Reverted changes to NAT & DNS

This commit is contained in:
Matias Barcenas 2018-04-30 02:15:33 -05:00
parent cf069ce49c
commit ca7fcb0dcc
1 changed files with 44 additions and 43 deletions

View File

@ -744,53 +744,48 @@ index-file.names = (
# Create a DNS service with python, forwarding all traffic to gateway.
echo "\
#!/usr/bin/env python2
# -*- coding: utf-8 -*-
import socket
class DNSQuery:
def __init__(self, data):
self.data=data
self.dominio=''
def __init__(self, data):
self.data=data
self.dominio=''
tipo = (ord(data[2]) >> 3) & 15
if tipo == 0:
ini=12
lon=ord(data[ini])
while lon != 0:
self.dominio+=data[ini + 1:ini + lon + 1] + '.'
ini += lon + 1
lon=ord(data[ini])
def respuesta(self, ip):
packet=''
if self.dominio:
packet+=self.data[:2] + '\x81\x80'
packet+=self.data[4:6] + self.data[4:6] + '\x00\x00\x00\x00'
packet+=self.data[12:]
packet+='\xc0\x0c'
packet+='\x00\x01\x00\x01\x00\x00\x00\x3c\x00\x04'
packet+=str.join('', map(lambda x: chr(int(x)), ip.split('.')))
return packet
tipo = (ord(data[2]) >> 3) & 15
if tipo == 0:
ini=12
lon=ord(data[ini])
while lon != 0:
self.dominio+=data[ini+1:ini+lon+1]+'.'
ini+=lon+1
lon=ord(data[ini])
def respuesta(self, ip):
packet=''
if self.dominio:
packet+=self.data[:2] + \"\x81\x80\"
packet+=self.data[4:6] + self.data[4:6] + '\x00\x00\x00\x00'
packet+=self.data[12:]
packet+='\xc0\x0c'
packet+='\x00\x01\x00\x01\x00\x00\x00\x3c\x00\x04'
packet+=str.join('',map(lambda x: chr(int(x)), ip.split('.')))
return packet
if __name__ == '__main__':
ip='$CaptivePortalGatewayAddress'
print 'pyminifakeDwebconfNS:: dom.query. 60 IN A %s' % ip
ip='$CaptivePortalGatewayAddress'
print 'pyminifakeDwebconfNS:: dom.query. 60 IN A %s' % ip
udps = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
udps.bind((ip, 53))
udps = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
udps.bind(('',53))
try:
while True:
data, addr = udps.recvfrom(1024)
p=DNSQuery(data)
udps.sendto(p.respuesta(ip), addr)
print 'Request: %s -> %s' % (p.dominio, ip)
except KeyboardInterrupt:
print 'Finalizando'
try:
while 1:
data, addr = udps.recvfrom(1024)
p=DNSQuery(data)
udps.sendto(p.respuesta(ip), addr)
print 'Request: %s -> %s' % (p.dominio, ip)
except KeyboardInterrupt:
print 'Finalizando'
udps.close()\
" >"$FLUXIONWorkspacePath/fluxion_captive_portal_dns.py"
@ -1128,7 +1123,8 @@ captive_portal_unset_routes() {
ip addr del $CaptivePortalGatewayAddress/24 dev $CaptivePortalAccessInterface 2>/dev/null
}
# Set up DHCP / WEB server / DNS Firewall
# Set up DHCP / WEB server
# Set up DHCP / WEB server
captive_portal_set_routes() {
# Give an address to the gateway interface in the rogue network.
# This makes the interface accessible from the rogue network.
@ -1144,10 +1140,15 @@ captive_portal_set_routes() {
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
iptables -A INPUT -p tcp --dport 443 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p udp --dport 53 -j ACCEPT
iptables -A INPUT -p udp --dport 67 -j ACCEPT
iptables -P FORWARD ACCEPT
iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT \
--to-destination $CaptivePortalGatewayAddress:80
iptables -t nat -A PREROUTING -p tcp --dport 443 -j DNAT \
--to-destination $CaptivePortalGatewayAddress:443
iptables -A INPUT -p tcp --sport 443 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 443 -j ACCEPT
iptables -t nat -A POSTROUTING -j MASQUERADE
}
captive_portal_stop_interface() {