From 6bf00ce2b20ca0260b89de5a8d0379be5d809461 Mon Sep 17 00:00:00 2001 From: Alexandre Beaulieu Date: Mon, 15 Apr 2019 10:06:50 -0400 Subject: [PATCH] wip: Note to self: do squash. --- modules/rdp_proxy/rdp_proxy_linux_amd64.go | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/modules/rdp_proxy/rdp_proxy_linux_amd64.go b/modules/rdp_proxy/rdp_proxy_linux_amd64.go index 32b32d08..a525fdb9 100644 --- a/modules/rdp_proxy/rdp_proxy_linux_amd64.go +++ b/modules/rdp_proxy/rdp_proxy_linux_amd64.go @@ -190,12 +190,15 @@ func (mod *RdpProxy) Configure() (err error) { } func (mod *RdpProxy) handleRdpConnection(payload *nfqueue.Payload) int { - log.Info("New Connection: %v", payload) - // 1. Check if the destination IP already has a PYRDP session active, if so, do nothing. - // 2. Otherwise: - // 2.1. Spawn a PYRDP instance on a fresh port - // 2.2. Add a NAT rule in the firewall for this particular target IP + // 1. Determine source and target addresses. + p := gopacket.NewPacket(payload, layers.LayerTypeEthernet, gopacket.NoCopy) + + log.Info("New Connection: %v", payload) + // 2. Check if the destination IP already has a PYRDP session active, if so, do nothing. + // 3. Otherwise: + // 3.1. Spawn a PYRDP instance on a fresh port + // 3.2. Add a NAT rule in the firewall for this particular target IP // Force a retransmit to trigger the new firewall rules. // TODO: Find a more efficient way to do this. payload.SetVerdict(nfqueue.NF_DROP)