I set up a pc as a linux-based (Red Hat 9.0) bridge device at first. The pc got two NICs, both of their IPs set as 0.0.0.0. Just now, whole the LAN can uses the pc as a transparent bridge to communicate with external network without change any network setting.
Consider to monitor the data stream between LAN and external network. I try to implement a sniffer-like app in the bridge device now.
Below is a portion of my sniffer app, as I run the app in the bridge device, the outcoming result will be: print test line 01
not my expected result: print test line 01 print test line 02
No one is making requests of 0.0.0.0:80, where you are listening. The requests are being forwarded by the linux kernel to the appropriate hosts. Since forwarding takes place at the kernel level you'd probably have to put hooks in the kernel to let you monitor traffic or do some iptables magic to route requests to some port locally which you could monitor, then forward that traffic on to it's destination.
Thank you, Joe Ess. You really made clear for me now, thanks for your instruction & suggestion. I will do more research about the kernel level and "to put hooks in the kernel". I appreciated to hear more reference or information from you if you are in convenience, thanks
subject: how to implement an app in a bridge to grab input stream from the Internet