class PacketThief::Impl::Ipfw

Use Ipfw to redirect traffic.

Needed in at least Mac OS X 10.6 and later?:

sysctl -w net.inet.ip.scopedroute=0

[1]: trac.macports.org/wiki/howto/SetupInterceptionSquid

Sample rule:

sudo ipfw add 1013 fwd 127.0.0.1,3129 tcp from any to any 80 recv INTERFACE

Note that in Mac OS X 10.7 Lion, Apple still includes ipfw, but they are using pfctl to do network firewalling and routing.

Public Class Methods

original_dest(sock) click to toggle source

Returns the [port, host] for the original destination of sock.

Sock can be a Ruby socket or an EventMachine::Connection (including handler modules, which are mixed in to an anonymous descendent of EM::Connection).

When Ipfw uses a fwd/forward rule to redirect a connection to a local socket, the destination address remains unchanged, meaning that C’s getsockname() will return the original destination.

# File lib/packetthief/impl/ipfw.rb, line 127
def self.original_dest(sock)
  if sock.respond_to? :getsockname
    sockname = sock.getsockname
  elsif sock.respond_to? :get_sockname
    sockname = sock.get_sockname
  else
    raise ArgumentError, "#{sock.inspect} supports neither :getsockname nor :get_sockname!"
  end
  Socket::unpack_sockaddr_in(sockname)
end
redirect(args={}) click to toggle source
# File lib/packetthief/impl/ipfw.rb, line 113
def self.redirect(args={})
  rule = IpfwRule.new(self)
  rule.redirect(args)
end