Welcome to WebmasterWorld Guest from

Forum Moderators: bakedjake

Message Too Old, No Replies

Capturing a packet from ethernet and transfering to Apache in Linux

4:15 pm on Feb 12, 2007 (gmt 0)

New User

5+ Year Member

joined:Feb 12, 2007
votes: 0

I am working on a firewall and need to capture packets from the ethernet and then do some analysis on it before sending it to Apache application. I am been able to capture the packets but they are also received by the Apache at the same instant. But I need to analyze the packet before it is received by apache. Any help in this regard would be highly appreciated.


9:34 pm on Feb 12, 2007 (gmt 0)

Preferred Member

10+ Year Member

joined:Aug 28, 2003
votes: 0

The issue that you're having is that running something (tcpdump/snort/wireshark) in promiscuous mode is considered passive monitoring, where it does not modify or block any incoming traffic.

What you're looking for is either a "helper" application that listens to port 80, analyzes the traffic, then forwards it to apache (listening on another port).

Or, what you might want to look at is having another system that is acting as a router (NAT or otherwise) in front of your apache server, with two NICs, which analyzes the traffic, and if it deems it good, it can forward it on to the apache webserver.