mirror of
https://github.com/sshuttle/sshuttle.git
synced 2025-07-06 17:50:35 +02:00
Compare commits
3 Commits
sshuttle-0
...
sshuttle-0
Author | SHA1 | Date | |
---|---|---|---|
fe742c928d | |||
10ce1ee5d4 | |||
a32305a275 |
35
firewall.py
35
firewall.py
@ -81,17 +81,19 @@ def ipfw_rule_exists(n):
|
|||||||
return found
|
return found
|
||||||
|
|
||||||
|
|
||||||
def sysctl_get(name):
|
_oldctls = {}
|
||||||
argv = ['sysctl', '-n', name]
|
def _fill_oldctls(prefix):
|
||||||
|
argv = ['sysctl', prefix]
|
||||||
p = ssubprocess.Popen(argv, stdout = ssubprocess.PIPE)
|
p = ssubprocess.Popen(argv, stdout = ssubprocess.PIPE)
|
||||||
line = p.stdout.readline()
|
for line in p.stdout:
|
||||||
|
assert(line[-1] == '\n')
|
||||||
|
(k,v) = line[:-1].split(': ', 1)
|
||||||
|
_oldctls[k] = v
|
||||||
rv = p.wait()
|
rv = p.wait()
|
||||||
if rv:
|
if rv:
|
||||||
raise Fatal('%r returned %d' % (argv, rv))
|
raise Fatal('%r returned %d' % (argv, rv))
|
||||||
if not line:
|
if not line:
|
||||||
raise Fatal('%r returned no data' % (argv,))
|
raise Fatal('%r returned no data' % (argv,))
|
||||||
assert(line[-1] == '\n')
|
|
||||||
return line[:-1]
|
|
||||||
|
|
||||||
|
|
||||||
def _sysctl_set(name, val):
|
def _sysctl_set(name, val):
|
||||||
@ -100,11 +102,19 @@ def _sysctl_set(name, val):
|
|||||||
rv = ssubprocess.call(argv, stdout = open('/dev/null', 'w'))
|
rv = ssubprocess.call(argv, stdout = open('/dev/null', 'w'))
|
||||||
|
|
||||||
|
|
||||||
_oldctls = []
|
_changedctls = []
|
||||||
def sysctl_set(name, val):
|
def sysctl_set(name, val):
|
||||||
oldval = sysctl_get(name)
|
PREFIX = 'net.inet.ip'
|
||||||
if str(val) != str(oldval):
|
assert(name.startswith(PREFIX + '.'))
|
||||||
_oldctls.append((name, oldval))
|
val = str(val)
|
||||||
|
if not _oldctls:
|
||||||
|
_fill_oldctls(PREFIX)
|
||||||
|
if not (name in _oldctls):
|
||||||
|
debug1('>> No such sysctl: %r\n' % name)
|
||||||
|
return
|
||||||
|
oldval = _oldctls[name]
|
||||||
|
if val != oldval:
|
||||||
|
_changedctls.append(name)
|
||||||
return _sysctl_set(name, val)
|
return _sysctl_set(name, val)
|
||||||
|
|
||||||
|
|
||||||
@ -122,10 +132,11 @@ def do_ipfw(port, subnets):
|
|||||||
|
|
||||||
# cleanup any existing rules
|
# cleanup any existing rules
|
||||||
if ipfw_rule_exists(port):
|
if ipfw_rule_exists(port):
|
||||||
ipfw('del', sport)
|
ipfw('delete', sport)
|
||||||
|
|
||||||
while _oldctls:
|
while _changedctls:
|
||||||
(name,oldval) = _oldctls.pop()
|
name = _changedctls.pop()
|
||||||
|
oldval = _oldctls[name]
|
||||||
_sysctl_set(name, oldval)
|
_sysctl_set(name, oldval)
|
||||||
|
|
||||||
if subnets:
|
if subnets:
|
||||||
|
12
server.py
12
server.py
@ -133,12 +133,20 @@ def main():
|
|||||||
mux.send(0, ssnet.CMD_ROUTES, routepkt)
|
mux.send(0, ssnet.CMD_ROUTES, routepkt)
|
||||||
|
|
||||||
hw = Hostwatch()
|
hw = Hostwatch()
|
||||||
|
hw.leftover = ''
|
||||||
|
|
||||||
def hostwatch_ready():
|
def hostwatch_ready():
|
||||||
assert(hw.pid)
|
assert(hw.pid)
|
||||||
content = hw.sock.recv(4096)
|
content = hw.sock.recv(4096)
|
||||||
if content:
|
if content:
|
||||||
mux.send(0, ssnet.CMD_HOST_LIST, content)
|
lines = (hw.leftover + content).split('\n')
|
||||||
|
if lines[-1]:
|
||||||
|
# no terminating newline: entry isn't complete yet!
|
||||||
|
hw.leftover = lines.pop()
|
||||||
|
lines.append('')
|
||||||
|
else:
|
||||||
|
hw.leftover = ''
|
||||||
|
mux.send(0, ssnet.CMD_HOST_LIST, '\n'.join(lines))
|
||||||
else:
|
else:
|
||||||
raise Fatal('hostwatch process died')
|
raise Fatal('hostwatch process died')
|
||||||
|
|
||||||
|
Reference in New Issue
Block a user