WiFi direct – android local networking

In my earlier blog post I discussed data sharing between two android devices in same network using NSD. In this post we will see communication between two non-connected android devices (can be connected to same or other network, doesn’t really matter) via WiFi direct. Devices should be in WiFi range. I will start with a bit of theory about WiFi direct and then we will see how it is implementable using android APIs (Sample app source code git link at the end of post). Continue reading WiFi direct – android local networking

Packet Interception Application: Simple Firewall

In continuation with the previous blog, we will now have a look at a basic agent which can act as a firewall. This firewall will drop all the packets outgoing to a particular IP destination and let other packets go through.

First we ensure that the following IPTABLES rule is installed:

sudo iptables -A OUTPUT -p ip -j NFQUEUE --queue-num 0

We can validate this by listing all the iptable rules using:  

sudo iptables –list

Continue reading Packet Interception Application: Simple Firewall

Introduction to Packet Interception Using Netfilter

In the first blog of this series, we will focus on the concept of packet interception in user space and later on we will also look into use cases pertaining to this concept.

Such a user space agent can be developed using C (Python also has a similar set of libraries.) on a linux based OS.

Following external libraries would be required:

* libnfnetlink: A low level library for kernel/userspace communication

* libnetfilter_queue: A userspace library providing an API for packets queued by kernel

* libmnl: Internally used by libnetfilter_queue

Additionally, a command line utility called IPTABLES is also needed in order to install rules. Continue reading Introduction to Packet Interception Using Netfilter

Packet Interception Application: Elephant flow detection in SDN

Before proceeding to this use case, it would be better if the reader is acquainted with some basic SDN concepts.

Modern data center networks rely on multi-rooted topologies that offer many alternative data paths between any pair of hosts. As an example, a fattree topology is shown below.

Fattree topology with 4 core switches Continue reading Packet Interception Application: Elephant flow detection in SDN