def copyEntry(msgtype, conntrack, data):
conn = ConntrackEntry(self, conntrack, msgtype)
if not filter.filterConnection(conn):
conn._destroy = False
return NFCT_CB_CONTINUE
copyEntry.ctlist.append(conn)
return NFCT_CB_STOLEN
def copyEntry(msgtype, conntrack, data):
conn = ConntrackEntry(self, conntrack, msgtype)
if not filter.filterConnection(conn):
conn._destroy = False
return NFCT_CB_CONTINUE
copyEntry.ctlist.append(conn)
return NFCT_CB_STOLEN
def create_conntrack():
# ----------- create conntrack entry -----------
conntrack = Conntrack()
master = ConntrackEntry.new(conntrack)
master.orig_l3proto = AF_INET
master.orig_ipv4_src = IP("172.16.127.201")
master.orig_ipv4_dst = IP("204.152.191.36")
master.orig_l4proto = IPPROTO_TCP
master.orig_port_src = 1025
master.orig_port_dst = 21
master.setobjopt(NFCT_SOPT_SETUP_REPLY)
master.tcp_state = TCP_CONNTRACK_LISTEN
master.timeout = 10
master.create()
# ----------- create expect entry -----------
expect = Expect()
expected = ConntrackEntry.new(expect)
expected.orig_l3proto = AF_INET
expected.orig_ipv4_src = IP("172.16.127.201")
expected.orig_ipv4_dst = IP("204.152.191.36")
expected.orig_l4proto = IPPROTO_TCP
expected.orig_port_src = 10240
expected.orig_port_dst = 10241
mask = ConntrackEntry.new(expect)
mask.orig_l3proto = AF_INET
mask.orig_ipv4_src = 0xffffffff
mask.orig_ipv4_dst = 0xffffffff
mask.orig_l4proto = IPPROTO_TCP
mask.orig_port_src = 0xffff
mask.orig_port_dst = 0xffff
print("add")
exp = ExpectEntry.new(expect)
ATTR_EXP_MASTER = 0
ATTR_EXP_EXPECTED = 1
ATTR_EXP_MASK = 2
ATTR_EXP_TIMEOUT = 3
nfexp_set_attr(exp._handle, ATTR_EXP_MASTER, master._handle)
nfexp_set_attr(exp._handle, ATTR_EXP_EXPECTED, expected._handle)
nfexp_set_attr(exp._handle, ATTR_EXP_MASK, mask._handle)
nfexp_set_attr_u32(exp._handle, ATTR_EXP_TIMEOUT, 200)
print("FINAL: Create entry")
exp.create()
def create_conntrack():
# ----------- create conntrack entry -----------
conntrack = Conntrack()
master = ConntrackEntry.new(conntrack)
master.orig_l3proto = AF_INET
master.orig_ipv4_src = IP("172.16.127.201")
master.orig_ipv4_dst = IP("204.152.191.36")
master.orig_l4proto = IPPROTO_TCP
master.orig_port_src = 1025
master.orig_port_dst = 21
master.setobjopt(NFCT_SOPT_SETUP_REPLY)
master.tcp_state = TCP_CONNTRACK_LISTEN
master.timeout = 10
master.create()
# ----------- create expect entry -----------
expect = Expect()
expected = ConntrackEntry.new(expect)
expected.orig_l3proto = AF_INET
expected.orig_ipv4_src = IP("172.16.127.201")
expected.orig_ipv4_dst = IP("204.152.191.36")
expected.orig_l4proto = IPPROTO_TCP
expected.orig_port_src = 10240
expected.orig_port_dst = 10241
mask = ConntrackEntry.new(expect)
mask.orig_l3proto = AF_INET
mask.orig_ipv4_src = 0xffffffff
mask.orig_ipv4_dst = 0xffffffff
mask.orig_l4proto = IPPROTO_TCP
mask.orig_port_src = 0xffff
mask.orig_port_dst = 0xffff
print "add"
exp = ExpectEntry.new(expect)
ATTR_EXP_MASTER = 0
ATTR_EXP_EXPECTED = 1
ATTR_EXP_MASK = 2
ATTR_EXP_TIMEOUT = 3
nfexp_set_attr(exp._handle, ATTR_EXP_MASTER, master._handle)
nfexp_set_attr(exp._handle, ATTR_EXP_EXPECTED, expected._handle)
nfexp_set_attr(exp._handle, ATTR_EXP_MASK, mask._handle)
nfexp_set_attr_u32(exp._handle, ATTR_EXP_TIMEOUT, 200)
print "FINAL: Create entry"
exp.create()
def event_cb(msgtype, ct, data):
global counter
counter += 1
if 10 <= counter:
return NFCT_CB_STOP
entry = ConntrackEntry(data, ct, msgtype, destroy=False)
print entry
return NFCT_CB_CONTINUE
def dump_table(self, family=AF_INET, event_type=NFCT_T_ALL, filter=None):
if not filter:
filter = Filter()
if HAS_CNETFILTER_CONNTRACK:
if family != AF_INET:
raise ValueError("cnetfilter_conntrack only supports IPv4")
options = filter.createCNetfilterOptions()
table, total = dump_table_ipv4(self.handle, **options)
connections = []
for attr in table:
handle = attr.pop('handle')
for key, value in attr.iteritems():
if "ipv4" in key:
attr[key] = IP(value)
conn = ConntrackEntry(self, handle, attr=attr)
connections.append(conn)
return connections, total
else:
# Create a pointer to a 'uint8_t' of the address family
family = byref(uint8_t(family))
def copyEntry(msgtype, conntrack, data):
conn = ConntrackEntry(self, conntrack, msgtype)
if not filter.filterConnection(conn):
conn._destroy = False
return NFCT_CB_CONTINUE
copyEntry.ctlist.append(conn)
return NFCT_CB_STOLEN
copyEntry.ctlist = []
# Install callback, do the query, remove callback
self.register_callback(copyEntry, event_type)
self.query(NFCT_Q_DUMP, family)
self.unregister_callback()
connset = copyEntry.ctlist
# Sort the list
filter.sortTable(connset)
# Truncated the list
total = len(connset)
connset = filter.truncate(connset)
# Suppress unwanted entries
return connset, total