script to duplicate outgoing TCP packets

duppkt.rb

#!/usr/bin/env ruby
require 'socket'
require 'pcaprub'
require 'packetfu'

IDENTIFY_TTL = 105
interface = 'eth0'
DUPS = 1 # number of duplicated packet(s)

SIOCGIFINDEX = 0x8933

rsock = Socket.new(Socket::AF_PACKET, Socket::SOCK_RAW, Socket::IPPROTO_RAW)
ifreq = [interface.dup].pack('a32')
rsock.ioctl(SIOCGIFINDEX, ifreq)
rsock.bind([Socket::AF_PACKET].pack('s') + [Socket::IPPROTO_RAW].pack('n') + ifreq[16..20]+ ("\x00" * 12)) #let's blame ruby
localaddrs = Socket.ip_address_list.select{|intf| intf.ipv4? or intf.ipv4_private? and !intf.ipv4_loopback? and !intf.ipv4_multicast? }
capture = PCAPRUB::Pcap.open_live(interface, 65535, true, 0)
filter = localaddrs.map{|addr| "src host #{addr.ip_address}" }.join(' or ') + ' and tcp'
capture.setfilter(filter)
begin
  capture.each do |pkt|
    pktf = PacketFu::IPPacket.parse pkt
    if pktf.ip_ttl != IDENTIFY_TTL
      pktf.ip_ttl = IDENTIFY_TTL
      begin
        DUPS.times { rsock.sendmsg_nonblock pktf.to_s }
      rescue => e
        p e
      end
    end
  end
ensure
  capture.close
  rsock.close
end