Help me get started (traffic manipulation) - c++

My main goal is to create an advanced program for manipulating the packets that route within my network via the router. Let my program have total control over the router. Set the download/upload speeds to my inputs, apply the effect to certain devices within in my network. Block upload or download traffic. Set second delay for either the upload or download speed. Specify % of loss packets, and the list goes on.
The problem is that I don't know where to start. I know most languages at the very most basic level. I'd like to create this program in either C, C++ or C# but I don't know yet. What else do I need to know before creating this program? Winsock or something? Winpcap APIs?
This goal is my motivation to learn programming to the extreme, and I'm really looking forward to it.
Thanks in advance!

Hmmm I guess you would want to look at pcap(?):
pcap

Check out:
http://beej.us/guide/bgnet/html/multi/index.html
'Beej's Guide to Network Programming
Using Internet Sockets'
All you could possibly need to know about programming sockets for capture and manipulation.
If I were you I'd write it in C, I'm writing a similar project at the moment in C++ and it's hell but too late to stop and start again.
Hope that helps.

Bear in mind that you either need a router that you can re-program or you need to use your PC as a router to do this.
Either way you want to look into how IPTABLES are implemented.

I've never seen Desktop Windows used as a router only Windows Server, though it may still be possible. libpcap is for packet capture, but not interception as I understand it. Programs like Wireshark use it to monitor copies of packets, but not to modify them. If you want to attempt this, my impression has been that there is a lot more documentation and tools for doing something like this with NetFilter/IPTables on Linux. You can even install something like OpenWRT on a compatible router and get a small, cheap Linux router, though having Desktop Linux will probably help for development. The NetFilter QUEUE library can be used with some IPTables firewall rules to redirects specific (or all) packets to a regular user program. That program can then read the packet and modify it or even request it to be dropped.
http://www.netfilter.org/projects/libnetfilter_queue/

If you want to manipulate network traffic on a Windows machine (as you mentioned), you will need some extra software. This operating system wont give you the full control over itself, which is fine for some reasons.
I think what you want to do, should be done with either winpcap or win10pcap if you are using Win10. These packages contains a windows driver and the libpcap user space library.

Related

Shell script or c++ library for viewing internet connections and build a firewall

(I Use Ubuntu)
I'm looking for some pointers for writing a firewall program which denies every port/ip at first and creates rules by asking you whenever a program wants to access the internet, much like the discontinued product Kaspersky Anti Hacker for Windows. I especially want to use it on web browsing. So if my web browser wants to access stackoverflow.com the program should ask me if it should make a connection to stackoverflow.com's ip address, or when torrent client wants to connect a peer It should ask to either allow that port or allow that ip/port only.
I have used gufw but I have to know the port/ip before adding the rules so it isn't as I want it to be. I'm also trying to stay out of Firestarter since the last release was in 2005. So I have decided to write my own.
I just need some pointers on this subject. It can be a terminal command to see the connections I make with other computers, or a way to prompt before making connections, an open source project that sounds like this, or a c++ library/shell program that I can use to write a program for this... Any lead at all would suffice.
If you could point me in the right direction, I would appreciate it.
PS. I am familiar with c++ and shell and php but that's irrelevant.
Hmm, you seem to be interested in Windows only. If so, you might wish to look at Windows Layered Socket Providers (LSP) infrastructure.
In short, you can write DLL, which would be automatically loaded into any application that uses Winsock. This DLL can intercept calls to any Winsock function like connect(), send() and etc. When such call is intercepted you can show user some window asking if he wish to connect to this address.
So, this can be used to build such firewall application you are thinking of.
There should be a lot of documentation on how to create LSP's on Microsoft site, but i remember especially nice example by Komodia company - http://www.komodia.com/lsp/lsp-sample.

communication between two computers with 2 c++ programs [closed]

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
I have one computer that is running a c++ program to control a robot and another computer that is running a computer vision system (also written in c++). I would like for these two programs to be able to talk to one another. The communication would not have to be complex, I would just need the robot computer to be able to tell the vision computer when a trial begins and ends (when to start and stop a data collection sequence). Do any of you have advice on how to approach this problem? Rs232 communication between the computers? Some kind of networking solution? smoke signals? Any suggestions would be welcome.
thank you in advance
(edit) In case you think the statement above is vague:
I need to pass a binary (go/don't go) signal from one computer to another. Unfortunately I can't be more specific about what this will look like because (obviously) I don't know what is available. Both computers are on a network, and both computers are running windows. The goal is to syncronize data collected by the computer vision system with actions performed by the robot. The communication does need to be fast enough that it will not slow down either the robot or the computer-vision program. a "good" solution would be 1) easy to implement 2) fast. I do not know much about networking and I am looking for a place to start looking.
thank you again for your assistance
You might use a simple UDP protocol - the advantage being that if you understand the concepts of simple packet protocols on RS232 you'll find it easy to transfer that knowledge to sending the packets via UDP.
If you want a reliable (as in, other parts of the system will worry about errors and retries) stream of bytes between the two PCs, then TCP/IP is not much more complicated to use than UDP.
Both UDP and TCP are accessed through 'sockets'. I'm afraid you'll find that from C++ there is rather a lot of tedious boilerplate to getting that working, but there are lots and lots of examples around.
If they are network-connected you could just use sockets.
The best option will be to use network communication. The easiest way to approach this should be to look at the networking examples in Qt.
You basically will create a client and a server application. You decide what the client does when it sees a certain message from the server. That's all. Qt should take care of the rest of the stuff.
Other answers suggests TCP/IP, UDP, RS232, ... All those things are just options when you use QtNetwork module. I assume that since you ask your question, you don't know about the difference between those. So the safest bet will be to use the highest level (free) library, hence the suggestion to look into Qt.
Another option is to use Boost.Asio. I tend to prefer Qt solution since their API is nicer.
That sounds like a fairly good use for the network socket. If both your machines are on Windows you can even use named pipes.
For Windows, you will need to open the COM n port as a file to communicate over a serial port[1]. I don't have access to my code now, I can look it up when I get home.
RS232 is easy and I like it. However, it it is slow. You need to consider that in your design.
[1] For C++.
Most modern computers have Ethernet capability, so get yourself a cheap hub or switch and look at networking APIs. There's usually some fairly easy socket stuff. One advantage of this is that, if you want to increase communication ability later, such as having your vision software provide instructions and guidance to your robot, you've got the basics set up.
Alternately, set up your vision program so you can start and stop it by hitting random keys. When you're going to use it, put the keyboard in front of the robot computer's CD drive, and eject at the start and end of the robot run.
This may be overkill in your situation, but if I were in your shoes I would probably implement it using the HTTP protocol. The vision computer would run a HTTP server and the robot computer would communicate the state changes using POST requests. The Poco C++ Net library provides you with the facilities required to do this.
I would use a TCP/IP socket for communications. TCP guarantees that the data will make it. So, all you need to do is parse the data.
RS232 is an easy option to program for, however modern PCs don't tend to have RS232 ports. You may need to get USB-RS232 adapters or install a PCI card.
The other problem with RS232 is that you have an additional wire to worry about which can be a nusiance. Also RS232 cables can be limited in length (5-15m) unless you invest in some clunky RS232 repeaters or bluetooth connectors, etc.
On top of all that you're also adding one more item to your project that can go wrong and cost you time in deploying and debugging.
IMO, an elegant engineering solution would be to utilise the hardware that you have and use TCP/IP sockets to communicate.
The web is awash with examples on passing messages between servers and clients:
If you're using Linux:
http://www.linuxhowtos.org/C_C++/socket.htm
Using Windows:
http://www.adp-gmbh.ch/win/misc/sockets.html
I also might look at something like 0MQ to make the connection more robust. It will transmit and reassemble messages regardless of the transport, and handle buffering in the case of temporary loss of connectivity.
But the bottom line is that I would use TCP/IP, but depending on the nature of the robot you may want a slightly more robust connection system than TCP sockets. UDP is nice because it's connectionless-- if the robot temporarily travels out of range/sight/etc you wont have to rebuild the socket and context.

Linux's Windows Filtering Platform equivalent?

More than once I picked myself wanting to have an easy way to edit packets on-the-fly in my LAN, so I thought it was time for me to make some "machinery" to do the job. I think WFP would do exactly what I needed.
Not only I wanted to filter and edit packets off the computer my program would be running, but I would also like to ARP poison a machine in my LAN and edit the packets routed through the other one (I don't know wheter I could do this using WFP; that's another part of my question. If anyone knows, please tell me).
The problem is I'm not being able to download Visual C++, and I need it to use the WFP (it's part of the Windows SDK, which is not fully available for MinGW; porting the headers myself is generally a headache). Also I simply would like to know how to do that in Linux.
Anyone?
(Complementary question at ServerFault.com: https://serverfault.com/questions/74915/best-way-to-live-edit-packets-from-another-computer)
The most common way to capture and store packets in linux is through libpcap. You can use standard sockets to send the packets or generic libraries (boost::asio).
You can accomplish the same using wireshark. I believe wireshark will allow replay and/or injection.
As far as arp poisoning, you will probably have to do that directly with arp packets yourself.

http/http traffic analyzer

i would like to develop a c++ application that would list all url accessed with its response time within the pc. this probably would be transparent to the user, so it would be a dll.
can anyone gve me some sample codes or tutorials on th said matter.
or any tips and suggestion?!..
thanks alot:))
You should take a look at the fiddler plug-ins. This is not a trivial exercise. You need to do dependency injection to capture the wininet calls. Even so not all apps use the high level windows api to initiate connections. Applications that make TCP connections might last for a long time since not all TCP calls are simple web requests.
As Byron has said, this is a non-trivial exercise. You could do it using libpcap http://sourceforge.net/projects/libpcap/ having installed http://www.winpcap.org/ on Windows. Tutorials for using libpcap are around and you'd need to learn to filter out everything but http/https traffic, although once you've got to that stage it shouldn't be too hard. Try http://yuba.stanford.edu/~casado/pcap/section1.html for starters or http://systhread.net/texts/200805lpcap1.php. Both tutorials look reasonable.
I also feel I should point out that "transparent to the user" and "dll" are not equivalent ideas. A DLL is a set of library functions separate from an application that can be used by many applications - see http://en.wikipedia.org/wiki/Dynamic-link_library. A "standard" executable file (i.e. file ending in .exe) can still be transparent to the user if run, for example, as a Windows Service, which might be more what you are looking for.

What component do I need to monitor my internet traffic on my PC?

I would like to be able to see and monitor my internet data (http/emule/email) on my own PC using Windows XP. I am thinking of something like WireShark but I would like to control it programmatically.
I would be using C or C++.
How can I do this?
WireShark uses winpcap to do it's thing.
Winpcap comes with a C interface.
winpcap is probably the most well known choice, but you could also write a Layered Service Provider. There's not a whole lot of documentation, but a good place to start is the article on msdn: http://www.microsoft.com/msj/0599/LayeredService/LayeredService.aspx
This has some advantages vs layer 2 packet parsing, but also some disadvantages. You'll need to evaluate where in the stack you want to live.
edit: Obviously, when I say pcap -- I really mean any similar approach. Obviously, winpcap was not the first driver/library combo to provide this sort of information.
Have a look at the code of the tool trafficWatcher. It uses WinPCap to distinguish between LAN and internet traffic.
The sourcecode is available here.