Modify Packets On The Fly With Scapy?

Is it possible to do this? from scapy.all import * def action(packet): print packet[0][1].src + '==>' + packet[0][1].dst print 'Rerouting to localhost' packet[0][1]

Solution 1:

There is no way to do this, because Scapy sniffs packets without interfering with the host's IP stack.

You could send another packet based on a sniffed packet, but you cannot "drop the packet" with Scapy.

The only solution I can think of, under Linux, involves iptables + libnfqueue and its Python bindings + Scapy. But obviously, if you just want to reroute a packet, iptables alone is enough, and much better.

Under any other OS, you need anyway to have some kind of firewall software to either pass the packet to a userland program (like libnfqueue under Linux, here you can do your Scapy magic) or tamper the packet itself.

Maybe you could have a look at IPS softwares (suricata?), since tampering packets based on some criteria is what does an IPS.