Hi,
I'm developing some tunneling software for consoles (Xbox, PS2, GC, etc) much like Aquaduct and Warp Pipe.
I'm using libpcap to capture console packets. I have used pcap_open_live() in promiscuous mode and applied a pre-filter with "ether src my_console_mac_address". pcap_compile() returns success, pcap_setfilter() also returns success and all gaming packets are captured.
When a remote gaming packet arrives, I'm using pcap_fileno() to get the network device file descriptor and using write() to inject that remote packet into my local network layer.
First of all, on line 470 of pcap-bpf.c (current libpcap version), that device was opened with O_RDONLY flags. I've tried to fnctl() later on my code with no success, so I just hacked libpcap source code and changed that line to O_RDWR instead of O_RDONLY.
I was getting a "Bad file descriptor" before, but now it seems to work ok (almost). Packets are being written to wire.
The problem that still exists is that it looks like that only packets destined to broadcast ff:ff:ff:ff:ff:ff are being successfuly injected, all the others that have my console mac address as destination (for ex.) are dropped by the OS for some reason. I've read alot about OSX not allowing mac spoofing but it doesn't seem to be the problem since Aquaduct et al don't need any kernel level hacking or any additional tools to successfuly inject packets.
This kind of console gaming uses basically datalink layer with mac addresses for source and destination.
I should say that write() returns success on every packet that I try to inject, although they seem to get lost. Another thing is that this source code is portable and running flawlessly under Linux (x86). Didn't try under Linux (ppc) yet.
If anyone has any idea, at all, about this subject you're more than welcome to share your insights.
Thank you all.
Top
