# NOTE: Must be run as root, in order to set the required iptables rule.
from netfilterqueue import NetfilterQueue
from scapy.all import *
from subprocess import CalledProcessError, check_call
from sys import exit
from util import getAddresses
GUEST_IP, _ = getAddresses('guest')
IPT = 'iptables'
IPTABLES_RULE = '-I INPUT -s {} -p udp --dport 123 -j NFQUEUE'.format(GUEST_IP)
IPT_INPUT_CMD = '{} {}'.format(IPT, IPTABLES_RULE)
IPT_DELETE_CMD = '{} -D INPUT 1'.format(IPT)
def handlePacket(pkt):
data = pkt.get_payload()
sPkt = IP(data)
rPkt = IP(src=sPkt[IP].dst, dst=sPkt[IP].src) / UDP(dport=123,
sport=123) / NTP()
print(sPkt.summary())
pkt.drop()
send(rPkt)
def main():
nfqueue = NetfilterQueue()
try:
nfqueue.bind(0, handlePacket)
# NOTE: Must be run as root.
# NOTE: We use python socket's lib here because fiddling with TCP SEQ and
# ACK numbers would be required when we use scapy & nfqueue to intercept
# the traffic.
from select import select
from socket import AF_INET, IPPROTO_TCP, SOCK_STREAM, socket, SOL_SOCKET, \
SO_REUSEADDR, SHUT_RDWR
from sys import exit
from traceback import print_exc
from time import sleep
from util import getAddresses
HOST_IP, _ = getAddresses('host')
PORTS = [25, 465, 587]
def createSocket(port):
s = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)
s.setsockopt(SOL_SOCKET, SO_REUSEADDR, 1)
s.bind((HOST_IP, port))
s.listen(1)
print('SMTP: Start listening on {} port {}'.format(HOST_IP, port))
return s
# Don't know how else to distinguish between a pure server socket and a
# client connection. Even though they are different objs a "s in srvSockets"
# still turns out to be true even though its the client object is a different
# one than the server socket that accepted the connection.
def isSrvSocket(s):