Can I block or modify the packets instead of just capturing them?
I'm not sure I understand the question. Once the packet is captured, you can do whatever you want with it. If you are asking if you can filter out packets from being captured, you can do that with pcap filters. If you want to prohibit another machine from receiving a packet from the network, unless your system running libpcap is acting like a switch or a router, you can not.
Please clarify your question, if this is not what you ment.
Cheers,
mark...
I need to redirect the packets. Something like a port redirect.
I would like to send the packets destined for port 80 to another port.
I need block some packets too. Like a firewall.
jNetPcap captures packets and has the ability to send raw packets as well. So if your system is in the middle of the transaction and you want to capture all packets part of that transaction, filter them, rewrite port numbers and datalink layer, and send them out to another network. Sure you can do that.
As a matter of fact, you could do that very efficiently by rewriting in place (the same buffer you receive the packet). jNetPcap delivers buffers to you without copies. You could avoid copying as well, if all you are is rewriting certain fields within the packet.
Keep in mind you would have to rewrite: Ethernet source, destination fields. Tcp port numbers, recalculate tcp header checksum, etc...