Hi
FreeBSD9's pf support divert-to option.I just can't figure out how to let it work.
Without divert-to 8080, packet will go out through em0.So divert-to have some effect.
The problem is when I listen to 127.0.0.1:8080 I can not get any packet.I tried
and a divert python script
Nothing works.
Does someone make it work?
FreeBSD9's pf support divert-to option.I just can't figure out how to let it work.
Code:
pass in log on em1 inet proto tcp from any to 192.168.1.1 flags S/SA keep state divert-to 8080
Without divert-to 8080, packet will go out through em0.So divert-to have some effect.
The problem is when I listen to 127.0.0.1:8080 I can not get any packet.I tried
Code:
nc -l 8080
Code:
import socket
import select
import re
IPPROTO_DIVERT = 258
sock = socket.socket(socket.AF_INET, socket.SOCK_RAW, IPPROTO_DIVERT)
fd = sock.bind(('127.0.0.1', 8080))
sock.setblocking(True)
MSGLEN = 32768
while(1):
msg = ''
while len(msg) < MSGLEN:
chunk = sock.recv(MSGLEN-len(msg))
if chunk == '':
raise RuntimeError, "Socket gone"
msg = msg + chunk
t = re.compile(r"(?P(.*)(GET|POST)(.*)(HTTP/\d+\.\d+)(.*)(Host: )([a-zA-Z\.0-9-]*)(.*))", re.DOTALL)
m = t.match(msg)
if m:
print m.group(3) + " " + m.group(4) + " " + m.group(5) + " " + m.group(8)
Nothing works.
Does someone make it work?