tcp packet forwarding

Aug 30, 2011 at 2:52 PM

HI all,

I have an issue. My task is the following: I have to capture tcp packets on my first ethernet card which is connected to a subnet. (ip addr on this ethernet card 192.168.137.33) after that I have to redirect this packets to the other subnet via my second ethernet card occording to a rule. (ip addr on this ethernet card 217.214.225.72).

What I did. I captured the packet on the first ethernet card. Copied the ethernet - ipv4 layers and the payload. I changed the source IP to the IP of my secondary ethernet card, I created a new tcp packet with PacketBuilder and sended over the second ethernet card.

I tested with ftp connection creation. If I try to direct create a ftp connection than it is working (goes the sync and ack packets)  but if I use my "proxy" it did not works. The sync goes out but I did not get the resp ack packets. I compared with wireshark it seems the the packet structure is same in both methods. (If I use Internet Connection Service than this works as well)

My code:

if (ip.Destination.ToString().Equals(destIP))
{
	EthernetLayer elayer = (EthernetLayer)packet.Ethernet.ExtractLayer();
	
	IpV4Layer ilayer = (IpV4Layer)packet.Ethernet.IpV4.ExtractLayer();
	ilayer.Source = new IpV4Address(mainIP);
	ilayer.HeaderChecksum = null;
	PayloadLayer payload = (PayloadLayer)new Datagram(packet.Ethernet.IpV4.Payload.ToMemoryStream().ToArray()).ExtractLayer();

	Packet p2 = PacketBuilder.Build(DateTime.Now, elayer, ilayer, payload);
	comm2.SendPacket(p2);
}
I tried to change the Mac Addresses as well but the result was same.

thx for the help

           Szuszu...

Coordinator
Sep 2, 2011 at 7:46 AM

Hi szuszu,

 

Did you look in look on Wireshark if maybe the computer that is connected to the two networks sends some packets on that connection?

Maybe it sends some RST packets that destroy the TCP connection.

 

Boaz.

Sep 5, 2011 at 12:42 PM
Hi Boaz,

Thx for the answer.
I did not get any RST packets on Wireshark. Just the incoming TCP packets.
By the way in the meantime we try on other solution. Try to use openvpn.

Thx again
BR.

Laszlo...

On Fri, Sep 2, 2011 at 8:46 AM, brickner <notifications@codeplex.com> wrote:

From: brickner

Hi szuszu,

Did you look in look on Wireshark if maybe the computer that is connected to the two networks sends some packets on that connection?

Maybe it sends some RST packets that destroy the TCP connection.

Boaz.

Read the full discussion online.

To add a post to this discussion, reply to this email (PcapDotNet@discussions.codeplex.com)

To start a new discussion for this project, email PcapDotNet@discussions.codeplex.com

You are receiving this email because you subscribed to this discussion on CodePlex. You can unsubscribe on CodePlex.com.

Please note: Images and attachments will be removed from emails. Any posts to this discussion will also be available online at CodePlex.com


Coordinator
Sep 10, 2011 at 7:55 AM

Perhaps you should also change the EthernetLayer addresses since you use different adapters for the incoming packet and the packet you send.