Skip to content

redirect package to a different IP #13

Open
Open
redirect package to a different IP#13
@bonifaido

Description

@bonifaido
bonifaido
opened on Dec 14, 2022

I have the following example, which tries to redirect my pings to 8.8.8.8 address instead of the original request:

package main

import (
	"fmt"
	"net"
	"os"

	"github.com/AkihiroSuda/go-netfilter-queue"
	"github.com/google/gopacket/layers"
)

func main() {
	var err error

	nfq, err := netfilter.NewNFQueue(0, 100, netfilter.NF_DEFAULT_PACKET_SIZE)
	if err != nil {
		fmt.Println(err)
		os.Exit(1)
	}
	defer nfq.Close()
	packets := nfq.GetPackets()

	for true {
		select {
		case p := <-packets:
			fmt.Println(p.Packet)

			p.Packet.NetworkLayer().(*layers.IPv4).DstIP = net.IPv4(8, 8, 8, 8)

			fmt.Println("new ->", p.Packet)

			p.SetVerdictWithPacket(netfilter.NF_ACCEPT, p.Packet.Data())
		}
	}
}

I think from the logs, that it doesn't work, since even if I change the IP to a bad address instead I still get a response in ping CLI, where am I doing it wrong?

I used sudo iptables -A OUTPUT -p icmp -j NFQUEUE to setup the queue.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions