I want to intercept packets and get the IP/Port numbers, along with the PID/UID of the connection. Things I'm thinking about and what not below...
- VpnService: When using the app tPacketCapture, you can clearly see that they start a VpnService. This is where I think I'll be able to do it. However, what would I search on Google/what do I need to look up about the VpnService so that it just acts as a channel for all the packets to go through so I can read what they contain? I've emailed the company that worked on tPacketCapture, but they've yet to get back to me. If anyone has any idea on this, please say what you know.
- /proc/[pid] file system. This area of the OS has valuable information, most importantly, /proc/net/tcp and /proc/net/udp which are both of interest, but I'd rather not constantly read these files and build everything up myself. Hence the VPN solution above.
- Their are minor other things, but ultimately, they won't work as well as the VpnService, so if anyone can help me with that and making it "local" only, or even what to search to find other examples in other languages, that'd be great.
So, ultimately, my question is, how do you make a VpnService to just reroute the packets to and from where they were originally going to/from.
Any help on this matter would be greatly appreciated.
Thanks!