Attempt at forwarding all traffic through an HTTP proxy
DNS doesn't work so there was an attempt at just forcing
stats.i2p to localhost, with no success.
A tcpdump is created on the host machine at /tmp/contained/tcp.dmp
to try and figure out what is being sent where, but
it doesn't seem like any HTTP traffice is being sent at all.
`iptables` is logged to /var/log/ so maybe that'll give a hint
as to where the stuff is going.
Maybe the rules are just bad too 🤷♂
This commit is contained in:
3
.gitmodules
vendored
Normal file
3
.gitmodules
vendored
Normal file
@@ -0,0 +1,3 @@
|
|||||||
|
[submodule "pr0cks"]
|
||||||
|
path = pr0cks
|
||||||
|
url = https://github.com/LoveIsGrief/pr0cks.git
|
25
Dockerfile
Normal file
25
Dockerfile
Normal file
@@ -0,0 +1,25 @@
|
|||||||
|
FROM alpine
|
||||||
|
|
||||||
|
RUN apk add --no-cache \
|
||||||
|
bash \
|
||||||
|
curl \
|
||||||
|
dumb-init \
|
||||||
|
iptables \
|
||||||
|
git \
|
||||||
|
python3 \
|
||||||
|
ulogd \
|
||||||
|
tcpdump \
|
||||||
|
wget
|
||||||
|
|
||||||
|
RUN pip3 install dnslib
|
||||||
|
|
||||||
|
COPY pr0cks /opt/pr0cks
|
||||||
|
COPY exec.sh /opt/
|
||||||
|
|
||||||
|
# https://it-offshore.co.uk/linux/alpine-linux/55-alpine-linux-lxc-guest-iptables-logging
|
||||||
|
RUN sed -i -e "s/#stack=log1/stack=log1/g" /etc/ulogd.conf
|
||||||
|
|
||||||
|
ENTRYPOINT ["dumb-init"]
|
||||||
|
CMD ["/bin/bash" , "/opt/exec.sh"]
|
||||||
|
#CMD ["/bin/bash" , "-c", "while true; do sleep 30 ; done" ]
|
||||||
|
# CMD ["curl", "https://stats.i2p" ]
|
37
docker-compose.yml
Normal file
37
docker-compose.yml
Normal file
@@ -0,0 +1,37 @@
|
|||||||
|
version: "3.7"
|
||||||
|
services:
|
||||||
|
i2pd:
|
||||||
|
image: meeh/i2pd
|
||||||
|
hostname: i2pd
|
||||||
|
networks:
|
||||||
|
i2p_net:
|
||||||
|
ipv4_address: 172.16.200.10
|
||||||
|
aliases:
|
||||||
|
- i2pd
|
||||||
|
contained:
|
||||||
|
build: .
|
||||||
|
hostname: contained
|
||||||
|
# Required for [iptables]
|
||||||
|
cap_add:
|
||||||
|
- NET_ADMIN
|
||||||
|
- NET_RAW
|
||||||
|
depends_on:
|
||||||
|
- i2pd
|
||||||
|
volumes:
|
||||||
|
- /tmp/contained:/mount
|
||||||
|
extra_hosts:
|
||||||
|
- "stats.i2p:127.0.0.1"
|
||||||
|
networks:
|
||||||
|
i2p_net:
|
||||||
|
ipv4_address: 172.16.200.20
|
||||||
|
aliases:
|
||||||
|
- contained
|
||||||
|
|
||||||
|
networks:
|
||||||
|
i2p_net:
|
||||||
|
driver: bridge
|
||||||
|
ipam:
|
||||||
|
config:
|
||||||
|
- subnet: "172.16.200.0/24"
|
||||||
|
|
||||||
|
# iptables: https://stackoverflow.com/questions/41706983/installing-iptables-in-docker-container-based-on-alpinelinux
|
17
exec.sh
Normal file
17
exec.sh
Normal file
@@ -0,0 +1,17 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
set -euo pipefail
|
||||||
|
IFS=$'\n\t'
|
||||||
|
|
||||||
|
|
||||||
|
# https://websistent.com/linux-iptables-log-everything/
|
||||||
|
iptables -I OUTPUT 1 -j NFLOG
|
||||||
|
iptables -t nat -I OUTPUT 1 -j NFLOG
|
||||||
|
|
||||||
|
iptables -t nat -A OUTPUT -p tcp -j REDIRECT --to-ports 10080
|
||||||
|
iptables -t nat -A OUTPUT -o eth0 -p udp -m udp --dport 53 -j REDIRECT --to-port 1053
|
||||||
|
|
||||||
|
ulogd -d
|
||||||
|
tcpdump -w /mount/tcp.dmp &
|
||||||
|
|
||||||
|
/opt/pr0cks/pr0cks.py --proxy http:176.16.200.10:4444
|
||||||
|
|
1
pr0cks
Submodule
1
pr0cks
Submodule
Submodule pr0cks added at 715a0c91eb
8
ulogd.conf
Normal file
8
ulogd.conf
Normal file
@@ -0,0 +1,8 @@
|
|||||||
|
stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
|
||||||
|
# note log1 & emu1 in this stack configuration
|
||||||
|
[log1]
|
||||||
|
group=0
|
||||||
|
# & change the logging location
|
||||||
|
[emu1]
|
||||||
|
file="/var/log/ulogd_contained.log"
|
||||||
|
sync=1
|
Reference in New Issue
Block a user