin/perl -w

package IO::Socket::INET::Interceptor;

use base qw(IO::Socket::INET);


sub write
{
    my ($self, $buf, $len, $offset) = @_;
    $buf =~ s/cats/dogs/g;
    $self->SUPER::write($buf, $len, $offset);
}

package main;

my $sock = IO::Socket::INET::Interceptor->new("localhost:80") or die $
+!;

$sock->write("GET /cats/cats/cats.html HTTP/1.0\r\n\r\n");
print <$sock>;
[download]