When I drop the packet I get an exception that the verdict has already being given for the packet how can I overcome this

Question

When I drop the packet I get an exception that the verdict has already being given for the packet how can I overcome this

masind opened this issue 4 years ago · 2 comments

import scapy.all as scapy
import socket
from colorama import Fore,init
from dns import reversename,resolver
import re
init()
def process_packet(packet):
scapy.packet=scapy.IP(packet.get_payload())
if scapy.packet.haslayer(scapy.Raw):
if scapy.packet[scapy.TCP].dport==443:
tcppayload=scapy.packet[scapy.Raw].load
if re.search('\x16\x03',str(tcppayload),flags=0):
print("mull")
packet.drop()

    elif scapy.packet[scapy.TCP].sport==443:
        #print(Fore.GREEN+"[+]HTTP RESPONSE")
        ann=scapy.packet[scapy.IP].src
        #print(str(ann))

packet.accept()

queue=netfilterqueue.NetfilterQueue()
queue.bind(0,process_packet)
queue.run()

Answer 1 · 2021-01-22T11:25:25.000Z

Hi @masind , can you please paste your code inside a code-block ? The indentation is messed up :)

Answer 2 · 2022-01-14T00:23:09.000Z

It's hard to tell from the indentation, but it looks like you're calling accept() unconditionally, even though you've already called drop() in some cases. Only the first verdict (of accept, drop, repeat) that you issue will have any effect, so netfilterqueue makes issuing a second verdict for the same packet an error.