github/bettercap
1
0
Fork 0
mirror of https://github.com/bettercap/bettercap synced 2025-08-19 13:09:49 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

misc: small fix or general refactoring i did not bother commenting

Browse source
This commit is contained in:
evilsocket 2018-03-28 13:04:39 +02:00
commit 6b402da8b6
No known key found for this signature in database
GPG key ID: 1564D7F30393A456
1 changed files with 35 additions and 50 deletions
Download patch file Download diff file Expand all files Collapse all files

85
firewall/firewall_linux.go
View file

@ -65,9 +65,40 @@ func (f LinuxFirewall) EnableForwarding(enabled bool) error {
return f.enableFeature(IPV4ForwardingFile, enabled) return f.enableFeature(IPV4ForwardingFile, enabled)
} }
func (f *LinuxFirewall) EnableRedirection(r *Redirection, enabled bool) error { func (f *LinuxFirewall) getCommandLine(r *Redirection, enabled bool) (cmdLine []string) {
var opts []string action := "-A"
if enabled == false {
action = "-D"
}
if r.SrcAddress == "" {
cmdLine = []string{
"-t", "nat",
action, "PREROUTING",
"-i", r.Interface,
"-p", r.Protocol,
"--dport", fmt.Sprintf("%d", r.SrcPort),
"-j", "DNAT",
"--to", fmt.Sprintf("%s:%d", r.DstAddress, r.DstPort),
}
} else {
cmdLine = []string{
"-t", "nat",
action, "PREROUTING",
"-i", r.Interface,
"-p", r.Protocol,
"-d", r.SrcAddress,
"--dport", fmt.Sprintf("%d", r.SrcPort),
"-j", "DNAT",
"--to", fmt.Sprintf("%s:%d", r.DstAddress, r.DstPort),
}
}
return
}
func (f *LinuxFirewall) EnableRedirection(r *Redirection, enabled bool) error {
cmdLine := f.getCommandLine(r, enabled)
rkey := r.String() rkey := r.String()
_, found := f.redirections[rkey] _, found := f.redirections[rkey]
@ -81,31 +112,7 @@ func (f *LinuxFirewall) EnableRedirection(r *Redirection, enabled bool) error {
// accept all // accept all
if _, err := core.Exec("iptables", []string{"-P", "FORWARD", "ACCEPT"}); err != nil { if _, err := core.Exec("iptables", []string{"-P", "FORWARD", "ACCEPT"}); err != nil {
return err return err
} } else if _, err := core.Exec("iptables", cmdLine); err != nil {
if r.SrcAddress == "" {
opts = []string{
"-t", "nat",
"-A", "PREROUTING",
"-i", r.Interface,
"-p", r.Protocol,
"--dport", fmt.Sprintf("%d", r.SrcPort),
"-j", "DNAT",
"--to", fmt.Sprintf("%s:%d", r.DstAddress, r.DstPort),
}
} else {
opts = []string{
"-t", "nat",
"-A", "PREROUTING",
"-i", r.Interface,
"-p", r.Protocol,
"-d", r.SrcAddress,
"--dport", fmt.Sprintf("%d", r.SrcPort),
"-j", "DNAT",
"--to", fmt.Sprintf("%s:%d", r.DstAddress, r.DstPort),
}
}
if _, err := core.Exec("iptables", opts); err != nil {
return err return err
} }
} else { } else {
@ -115,29 +122,7 @@ func (f *LinuxFirewall) EnableRedirection(r *Redirection, enabled bool) error {
delete(f.redirections, r.String()) delete(f.redirections, r.String())
if r.SrcAddress == "" { if _, err := core.Exec("iptables", cmdLine); err != nil {
opts = []string{
"-t", "nat",
"-D", "PREROUTING",
"-i", r.Interface,
"-p", r.Protocol,
"--dport", fmt.Sprintf("%d", r.SrcPort),
"-j", "DNAT",
"--to", fmt.Sprintf("%s:%d", r.DstAddress, r.DstPort),
}
} else {
opts = []string{
"-t", "nat",
"-D", "PREROUTING",
"-i", r.Interface,
"-p", r.Protocol,
"-d", r.SrcAddress,
"--dport", fmt.Sprintf("%d", r.SrcPort),
"-j", "DNAT",
"--to", fmt.Sprintf("%s:%d", r.DstAddress, r.DstPort),
}
}
if _, err := core.Exec("iptables", opts); err != nil {
return err return err
} }
} }