[RedirectAllTraffic test fails] Proper interception of TCP requests to Arbitrary/Named Host when RedirectAllTraffic is disabled

[3V3RYONE]

Bug

As per the test.py script, when RedirectAllTraffic option is disabled in the configs, the TCP socket requests to arbitrary host (e.g. - 8.8.8.8) and named host (e.g. - does-not-exist-amirite.fireeye.com) at a bound port should NOT be intercepted. In other words, the RawTCPListener should not respond to the TCP requests with host 8.8.8.8 or does-not-exist-amirite.fireeye.com for port 1337, when RedirectAllTraffic is disabled.

But in multihost operation mode, FakeNet on Linux responds to TCP traffic with arbitrary host or named host in bound port. Note that this behavior is only with multihost operation mode. In singlehost mode, FakeNet does not respond to arbitrary/named hosts in bound port.

Steps to reproduce

• Setup multihost operation mode for FakeNet-NG. (I will be assuming FakeNet runs on Linux and traffic is initiated on Windows)
• Set RedirectAllTraffic setting to No in fakenet/configs/default.ini on the Linux machine.
• Start a FakeNet session on Linux machine.
• On windows, use ncat 8.8.8.8 1337 to make TCP request to arbitrary host under bound port.
• Upon execution, type any message and verify the same message is logged back from the server to console.
• On windows, use ncat does-not-exist-amirite.fireeye.com 1337 to make TCP request to named host under bound port.
• Upon execution, type any message and verify the same message is logged back from the server to console.

Additional Info

• Found this while testing GSoC'23 Project: Implement an Interactive GUI for presenting Network-Based Indicators summary #163
• Tested on latest commit ac33a70
• OS versions:
  • Linux - Ubuntu 20.04 LTS
  • Windows - MSEdge Win 10
• Both systems are Virtual Machines used on VirtualBox
• Used Host-only network adapters in both machines for communication