I’m just going to leave this here…
It’s a little something that I put together for today. Seems appropriate…
Please let me know what you think it does.
#!/usr/bin/env python3 # this python script MUST be run as root # also, once this is running, it is necessary to run the # following iptables command designating the appropriate device: # iptables -A OUTPUT -o <device> -j NFQUEUE --queue-num 3514 from scapy.all import * from netfilterqueue import NetfilterQueue def doIt(packet): scapypkt = IP(packet.get_payload()) scapypkt[IP].flags |= 4 del scapypkt[IP].chksum packet.set_payload(bytes(scapypkt)) packet.accept() # bind the callback function to the queue nfqueue = NetfilterQueue() nfqueue.bind(3514, doIt) try: nfqueue.run() except KeyboardInterrupt: pass
Owner, Principal Consultant
Bad Wolf Security, LLC
Senior Technical Engineer
April 1, 2021
P.S.: It’s probably NOT the best idea to actually do this for all of your network traffic. I tested it by adding -p ICMP to the
iptables command, and it actually works and does a fine job… That being said, I take NO responsibility.
P.P.S.: I finally gave into temptation and I’ve been running it on all traffic for quite a while now. I even pushed this update to the site just now with it running. It’s working like a charm - color me impressed.
echo 'VGhlIG51bWJlciAzNTE0IGlzIGludm9sdmVkIGluIGFsbCBvZiB0aGlzIHNvbWVob3cuCg==' | base64 -d
echo 'VGhpcyBoYXMgc29tZXRoaW5nIHRvIGRvIHdpdGggYSBnZW50bGVtYW4gbmFtZWQgU3RldmUgQmVsbG92aW4uCg==' | base64 -d