iptables 규칙은 scapy 패킷에 대해 어떤 작업도 수행하지 않습니다.

iptables 규칙은 scapy 패킷에 대해 어떤 작업도 수행하지 않습니다.

udp모든 대상 IP 주소를 8.8.8.853 으로 변경하기 위해 이 규칙을 작성했습니다 dport.

iptables -t nat -A OUTPUT -p udp -m udp --dport 53 -j DNAT --to-destination 8.8.8.8

규칙은 다음을 사용할 때 작동합니다.

dig +short iranled.com @4.2.2.4

tcpdump출력은 다음과 같습니다

04:42:38.023348 IP 192.168.1.2.48984 > 8.8.8.8.53: UDP, length 29
04:42:38.242241 IP 8.8.8.8.53 > 192.168.1.2.48984: UDP, length 45

그것은 중요하지 않습니다.

하지만 이 패킷을 생성하면 scapy규칙 iptables에 결과가 없습니다!

sr1(IP(dst="4.2.2.4")/UDP()/DNS(rd=1,qd=DNSQR(qname="iranled.com")))

tcpdump출력은 다음과 같습니다

04:43:00.442453 IP 192.168.1.2.53 > 4.2.2.4.53: UDP, length 29
04:43:00.855930 IP 4.2.2.4.53 > 192.168.1.2.53: UDP, length 45

패킷이 scapy변경되지 않은 이유는 무엇입니까 iptables?

고쳐 쓰다:

#iptables -L -n --line-numbers

Chain INPUT (policy DROP)
num  target     prot opt source               destination         
1    ACCEPT     tcp  --  127.0.0.1            0.0.0.0/0            tcpflags:! 0x17/0x02
2    ACCEPT     udp  --  127.0.0.1            0.0.0.0/0           
3    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
4    ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0            limit: avg 10/sec burst 5
5    DROP       all  --  0.0.0.0/0            255.255.255.255     
6    DROP       all  --  0.0.0.0/0            192.168.1.255       
7    DROP       all  --  224.0.0.0/8          0.0.0.0/0           
8    DROP       all  --  0.0.0.0/0            224.0.0.0/8         
9    DROP       all  --  255.255.255.255      0.0.0.0/0           
10   DROP       all  --  0.0.0.0/0            0.0.0.0             
11   DROP       all  --  0.0.0.0/0            0.0.0.0/0            state INVALID
12   LSI        all  -f  0.0.0.0/0            0.0.0.0/0            limit: avg 10/min burst 5
13   INBOUND    all  --  0.0.0.0/0            0.0.0.0/0           
14   LOG_FILTER  all  --  0.0.0.0/0            0.0.0.0/0           
15   LOG        all  --  0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "Unknown Input"

Chain FORWARD (policy DROP)
num  target     prot opt source               destination         
1    ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0            limit: avg 10/sec burst 5
2    LOG_FILTER  all  --  0.0.0.0/0            0.0.0.0/0           
3    LOG        all  --  0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "Unknown Forward"

Chain OUTPUT (policy DROP)
num  target     prot opt source               destination         
1    ACCEPT     tcp  --  192.168.1.2          127.0.0.1            tcp dpt:53
2    ACCEPT     udp  --  192.168.1.2          127.0.0.1            udp dpt:53
3    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
4    DROP       all  --  224.0.0.0/8          0.0.0.0/0           
5    DROP       all  --  0.0.0.0/0            224.0.0.0/8         
6    DROP       all  --  255.255.255.255      0.0.0.0/0           
7    DROP       all  --  0.0.0.0/0            0.0.0.0             
8    DROP       all  --  0.0.0.0/0            0.0.0.0/0            state INVALID
9    OUTBOUND   all  --  0.0.0.0/0            0.0.0.0/0           
10   LOG_FILTER  all  --  0.0.0.0/0            0.0.0.0/0           
11   LOG        all  --  0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "Unknown Output"

Chain INBOUND (1 references)
num  target     prot opt source               destination         
1    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED
2    ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED
3    LSI        all  --  0.0.0.0/0            0.0.0.0/0           

Chain LOG_FILTER (5 references)
num  target     prot opt source               destination         

Chain LSI (2 references)
num  target     prot opt source               destination         
1    LOG_FILTER  all  --  0.0.0.0/0            0.0.0.0/0           
2    LOG        tcp  --  0.0.0.0/0            0.0.0.0/0            tcpflags: 0x17/0x02 limit: avg 1/sec burst 5 LOG flags 0 level 6 prefix "Inbound "
3    DROP       tcp  --  0.0.0.0/0            0.0.0.0/0            tcpflags: 0x17/0x02
4    LOG        tcp  --  0.0.0.0/0            0.0.0.0/0            tcpflags: 0x17/0x04 limit: avg 1/sec burst 5 LOG flags 0 level 6 prefix "Inbound "
5    DROP       tcp  --  0.0.0.0/0            0.0.0.0/0            tcpflags: 0x17/0x04
6    LOG        icmp --  0.0.0.0/0            0.0.0.0/0            icmptype 8 limit: avg 1/sec burst 5 LOG flags 0 level 6 prefix "Inbound "
7    DROP       icmp --  0.0.0.0/0            0.0.0.0/0            icmptype 8
8    LOG        all  --  0.0.0.0/0            0.0.0.0/0            limit: avg 5/sec burst 5 LOG flags 0 level 6 prefix "Inbound "
9    DROP       all  --  0.0.0.0/0            0.0.0.0/0           

Chain LSO (0 references)
num  target     prot opt source               destination         
1    LOG_FILTER  all  --  0.0.0.0/0            0.0.0.0/0           
2    LOG        all  --  0.0.0.0/0            0.0.0.0/0            limit: avg 5/sec burst 5 LOG flags 0 level 6 prefix "Outbound "
3    REJECT     all  --  0.0.0.0/0            0.0.0.0/0            reject-with icmp-port-unreachable

Chain OUTBOUND (1 references)
num  target     prot opt source               destination         
1    ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           
2    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED
3    ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED
4    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           

관련 정보