def redirection(config, listeners): """Setup port forwarding and redirection for the given listeners/config. """ if not Redirector.available(): log.warn("Connection redirection enabled but not available. " "Ensure 'iptables' is installed and current user has sufficient privileges.") return if Redirector.existing_rules(): log.warn("Existing rules found in iptables. Not enabling connection redirection in case of conflict.") return redir = Redirector() # pass through all listener ports for listener in [ x for x in listeners if x.socktype in ['SSL', 'TCP'] ]: redir.add_forwarding("tcp", listener.ports) # pass through any explicitly excluded ports exclusions = list(parseints(config.cfg.get("redirection", "port_exclusions"))) if exclusions: redir.add_forwarding("tcp", exclusions) # forward all other ports to generic listener generic = config.cfg.get("redirection", "port_forwarding") if generic: redir.add_forwarding("tcp", outport=generic) # forward all protocols to local address redir.add_forwarding()
def redirection(config, listeners): """Setup port forwarding and redirection for the given listeners/config. """ if not Redirector.available(): log.warn( "Connection redirection enabled but not available. " "Ensure 'iptables' is installed and current user has sufficient privileges." ) return if Redirector.existing_rules(): log.warn( "Existing rules found in iptables. Not enabling connection redirection in case of conflict." ) return redir = Redirector() # pass through all listener ports for listener in [x for x in listeners if x.socktype in ['SSL', 'TCP']]: redir.add_forwarding("tcp", listener.ports) # pass through any explicitly excluded ports exclusions = list( parseints(config.cfg.get("redirection", "port_exclusions"))) if exclusions: redir.add_forwarding("tcp", exclusions) # forward all other ports to generic listener generic = config.cfg.get("redirection", "port_forwarding") if generic: redir.add_forwarding("tcp", outport=generic) # forward all protocols to local address redir.add_forwarding()