[vbox-dev] vbox networking interception
Sander van Leeuwen
Sander.Vanleeuwen at Sun.COM
Mon Aug 25 10:54:32 PDT 2008
See VBoxManage -nictrace -nictracefile. This enables logging of all
network packets flowing through the interface.
If you want to do more then just logging, you could extend the filter
Valdir Stumm Junior wrote:
> Hi people,
> Firstly, I'll explain what I'm aiming to do. I need to intercept
> network packets sent by a VirtualBox Guest OS, to log the
> information(and do some transformation) if the communication is
> ocurring between two guest OSs running over VBox. But I want to
> intercept it before it pass through the TCP stack.
> So, my first solution was to read the VBox source code and find out
> how are made the network calls into vbox. If I'm not wrong, it's a
> task made by slirp, in the source code
> "vbox/src/VBox/Devices/Network/slirp/tcp_output.c" at "tcp_output"
> Then, to intercept the call to memcpy() made by "tcp_output" function,
> I'm using an interposition of memcpy, that logs the calls, gathering
> useful data to my logger.
> OK, let's directly to the problem. The interception is OK, but I'm
> having some trouble to identify precisely what is a tcp operation and
> what is not. I'm trying to identify a tcp header comparing the size of
> the tcphdr struct with the data being written with memcpy(), but it's
> not totally secure.
> Does anybody have some idea of how can I do this?
> vbox-dev mailing list
> vbox-dev at virtualbox.org
Kind regards / Mit freundlichen Gruessen / Met vriendelijke groet
Sun Microsystems GmbH Sander van Leeuwen
Werkstrasse 24 Senior Staff Engineer, VirtualBox
71384 Weinstadt, Germany mailto:Sander.Vanleeuwen at sun.com
Sitz der Gesellschaft: Sun Microsystems GmbH,
Sonnenallee 1, 85551 Kirchheim-Heimstetten
Amtsgericht Muenchen: HRB 161028
Geschaeftsfuehrer: Thomas Schroeder,
Wolfgang Engels, Dr. Roland Boehmer
Vorsitzender des Aufsichtsrates: Martin Haering
More information about the vbox-dev