You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
39 lines
1.2 KiB
39 lines
1.2 KiB
from netfilterqueue import NetfilterQueue
|
|
from scapy.all import *
|
|
import os
|
|
import argparse
|
|
import ipaddress
|
|
|
|
|
|
def modify_iptable(packet):
|
|
print("Got packet in queue")
|
|
|
|
parsed_packet = IP(packet.get_payload())
|
|
if IP in parsed_packet:
|
|
ip_src = parsed_packet[IP].src
|
|
ip_dest = parsed_packet[IP].dst
|
|
network = ipaddress.IPv4Network(f"{ip_dest}/{args.subnet_mask}", strict=False)
|
|
ip_dest_network = network.network_address
|
|
|
|
if ip_src and ip_dest:
|
|
print(f"Deleting rule to {ip_dest_network}/{args.subnet_mask} via {args.gateway}")
|
|
os.system(f"ip route delete to {ip_dest_network}/{args.subnet_mask} via {args.gateway}")
|
|
packet.accept()
|
|
|
|
|
|
parser = argparse.ArgumentParser()
|
|
parser.add_argument("-g", action="store", dest="gateway")
|
|
parser.add_argument("-id", type=int, action="store", dest="queue_id")
|
|
parser.add_argument("-s", type=int, action="store", dest="subnet_mask")
|
|
args = parser.parse_args()
|
|
if args.gateway and args.queue_id and args.subnet_mask:
|
|
nfqueue = NetfilterQueue()
|
|
nfqueue.bind(args.queue_id, modify_iptable)
|
|
|
|
try:
|
|
print("Waiting for packets ...")
|
|
nfqueue.run()
|
|
except KeyboardInterrupt:
|
|
pass
|
|
else:
|
|
print("Some arguments were missing")
|
|
|