netlinkrb/examples/firewall.rb

LIBDIR = File.expand_path(File.join(File.dirname(__FILE__), '..', 'lib'))
$LOAD_PATH.unshift LIBDIR

require 'pp'
require 'linux/netlink/firewall'

# Example of using Netlink::Firewall to capture all outbound packets
# to TCP port 7551. Use "telnet 127.0.0.1 7551" to test.

#system("modprobe ip_queue")
#system("modprobe iptable_filter")
#system("iptables -I OUTPUT -j QUEUE -p tcp --destination-port 7551")
nl = Linux::Netlink::Firewall::Socket.new
nl.set_mode(Netlink::IPQ_COPY_PACKET, 128)
nl.dequeue_packets do |pkt|
  p pkt
  Linux::NF_ACCEPT  # Linux::NF_DROP
end
Basic NETLINK_FIREWALL support. Highlights need for struct alignment 2011-05-01 12:32:22 +01:00			`LIBDIR = File.expand_path(File.join(File.dirname(__FILE__), '..', 'lib'))`
			`$LOAD_PATH.unshift LIBDIR`

			`require 'pp'`
Reorganise under Linux:: 2011-05-06 09:49:47 +01:00			`require 'linux/netlink/firewall'`
Basic NETLINK_FIREWALL support. Highlights need for struct alignment 2011-05-01 12:32:22 +01:00
			`# Example of using Netlink::Firewall to capture all outbound packets`
			`# to TCP port 7551. Use "telnet 127.0.0.1 7551" to test.`

			`#system("modprobe ip_queue")`
			`#system("modprobe iptable_filter")`
			`#system("iptables -I OUTPUT -j QUEUE -p tcp --destination-port 7551")`
Reorganise under Linux:: 2011-05-06 09:49:47 +01:00			`nl = Linux::Netlink::Firewall::Socket.new`
Basic NETLINK_FIREWALL support. Highlights need for struct alignment 2011-05-01 12:32:22 +01:00			`nl.set_mode(Netlink::IPQ_COPY_PACKET, 128)`
			`nl.dequeue_packets do \|pkt\|`
			`p pkt`
Reorganise under Linux:: 2011-05-06 09:49:47 +01:00			`Linux::NF_ACCEPT # Linux::NF_DROP`
Basic NETLINK_FIREWALL support. Highlights need for struct alignment 2011-05-01 12:32:22 +01:00			`end`