class PacketThief::Impl::Netfilter

PacketThief implemented using the Linux kernel's Netfilter.

This is roughly equivalent to:

echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -A PREROUTING -p tcp –destination-port <DEST> -j REDIRECT –to-ports <LISTENER>

Currently only implements IPv4.

Note that the listening socket must have a blank hostname. If it is set to 127.0.0.1, then the socket will only run on the loopback device, and traffic that gets redirected from another device won’t reach it.

Constants

SO_ORIGINAL_DST: /usr/include/linux/netfilter_ipv4.h:define SO_ORIGINAL_DST 80

Public Class Methods

original_dest(socket) click to toggle source

Returns the [port, host] for a socket or EM::Connection that whose connection was redirected by netfilter

# File lib/packetthief/impl/netfilter.rb, line 97
def self.original_dest(socket)
  if socket.respond_to? :getsockopt
    sockname = socket.getsockopt(Socket::IPPROTO_IP, SO_ORIGINAL_DST)
  elsif socket.respond_to? :get_sock_opt
    sockname = socket.get_sock_opt(Socket::IPPROTO_IP, SO_ORIGINAL_DST)
  end
    Socket::unpack_sockaddr_in(sockname)
end

redirect(args={}) click to toggle source

# File lib/packetthief/impl/netfilter.rb, line 87
def self.redirect(args={})
  rule = IPTablesRule.new(self,'nat','PREROUTING')
  rule.redirect(args)
end