[Winpcap-users] Sniff TCP packets,
manipulate their data and send them to another PC
Gianluca Varenni
gianluca.varenni at cacetech.com
Thu Jun 14 17:39:58 GMT 2007
----- Original Message -----
From: <ceo at triplebit.com>
To: "Gianluca Varenni" <gianluca.varenni at cacetech.com>;
<winpcap-users at winpcap.org>
Sent: Thursday, June 14, 2007 1:13 AM
Subject: Re: [Winpcap-users] Sniff TCP packets,manipulate their data and
send them to another PC
> >
>>> Hi all,
>>> I'd like to sniff the interface card, save some tcp packets, manipulate
>>> their data and send the data in a second connection that I opened to a
>>> second PC.
>>> Is that possible with Winpcap?
>>
>> It's certainly feasible to do that. But it's not that easy. Are you
>> trying to build some sort of transparent proxy?
>> Who creates the second TCP connection?
>
> I'm quite new to WinPcap and to networking in general, so I hope I'll be
> able to answer aprorpriatly...
> I don't know what's a 'transparent proxy" but I'll try to describe more
> details.
> I transmit video from a Windows Media Server to some nodes,each running
> Windows Media Player. Since the throughput from the original server is
> poor I want to run also this "proxy" in every node, that would reflect the
> video to other nodes running Windows Media Player, thus enabling me to
> transmit to more nodes.
> To your specifical question,
> the other nodes will create the TCP connection to the nodes that run this
> "proxy".
>
I think it's a tough project. First of all, your server will need to cache
the stream, as there's no guarantee that the clients connected to your proxy
will keep up at the same speed as the connection you are sniffing. Second,
how will you manage the normal windows media handshake when the client
connects to the server? Im referring to messages like C->S "I want to see
video XYZ, do you have it? which resolution?" or C->S "Slow down, less
frames per second". These are just guesses, I have no idea how the windows
media streaming protocols work.
What you are trying to do is a sort of network load balancer. I'd be
surprised if MS doesn't have a solution for this. This is the same problems
that big web servers have. And one of the solutions is actually having a
front-end balancing server that redirects in a way or another the request to
a cluster of other web-servers acutally serving the HTTP request.
I would probably look at these problems before going into streaming
balancing problems. I would also look if Windows Media services has
solutions for it as well.
>>
>>>
>>> If positive , is there some example of code that is close to what I
>>> need?
>>
>> The WinPcap developer's pack contains a sample that shows how to bridge
>> packets between two network interfaces. There's nothing more than that.
>
> Can you indicate please the name of the sample?
WpdPack\Examples-remote\UserLevelBridge
Have a nice day
GV
>
>>
>>>
>>> Is there some tool that already does that?
>>
>> It depends on what you are trying to do exactly. Who creates and
>> terminates the TCP connections? Are you trying to mirror some traffic?
>
> I hope that the previous calarifications refer to that also.
>
> Thanks in advance
>
> I. lesher
>
More information about the Winpcap-users
mailing list