Python，Scapy和Netfilterqueue仅拦截从客户端到服务器的HTTP数据包

[我正在尝试编写一个Python脚本，以拦截来自Linux计算机上eth0接口的所有HTTP请求。

我只能看到从客户端发送到服务器的HTTP数据包（例如192.168.1.201-> 151.101.1.69），但是我从未看到从服务器发送到客户端的HTTP数据包（例如151.101。 1.69-> 192.168.1.201）...

这里是完整的python脚本...

运行时，仅通过以下条件：

if http_packet[TCP].dport == 80:

并且永远不会通过以下条件：

if http_packet[TCP].sport == 80:

谢谢！

# apt-get install build-essential python-dev libnetfilter-queue-dev
# pip install NetfilterQueue
# sudo apt-get install python-netfilterqueue
# iptables -F
# iptables -F -t nat
# iptables -I FORWARD -j NFQUEUE --queue-num 0

from netfilterqueue import NetfilterQueue
import scapy.all as scapy
import re
import os

from scapy.layers.inet import IP, TCP

os.system("echo '1' > /proc/sys/net/ipv4/ip_forward")
os.system("iptables -F")
os.system("iptables -F -t nat")
os.system("iptables -A FORWARD -j NFQUEUE --queue-num 0")

ip_src = ""
ip_dst = ""


def print_and_accept(packet):
    global ip_src, ip_dst, dst_port, src_port
    http_packet = scapy.IP(packet.get_payload())

    if http_packet.haslayer(scapy.Raw) and http_packet.haslayer(TCP):
        if IP in http_packet:
            ip_src = http_packet[IP].src
            ip_dst = http_packet[IP].dst

            print(ip_src + " -> " + ip_dst)

            if http_packet[TCP].dport == 80:
                print(ip_src + " -> " + ip_dst + " ** client to server **")
                load = http_packet[scapy.Raw].load
                print(load)
                load = re.sub("Accept-Encoding:.*?\\r\\n", "", load)

            if http_packet[TCP].sport == 80:
                print(ip_src + " -> " + ip_dst + " ** server to client **")
                load = http_packet[scapy.Raw].load
                print(load)
                load = re.sub("Accept-Encoding:.*?\\r\\n", "", load)

    packet.accept()


nf_queue = NetfilterQueue()
nf_queue.bind(0, print_and_accept)
try:
    nf_queue.run()
except KeyboardInterrupt:
    os.system("iptables -F")
    os.system("iptables -F -t nat")
    print("Gettin' out")

nf_queue.unbind()