I don't want any language - I want the raw audio. I'm asking about (for example) monitoring a conversation, and you're asking which language I want: English, Spanish or Russian. The statements about "what layer three protocol to use" and "UDP vs TCP" miss the point. But you've not stated what layer three protocol you'd like to use. Those examples from Peter are UDP/IP not TCP/IP.
But if necessary I'd accept a systemic change that would 'quarantine' the ports from the TCP/IP stack. For example (but not correct): use SIOCSIFFLAGS to change IFF_RUNNABLE. Ideally, I'd want PitM to "strip off" the TCP/IP-ness of the port when it was configured as one of the two ports (ioctl?) - and restore it when it was released again.
I want the Interface to be Up so that I can open it, and read and write to it with a Raw Socket - but I don't want the Interface to do any of the 'normal' TCP/IP things. Assigning a static address is beside the point - I don't want ANY address while it is being used for PitM. Specifically, as soon as I plug the USB-to-Ethernet adapter in, it gets an interface name of "eth1" (not mentioned anywhere in /etc/network/interfaces or nf), and then DHCPs an Ethernet address. I call it "Pi in the Middle", or PitM (like cryptography's Man in the Middle - only benigner).
Moreover, the two endpoints wouldn't know that the forwarding was taking place. And since there's WiFi, you could also serve up a Web page to configure and monitor the traffic in real time, again without disrupting the traffic. All it'd have to do is transmit every packet it received to the opposite side so that communications wouldn't be disrupted (with a slight latency) - but you could also log packets of interest in real time. Connect the on-board Ethernet to the WAN modem, and the USB adapter to the LAN router, and you have a device that could, conceivably, with the right software, watch every packet that passes through. Take an ordinary Raspberry Pi, and plug in a USB-to-Ethernet adapter. You either pay $20K for an Ethernet diagnostic device - or you program a Raspberry Pi to do it for you! Ever since broadcast hubs went the way of the Dodo and were replaced by smart switches, you don't see everything passing by: if you're not involved in the conversation, you miss things. My favourite diagnostic tool is Ethereal (WireShark) - but it has one huge limitation. ARP, DHCP, ICMP, UDP, TCP, DNS - I understand it all. I've been programming TCP/IP sockets for twenty years. TL DR: How do I 'quarantine' an active, usable Ethernet port from the TCP/IP stack? This is gonna be a long one (or not - I hope)!
0 kommentar(er)
