diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/sniffing/headers.rs | 94 |
1 files changed, 85 insertions, 9 deletions
diff --git a/src/sniffing/headers.rs b/src/sniffing/headers.rs index a5b0480..40a311c 100644 --- a/src/sniffing/headers.rs +++ b/src/sniffing/headers.rs @@ -1,4 +1,5 @@ use tun::Error; +use std::fmt; // Here we will recieve bytes and try to get their destanation & apply Rules for them. use crate::config::Config; @@ -9,8 +10,15 @@ pub enum Protocol { UDP, Unsupported(u8) } +type SourceV4Ip = Ipv4; +type SourceV6Ip = Ipv6; +#[derive(PartialEq, Debug)] +pub enum IpVersion { + V4, + V6 +} type Ipv4 = [u8; 4]; -type Ipv6 = [u8; 16]; +type Ipv6 = [u16; 8]; type Port = u16; #[derive(Debug, PartialEq)] pub enum PacketInfo { @@ -34,7 +42,70 @@ pub enum PacketInfo { } } +impl fmt::Display for PacketInfo { + fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { + if self.version() == &IpVersion::V4 { + let src_ip = self.src_ipv4_ip().unwrap(); + let dst_ip = self.dst_ipv4_ip().unwrap(); + write!(f, "{}.{}.{}.{}:{} -> {}.{}.{}.{}:{} {:?} is dns? {:?}", src_ip[0], src_ip[1], src_ip[2], src_ip[3], self.src_port(), dst_ip[0], dst_ip[1], dst_ip[2], dst_ip[3], self.dst_port(), self.protocol(), self.dns()) + } else { + let src_ip = self.src_ipv6_ip().unwrap(); + let dst_ip = self.dst_ipv6_ip().unwrap(); + // y:y:y:y:y:y:y:y = 8 hexademical; y = segment, pair of 2 u8 big endian + write!(f, "{:x}:{:x}:{:x}:{:x}:{:x}:{:x}:{:x}:{:x} port:{} -> {:x}:{:x}:{:x}:{:x}:{:x}:{:x}:{:x}:{:x} port:{} {:?} is dns? {:?}", src_ip[0], src_ip[1], src_ip[2], src_ip[3], src_ip[4], src_ip[5], src_ip[6], src_ip[7], self.src_port(), dst_ip[0], dst_ip[1], dst_ip[2], dst_ip[3], dst_ip[4], dst_ip[5], dst_ip[6], dst_ip[7], self.dst_port(), self.protocol(), self.dns()) + } + } +} + impl PacketInfo { + pub fn dns(&self) -> &bool { + match self { + PacketInfo::V4 { dns, ..} => dns, + PacketInfo::V6 { dns, ..} => dns, + } + } + pub fn src_ipv6_ip(&self) -> Option<&SourceV6Ip> { + match self { + PacketInfo::V6 { src_ip, .. } => Some(src_ip), + _ => None + } + } + pub fn dst_ipv6_ip(&self) -> Option<&SourceV6Ip> { + match self { + PacketInfo::V6 { dst_ip, .. } => Some(dst_ip), + _ => None + } + } + pub fn src_ipv4_ip(&self) -> Option<&SourceV4Ip> { + match self { + PacketInfo::V4 { src_ip, .. } => Some(src_ip), + _ => None, + } + } + pub fn dst_ipv4_ip(&self) -> Option<&SourceV4Ip> { + match self { + PacketInfo::V4 { dst_ip, .. } => Some(dst_ip), + _ => None + } + } + pub fn src_port(&self) -> &Port { + match self { + PacketInfo::V4 { src_port, .. } => src_port, + PacketInfo::V6 { src_port, .. } => src_port + } + } + pub fn dst_port(&self) -> &Port { + match self { + PacketInfo::V4 { dst_port, .. } => dst_port, + PacketInfo::V6 { dst_port, .. } => dst_port + } + } + pub fn version(&self) -> &IpVersion { + match self { + PacketInfo::V4 { .. }=> &IpVersion::V4, + PacketInfo::V6 { .. }=> &IpVersion::V6 + } + } pub fn protocol(&self) -> &Protocol { match self { PacketInfo::V4 { protocol, .. } => protocol, @@ -52,13 +123,14 @@ pub fn sniff_raw_packets(packet: &Packet) -> SniffedPacket { let ver = packet[0] >> 4; match ver { 4 => { - let dst_port = Port::from_be_bytes([packet[22], packet[23]]); + // Internet Header Length (IHL). + let ihl = (packet[0] & 0x0F) as usize * 4; + let dst_port = Port::from_be_bytes([packet[ihl+2], packet[ihl+3]]); let dns; if dst_port == 53 { dns = true; } else { dns = false; }; - // FIXME: hardcoded IPv4 port offset let v4 = PacketInfo::V4{ src_ip: <Ipv4>::try_from(&packet[12..16])?, - src_port: Port::from_be_bytes([packet[20], packet[21]]), + src_port: Port::from_be_bytes([packet[ihl], packet[ihl+1]]), dst_ip: <Ipv4>::try_from(&packet[16..20])?, dst_port, protocol: match packet[9] { @@ -69,7 +141,7 @@ pub fn sniff_raw_packets(packet: &Packet) -> SniffedPacket { dns }; if !matches!(v4.protocol(), Protocol::Unsupported(_)) { - println!("{v4:?}"); + println!("{v4}"); } else { // TODO: make --debug option which will include this diagnostic, for general use this // should be off @@ -78,13 +150,17 @@ pub fn sniff_raw_packets(packet: &Packet) -> SniffedPacket { Ok(v4) }, 6 => { - let dst_port = Port::from_be_bytes([packet[22], packet[23]]); + // y:y:y:y:y:y:y:y hexademical; y = segment, pair of 2 u8 in big endian + let src_ip = std::array::from_fn(|i| u16::from_be_bytes([packet[8 + i*2], packet[8 + i*2 + 1]])); + let dst_ip = std::array::from_fn(|i| u16::from_be_bytes([packet[24 + i*2], packet[24 + i*2 + 1]])); + + let dst_port = Port::from_be_bytes([packet[42], packet[43]]); let dns; if dst_port == 53 { dns = true; } else { dns = false; }; let v6 = PacketInfo::V6{ - src_ip: <Ipv6>::try_from(&packet[8..24])?, + src_ip, src_port: Port::from_be_bytes([packet[40], packet[41]]), - dst_ip: <Ipv6>::try_from(&packet[24..40])?, + dst_ip, dst_port, protocol: match packet[6] { 6 => Protocol::TCP, @@ -94,7 +170,7 @@ pub fn sniff_raw_packets(packet: &Packet) -> SniffedPacket { dns }; if !matches!(v6.protocol(), Protocol::Unsupported(_)) { - println!("{v6:?}"); + println!("{v6}"); } else { // TODO: make --debug option which will include this diagnostic, for general use this // should be off |