I've been wondering how IPSec works from a developer s point of view, 'cuz I would like to be able to write my own custom "agent" to intercept and analyze packets before they are received by the OS mostly on Linux, and also do an injection at the payload level ( according to the IP address that I m sending to ) before they are sent ( like the ones done in IPSec ). Could anyone give me some pointers?
I am also interested to know what language is the best fit to do such task at a good speed but also in a secure way so that the agent cannot be compromised if the host is ( running in Ring 0 for example).
I am mainly focusing on Linux, but I would like to know if there is any cross-platform libraries out there as well let s say for Windows.
Cheers.
You may take a look at IPSec tools source code (http://sourceforge.net/projects/ipsec-tools/files/ipsec-tools/0.8.1/, http://ipsec-tools.sourceforge.net/) - unfortunately for Linux only but source code is open and IPSec is depicted there.