[erlang-questions] low level packet access from erlang
Geoff Cant
nem@REDACTED
Wed Apr 3 20:06:14 CEST 2013
Hi there - I'm slowly building a TAP interface based library for networking at https://github.com/archaelus/enet -- some of the code might save you some time. You can send and receive packets with it, but it's missing a lot of mechanisms and infrastructure for making that easy.
I've used the packet parsing code a bunch for pcap file analysis, and the generation code only a little to try and build an IP stack.
The docs are non-existent but I'm more than happy to answer questions about the code.
-Geoff
On 2013-04-03, at 10:59 , Garry Hodgson <garry@REDACTED> wrote:
> i am building an experimental firewall of sorts,
> and need to be able to access incoming packets
> directly, so i can muck around with low level
> src/dst/ports/etc information. it looks like the standard
> modules handle the low level things for me, such that
> i by the time i see an incoming message, the low level
> details are lost.
>
> how can i arrange access to the lower level information
> (ignoring performance issues for now)?
>
> i see like mentioned a way in an old (2001) thread:
> http://www.trapexit.org/forum/viewtopic.php?p=4258&sid=4469db61020efe9100e1e1c2504bfc8c
> but the link to bluetail where his code was doesn't exist anymore.
>
> i've read the ei/pcap approach presented here:
> http://blog.listincomprehension.com/2009/12/erlang-packet-sniffer-using-ei-and.html
>
> but i don't want to just sniff packets, but intercept them.
>
> i'd appreciate any insights into how to tackle this.
>
> --
> Garry Hodgson
> AT&T Chief Security Office (CSO)
More information about the erlang-questions
mailing list