in reply to Intercept segmets before arriving to the TCP stack from App Layer

Hi,

Note that the interface between the application and TCP is just a stream of bytes. It's not broken up into discrete units (packets/segments/whatever).

That interface occurs when the application does a write() or whatever on a socket, so if you really want to intercept the data there, it's going to be *in the application*, (or kernel, but you probably don't want to do that).

A data-mutating proxy doesn't really intercept anything at the level that your original post described.

Here's an example of intercepting the data in the app: 

#!/usr/bin/perl -w

package IO::Socket::INET::Interceptor;

use base qw(IO::Socket::INET);


sub write
{
    my ($self, $buf, $len, $offset) = @_;
    $buf =~ s/cats/dogs/g;
    $self->SUPER::write($buf, $len, $offset);
}

package main;

my $sock = IO::Socket::INET::Interceptor->new("localhost:80") or die $
+!;

$sock->write("GET /cats/cats/cats.html HTTP/1.0\r\n\r\n");
print <$sock>;

[download]
I do agree that the proxy example is more interesting, but it's not what you described.
  • Comment on Re: Intercept segmets before arriving to the TCP stack from App Layer
  • Download Code

In Section Seekers of Perl Wisdom