Let's say an HTTP server is running on port 8080. I want all packets on "eth0" that have destination port 8080 in their TCP header and some other condition is met(for instance URG flag is up) to be dropped before reaching the server (with other words the server should not be able to see these packets). Something like a "firewall".
I need a Go implementation. So far I managed to capture the network traffic on "eth0" and I know how to filter it. Is there any way I can drop the packets that I captured by the following program:
package main
import (
"github.com/google/gopacket"
"github.com/google/gopacket/pcap"
"fmt"
"log"
"time"
)
var (
device string = "en0"
snaplen int32 = 65535
promisc bool = false
err error
timeout time.Duration = -1 * time.Second
handle *pcap.Handle
)
func main() {
handle, err = pcap.OpenLive(device,snaplen,promisc,timeout)
if err != nil {
log.Fatal(err)
}
defer handle.Close()
packetSource := gopacket.NewPacketSource(handle,handle.LinkType())
for packet := range packetSource.Packets() {
fmt.Println(packet)
}
}