Rooba
/
mitmproxy
mirror of https://github.com/mitmproxy/mitmproxy.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3164 from cortesi/ip6scope 

addons/block: teach block about IPv6 scope suffixes
This commit is contained in:
Aldo Cortesi 2018-05-27 11:47:25 +12:00 committed by GitHub
parent dbf01cd34d a38d2d7b0e
commit 69aa5a0d2f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 13 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
mitmproxy/addons/block.py
View File

@ -21,17 +21,19 @@ class Block:
)
def clientconnect(self, layer):
address = ipaddress.ip_address(layer.client_conn.address[0])
astr = layer.client_conn.address[0]
parts = astr.rsplit("%", 1)
address = ipaddress.ip_address(parts[0])
if isinstance(address, ipaddress.IPv6Address):
address = address.ipv4_mapped or address
ipa = ipaddress.ip_address(address)
if ipa.is_loopback:
if address.is_loopback:
return
if ctx.options.block_private and ipa.is_private:
ctx.log.warn("Client connection from %s killed by block_private" % address)
if ctx.options.block_private and address.is_private:
ctx.log.warn("Client connection from %s killed by block_private" % astr)
layer.reply.kill()
if ctx.options.block_global and ipa.is_global:
ctx.log.warn("Client connection from %s killed by block_global" % address)
if ctx.options.block_global and address.is_global:
ctx.log.warn("Client connection from %s killed by block_global" % astr)
layer.reply.kill()

4
test/mitmproxy/addons/test_block.py
View File

@ -17,6 +17,7 @@ from mitmproxy.test import taddons
(True, False, False, ("::ffff:172.20.0.1",)),
(True, False, False, ("::ffff:192.168.1.1",)),
(True, False, False, ("fe80::",)),
(True, False, False, (r"::ffff:192.168.1.1%scope",)),
# block_global: global
(True, False, True, ("1.1.1.1",)),
(True, False, True, ("8.8.8.8",)),
@ -25,6 +26,7 @@ from mitmproxy.test import taddons
(True, False, True, ("::ffff:8.8.8.8",)),
(True, False, True, ("::ffff:216.58.207.174",)),
(True, False, True, ("2001:4860:4860::8888",)),
(True, False, True, (r"2001:4860:4860::8888%scope",)),
# block_private: loopback
@ -37,6 +39,7 @@ from mitmproxy.test import taddons
(False, True, True, ("::ffff:10.0.0.1",)),
(False, True, True, ("::ffff:172.20.0.1",)),
(False, True, True, ("::ffff:192.168.1.1",)),
(False, True, True, (r"::ffff:192.168.1.1%scope",)),
(False, True, True, ("fe80::",)),
# block_private: global
(False, True, False, ("1.1.1.1",)),
@ -45,6 +48,7 @@ from mitmproxy.test import taddons
(False, True, False, ("::ffff:1.1.1.1",)),
(False, True, False, ("::ffff:8.8.8.8",)),
(False, True, False, ("::ffff:216.58.207.174",)),
(False, True, False, (r"::ffff:216.58.207.174%scope",)),
(False, True, False, ("2001:4860:4860::8888",)),
])
@pytest.mark.asyncio