After some struggling with the redirect of the packets (and it works) I am certain now I need to parse the DNS and modify the record to redirect the user. This because filtering (and redirecting) on IP adres is not failsafe. A domainname can have more ip-addresses …..
I’ve succeeded in getting to the DNS request structure from the send packet.
I’m not so lucky in altering the packet; this is logical because the redirect packet is greater in size than the original. This is where i get stuck.
I think I need to create a totally new packet with the correct DNS data. When I filter a packet which has to be redirected I copy the packet (except for the DNS), modify the etherheader size, ip-size and recalc the IP-,TCP- and UDP checksums …
Is that the correct way ? and … if you could please assist me do you have some example code to create a new packet ?
Many thanks