Attempt at forwarding all traffic through an HTTP proxy
DNS doesn't work so there was an attempt at just forcing
stats.i2p to localhost, with no success.
A tcpdump is created on the host machine at /tmp/contained/tcp.dmp
to try and figure out what is being sent where, but
it doesn't seem like any HTTP traffice is being sent at all.
`iptables` is logged to /var/log/ so maybe that'll give a hint
as to where the stuff is going.
Maybe the rules are just bad too 🤷♂
This commit is contained in:
3
.gitmodules
vendored
Normal file
3
.gitmodules
vendored
Normal file
@@ -0,0 +1,3 @@
|
||||
[submodule "pr0cks"]
|
||||
path = pr0cks
|
||||
url = https://github.com/LoveIsGrief/pr0cks.git
|
25
Dockerfile
Normal file
25
Dockerfile
Normal file
@@ -0,0 +1,25 @@
|
||||
FROM alpine
|
||||
|
||||
RUN apk add --no-cache \
|
||||
bash \
|
||||
curl \
|
||||
dumb-init \
|
||||
iptables \
|
||||
git \
|
||||
python3 \
|
||||
ulogd \
|
||||
tcpdump \
|
||||
wget
|
||||
|
||||
RUN pip3 install dnslib
|
||||
|
||||
COPY pr0cks /opt/pr0cks
|
||||
COPY exec.sh /opt/
|
||||
|
||||
# https://it-offshore.co.uk/linux/alpine-linux/55-alpine-linux-lxc-guest-iptables-logging
|
||||
RUN sed -i -e "s/#stack=log1/stack=log1/g" /etc/ulogd.conf
|
||||
|
||||
ENTRYPOINT ["dumb-init"]
|
||||
CMD ["/bin/bash" , "/opt/exec.sh"]
|
||||
#CMD ["/bin/bash" , "-c", "while true; do sleep 30 ; done" ]
|
||||
# CMD ["curl", "https://stats.i2p" ]
|
37
docker-compose.yml
Normal file
37
docker-compose.yml
Normal file
@@ -0,0 +1,37 @@
|
||||
version: "3.7"
|
||||
services:
|
||||
i2pd:
|
||||
image: meeh/i2pd
|
||||
hostname: i2pd
|
||||
networks:
|
||||
i2p_net:
|
||||
ipv4_address: 172.16.200.10
|
||||
aliases:
|
||||
- i2pd
|
||||
contained:
|
||||
build: .
|
||||
hostname: contained
|
||||
# Required for [iptables]
|
||||
cap_add:
|
||||
- NET_ADMIN
|
||||
- NET_RAW
|
||||
depends_on:
|
||||
- i2pd
|
||||
volumes:
|
||||
- /tmp/contained:/mount
|
||||
extra_hosts:
|
||||
- "stats.i2p:127.0.0.1"
|
||||
networks:
|
||||
i2p_net:
|
||||
ipv4_address: 172.16.200.20
|
||||
aliases:
|
||||
- contained
|
||||
|
||||
networks:
|
||||
i2p_net:
|
||||
driver: bridge
|
||||
ipam:
|
||||
config:
|
||||
- subnet: "172.16.200.0/24"
|
||||
|
||||
# iptables: https://stackoverflow.com/questions/41706983/installing-iptables-in-docker-container-based-on-alpinelinux
|
17
exec.sh
Normal file
17
exec.sh
Normal file
@@ -0,0 +1,17 @@
|
||||
#!/bin/bash
|
||||
set -euo pipefail
|
||||
IFS=$'\n\t'
|
||||
|
||||
|
||||
# https://websistent.com/linux-iptables-log-everything/
|
||||
iptables -I OUTPUT 1 -j NFLOG
|
||||
iptables -t nat -I OUTPUT 1 -j NFLOG
|
||||
|
||||
iptables -t nat -A OUTPUT -p tcp -j REDIRECT --to-ports 10080
|
||||
iptables -t nat -A OUTPUT -o eth0 -p udp -m udp --dport 53 -j REDIRECT --to-port 1053
|
||||
|
||||
ulogd -d
|
||||
tcpdump -w /mount/tcp.dmp &
|
||||
|
||||
/opt/pr0cks/pr0cks.py --proxy http:176.16.200.10:4444
|
||||
|
1
pr0cks
Submodule
1
pr0cks
Submodule
Submodule pr0cks added at 715a0c91eb
8
ulogd.conf
Normal file
8
ulogd.conf
Normal file
@@ -0,0 +1,8 @@
|
||||
stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
|
||||
# note log1 & emu1 in this stack configuration
|
||||
[log1]
|
||||
group=0
|
||||
# & change the logging location
|
||||
[emu1]
|
||||
file="/var/log/ulogd_contained.log"
|
||||
sync=1
|
Reference in New Issue
Block a user