extern/sshuttle
1
1
Fork 0
mirror of https://github.com/sshuttle/sshuttle.git synced 2024-12-01 12:23:48 +01:00
Code Issues Packages Projects Releases Wiki Activity
ebf87d8f3b
sshuttle/tests/client
History
Scott Kuhl bc24ed359a Make nat and nft rules consistent; improve rule ordering. 
First, check if TTL indicates we should ignore packet (instead of
checking in multiple rules later). Also, nft method didn't do this at
all. Now, nft matches the behavior of nat.

Second, forward DNS traffic (we may need to intercept traffic to
localhost if a DNS server is running on localhost).

Third, ignore any local traffic packets. (Previously, we ignored local
traffic except DNS and then had the DNS rules). The nft method didn't
do this previously at all. It now matches the behavior of nat.

Lastly, list the subnets to redirect and/or exclude. This step is left
unchanged. Excluding the local port that we are listening on is
redundant with the third step, but should cause no harm.

In summary, this ordering simplifies the rules in nat and eliminates
differences that previously existed between nat and nft.
2020-10-21 11:51:39 -04:00
..
test_firewall.py Only write /etc/hosts when necessary. 2020-10-19 00:17:37 -04:00
test_helpers.py remove version_info based branching 2020-06-03 14:30:37 +10:00
test_methods_nat.py Make nat and nft rules consistent; improve rule ordering. 2020-10-21 11:51:39 -04:00
test_methods_pf.py The size of pf_rule grew in OpenBSD 6.4 2019-09-22 10:29:28 +10:00
test_methods_tproxy.py Add tproxy udp port mark filter that was missed in #144, fixes #367. 2019-10-13 11:45:04 +11:00
test_options.py Remove localhost test since it can resolve to either IPv4, IPv6, or both in any particular order 2020-10-17 15:56:23 -04:00
test_sdnotify.py Fix/pep8 (#277) 2019-02-11 09:59:13 +11:00