(listenip_v6, listenip_v4,
ssh_cmd, remotename, python, latency_control,
latency_buffer_size, dns, nslist,
method_name, seed_hosts, auto_hosts, auto_nets,
subnets_include, subnets_exclude, daemon, to_nameserver, pidfile,
user, group, sudo_pythonpath, add_cmd_delimiter, remote_shell, tmark)
| 806 | |
| 807 | |
| 808 | def main(listenip_v6, listenip_v4, |
| 809 | ssh_cmd, remotename, python, latency_control, |
| 810 | latency_buffer_size, dns, nslist, |
| 811 | method_name, seed_hosts, auto_hosts, auto_nets, |
| 812 | subnets_include, subnets_exclude, daemon, to_nameserver, pidfile, |
| 813 | user, group, sudo_pythonpath, add_cmd_delimiter, remote_shell, tmark): |
| 814 | |
| 815 | if not remotename: |
| 816 | raise Fatal("You must use -r/--remote to specify a remote " |
| 817 | "host to route traffic through.") |
| 818 | |
| 819 | if daemon: |
| 820 | try: |
| 821 | check_daemon(pidfile) |
| 822 | except Fatal as e: |
| 823 | log("%s" % e) |
| 824 | return 5 |
| 825 | debug1('Starting sshuttle proxy (version %s).' % __version__) |
| 826 | helpers.logprefix = 'c : ' |
| 827 | |
| 828 | fw = FirewallClient(method_name, sudo_pythonpath) |
| 829 | |
| 830 | # nslist is the list of name severs to intercept. If --dns is |
| 831 | # used, we add all DNS servers in resolv.conf. Otherwise, the list |
| 832 | # can be populated with the --ns-hosts option (which is already |
| 833 | # stored in nslist). This list is used to setup the firewall so it |
| 834 | # can redirect packets outgoing to this server to the remote host |
| 835 | # instead. |
| 836 | if dns: |
| 837 | nslist += resolvconf_nameservers(True) |
| 838 | |
| 839 | # If we are intercepting DNS requests, we tell the remote host |
| 840 | # where it should send the DNS requests to with the --to-ns |
| 841 | # option. |
| 842 | if len(nslist) > 0: |
| 843 | if to_nameserver is not None: |
| 844 | to_nameserver = "%s@%s" % tuple(to_nameserver[1:]) |
| 845 | else: # if we are not intercepting DNS traffic |
| 846 | # ...and the user specified a server to send DNS traffic to. |
| 847 | if to_nameserver and len(to_nameserver) > 0: |
| 848 | print("WARNING: --to-ns option is ignored unless " |
| 849 | "--dns or --ns-hosts is used.") |
| 850 | to_nameserver = None |
| 851 | |
| 852 | # Get family specific subnet lists. Also, the user may not specify |
| 853 | # any subnets if they use --auto-nets. In this case, our subnets |
| 854 | # list will be empty and the forwarded subnets will be determined |
| 855 | # later by the server. |
| 856 | subnets_v4 = [i for i in subnets_include if i[0] == socket.AF_INET] |
| 857 | subnets_v6 = [i for i in subnets_include if i[0] == socket.AF_INET6] |
| 858 | nslist_v4 = [i for i in nslist if i[0] == socket.AF_INET] |
| 859 | nslist_v6 = [i for i in nslist if i[0] == socket.AF_INET6] |
| 860 | |
| 861 | # Get available features from the firewall method |
| 862 | avail = fw.method.get_supported_features() |
| 863 | |
| 864 | # A feature is "required" if the user supplies us parameters which |
| 865 | # implies that the feature is needed. |
nothing calls this directly
no test coverage detected