Network Device Development - Part 4: Firewall 103 ~ Protocol Filter & Payload Filter & Payload...
24
Network Device Development PART 4 – Firewall 103: Protocol Filter & Payload Filter & Payload Modifier SEAN
-
Upload
cheng-yi-yu -
Category
Software
-
view
798 -
download
0
Transcript of Network Device Development - Part 4: Firewall 103 ~ Protocol Filter & Payload Filter & Payload...
Network Device Development
PART 4 – Firewall 103: Protocol Filter & Payload Filter & Payload Modifier
SEAN
Sean
• Developer
• https://www.facebook.com/erinus
GitHub
https://github.com/erinus/NetworkDeviceDevelopment
Read Me
It is a series of training. If you have no experience on kernel module development, you must view
other presentations.
1. Network Device Development - Part 1: Switchhttp://www.slideshare.net/erinus/network-device-development-part-1-switch
2. Network Device Development - Part 2: Firewall 101http://www.slideshare.net/erinus/network-device-development-part-2-firewall-101
3. Network Device Development - Part 3: Firewall 102 ~ IP Filterhttp://www.slideshare.net/erinus/network-device-development-part-3-firewall-102-ip-filter
First Protocol Filter
Protocols over IP
Second Payload Filter
VMnet2
192.168.102.?
VMnet3
192.168.103.?
CLIENTUbuntu Desktop192.168.102.128
CLIENTUbuntu Desktop192.168.103.128
SWITCHDebian
VMnet1
NAT
eth1 eth2
eth0
TCP (IP 192.168.103.*) Payload contains "fuck"
TCP (IP 192.168.103.*) Payload without "fuck"
Modify main.c
Find "fuck"
Install
$ make
$ make install
$ dmesg
Test your Firewall
Create HTTP Server on CLIENT of VMnet3
$ sudo python server.py
Test on CLIENT of VMnet2
Open Web Browser and connect:
1. http://192.168.103.128/ Success
2. http://192.168.103.128/test Failure
$ ping 192.168.103.128 Success
Third Payload Modifier
VMnet2
192.168.102.?
VMnet3
192.168.103.?
CLIENTUbuntu Desktop192.168.102.128
CLIENTUbuntu Desktop192.168.103.128
SWITCHDebian
VMnet1
NAT
eth1 eth2
eth0
TCP (IP 192.168.103.*) Payload contains "fuck" Return "****"
TCP (IP 192.168.103.*) Payload without "fuck"
Modify main.c
Modify main.c
Change "fuck" to "****“
and do not forget to
re-calculate checksum
Install
$ make
$ make install
$ dmesg
Test your Firewall
Test on CLIENT of VMnet2
Open Web Browser and connect:
http://192.168.103.128:80/
Test on CLIENT of VMnet2
Open Web Browser and connect:
http://192.168.103.128:80/test
Next Part
Firewall 104
