diff options
| author | Fata Nugraha <fata.nugraha@grabtaxi.com> | 2023-08-04 19:09:14 +0700 |
|---|---|---|
| committer | Brian May <brian@linuxpenguins.xyz> | 2023-08-07 20:00:32 +1000 |
| commit | 755e522effe2f9eb9262239fd047812a41ce25bf (patch) | |
| tree | 732b2aeff57f30601223d2a20482f8c762fba2f8 | |
| parent | 6b7cf80420e16ca58fbb6e28ab4adb030436636a (diff) | |
Allow user to tunnel traffic to local port
| -rw-r--r-- | sshuttle/methods/nat.py | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/sshuttle/methods/nat.py b/sshuttle/methods/nat.py index de95008..1254e55 100644 --- a/sshuttle/methods/nat.py +++ b/sshuttle/methods/nat.py @@ -59,11 +59,6 @@ class Method(BaseMethod): '--dport', '53', '--to-ports', str(dnsport)) - # Don't route any remaining local traffic through sshuttle. - _ipt('-A', chain, '-j', 'RETURN', - '-m', 'addrtype', - '--dst-type', 'LOCAL') - # create new subnet entries. for _, swidth, sexclude, snet, fport, lport \ in sorted(subnets, key=subnet_weight, reverse=True): @@ -79,6 +74,11 @@ class Method(BaseMethod): _ipt('-A', chain, '-j', 'REDIRECT', '--dest', '%s/%s' % (snet, swidth), *(tcp_ports + ('--to-ports', str(port)))) + + # Don't route any remaining local traffic through sshuttle. + _ipt('-A', chain, '-j', 'RETURN', + '-m', 'addrtype', + '--dst-type', 'LOCAL') def restore_firewall(self, port, family, udp, user, group): # only ipv4 supported with NAT |