extern/sshuttle
1
1
Fork 0
mirror of https://github.com/sshuttle/sshuttle.git synced 2025-07-01 07:11:25 +02:00
Code Issues Packages Projects Releases Wiki Activity

iptables: more resilient startup/cleanup.

Browse Source 
Now the sudo iptables subprocess persists for the entire life of sshuttle.
The benefits of this are:

- no need to authenticate again at shutdown (failure of which could cause us
  to not clean up iptables)

- if the main process dies unexpectedly, iptables still gets cleaned up

- the password prompt can happen *before* starting the ssh/server process,
  which means it'll stand out and the password prompt won't be overwritten.
This commit is contained in:
Avery Pennarun
2010-05-02 19:29:03 -04:00
parent ca14231aae
commit a21e8c7a3c
4 changed files with 84 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
ssh.py
View File

@ -32,7 +32,8 @@ def connect(rhost):
os.setsid()
s1a,s1b = os.dup(s1.fileno()), os.dup(s1.fileno())
s1.close()
p = subprocess.Popen(argv, stdin=s1a, stdout=s1b, preexec_fn=setup)
p = subprocess.Popen(argv, stdin=s1a, stdout=s1b, preexec_fn=setup,
close_fds=True)
os.close(s1a)
os.close(s1b)
return p, s2