use std::fmt;
use tun::Error;
// Here we will recieve bytes and try to get their destanation & apply Rules for them.
use crate::config::Config;
#[derive(Debug, PartialEq)]
pub enum Protocol {
TCP,
UDP,
Unsupported(u8),
}
type SourceV4Ip = Ipv4;
type SourceV6Ip = Ipv6;
#[derive(PartialEq, Debug)]
pub enum IpVersion {
V4,
V6,
}
type Ipv4 = [u8; 4];
type Ipv6 = [u16; 8];
type Port = u16;
#[derive(Debug, PartialEq)]
pub enum PacketInfo {
//
V4 {
src_ip: Ipv4,
src_port: Port,
dst_ip: Ipv4,
dst_port: Port,
protocol: Protocol,
dns: bool,
},
//
V6 {
src_ip: Ipv6,
src_port: Port,
dst_ip: Ipv6,
dst_port: Port,
protocol: Protocol,
dns: bool,
},
}
impl fmt::Display for PacketInfo {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
if self.version() == &IpVersion::V4 {
let src_ip = self.src_ipv4_ip().unwrap();
let dst_ip = self.dst_ipv4_ip().unwrap();
write!(
f,
"{}.{}.{}.{}:{} -> {}.{}.{}.{}:{} {:?} is dns? {:?}",
src_ip[0],
src_ip[1],
src_ip[2],
src_ip[3],
self.src_port(),
dst_ip[0],
dst_ip[1],
dst_ip[2],
dst_ip[3],
self.dst_port(),
self.protocol(),
self.dns()
)
} else {
let src_ip = self.src_ipv6_ip().unwrap();
let dst_ip = self.dst_ipv6_ip().unwrap();
// y:y:y:y:y:y:y:y = 8 hexademical; y = segment, pair of 2 u8 big endian
write!(
f,
// FIXME: fe80:0:0:0:93a:245e:daac:7a75 -> ff12:0:0:0:0:0:0:8384
// we should drop zeroes in display: fe80::93a:245e:daac:7a75 -> ff12::8384
// NOTE: fe80:0:0:93a:0:245e and fe80:0:93a:0:0:245e can NOT both be compressed to fe80::93a::245e by obvious reasons
"{:x}:{:x}:{:x}:{:x}:{:x}:{:x}:{:x}:{:x} port:{} -> {:x}:{:x}:{:x}:{:x}:{:x}:{:x}:{:x}:{:x} port:{} {:?} is dns? {:?}",
src_ip[0],
src_ip[1],
src_ip[2],
src_ip[3],
src_ip[4],
src_ip[5],
src_ip[6],
src_ip[7],
self.src_port(),
dst_ip[0],
dst_ip[1],
dst_ip[2],
dst_ip[3],
dst_ip[4],
dst_ip[5],
dst_ip[6],
dst_ip[7],
self.dst_port(),
self.protocol(),
self.dns()
)
}
}
}
impl PacketInfo {
pub fn dns(&self) -> &bool {
match self {
PacketInfo::V4 { dns, .. } => dns,
PacketInfo::V6 { dns, .. } => dns,
}
}
pub fn src_ipv6_ip(&self) -> Option<&SourceV6Ip> {
match self {
PacketInfo::V6 { src_ip, .. } => Some(src_ip),
_ => None,
}
}
pub fn dst_ipv6_ip(&self) -> Option<&SourceV6Ip> {
match self {
PacketInfo::V6 { dst_ip, .. } => Some(dst_ip),
_ => None,
}
}
pub fn src_ipv4_ip(&self) -> Option<&SourceV4Ip> {
match self {
PacketInfo::V4 { src_ip, .. } => Some(src_ip),
_ => None,
}
}
pub fn dst_ipv4_ip(&self) -> Option<&SourceV4Ip> {
match self {
PacketInfo::V4 { dst_ip, .. } => Some(dst_ip),
_ => None,
}
}
pub fn src_port(&self) -> &Port {
match self {
PacketInfo::V4 { src_port, .. } => src_port,
PacketInfo::V6 { src_port, .. } => src_port,
}
}
pub fn dst_port(&self) -> &Port {
match self {
PacketInfo::V4 { dst_port, .. } => dst_port,
PacketInfo::V6 { dst_port, .. } => dst_port,
}
}
pub fn version(&self) -> &IpVersion {
match self {
PacketInfo::V4 { .. } => &IpVersion::V4,
PacketInfo::V6 { .. } => &IpVersion::V6,
}
}
pub fn protocol(&self) -> &Protocol {
match self {
PacketInfo::V4 { protocol, .. } => protocol,
PacketInfo::V6 { protocol, .. } => protocol,
}
}
}
// TODO: move these to some appropriate file for code readability.
type GenericError = Box;
type SniffedPacket = Result>;
type Packet = [u8];
pub fn sniff_raw_packets(packet: &Packet) -> SniffedPacket {
let ver = packet[0] >> 4;
match ver {
4 => {
// Internet Header Length (IHL).
let ihl = (packet[0] & 0x0F) as usize * 4;
let dst_port = Port::from_be_bytes([packet[ihl + 2], packet[ihl + 3]]);
let dns;
if dst_port == 53 {
dns = true;
} else {
dns = false;
};
let v4 = PacketInfo::V4 {
src_ip: ::try_from(&packet[12..16])?,
src_port: Port::from_be_bytes([packet[ihl], packet[ihl + 1]]),
dst_ip: ::try_from(&packet[16..20])?,
dst_port,
protocol: match packet[9] {
6 => Protocol::TCP,
17 => Protocol::UDP,
p => Protocol::Unsupported(p),
},
dns,
};
if !matches!(v4.protocol(), Protocol::Unsupported(_)) {
println!("{v4}");
} else {
// TODO: make --debug option which will include this diagnostic, for general use this
// should be off
// println!("oppsie unsupported protocol: {:?}", v4.protocol());
}
Ok(v4)
}
6 => {
// y:y:y:y:y:y:y:y hexademical; y = segment, pair of 2 u8 in big endian
let src_ip = std::array::from_fn(|i| {
u16::from_be_bytes([packet[8 + i * 2], packet[8 + i * 2 + 1]])
});
let dst_ip = std::array::from_fn(|i| {
u16::from_be_bytes([packet[24 + i * 2], packet[24 + i * 2 + 1]])
});
let dst_port = Port::from_be_bytes([packet[42], packet[43]]);
let dns;
if dst_port == 53 {
dns = true;
} else {
dns = false;
};
let v6 = PacketInfo::V6 {
src_ip,
src_port: Port::from_be_bytes([packet[40], packet[41]]),
dst_ip,
dst_port,
protocol: match packet[6] {
6 => Protocol::TCP,
17 => Protocol::UDP,
p => Protocol::Unsupported(p),
},
dns,
};
if !matches!(v6.protocol(), Protocol::Unsupported(_)) {
println!("{v6}");
} else {
// TODO: make --debug option which will include this diagnostic, for general use this
// should be off
// println!("oppsie unsupported protocol: {:?}", v6.protocol());
}
Ok(v6)
}
ver => Err(format!("unsuppiorted ver: {ver}").into()),
}
}
pub fn apply_rules(config: Config, pinfo: PacketInfo) {
todo!()
}