2014-07-01 21:37:52 +00:00
|
|
|
import sys
|
2012-12-31 22:13:56 +00:00
|
|
|
|
2014-08-10 14:10:49 +00:00
|
|
|
|
2012-12-31 22:13:56 +00:00
|
|
|
def lookup(address, port, s):
|
|
|
|
|
"""
|
|
|
|
|
Parse the pfctl state output s, to look up the destination host
|
|
|
|
|
matching the client (address, port).
|
|
|
|
|
|
|
|
|
|
Returns an (address, port) tuple, or None.
|
|
|
|
|
"""
|
2014-08-10 14:10:49 +00:00
|
|
|
spec = "%s:%s" % (address, port)
|
2012-12-31 22:13:56 +00:00
|
|
|
for i in s.split("\n"):
|
2013-06-16 04:23:36 +00:00
|
|
|
if "ESTABLISHED:ESTABLISHED" in i and spec in i:
|
|
|
|
|
s = i.split()
|
|
|
|
|
if len(s) > 4:
|
2014-07-01 22:08:42 +00:00
|
|
|
if sys.platform == "freebsd10":
|
2014-07-01 21:37:52 +00:00
|
|
|
# strip parentheses for FreeBSD pfctl
|
|
|
|
|
s = s[3][1:-1].split(":")
|
|
|
|
|
else:
|
|
|
|
|
s = s[4].split(":")
|
|
|
|
|
|
2012-12-31 22:13:56 +00:00
|
|
|
if len(s) == 2:
|
|
|
|
|
return s[0], int(s[1])
|
2014-08-10 14:10:49 +00:00
|
|
|
raise RuntimeError("Could not resolve original destination.")
|
