extern/sshuttle
1
1
Fork 0
mirror of https://github.com/sshuttle/sshuttle.git synced 2025-01-08 06:59:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

use -E/-X to enable/disable pf on yosemite

Browse Source
This commit is contained in:
Sean Zeng 2015-03-21 15:28:17 -07:00
parent 1874aaceb4
commit 49c55f6825
1 changed files with 6 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/firewall.py
View File

@ -7,6 +7,7 @@ import compat.ssubprocess as ssubprocess
import ssyslog import ssyslog
import sys import sys
import os import os
import re
from helpers import log, debug1, debug3, islocal, Fatal, family_to_string, \ from helpers import log, debug1, debug3, islocal, Fatal, family_to_string, \
resolvconf_nameservers resolvconf_nameservers
from fcntl import ioctl from fcntl import ioctl
@ -469,7 +470,7 @@ def do_ipfw(port, dnsport, family, subnets, udp):
def pfctl(args, stdin = None): def pfctl(args, stdin = None):
argv = ['pfctl'] + list(args.split(" ")) argv = ['pfctl'] + list(args.split(" "))
debug1('>> %s, stdin:%s\n' % (' '.join(argv), stdin)) debug1('>> %s' % ' '.join(argv), stdin)
p = ssubprocess.Popen(argv, stdin = ssubprocess.PIPE, p = ssubprocess.Popen(argv, stdin = ssubprocess.PIPE,
stdout = ssubprocess.PIPE, stdout = ssubprocess.PIPE,
@ -480,7 +481,7 @@ def pfctl(args, stdin = None):
return o return o
_pf_started_by_sshuttle = False _pf_context = {'started_by_sshuttle': False, 'Xtoken':''}
def do_pf(port, dnsport, family, subnets, udp): def do_pf(port, dnsport, family, subnets, udp):
global _pf_started_by_sshuttle global _pf_started_by_sshuttle
@ -513,16 +514,11 @@ def do_pf(port, dnsport, family, subnets, udp):
pf_add_anchor_rule(PF_RDR, "sshuttle") pf_add_anchor_rule(PF_RDR, "sshuttle")
if not '\nanchor "sshuttle" all\n' in pf_status: if not '\nanchor "sshuttle" all\n' in pf_status:
pf_add_anchor_rule(PF_PASS, "sshuttle") pf_add_anchor_rule(PF_PASS, "sshuttle")
if not 'INFO:\nStatus: Enabled' in pf_status:
pfctl('-e')
_pf_started_by_sshuttle = True
pfctl('-a sshuttle -f /dev/stdin', rules) o = pfctl('-a sshuttle -f /dev/stdin -E', rules)
_pf_context['Xtoken'] = re.search(r'Token : (.+)', o[1]).group(1)
else: else:
pfctl('-a sshuttle -F all') pfctl('-a sshuttle -F all -X %s' % _pf_context['Xtoken'])
if _pf_started_by_sshuttle:
pfctl('-d')
def program_exists(name): def program_exists(name):