Packet filtering w/ Python and Linux
While looking for a fun way to filter my WIFI traffic, I decided to look at userland firewall API in Python. I found: ipqueue.
I haven’t really wrote a full featured app with it, but here the first things to make it work.
# load the kernel queue module modprobe ip_queue # all outgoing ping will pass throught the queue iptables -A OUTPUT -p icmp -j QUEUE
Now here a little script that act as the queue
import ipqueue q = ipqueue.IPQ(ipqueue.IPQ_COPY_PACKET) while 1: p = q.read() pID = p[ipqueue.PACKET_ID] print pID # accept the packet q.set_verdict(pID,ipqueue.NF_ACCEPT)
Next step, simply run this script with the root privilege, and you will see outgoing ping print on the stdout.
Additionnal note: ipqueue only works on python2.2 right now, I hope Neale will fix that soon. Anyway this is really a nice piece of code thanks guy!
- Media Player (Dvico 3100) + Netgear WGT634U = Cheap Wifi Media Player
- Garbage Collector statistics
- How to convert matroska MKV to AVI on Linux ?
- Last PPP Ip .
- Send hand-crafted Ethernet Frames in Python (ARP for example)
admin November 1st, 2004
- Network
- Comments(2)
Oh cool now we can make super complex firewall rules using python.
I wonder about the performance overhead, though.
Great website! Bookmarked! I am impressed at your work!