Open tcp/udp ports with no socket

Question

I have started working with winpcap, and i got a funny situation with tcp/udp ports. I wrote a packet forwarder, that sniff on interface and forward packets from specified ports. I do not open the ports because i sniff directly from interface. The problem is that the tcp/ip stack answers RST,ACK on closed tcp port, and an ICMP Destination unreachable on closed UDP port.

I need to solve that issue in a way that closed port won't answer anything that will interrupt the conversation.

Is there a way i can drop packets from reaching to tcp/ip stack? Can i disable the automatic answers of RST,ACK and destination unreachable? Can i listen on tcp that wont replay a SYN ACK on a SYN packet?

Hope i got myself clear, thanks.

Answer 1

Two solutions that I can think of:

• Don't use your PC IP address, use a different IP address, and implement a small ARP reply logic, that's less headache that trying to prevent packets from reaching the OS.
• Use the WinDivert driver https://www.reqrypt.org/windivert.html I know it can make the OS drop packets, but not sure if that covers the SYN packets as well.