Basic Netfilterqueue usage Python

Question

I want to act as a Proxy, I would like if possible manage the receive packet from layer 2 or layer 3, I am struggling with it, with the most basics and I can't get this working, I tell you what I do:

This is my code (proxda.py)

from netfilterqueue import NetfilterQueue

def print_and_accept(pkt):
    print pkt
    pkt.accept()

nfqueue = NetfilterQueue()
nfqueue.bind(1, print_and_accept)
try:
    nfqueue.run()
except KeyboardInterrupt:
    print

The code has been taken directly from the python documentation: https://pypi.python.org/pypi/NetfilterQueue/0.3

This is the iptable rule I configure:

iptables -I INPUT -d 173.16.0.229 -j NFQUEUE --queue-num 1

The idea is all the traffic sent to 173.16.0.229 goes to my program

And this is the scenario, so simple: I do ping from 173.16.0.236 to 173.16.0.229 while my program proxa.py is running and I don't capture anything.

Any idea on where am I failing and how to debug it / get this working¿?

Thank you in advance.

Answer 1

I ask myself, the problem was the rule on iptables, my IP was 173.16.0.236 and I was filtering incoming traffic to 173.16.0.229. Just by changing:

iptables -I INPUT -d 173.16.0.229 -j NFQUEUE --queue-num 1 

to: iptables -I OUTPUT -d 173.16.0.229 -j NFQUEUE --queue-num 1 

or to :  iptables -I INPUT -d 173.16.0.236 -j NFQUEUE --queue-num 1.

Being careful with the last line because all the INPUT traffic to our machine is going to NFQUEUE, in my case that's a catastrophe because I´m connected via ssh and the connection would break up. What I use for example is this rule:

iptables -I OUTPUT -s 173.16.0.236 -p tcp --dport 80 -j NFQUEUE --queue-num 1