Created
April 24, 2016 18:35
-
-
Save mangalaman93/1b611115883fb6d661f6cbf9450435d9 to your computer and use it in GitHub Desktop.
Netfilter example in python
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Installation | |
| # sudo apt-get install build-essential python-dev libnetfilter-queue-dev | |
| # sudp pip install NetfilterQueue scapy | |
| ## References | |
| # https://www.digitalocean.com/community/tutorials/how-to-list-and-delete-iptables-firewall-rules | |
| # https://github.com/phaethon/scapy | |
| # https://5d4a.wordpress.com/2011/08/25/having-fun-with-nfqueue-and-scapy/ | |
| # https://pypi.python.org/pypi/NetfilterQueue/0.3 | |
| # http://www.netfilter.org/documentation/HOWTO/netfilter-hacking-HOWTO-3.html | |
| # http://www.linuxjournal.com/article/7356 | |
| import netfilterqueue | |
| import socket | |
| import sys | |
| from scapy.all import * | |
| def process(pkt): | |
| data = pkt.get_payload() | |
| p = IP(data) | |
| pkt.set_verdict_modified(nfqueue.NF_ACCEPT, str(p), len(p)) | |
| nfqueue = netfilterqueue.NetfilterQueue() | |
| nfqueue.bind(1, process) | |
| try: | |
| nfqueue.run() | |
| except: | |
| nfqueue.unbind() | |
| sys.exit(1) | |
| # sudo iptables -A INPUT -d 127.0.0.1/32 -j NFQUEUE --queue-num 1 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment