Skip to content

Latest commit

 

History

History

lab3

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
.vscode
.vscode
 
 
src
src
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
Vagrantfile
Vagrantfile
 
 
bootstrap.sh
bootstrap.sh
 
 

README.md

Linux kernel-space traffic interceptor

Build and run

$ vagrant up
$ vagrant ssh
$ cd /vagrant
$ make
$ make insmod

Check that the module successfully loaded

$ dmesg # look at 'network_driver' messages

Or

$ lsmod | grep driver

Usage

This module:

  • captures all UDP traffic from all interfaces and prints source and destination ports. To test it, try: 
    $ nc -u localhost 32 < ${FILE_WITH_DATAGRAM_CONTENT}
$ dmesg

    Note: this module handle only 32 destination port. All other ports will be ignored. (See DRV_TARGET_PORT define)

  • collects statistics. Try ifconfig -a
    • rx packets - successfully received packets
    • rx dropped - UDP packets with port != 32
    • rx errors - not UDP/IP packets

Useful articles/docs

  • Detailed sk_buff description here and here
  • How to use sk_buff with new kernel (4.15) here
  • Useful code snippet for old kernel here