[cozmik]

Oh I learned a bit there from that code! Thanks to SerpentFly! 8)

[cozmik]

SerpentFly,

I’ve done further testing on this issue. It seems that the captured packet length reported by INTERMEDIATE_BUFFER.m_Length for some IP packets is incorrect. I’ve proven it by trimming off the unnecessary ending null bytes and resending the packet without it being dropped. If EthHeaderLength + IPDatagramLength < INTERMEDIATE_BUFFER.m_Length, then I can trim off the last difference null bytes and resend the packet safely. When doing all of this, I noticed an interesting behavior for TCP/IP packets. As you know, part of the TCP checksum uses the total TCP datagram length. Well, it seems that the captured packet TCP checksum includes these ending null bytes! If I modify the checksum to match the new shorter TCP datagram length, the resent packet is dropped. How a packet can be sent with a TCP checksum that doesn’t match the TCP datagram length is beyond my understanding. I hope you can help with this. Fragmented packets were not tested. Nor were other packet IP protocol types. I figured I’d keep it simple until you reply with advice. Thanks. ~Cozmik

[cozmik]

Um, the guy who wrote the previous post, yj1tm2pl3, is purposely cluttering up a great accomplishment by HenniP. In respect of this, can an admin please remove yj1tm2pl3’s post here? Thanks.

HennieP, great job. How you were able to just do this in “listen” mode is fantastic. Can you post your source code somewhere so we can all share the magic? Thanks.

[Author]

Posts