Packet filtering w/ Python and Linux

While looking for a fun way to filter my WIFI traffic, I decided to look at userland firewall API in Python. I found: ipqueue.

I haven’t really wrote a full featured app with it, but here the first things to make it work.

# load the kernel queue module
modprobe ip_queue
# all outgoing ping will pass throught the queue
iptables -A OUTPUT -p icmp -j QUEUE

Now here a little script that act as the queue

import ipqueue

q = ipqueue.IPQ(ipqueue.IPQ_COPY_PACKET)

while 1:
p = q.read()
pID = p[ipqueue.PACKET_ID]

print pID
# accept the packet
q.set_verdict(pID,ipqueue.NF_ACCEPT)

Next step, simply run this script with the root privilege, and you will see outgoing ping print on the stdout.

Additionnal note: ipqueue only works on python2.2 right now, I hope Neale will fix that soon. Anyway this is really a nice piece of code thanks guy!



Related Posts

2 thoughts on “Packet filtering w/ Python and Linux

  1. Oh cool now we can make super complex firewall rules using python.
    I wonder about the performance overhead, though.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>