[erlang-questions] low level packet access from erlang

Geoff Cant <>
Wed Apr 3 20:06:14 CEST 2013


Hi there - I'm slowly building a TAP interface based library for networking at https://github.com/archaelus/enet -- some of the code might save you some time. You can send and receive packets with it, but it's missing a lot of mechanisms and infrastructure for making that easy. 

I've used the packet parsing code a bunch for pcap file analysis, and the generation code only a little to try and build an IP stack.

The docs are non-existent but I'm more than happy to answer questions about the code.

-Geoff

On 2013-04-03, at 10:59 , Garry Hodgson <> wrote:

> i am building an experimental firewall of sorts,
> and need to be able to access incoming packets
> directly, so i can muck around with low level
> src/dst/ports/etc information. it looks like the standard
> modules handle the low level things for me, such that
> i by the time i see an incoming message, the low level
> details are lost.
> 
> how can i arrange access to the lower level information
> (ignoring performance issues for now)?
> 
> i see like mentioned a way in an old (2001) thread:
> http://www.trapexit.org/forum/viewtopic.php?p=4258&sid=4469db61020efe9100e1e1c2504bfc8c
> but the link to bluetail where his code was doesn't exist anymore.
> 
> i've read the ei/pcap approach presented here:
> http://blog.listincomprehension.com/2009/12/erlang-packet-sniffer-using-ei-and.html
> 
> but i don't want to just sniff packets, but intercept them.
> 
> i'd appreciate any insights into how to tackle this.
> 
> -- 
> Garry Hodgson
> AT&T Chief Security Office (CSO)







More information about the erlang-questions mailing list