Excuse me each bosses, want to do now a Linux network packet interception and modification, the need to intercept and modify raw_socket raw socket packets sent, could you recommend a good method? Known netfilter and iptables is not possible that the two of the intercept occurs at the network layer, cannot intercept the link layer raw socket packets have learned about BPF (eBPF) packet filters, Berkeley ebtables frame by iptables matching specific rules, compulsory ftrace hook kernel function (kernel version greater than 3.19), the LSM kernel security modules, but these methods all have no find good reference, there is no test is successful, if there are other methods can be implemented, such as driving or modify the kernel, a great god can some directions? In this first thanked,