MCPcopy Index your code
hub / github.com/sshuttle/sshuttle / restore_firewall

Method restore_firewall

sshuttle/methods/tproxy.py:231–259  ·  view source on GitHub ↗
(self, port, family, udp, user, group)

Source from the content-addressed store, hash-verified

229 *(udp_ports + ('--on-port', str(port))))
230
231 def restore_firewall(self, port, family, udp, user, group):
232 if family not in [socket.AF_INET, socket.AF_INET6]:
233 raise Exception(
234 'Address family "%s" unsupported by tproxy method'
235 % family_to_string(family))
236
237 table = "mangle"
238
239 def _ipt(*args):
240 return ipt(family, table, *args)
241
242 mark_chain = 'sshuttle-m-%s' % port
243 tproxy_chain = 'sshuttle-t-%s' % port
244 divert_chain = 'sshuttle-d-%s' % port
245
246 # basic cleanup/setup of chains
247 if ipt_chain_exists(family, table, mark_chain):
248 _ipt('-D', 'OUTPUT', '-j', mark_chain)
249 _ipt('-F', mark_chain)
250 _ipt('-X', mark_chain)
251
252 if ipt_chain_exists(family, table, tproxy_chain):
253 _ipt('-D', 'PREROUTING', '-j', tproxy_chain)
254 _ipt('-F', tproxy_chain)
255 _ipt('-X', tproxy_chain)
256
257 if ipt_chain_exists(family, table, divert_chain):
258 _ipt('-F', divert_chain)
259 _ipt('-X', divert_chain)
260
261 def is_supported(self):
262 if which("iptables") and which("ip6tables"):

Callers 1

setup_firewallMethod · 0.95

Calls 2

family_to_stringFunction · 0.90
ipt_chain_existsFunction · 0.90

Tested by

no test coverage detected