我想知道是否有可能在Python中为UDP使用透明代理。我的套接字定义为:
sock.setsockopt(socket.SOL_IP, IP_TRANSPARENT, 1)
sock.setsockopt(socket.SOL_IP, SO_ORIGINAL_DST, 1)
其中
IP_TRANSPARENT (19) and SO_ORIGINAL_DST (20)
是常数。现在,我想获得该套接字的原始IP和端口。对于TCP,它的工作方式类似于sock.getsockname()
,但它不适用于udp套接字。当然,我首先要做这样的事情:
iptables -t mangle -I PREROUTING -d {ip} -p UDP --dport 20000:21000 -j TPROXY --on-port=8173 --on-ip={ip}
所以我找到了一个解决方案,可以这样做:
data, ancdata, _, srcip = sock.recvmsg(
8192, socket.CMSG_SPACE(24))
for cmsg_level, cmsg_type, cmsg_data in ancdata:
if cmsg_level == socket.SOL_IP and cmsg_type == 20:
family, port = struct.unpack('=HH', cmsg_data[0:4])
port = socket.htons(port)
if family == socket.AF_INET:
start = 4
length = 4
else:
raise
ip = socket.inet_ntop(family, cmsg_data[start:start + length])
dstip = (ip, port)
break