开发者

Network Packet Inspector in Mac OSX

开发者 https://www.devze.com 2022-12-17 10:33 出处：网络

I\'m trying to create a network packet inspector. I know you can do this with libpcap, but it\'s not a sniffer, i need to forge network packet, before it was sent on network. (sending v开发者_如何学P

相关专题：dylib kernel kernel-extension macos networking

I'm trying to create a network packet inspector.

I know you can do this with libpcap, but it's not a sniffer, i need to forge network packet, before it was sent on network. (sending v开发者_如何学Pythonia socks server)

I found 2 ways to do this :

Using an NKE. (Network Kernel Extension)
Using a DYLD_INSERT_LIBRARIES to insert a library to hook network function.

Which method do you think is the best ?

Neither, use a tun/tap device: http://tuntaposx.sourceforge.net/

You'll need to route the traffic to that device, modify it, then send it back. You can do this with firewall rules. There are lots of examples of using tun/tap all over the open-source world, it isn't hard.

Advantage: it's a kernel extension, but a standard kernel extension, and therefore you don't need to worry about debugging it.