59 lines
1.6 KiB
Markdown
59 lines
1.6 KiB
Markdown
|
||
使用iptables在NAT表上创建DNAT与SNAT规则,对数据包进行转发;在MANGLE表上的FORWARD链上创建NF_QUEUE规则对数据进行勾取并修改;(iptables只有mangle表可以修改数据)
|
||
|
||
|
||
|
||
<br>
|
||
|
||
* https://www.cnblogs.com/dpf-10/p/7899237.html
|
||
* https://www.cnblogs.com/songshuaiStudy/p/11921160.html
|
||
|
||
<br>
|
||
|
||
https://github.com/chifflier/nfqueue-rs
|
||
|
||
* git://git.netfilter.org/libmnl
|
||
* git://git.netfilter.org/libnfnetlink
|
||
* git://git.netfilter.org/libnetfilter_queue
|
||
|
||
<br>
|
||
|
||
Install netfilter_queue in CentOS7
|
||
|
||
https://centos.pkgs.org/7/centos-x86_64/libnetfilter_queue-1.0.2-2.el7_2.x86_64.rpm.html
|
||
|
||
|
||
<br>
|
||
|
||
```
|
||
iptables -A OUTPUT --destination 1.2.3.4 -j NFQUEUE --queue-num 0
|
||
```
|
||
|
||
|
||
```
|
||
Packet received [id: 0x1]
|
||
|
||
-> msg: 45 0 0 54 36 55 40 0 40 1 30 6D C0 A8 3 2F 8 8 8 8 8 0 6C 47 8 BF 0 1 E8 4D A3 5F 0 0 0 0 33 78 5 0 0 0 0 0 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F 20 21 22 23 24 25 26 27 28 29 2A 2B 2C 2D 2E 2F 30 31 32 33 34 35 36 37
|
||
XML
|
||
<pkt>
|
||
<when>
|
||
<year>2020</year>
|
||
<month>11</month>
|
||
<day>5</day>
|
||
<wday>5</wday>
|
||
<hour>8</hour>
|
||
<min>57</min>
|
||
<sec>12</sec>
|
||
</when>
|
||
<hook>3</hook>
|
||
<id>1</id>
|
||
<hw>
|
||
<proto>0800</proto>
|
||
</hw>
|
||
<outdev>2</outdev>
|
||
<payload>
|
||
45000054365540004001306dc0a8032f0808080808006c4708bf0001e84da35f000000003378050000000000101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031323334353637
|
||
</payload>
|
||
</pkt>
|
||
```
|