-
Notifications
You must be signed in to change notification settings - Fork 0
/
iptables.py
58 lines (41 loc) · 1.56 KB
/
iptables.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
import datetime
import time
import logging
import remote
def list_rules():
return remote.execute('iptables -L COUNTER')
def cleanup_counter():
logging.debug('cleaning up existing counters...')
remote.execute('iptables -F COUNTER')
rules = list_rules()
while ('0 references' not in rules) and ('No chain' not in rules): # left behind by previous runs
rules = list_rules()
remote.execute('iptables -D FORWARD -j COUNTER')
def init_counter():
logging.debug('initializing counter...')
remote.execute('iptables -N COUNTER; iptables -I FORWARD -j COUNTER')
def add_counter(address):
remote.execute('iptables -A COUNTER --dst ' + address)
def read_counters(tries=3):
"""Returns dictionary of IP address keys and data usage values"""
response = None
while not response and tries > 0:
response = remote.execute('iptables -L COUNTER -vx; iptables -Z COUNTER')
lines = [x for x in response.splitlines(False) if 'anywhere' in x]
counters = {}
for line in lines:
address = line.split()[-1]
counter = line.split()[1] # bytes
counters[address] = int(counter)
return counters
if __name__ == '__main__':
cleanup_counter()
init_counter()
add_counter('192.168.1.2')
add_counter('192.168.1.3')
add_counter('192.168.1.4')
while True:
print(datetime.datetime.utcnow().strftime('%H:%M:%S ')),
print read_counters()
time.sleep(2)
# iptables -t nat -A PREROUTING -p tcp --source 192.168.1.2 --dport 80 -j DNAT --to-destination 192.168.1.100:80