From e4d63a7ef558db4115e6aeff86ef5cd2763e7a2c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?F=C3=A9lix=20Aime?= Date: Fri, 26 Feb 2021 13:25:10 +0100 Subject: [PATCH] Preventing the analyzed device to reach TinyCheck --- server/frontend/app/classes/network.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/server/frontend/app/classes/network.py b/server/frontend/app/classes/network.py index d5da432..825c741 100644 --- a/server/frontend/app/classes/network.py +++ b/server/frontend/app/classes/network.py @@ -290,8 +290,14 @@ class Network(object): try: sp.Popen("echo 1 > /proc/sys/net/ipv4/ip_forward", shell=True).wait() + + # Enable forwarding. sp.Popen(["iptables", "-A", "POSTROUTING", "-t", "nat", "-o", self.iface_out, "-j", "MASQUERADE"]).wait() + + # Prevent the device to reach the 80 of TinyCheck. + sp.Popen(["iptables", "-A", "INPUT", "-i", self.iface_in, "-d", + "192.168.100.1", "-p", "tcp", "--dport", "80", "-j" "DROP"]).wait() return True except: return False