Created
December 17, 2016 10:29
-
-
Save furusiyya/78661b2dd455789022ac15e2ef5a49fb to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //IPTable rules for capturing ssh packets | |
| //sudo iptables -A INPUT -p tcp --dport 22 -j NFQUEUE --queue-num 0 | |
| //sudo iptables -A OUTPUT -p tcp --dport 22 -j NFQUEUE --queue-num 0 | |
| //sudo iptables -A FORWARD -p tcp --dport 22 -j NFQUEUE --queue-num 0 | |
| package main | |
| import ( | |
| "fmt" | |
| "github.com/AkihiroSuda/go-netfilter-queue" | |
| "os" | |
| ) | |
| func main() { | |
| var err error | |
| nfq, err := netfilter.NewNFQueue(0, 100, netfilter.NF_DEFAULT_PACKET_SIZE) | |
| if err != nil { | |
| fmt.Println(err) | |
| os.Exit(1) | |
| } | |
| defer nfq.Close() | |
| packets := nfq.GetPackets() | |
| for true { | |
| select { | |
| case p := <-packets: | |
| fmt.Println(p.Packet.ApplicationLayer()) | |
| fmt.Println(p.Packet.TransportLayer()) | |
| fmt.Println(p.Packet.Dump()) | |
| p.SetVerdict(netfilter.NF_ACCEPT) | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment