我想让服务器侦听 UDP 端口 162(SNMP 陷阱),然后将此流量转发给多个客户端。同样重要的是源端口和地址保持不变(地址欺骗)。
我想最好的工具是Twisted或Scapy或者香草套接字,只是我在 Twisted 的文档中找不到关于源地址欺骗/伪造的任何内容。
有什么解决办法吗?
编辑:添加赏金,mybe iptables 的任何解决方案?
问问题
19226 次
3 回答
7
我对扭曲或 scapy 感到不舒服,但使用 vanilla python 套接字来做到这一点非常简单。这样做的一个额外优点是它将更加便携。此代码适用于我的有限测试:
#!/usr/bin/python
from socket import *
bufsize = 1024 # Modify to suit your needs
targetHost = "somehost.yourdomain.com"
listenPort = 1123
def forward(data, port):
print "Forwarding: '%s' from port %s" % (data, port)
sock = socket(AF_INET, SOCK_DGRAM)
sock.bind(("localhost", port)) # Bind to the port data came in on
sock.sendto(data, (targetHost, listenPort))
def listen(host, port):
listenSocket = socket(AF_INET, SOCK_DGRAM)
listenSocket.bind((host, port))
while True:
data, addr = listenSocket.recvfrom(bufsize)
forward(data, addr[1]) # data and port
listen("localhost", listenPort)
于 2009-12-13T22:56:54.243 回答
1
接受的答案对我不起作用,我最终在 python 中使用了一个简单的 TCP 重定向器:
#!/usr/bin/env python
import socket
import threading
import select
import sys
terminateAll = False
class ClientThread(threading.Thread):
def __init__(self, clientSocket, targetHost, targetPort):
threading.Thread.__init__(self)
self.__clientSocket = clientSocket
self.__targetHost = targetHost
self.__targetPort = targetPort
def run(self):
print "Client Thread started"
self.__clientSocket.setblocking(0)
targetHostSocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
targetHostSocket.connect((self.__targetHost, self.__targetPort))
targetHostSocket.setblocking(0)
clientData = ""
targetHostData = ""
terminate = False
while not terminate and not terminateAll:
inputs = [self.__clientSocket, targetHostSocket]
outputs = []
if len(clientData) > 0:
outputs.append(self.__clientSocket)
if len(targetHostData) > 0:
outputs.append(targetHostSocket)
try:
inputsReady, outputsReady, errorsReady = select.select(inputs, outputs, [], 1.0)
except Exception, e:
print e
break
for inp in inputsReady:
if inp == self.__clientSocket:
try:
data = self.__clientSocket.recv(4096)
except Exception, e:
print e
if data != None:
if len(data) > 0:
targetHostData += data
else:
terminate = True
elif inp == targetHostSocket:
try:
data = targetHostSocket.recv(4096)
except Exception, e:
print e
if data != None:
if len(data) > 0:
clientData += data
else:
terminate = True
for out in outputsReady:
if out == self.__clientSocket and len(clientData) > 0:
bytesWritten = self.__clientSocket.send(clientData)
if bytesWritten > 0:
clientData = clientData[bytesWritten:]
elif out == targetHostSocket and len(targetHostData) > 0:
bytesWritten = targetHostSocket.send(targetHostData)
if bytesWritten > 0:
targetHostData = targetHostData[bytesWritten:]
self.__clientSocket.close()
targetHostSocket.close()
print "ClienThread terminating"
if __name__ == '__main__':
if len(sys.argv) != 5:
print 'Usage:\n\tpython SimpleTCPRedirector <host> <port> <remote host> <remote port>'
print 'Example:\n\tpython SimpleTCPRedirector localhost 8080 www.google.com 80'
sys.exit(0)
localHost = sys.argv[1]
localPort = int(sys.argv[2])
targetHost = sys.argv[3]
targetPort = int(sys.argv[4])
serverSocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
serverSocket.bind((localHost, localPort))
serverSocket.listen(5)
print "Waiting for client..."
while True:
try:
clientSocket, address = serverSocket.accept()
except KeyboardInterrupt:
print "\nTerminating..."
terminateAll = True
break
ClientThread(clientSocket, targetHost, targetPort).start()
serverSocket.close()
于 2020-05-10T03:03:25.387 回答
0
转发端口的一种不同但相关的解决方案,而不是多路复用(不回答具体问题,但希望匹配相关问题 - 这至少是我一直在寻找的):
http://www.linux-support.com/cms/forward-network-connections-with-python/
于 2012-09-19T07:38:31.460 回答