Class: BetterCap::Firewalls::Linux

Inherits:
Base
  • Object
show all
Defined in:
lib/bettercap/firewalls/linux.rb

Overview

Linux firewall class.

Instance Method Summary collapse

Methods inherited from Base

#initialize, #restore

Constructor Details

This class inherits a constructor from BetterCap::Firewalls::Base

Instance Method Details

#add_port_redirection(r) ⇒ Object

Apply the r BetterCap::Firewalls::Redirection port redirection object.


43
44
45
46
47
48
49
50
# File 'lib/bettercap/firewalls/linux.rb', line 43

def add_port_redirection( r )
  # post route
  Shell.execute('iptables -t nat -I POSTROUTING -s 0/0 -j MASQUERADE')
  # accept all
  Shell.execute('iptables -P FORWARD ACCEPT')
  # add redirection
  Shell.execute("iptables -t nat -A PREROUTING -i #{r.interface} -p #{r.protocol} --dport #{r.src_port} -j DNAT --to #{r.dst_address}:#{r.dst_port}")
end

#del_port_redirection(r) ⇒ Object

Remove the r BetterCap::Firewalls::Redirection port redirection object.


53
54
55
56
57
58
# File 'lib/bettercap/firewalls/linux.rb', line 53

def del_port_redirection( r )
  # remove post route
  Shell.execute('iptables -t nat -D POSTROUTING -s 0/0 -j MASQUERADE')
  # remove redirection
  Shell.execute("iptables -t nat -D PREROUTING -i #{r.interface} -p #{r.protocol} --dport #{r.src_port} -j DNAT --to #{r.dst_address}:#{r.dst_port}")
end

#enable_forwarding(enabled) ⇒ Object

If enabled is true will enable packet forwarding, otherwise it will disable it.


21
22
23
# File 'lib/bettercap/firewalls/linux.rb', line 21

def enable_forwarding(enabled)
  Shell.execute("echo #{enabled ? 1 : 0} > /proc/sys/net/ipv4/ip_forward")
end

#enable_icmp_bcast(enabled) ⇒ Object

If enabled is true will enable packet icmp_echo_ignore_broadcasts, otherwise it will disable it.


32
33
34
# File 'lib/bettercap/firewalls/linux.rb', line 32

def enable_icmp_bcast(enabled)
  Shell.execute("echo #{enabled ? 0 : 1} > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts")
end

#enable_send_redirects(enabled) ⇒ Object

If enabled is true will enable send_redirects, otherwise it will disable it.


38
39
40
# File 'lib/bettercap/firewalls/linux.rb', line 38

def enable_send_redirects(enabled)
  Shell.execute("echo #{enabled ? 0 : 1} > /proc/sys/net/ipv4/conf/all/send_redirects")
end

#forwarding_enabled?Boolean

Return true if packet forwarding is currently enabled, otherwise false.

Returns:

  • (Boolean)

26
27
28
# File 'lib/bettercap/firewalls/linux.rb', line 26

def forwarding_enabled?
  Shell.execute('cat /proc/sys/net/ipv4/ip_forward').strip == '1'
end