zedddie/nsc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge pull request 'Fix ipv4 port extraction; Fix ipv6 presentation; Implement Display for PacketInfo' (#4) from fix-port-parse into main

Browse source 
Reviewed-on: https://codeberg.org/NamelessTeam/nsc/pulls/4
This commit is contained in:
Namilsk 2026-03-23 21:34:11 +01:00
commit 39fe1b820b
2 changed files with 95 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

94
src/sniffing/headers.rs
View file

@ -1,4 +1,5 @@
use tun::Error; use tun::Error;
use std::fmt;
// Here we will recieve bytes and try to get their destanation & apply Rules for them. // Here we will recieve bytes and try to get their destanation & apply Rules for them.
use crate::config::Config; use crate::config::Config;
@ -9,8 +10,15 @@ pub enum Protocol {
UDP, UDP,
Unsupported(u8) Unsupported(u8)
} }
type SourceV4Ip = Ipv4;
type SourceV6Ip = Ipv6;
#[derive(PartialEq, Debug)]
pub enum IpVersion {
V4,
V6
}
type Ipv4 = [u8; 4]; type Ipv4 = [u8; 4];
type Ipv6 = [u8; 16]; type Ipv6 = [u16; 8];
type Port = u16; type Port = u16;
#[derive(Debug, PartialEq)] #[derive(Debug, PartialEq)]
pub enum PacketInfo { pub enum PacketInfo {
@ -34,7 +42,70 @@ pub enum PacketInfo {
} }
} }
impl fmt::Display for PacketInfo {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
if self.version() == &IpVersion::V4 {
let src_ip = self.src_ipv4_ip().unwrap();
let dst_ip = self.dst_ipv4_ip().unwrap();
write!(f, "{}.{}.{}.{}:{} -> {}.{}.{}.{}:{} {:?} is dns? {:?}", src_ip[0], src_ip[1], src_ip[2], src_ip[3], self.src_port(), dst_ip[0], dst_ip[1], dst_ip[2], dst_ip[3], self.dst_port(), self.protocol(), self.dns())
} else {
let src_ip = self.src_ipv6_ip().unwrap();
let dst_ip = self.dst_ipv6_ip().unwrap();
// y:y:y:y:y:y:y:y = 8 hexademical; y = segment, pair of 2 u8 big endian
write!(f, "{:x}:{:x}:{:x}:{:x}:{:x}:{:x}:{:x}:{:x} port:{} -> {:x}:{:x}:{:x}:{:x}:{:x}:{:x}:{:x}:{:x} port:{} {:?} is dns? {:?}", src_ip[0], src_ip[1], src_ip[2], src_ip[3], src_ip[4], src_ip[5], src_ip[6], src_ip[7], self.src_port(), dst_ip[0], dst_ip[1], dst_ip[2], dst_ip[3], dst_ip[4], dst_ip[5], dst_ip[6], dst_ip[7], self.dst_port(), self.protocol(), self.dns())
}
}
}
impl PacketInfo { impl PacketInfo {
pub fn dns(&self) -> &bool {
match self {
PacketInfo::V4 { dns, ..} => dns,
PacketInfo::V6 { dns, ..} => dns,
}
}
pub fn src_ipv6_ip(&self) -> Option<&SourceV6Ip> {
match self {
PacketInfo::V6 { src_ip, .. } => Some(src_ip),
_ => None
}
}
pub fn dst_ipv6_ip(&self) -> Option<&SourceV6Ip> {
match self {
PacketInfo::V6 { dst_ip, .. } => Some(dst_ip),
_ => None
}
}
pub fn src_ipv4_ip(&self) -> Option<&SourceV4Ip> {
match self {
PacketInfo::V4 { src_ip, .. } => Some(src_ip),
_ => None,
}
}
pub fn dst_ipv4_ip(&self) -> Option<&SourceV4Ip> {
match self {
PacketInfo::V4 { dst_ip, .. } => Some(dst_ip),
_ => None
}
}
pub fn src_port(&self) -> &Port {
match self {
PacketInfo::V4 { src_port, .. } => src_port,
PacketInfo::V6 { src_port, .. } => src_port
}
}
pub fn dst_port(&self) -> &Port {
match self {
PacketInfo::V4 { dst_port, .. } => dst_port,
PacketInfo::V6 { dst_port, .. } => dst_port
}
}
pub fn version(&self) -> &IpVersion {
match self {
PacketInfo::V4 { .. }=> &IpVersion::V4,
PacketInfo::V6 { .. }=> &IpVersion::V6
}
}
pub fn protocol(&self) -> &Protocol { pub fn protocol(&self) -> &Protocol {
match self { match self {
PacketInfo::V4 { protocol, .. } => protocol, PacketInfo::V4 { protocol, .. } => protocol,
@ -52,13 +123,14 @@ pub fn sniff_raw_packets(packet: &Packet) -> SniffedPacket {
let ver = packet[0] >> 4; let ver = packet[0] >> 4;
match ver { match ver {
4 => { 4 => {
let dst_port = Port::from_be_bytes([packet[22], packet[23]]); // Internet Header Length (IHL).
let ihl = (packet[0] & 0x0F) as usize * 4;
let dst_port = Port::from_be_bytes([packet[ihl+2], packet[ihl+3]]);
let dns; let dns;
if dst_port == 53 { dns = true; } else { dns = false; }; if dst_port == 53 { dns = true; } else { dns = false; };
// FIXME: hardcoded IPv4 port offset
let v4 = PacketInfo::V4{ let v4 = PacketInfo::V4{
src_ip: <Ipv4>::try_from(&packet[12..16])?, src_ip: <Ipv4>::try_from(&packet[12..16])?,
src_port: Port::from_be_bytes([packet[20], packet[21]]), src_port: Port::from_be_bytes([packet[ihl], packet[ihl+1]]),
dst_ip: <Ipv4>::try_from(&packet[16..20])?, dst_ip: <Ipv4>::try_from(&packet[16..20])?,
dst_port, dst_port,
protocol: match packet[9] { protocol: match packet[9] {
@ -69,7 +141,7 @@ pub fn sniff_raw_packets(packet: &Packet) -> SniffedPacket {
dns dns
}; };
if !matches!(v4.protocol(), Protocol::Unsupported(_)) { if !matches!(v4.protocol(), Protocol::Unsupported(_)) {
println!("{v4:?}"); println!("{v4}");
} else { } else {
// TODO: make --debug option which will include this diagnostic, for general use this // TODO: make --debug option which will include this diagnostic, for general use this
// should be off // should be off
@ -78,13 +150,17 @@ pub fn sniff_raw_packets(packet: &Packet) -> SniffedPacket {
Ok(v4) Ok(v4)
}, },
6 => { 6 => {
let dst_port = Port::from_be_bytes([packet[22], packet[23]]); // y:y:y:y:y:y:y:y hexademical; y = segment, pair of 2 u8 in big endian
let src_ip = std::array::from_fn(|i| u16::from_be_bytes([packet[8 + i*2], packet[8 + i*2 + 1]]));
let dst_ip = std::array::from_fn(|i| u16::from_be_bytes([packet[24 + i*2], packet[24 + i*2 + 1]]));
let dst_port = Port::from_be_bytes([packet[42], packet[43]]);
let dns; let dns;
if dst_port == 53 { dns = true; } else { dns = false; }; if dst_port == 53 { dns = true; } else { dns = false; };
let v6 = PacketInfo::V6{ let v6 = PacketInfo::V6{
src_ip: <Ipv6>::try_from(&packet[8..24])?, src_ip,
src_port: Port::from_be_bytes([packet[40], packet[41]]), src_port: Port::from_be_bytes([packet[40], packet[41]]),
dst_ip: <Ipv6>::try_from(&packet[24..40])?, dst_ip,
dst_port, dst_port,
protocol: match packet[6] { protocol: match packet[6] {
6 => Protocol::TCP, 6 => Protocol::TCP,
@ -94,7 +170,7 @@ pub fn sniff_raw_packets(packet: &Packet) -> SniffedPacket {
dns dns
}; };
if !matches!(v6.protocol(), Protocol::Unsupported(_)) { if !matches!(v6.protocol(), Protocol::Unsupported(_)) {
println!("{v6:?}"); println!("{v6}");
} else { } else {
// TODO: make --debug option which will include this diagnostic, for general use this // TODO: make --debug option which will include this diagnostic, for general use this
// should be off // should be off

20
tests/headers.rs
View file

@ -115,7 +115,7 @@ fn generic_typeck() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
// [0] IPv4 TCP 192.168.1.100:4832 → 93.184.216.34:443 // [0] IPv4 TCP 192.168.1.100:4832 → 93.184.216.34:443
assert_eq!( assert_eq!(
sniff_raw_packets(test_suite[0])?, sniff_raw_packets(test_suite[0])?,
PacketInfo::V4 { PacketInfo::V6 { dns: false,
src_ip: [192, 168, 1, 100], src_ip: [192, 168, 1, 100],
src_port: 4832, src_port: 4832,
dst_ip: [93, 184, 216, 34], dst_ip: [93, 184, 216, 34],
@ -127,7 +127,7 @@ fn generic_typeck() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
// [1] IPv4 UDP 10.0.0.9:5353 → 224.0.0.251:5353 (mDNS) // [1] IPv4 UDP 10.0.0.9:5353 → 224.0.0.251:5353 (mDNS)
assert_eq!( assert_eq!(
sniff_raw_packets(test_suite[1])?, sniff_raw_packets(test_suite[1])?,
PacketInfo::V4 { PacketInfo::V6 { dns: false,
src_ip: [10, 0, 0, 9], src_ip: [10, 0, 0, 9],
src_port: 5353, src_port: 5353,
dst_ip: [224, 0, 0, 251], dst_ip: [224, 0, 0, 251],
@ -139,7 +139,7 @@ fn generic_typeck() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
// [2] IPv4 UDP 10.0.0.9:1024 → 8.8.8.8:53 (DNS) // [2] IPv4 UDP 10.0.0.9:1024 → 8.8.8.8:53 (DNS)
assert_eq!( assert_eq!(
sniff_raw_packets(test_suite[2])?, sniff_raw_packets(test_suite[2])?,
PacketInfo::V4 { PacketInfo::V6 { dns: false,
src_ip: [10, 0, 0, 9], src_ip: [10, 0, 0, 9],
src_port: 1024, src_port: 1024,
dst_ip: [8, 8, 8, 8], dst_ip: [8, 8, 8, 8],
@ -151,7 +151,7 @@ fn generic_typeck() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
// [3] IPv4 TCP 10.0.0.5:54321 → 10.0.0.1:80 (HTTP) // [3] IPv4 TCP 10.0.0.5:54321 → 10.0.0.1:80 (HTTP)
assert_eq!( assert_eq!(
sniff_raw_packets(test_suite[3])?, sniff_raw_packets(test_suite[3])?,
PacketInfo::V4 { PacketInfo::V6 { dns: false,
src_ip: [10, 0, 0, 5], src_ip: [10, 0, 0, 5],
src_port: 54321, src_port: 54321,
dst_ip: [10, 0, 0, 1], dst_ip: [10, 0, 0, 1],
@ -163,7 +163,7 @@ fn generic_typeck() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
// [4] IPv4 TCP 172.16.0.1:65535 → 172.16.0.2:8080 // [4] IPv4 TCP 172.16.0.1:65535 → 172.16.0.2:8080
assert_eq!( assert_eq!(
sniff_raw_packets(test_suite[4])?, sniff_raw_packets(test_suite[4])?,
PacketInfo::V4 { PacketInfo::V6 { dns: false,
src_ip: [172, 16, 0, 1], src_ip: [172, 16, 0, 1],
src_port: 65535, src_port: 65535,
dst_ip: [172, 16, 0, 2], dst_ip: [172, 16, 0, 2],
@ -175,7 +175,7 @@ fn generic_typeck() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
// [5] IPv4 TCP IHL=6 10.0.0.1:9090 → 10.0.0.2:22 (requires IHL-based offset) // [5] IPv4 TCP IHL=6 10.0.0.1:9090 → 10.0.0.2:22 (requires IHL-based offset)
assert_eq!( assert_eq!(
sniff_raw_packets(test_suite[5])?, sniff_raw_packets(test_suite[5])?,
PacketInfo::V4 { PacketInfo::V6 { dns: false,
src_ip: [10, 0, 0, 1], src_ip: [10, 0, 0, 1],
src_port: 9090, src_port: 9090,
dst_ip: [10, 0, 0, 2], dst_ip: [10, 0, 0, 2],
@ -187,7 +187,7 @@ fn generic_typeck() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
// [6] IPv4 ICMP (unsupported, "ports" are just ICMP body bytes) // [6] IPv4 ICMP (unsupported, "ports" are just ICMP body bytes)
assert_eq!( assert_eq!(
sniff_raw_packets(test_suite[6])?, sniff_raw_packets(test_suite[6])?,
PacketInfo::V4 { PacketInfo::V6 { dns: false,
src_ip: [10, 0, 0, 9], src_ip: [10, 0, 0, 9],
src_port: 2048, src_port: 2048,
dst_ip: [10, 0, 0, 1], dst_ip: [10, 0, 0, 1],
@ -199,7 +199,7 @@ fn generic_typeck() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
// [7] IPv6 TCP [::1]:4000 → [2606:4700::1]:443 // [7] IPv6 TCP [::1]:4000 → [2606:4700::1]:443
assert_eq!( assert_eq!(
sniff_raw_packets(test_suite[7])?, sniff_raw_packets(test_suite[7])?,
PacketInfo::V6 { PacketInfo::V6 { dns: false,
src_ip: [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1], src_ip: [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1],
src_port: 4000, src_port: 4000,
dst_ip: [0x26, 0x06, 0x47, 0x00, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1], dst_ip: [0x26, 0x06, 0x47, 0x00, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1],
@ -211,7 +211,7 @@ fn generic_typeck() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
// [8] IPv6 UDP [fd00::9]:1234 → [fd00::1]:53 (requires fixing 17 => UDP) // [8] IPv6 UDP [fd00::9]:1234 → [fd00::1]:53 (requires fixing 17 => UDP)
assert_eq!( assert_eq!(
sniff_raw_packets(test_suite[8])?, sniff_raw_packets(test_suite[8])?,
PacketInfo::V6 { PacketInfo::V6 { dns: false,
src_ip: [0xFD, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 9], src_ip: [0xFD, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 9],
src_port: 1234, src_port: 1234,
dst_ip: [0xFD, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1], dst_ip: [0xFD, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1],
@ -223,7 +223,7 @@ fn generic_typeck() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
// [9] IPv6 ICMPv6 (unsupported, "ports" are ICMPv6 body bytes) // [9] IPv6 ICMPv6 (unsupported, "ports" are ICMPv6 body bytes)
assert_eq!( assert_eq!(
sniff_raw_packets(test_suite[9])?, sniff_raw_packets(test_suite[9])?,
PacketInfo::V6 { PacketInfo::V6 { dns: false,
src_ip: [0xFE, 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1], src_ip: [0xFE, 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1],
src_port: 32768, src_port: 32768,
dst_ip: [0xFF, 0x02, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1], dst_ip: [0xFF, 0x02, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1],