Reinjecting network packets into networkstack (RAW-Sockets)

Question

Im writing my Master-Thesis, and I have a small problem with my Implementation.

One part of the thesis, is to encrypt a network packet on PC A and send it to PC B. The reciever should now decrypt it and reinject it to the network stack, so that other application can work with the package.

For the first test case I used ICMP (request). Nftables are uses to filter the traffic, on System A, for outgoing packages. If there is an outgoing package which matches, I queue it with nft to userspace. My C-Application encrypts it, and sends it out with raw sockets . The package is received from PC B. On PC BI have a filter application, based on raw sockets. This application sees the incomming frame and decrypts it. When I check the result with wireshark, everything seems to be fine. Each bit of the decrypted frame equals the bits of ther original frame. Now the decrypted packet should be reinjected into the network stack. As I mentioned before, this is done by RAW-Sockets. I would expect now, that this reinjected package should be processed like a normal ICMP-Request packet. But this is not the case. The system receives the decrypted package, but no respond is send.

Is there any idea whats going worng? Is it possible to inject a packet with raw sockets into the own network stack?

In the last days I read something about TUN/TAP. would this be the right way to reinject my packages?

Thanks for your help!

Kind regards, Andreas

Answer 1

I got it to work.

I found a solution here: How to inject a raw L2 packet as an incoming packet to an interface on Linux?

On my first tries to search for an answer I havent found this thread. But now it works fine!

The solution is very easy. I need a virtual interface connected over a bridge to my physical interface eth0. So I send the packets, which I like to reinject into the stack, to the virtual interface. Over the bridge they were forwarded to eth0 and are processed as incomming frames.

Kind regards, Andreas