Last active
December 24, 2015 08:29
-
-
Save david415/6771167 to your computer and use it in GitHub Desktop.
an attempt to create a async twisted interface to the iptables NFLOG blocking packet reads; this example happens to use an echo server because it's simple. Use this with an iptables rule to populate the NFLOG e.g. iptables -A INPUT -p tcp --dport 2600 -j NFLOG
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import os | |
| from nflog_cffi import NFLOG | |
| from twisted.internet.protocol import Protocol, Factory | |
| from twisted.internet import reactor | |
| def NFLOG_get_packets(callback): | |
| def packet_handler(data): | |
| print 'NFLOG heard: sz=%dB' % len(data) | |
| reactor.callFromThread(callback, len(data)) | |
| nflog_kwargs = dict() | |
| queues = 0, 1 | |
| nflog = NFLOG().generator(queues, **nflog_kwargs) | |
| nflog.next() | |
| for pkt in nflog: | |
| packet_handler(pkt) | |
| class NFLOG_Echo(Protocol): | |
| def connectionLost(self, reason): | |
| os._exit(0) | |
| def connectionMade(self): | |
| reactor.callInThread(NFLOG_get_packets, self.packetReceived) | |
| def dataReceived(self, data): | |
| print 'echo got: %s' % data | |
| def packetReceived(self, sz): | |
| self.transport.write('pcap got: %uB\n' % sz) | |
| def main(): | |
| factory = Factory() | |
| factory.protocol = NFLOG_Echo | |
| reactor.listenTCP(9999, factory) | |
| reactor.run() | |
| if __name__ == "__main__": | |
| main() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment