drop in libnids like api?
Juli Mallett
juli at clockworksquid.com
Mon Dec 16 16:28:33 PST 2013
Alfred,
It's probably the "libuinet" component you're looking for, but that's an
active userland TCP stack, not a passive one. That is, you can do full
TCP/IP with libuinet pretty easily, but you can't just hand it packets and
look at a stream you're intercepting. It might be possible to make it
provide two half-connections for each connection from the wire at some
point, with data going into a socket and being readable, but that
functionality isn't there now. I know there's some interest in funding Pat
Kelsey (who did the "libuinet" work) to do that, but I don't think there's
any roadmap for it. I may also be misunderstanding what you're using
libnids to do.
Thanks,
Juli.
On Mon, Dec 16, 2013 at 2:16 PM, Alfred Perlstein <alfred at freebsd.org>wrote:
> Hey a friend referred me to wanproxy as an alternative to libnids.
>
> I'm wondering is there overlap in the functionality such that I could drop
> it in place for the backend for dsniff's suit of utils, specifically
> urlsnarf.
>
> -Alfred
> _______________________________________________
> wanproxy mailing list
> wanproxy at lists.wanproxy.org
> http://lists.wanproxy.org/listinfo.cgi/wanproxy-wanproxy.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wanproxy.org/pipermail/wanproxy-wanproxy.org/attachments/20131216/cb06f35d/attachment-0003.htm>
More information about the wanproxy
mailing list