crash.software
Projects
Pull Requests
Issues
Builds
geneva
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY geneva Commits 0898d7b2
🤬

  • Engine only specifies interface to iptables if requested by user

  • Loading...
  • Ubuntu committed 4 years ago
    0898d7b2
    1 parent eb1c93f9
Revision indexing in progress... (symbol navigation in revisions will be accurate after indexed)
  • ■ ■ ■ ■ ■ ■
    engine.py
    skipped 118 lines
    119 119   self.censorship_detected = False
    120 120   
    121 121   self.interface = interface
     122 + self.specify_interface = True # track whether a single interface was specified
    122 123   if not interface:
     124 + self.specify_interface = False
    123 125   self.interface = actions.utils.get_interface()
    124 126   
    125 127   # Specifically define an L3Socket to send our packets. This is an optimization
    skipped 100 lines
    226 228   add_or_remove = "A"
    227 229   if remove:
    228 230   add_or_remove = "D"
     231 + 
     232 + out_interface = ""
     233 + in_interface = ""
     234 + if self.specify_interface:
     235 + out_interface = "-o %s " % self.interface
     236 + in_interface = "-i %s " % self.interface
     237 + 
    229 238   cmds = []
    230 239   for proto in ["tcp", "udp"]:
    231  - cmds += ["iptables -%s %s -p %s --%s %d -o %s -j NFQUEUE --queue-num %d" %
    232  - (add_or_remove, out_chain, proto, port1, self.server_port, self.interface, self.out_queue_num),
    233  - "iptables -%s %s -p %s --%s %d -i %s -j NFQUEUE --queue-num %d" %
    234  - (add_or_remove, in_chain, proto, port2, self.server_port, self.interface, self.in_queue_num)]
     240 + cmds += ["iptables -%s %s -p %s --%s %d %s-j NFQUEUE --queue-num %d" %
     241 + (add_or_remove, out_chain, proto, port1, self.server_port, out_interface, self.out_queue_num),
     242 + "iptables -%s %s -p %s --%s %d %s-j NFQUEUE --queue-num %d" %
     243 + (add_or_remove, in_chain, proto, port2, self.server_port, in_interface, self.in_queue_num)]
    235 244   # If this machine is acting as a middlebox, we need to add the same rules again
    236 245   # in the opposite direction so that we can pass packets back and forth
    237 246   if self.forwarder:
    238  - cmds += ["iptables -%s %s -p %s --%s %d -o %s -j NFQUEUE --queue-num %d" %
    239  - (add_or_remove, out_chain, proto, port2, self.server_port, self.interface, self.out_queue_num),
    240  - "iptables -%s %s -p %s --%s %d -i %s -j NFQUEUE --queue-num %d" %
    241  - (add_or_remove, in_chain, proto, port1, self.server_port, self.interface, self.in_queue_num)]
     247 + cmds += ["iptables -%s %s -p %s --%s %d %s-j NFQUEUE --queue-num %d" %
     248 + (add_or_remove, out_chain, proto, port2, self.server_port, out_interface, self.out_queue_num),
     249 + "iptables -%s %s -p %s --%s %d %s-j NFQUEUE --queue-num %d" %
     250 + (add_or_remove, in_chain, proto, port1, self.server_port, in_interface, self.in_queue_num)]
    242 251   
    243 252   for cmd in cmds:
    244 253   self.logger.debug(cmd)
    skipped 229 lines
Please wait...
Page is in error, reload to recover