2603.6 - removed port 22 from exlusion
This commit is contained in:
@@ -8,6 +8,7 @@ ExecStart=/usr/bin/python3 -m portspoof_py \
|
|||||||
-s /etc/portspoof/portspoof_signatures \
|
-s /etc/portspoof/portspoof_signatures \
|
||||||
-c /etc/portspoof/portspoof.conf \
|
-c /etc/portspoof/portspoof.conf \
|
||||||
-l /var/log/portspoof/portspoof.jsonl \
|
-l /var/log/portspoof/portspoof.jsonl \
|
||||||
|
--exclude 22 \
|
||||||
--admin-port 8080
|
--admin-port 8080
|
||||||
User=root
|
User=root
|
||||||
TimeoutStopSec=30
|
TimeoutStopSec=30
|
||||||
|
|||||||
@@ -1,2 +1,2 @@
|
|||||||
"""portspoof_py — asyncio Python rewrite of the portspoof TCP honeypot."""
|
"""portspoof_py — asyncio Python rewrite of the portspoof TCP honeypot."""
|
||||||
__version__ = '2603.5'
|
__version__ = '2603.6'
|
||||||
|
|||||||
@@ -36,6 +36,9 @@ def _parse_args(argv=None):
|
|||||||
help='JSON log output file')
|
help='JSON log output file')
|
||||||
p.add_argument('--iface', metavar='IFACE',
|
p.add_argument('--iface', metavar='IFACE',
|
||||||
help='Network interface for iptables rules (e.g. eth0)')
|
help='Network interface for iptables rules (e.g. eth0)')
|
||||||
|
p.add_argument('--exclude', metavar='PORTS', default='',
|
||||||
|
help='Comma-separated ports to exclude from iptables REDIRECT '
|
||||||
|
'(e.g. --exclude 22,2222). Port 22 is no longer exempt by default.')
|
||||||
p.add_argument('--no-iptables', action='store_true',
|
p.add_argument('--no-iptables', action='store_true',
|
||||||
help='Skip iptables rule setup/teardown')
|
help='Skip iptables rule setup/teardown')
|
||||||
p.add_argument('-v', '--verbose', action='store_true',
|
p.add_argument('-v', '--verbose', action='store_true',
|
||||||
@@ -110,9 +113,10 @@ def main(argv=None) -> int:
|
|||||||
print(f"[portspoof] port map ready ({len(cfg.port_map)} entries)", flush=True)
|
print(f"[portspoof] port map ready ({len(cfg.port_map)} entries)", flush=True)
|
||||||
|
|
||||||
# iptables setup
|
# iptables setup
|
||||||
exempt = [args.admin_port] if args.admin_port else []
|
exclude_ports = [int(p.strip()) for p in args.exclude.split(',') if p.strip().isdigit()]
|
||||||
|
exempt = exclude_ports + ([args.admin_port] if args.admin_port else [])
|
||||||
if not args.no_iptables:
|
if not args.no_iptables:
|
||||||
exempt_desc = ', '.join(str(p) for p in [22] + exempt + [args.port])
|
exempt_desc = ', '.join(str(p) for p in exempt + [args.port])
|
||||||
iface_desc = args.iface or 'all'
|
iface_desc = args.iface or 'all'
|
||||||
print(f"[portspoof] adding iptables rules (listener={args.port}, exempt={exempt_desc}, iface={iface_desc})")
|
print(f"[portspoof] adding iptables rules (listener={args.port}, exempt={exempt_desc}, iface={iface_desc})")
|
||||||
try:
|
try:
|
||||||
|
|||||||
@@ -29,10 +29,10 @@ def check_root() -> bool:
|
|||||||
|
|
||||||
|
|
||||||
def _exempt_list(listen_port: int, exempt_ports: Optional[list]) -> list:
|
def _exempt_list(listen_port: int, exempt_ports: Optional[list]) -> list:
|
||||||
"""Return deduped ordered list: [22, *extras, listen_port]."""
|
"""Return deduped ordered list: [*extras, listen_port]."""
|
||||||
seen: set = set()
|
seen: set = set()
|
||||||
result = []
|
result = []
|
||||||
for p in [22] + (exempt_ports or []) + [listen_port]:
|
for p in (exempt_ports or []) + [listen_port]:
|
||||||
if p not in seen:
|
if p not in seen:
|
||||||
seen.add(p)
|
seen.add(p)
|
||||||
result.append(p)
|
result.append(p)
|
||||||
|
|||||||
@@ -4,7 +4,7 @@ build-backend = "flit_core.buildapi"
|
|||||||
|
|
||||||
[project]
|
[project]
|
||||||
name = "portspoof-py"
|
name = "portspoof-py"
|
||||||
version = "2603.5"
|
version = "2603.6"
|
||||||
description = "Python asyncio rewrite of the portspoof TCP honeypot"
|
description = "Python asyncio rewrite of the portspoof TCP honeypot"
|
||||||
readme = "README.md"
|
readme = "README.md"
|
||||||
requires-python = ">=3.11"
|
requires-python = ">=3.11"
|
||||||
|
|||||||
Reference in New Issue
Block a user