- This topic has 1 reply, 2 voices, and was last updated 15 years, 4 months ago by
.
-
Posts
-
nice idea!
but,we can see the http packet was splited servel seciton to send to the server sometimes.so in tcp layer,how can i combining the packet to one http data?if want return one block page to user how can i do? certain,i have read the topics beforetimes on the board. u had suggest us to modify the current packet. well, but if the current packet is not enought long,what can we do? i think u must be asked for many times,u can consider to release out a modify pakcet sdk!haha~~~~~~~:)
============================================
in using the “Local Network Monitor API”,please, how to modify the data buffer~(modify the tdi packet),can it? if not,please tell me another way to modify it. winpkfilter is too difficute to modify a packet. althought,is there a good way to modify the packet or block the packet in the realtime!!by the way, when i read the chm,i saw:
FLT_FLAG_EXCULE_LOOPBACK
Asks the helper driver to apply the filtering rule to the remote requests only.
FLT_FLAG_EXCULE_REMOTE
Asks the helper driver to apply the filtering rule to the local host (loopback) requests only.is it opposite?
if want return one block page to user how can i do? certain,i have read the topics beforetimes on the board. u had suggest us to modify the current packet. well, but if the current packet is not enought long,what can we do? i think u must be asked for many times,u can consider to release out a modify pakcet sdk!
This is a very general question. If there is not enough space in the original packet you can extend it to the maximum possible size or inject extra packets into the TCP stream. In both cases you have to care of about controlling the TCP connection state and modify SEQ/ACK fields of the follow up packets. I would advise to inject a simple and short HTTP redirect code instead of injecting extra packets, this would save you lots of time.
- You must be logged in to reply to this topic.