4

I am trying to achieve this goal on Linux (not sure if it is possible and how if so): I need to write a program to intercept all IP packets on an interface, and deliver this packet to a specific set of user-space programs.

By intercept I mean, an IP packet is captured by my program (maybe a kernel module or a special user-space program), then this packet does not go through IP stack anymore.

For example, let's say the OS is running a lot of processes (either in kernel-space or user-space), A, B, C, D..., etc. If an IP packet is received at an interface, say eth2, I only want A,B sees this packet, and all other processes do even know the existence of this packet.

Can someone put me into the right direction?

Anthon
  • 78,313
  • 42
  • 165
  • 222
user2975098
  • 51
  • 1
  • 2

1 Answers1

6

I think you want to create a TUN/TAP interface. Both connect a userspace program to the network. A TUN interface works at the IP level; a TAP interface works at the Ethernet level.

If you're interested this tutorial might be helpful in getting you started with the TUN/TAP interface. It's titled: Tun/Tap interface tutorial.

If that's not the answer you were looking for, perhaps you could provide more background about the problem you are trying to solve.

slm
  • 363,520
  • 117
  • 767
  • 871
200_success
  • 5,496
  • 1
  • 26
  • 34