Commit efbd2e0e authored by Daniel Stan's avatar Daniel Stan

tunnel: lance aussi la co ssh

parent 6e8eaee3
......@@ -82,11 +82,11 @@ class Tunnel(object):
rules = None
redsocks_proc = None
def __init__(self, socks_port=1080):
def __init__(self):
self.user = os.getenv("SUDO_USER") or getpass.getuser()
self.rules = []
self.local_port = _fresh_localhost_port()
self.port = socks_port
self.port = _fresh_localhost_port()
def forward_ip(self, ip):
rule=(
......@@ -104,29 +104,33 @@ class Tunnel(object):
def iptables(self, rule, delete=False):
"""Rajoute ou supprime une règle donnée"""
if not delete:
self.rules.append(rule)
cmd = ['/sbin/iptables']
cmd += ['-t', rule[0]]
cmd.append('-D' if delete else '-I')
cmd.append(rule[1])
cmd += rule[2]
subprocess.check_call(cmd)
try:
subprocess.check_call(cmd)
except subprocess.CalledProcessError:
if not delete:
raise
if delete:
self.rules.remove(rule)
else:
self.rules.append(rule)
def run_redsocks(self):
print "Running redsocks"
# self.iptables(('filter',
# 'OUTPUT',
# [
# '-m', 'owner',
# '!', '--uid', self.user,
# '-j', 'REJECT',
# ]))
self.iptables(('filter',
'OUTPUT',
[
'-m', 'owner',
'!', '--uid', self.user,
'-p', 'tcp',
'--dst', '127.0.0.1',
'--dport', str(self.port),
'-j', 'REJECT',
]))
infos = {
'local_port': self.local_port,
'port': self.port,
......@@ -142,7 +146,7 @@ class Tunnel(object):
def flush(self):
"""Vide les règles insérées depuis le début du script"""
for rule in self.rules:
for rule in list(self.rules):
self.iptables(rule, delete=True)
def run_ssh(self, host):
......@@ -150,25 +154,24 @@ class Tunnel(object):
cmd = ['sudo', '-u', self.user] + cmd
cmd += ['-D', str(self.port)]
proc = subprocess.Popen(cmd)
os.waitpid(proc.pid, 0)
try:
os.waitpid(proc.pid, 0)
except KeyboardInterrupt, subprocess.CalledProcessError:
pass
def clean_up(self):
print "Flushing rules"
self.flush()
if self.redsocks_proc:
print "Killing redsocks"
self.redsocks_proc.kill()
if __name__ == '__main__':
if len(sys.argv) <= 2:
print "Usage: tunnel.py $IP $SOCK_PORT"
print "Usage: tunnel.py $IP $SSH_SERVER"
exit(1)
tunnel = Tunnel(int(sys.argv[2]))
tunnel = Tunnel()
tunnel.forward_ip(sys.argv[1])
tunnel.run_redsocks()
print "Enter to flush"
print tunnel.local_port
raw_input()
tunnel.run_ssh(sys.argv[2])
tunnel.clean_up()
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment