zedddie/nsc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fmt & Added CI

Browse source
This commit is contained in:
namilsk 2026-03-24 00:04:23 +03:00
parent 39fe1b820b
commit b939961181
No known key found for this signature in database
GPG key ID: 2B2F0A4D870B4F9F
16 changed files with 181 additions and 104 deletions
Download patch file Download diff file Expand all files Collapse all files

34
.woodpecker.yaml Normal file
View file

@ -0,0 +1,34 @@
steps:
build:
image: rust:1.94.0-bullseye
environment:
RUST_BACKTRACE: 1
CARGO_TERM_COLOR: always
commands:
- rustup default stable
- cargo build --verbose --release --jobs 4
when:
branch: main
event: [ push, pull_request ]
tests:
image: rust
environment:
RUST_BACKTRACE: 1
CARGO_TERM_COLOR: always
commands:
- cargo test --verbose --jobs 4 -- --test-threads=4
when:
event: [ pull_request, push ]
branch: main
clippy_and_fmt:
image: rust:1.94.0-bullseye
environment:
RUST_BACKTRACE: 1
CARGO_TERM_COLOR: always
commands:
- rustup component add clippy rustfmt
- cargo fmt --all --check
- cargo clippy --jobs 4 -- -D clippy::all # -D warnings
when:
branch: main
event: [ pull_request ]

4
Cargo.lock generated
View file

@ -449,9 +449,6 @@ name = "bytes"
version = "1.11.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1e748733b7cbc798e1434b6ac524f0c1ff2ab456fe201501e6497c8417a4fc33"
dependencies = [
"serde",
]
[[package]]
name = "c2rust-bitfields"
@ -2349,7 +2346,6 @@ name = "nsc"
version = "0.1.0"
dependencies = [
"arti-client",
"bytes",
"ipnet",
"iptables",
"maxminddb",

1
Cargo.toml
View file

@ -11,7 +11,6 @@ prost-build = "0.14.3"
[dependencies]
arti-client = "0.40.0"
bytes = { version = "1.11.1", features = ["serde"] }
ipnet = "2.12.0"
iptables = "0.6.0"
maxminddb = "0.27.3"

4
build.rs
View file

@ -6,9 +6,7 @@ fn main() -> Result<()> {
prost_build::Config::new()
.out_dir(&out_dir)
.compile_protos(
&[
"src/geoparsers/v2ray/proto_src/geosite.proto",
],
&["src/geoparsers/v2ray/proto_src/geosite.proto"],
&["src/geoparsers/v2ray/proto_src/"],
)?;

2
src/config.rs
View file

@ -39,5 +39,3 @@ impl Default for Config {
}
}
}

2
src/geoparsers/v2ray/parsing.rs
View file

@ -1,6 +1,6 @@
use crate::geoparsers::v2ray::types::{Domain, GeoSite, GeoSiteList};
use prost::bytes::Buf;
use prost::Message;
use prost::bytes::Buf;
use std::fs;
pub struct GeoSiteService {

12
src/geoparsers/v2ray/types.rs
View file

@ -33,17 +33,7 @@ pub mod domain {
}
}
/// Type of domain value.
#[derive(
Clone,
Copy,
Debug,
PartialEq,
Eq,
Hash,
PartialOrd,
Ord,
::prost::Enumeration
)]
#[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)]
#[repr(i32)]
pub enum Type {
/// The value is used as is.

2
src/lib.rs
View file

@ -1,4 +1,4 @@
pub mod sniffing;
pub mod config;
pub mod geoparsers;
pub mod sniffing;
pub mod startup;

7
src/main.rs
View file

@ -1,12 +1,11 @@
//mod routing;
//mod config;
//mod geoparsers;
//pub mod sniffing;
mod config;
mod geoparsers;
pub mod sniffing;
//mod startup;
use nsc::startup::init;
fn main() -> Result<(), Box<dyn std::error::Error + Send + Sync + 'static>> {
init()
}

142
src/sniffing/headers.rs
View file

@ -1,5 +1,5 @@
use tun::Error;
use std::fmt;
use tun::Error;
// Here we will recieve bytes and try to get their destanation & apply Rules for them.
use crate::config::Config;
@ -8,14 +8,14 @@ use crate::config::Config;
pub enum Protocol {
TCP,
UDP,
Unsupported(u8)
Unsupported(u8),
}
type SourceV4Ip = Ipv4;
type SourceV6Ip = Ipv6;
#[derive(PartialEq, Debug)]
pub enum IpVersion {
V4,
V6
V6,
}
type Ipv4 = [u8; 4];
type Ipv6 = [u16; 8];
@ -29,7 +29,7 @@ pub enum PacketInfo {
dst_ip: Ipv4,
dst_port: Port,
protocol: Protocol,
dns: bool
dns: bool,
},
// <https://www.geeksforgeeks.org/computer-networks/internet-protocol-version-6-ipv6-header/>
V6 {
@ -38,21 +38,59 @@ pub enum PacketInfo {
dst_ip: Ipv6,
dst_port: Port,
protocol: Protocol,
dns: bool
}
dns: bool,
},
}
impl fmt::Display for PacketInfo {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
if self.version() == &IpVersion::V4 {
let src_ip = self.src_ipv4_ip().unwrap();
let dst_ip = self.dst_ipv4_ip().unwrap();
write!(f, "{}.{}.{}.{}:{} -> {}.{}.{}.{}:{} {:?} is dns? {:?}", src_ip[0], src_ip[1], src_ip[2], src_ip[3], self.src_port(), dst_ip[0], dst_ip[1], dst_ip[2], dst_ip[3], self.dst_port(), self.protocol(), self.dns())
let src_ip = self.src_ipv4_ip().unwrap();
let dst_ip = self.dst_ipv4_ip().unwrap();
write!(
f,
"{}.{}.{}.{}:{} -> {}.{}.{}.{}:{} {:?} is dns? {:?}",
src_ip[0],
src_ip[1],
src_ip[2],
src_ip[3],
self.src_port(),
dst_ip[0],
dst_ip[1],
dst_ip[2],
dst_ip[3],
self.dst_port(),
self.protocol(),
self.dns()
)
} else {
let src_ip = self.src_ipv6_ip().unwrap();
let dst_ip = self.dst_ipv6_ip().unwrap();
let src_ip = self.src_ipv6_ip().unwrap();
let dst_ip = self.dst_ipv6_ip().unwrap();
// y:y:y:y:y:y:y:y = 8 hexademical; y = segment, pair of 2 u8 big endian
write!(f, "{:x}:{:x}:{:x}:{:x}:{:x}:{:x}:{:x}:{:x} port:{} -> {:x}:{:x}:{:x}:{:x}:{:x}:{:x}:{:x}:{:x} port:{} {:?} is dns? {:?}", src_ip[0], src_ip[1], src_ip[2], src_ip[3], src_ip[4], src_ip[5], src_ip[6], src_ip[7], self.src_port(), dst_ip[0], dst_ip[1], dst_ip[2], dst_ip[3], dst_ip[4], dst_ip[5], dst_ip[6], dst_ip[7], self.dst_port(), self.protocol(), self.dns())
write!(
f,
"{:x}:{:x}:{:x}:{:x}:{:x}:{:x}:{:x}:{:x} port:{} -> {:x}:{:x}:{:x}:{:x}:{:x}:{:x}:{:x}:{:x} port:{} {:?} is dns? {:?}",
src_ip[0],
src_ip[1],
src_ip[2],
src_ip[3],
src_ip[4],
src_ip[5],
src_ip[6],
src_ip[7],
self.src_port(),
dst_ip[0],
dst_ip[1],
dst_ip[2],
dst_ip[3],
dst_ip[4],
dst_ip[5],
dst_ip[6],
dst_ip[7],
self.dst_port(),
self.protocol(),
self.dns()
)
}
}
}
@ -60,20 +98,20 @@ impl fmt::Display for PacketInfo {
impl PacketInfo {
pub fn dns(&self) -> &bool {
match self {
PacketInfo::V4 { dns, ..} => dns,
PacketInfo::V6 { dns, ..} => dns,
PacketInfo::V4 { dns, .. } => dns,
PacketInfo::V6 { dns, .. } => dns,
}
}
pub fn src_ipv6_ip(&self) -> Option<&SourceV6Ip> {
match self {
PacketInfo::V6 { src_ip, .. } => Some(src_ip),
_ => None
_ => None,
}
}
pub fn dst_ipv6_ip(&self) -> Option<&SourceV6Ip> {
match self {
PacketInfo::V6 { dst_ip, .. } => Some(dst_ip),
_ => None
_ => None,
}
}
pub fn src_ipv4_ip(&self) -> Option<&SourceV4Ip> {
@ -85,25 +123,25 @@ impl PacketInfo {
pub fn dst_ipv4_ip(&self) -> Option<&SourceV4Ip> {
match self {
PacketInfo::V4 { dst_ip, .. } => Some(dst_ip),
_ => None
_ => None,
}
}
pub fn src_port(&self) -> &Port {
match self {
PacketInfo::V4 { src_port, .. } => src_port,
PacketInfo::V6 { src_port, .. } => src_port
PacketInfo::V6 { src_port, .. } => src_port,
}
}
pub fn dst_port(&self) -> &Port {
match self {
PacketInfo::V4 { dst_port, .. } => dst_port,
PacketInfo::V6 { dst_port, .. } => dst_port
PacketInfo::V6 { dst_port, .. } => dst_port,
}
}
pub fn version(&self) -> &IpVersion {
match self {
PacketInfo::V4 { .. }=> &IpVersion::V4,
PacketInfo::V6 { .. }=> &IpVersion::V6
PacketInfo::V4 { .. } => &IpVersion::V4,
PacketInfo::V6 { .. } => &IpVersion::V6,
}
}
pub fn protocol(&self) -> &Protocol {
@ -125,39 +163,51 @@ pub fn sniff_raw_packets(packet: &Packet) -> SniffedPacket {
4 => {
// Internet Header Length (IHL).
let ihl = (packet[0] & 0x0F) as usize * 4;
let dst_port = Port::from_be_bytes([packet[ihl+2], packet[ihl+3]]);
let dst_port = Port::from_be_bytes([packet[ihl + 2], packet[ihl + 3]]);
let dns;
if dst_port == 53 { dns = true; } else { dns = false; };
let v4 = PacketInfo::V4{
if dst_port == 53 {
dns = true;
} else {
dns = false;
};
let v4 = PacketInfo::V4 {
src_ip: <Ipv4>::try_from(&packet[12..16])?,
src_port: Port::from_be_bytes([packet[ihl], packet[ihl+1]]),
src_port: Port::from_be_bytes([packet[ihl], packet[ihl + 1]]),
dst_ip: <Ipv4>::try_from(&packet[16..20])?,
dst_port,
protocol: match packet[9] {
6 => Protocol::TCP,
17 => Protocol::UDP,
p => Protocol::Unsupported(p)
p => Protocol::Unsupported(p),
},
dns
dns,
};
if !matches!(v4.protocol(), Protocol::Unsupported(_)) {
println!("{v4}");
} else {
// TODO: make --debug option which will include this diagnostic, for general use this
if !matches!(v4.protocol(), Protocol::Unsupported(_)) {
println!("{v4}");
} else {
// TODO: make --debug option which will include this diagnostic, for general use this
// should be off
// println!("oppsie unsupported protocol: {:?}", v4.protocol());
// println!("oppsie unsupported protocol: {:?}", v4.protocol());
}
Ok(v4)
},
}
6 => {
// y:y:y:y:y:y:y:y hexademical; y = segment, pair of 2 u8 in big endian
let src_ip = std::array::from_fn(|i| u16::from_be_bytes([packet[8 + i*2], packet[8 + i*2 + 1]]));
let dst_ip = std::array::from_fn(|i| u16::from_be_bytes([packet[24 + i*2], packet[24 + i*2 + 1]]));
let src_ip = std::array::from_fn(|i| {
u16::from_be_bytes([packet[8 + i * 2], packet[8 + i * 2 + 1]])
});
let dst_ip = std::array::from_fn(|i| {
u16::from_be_bytes([packet[24 + i * 2], packet[24 + i * 2 + 1]])
});
let dst_port = Port::from_be_bytes([packet[42], packet[43]]);
let dns;
if dst_port == 53 { dns = true; } else { dns = false; };
let v6 = PacketInfo::V6{
if dst_port == 53 {
dns = true;
} else {
dns = false;
};
let v6 = PacketInfo::V6 {
src_ip,
src_port: Port::from_be_bytes([packet[40], packet[41]]),
dst_ip,
@ -165,22 +215,20 @@ pub fn sniff_raw_packets(packet: &Packet) -> SniffedPacket {
protocol: match packet[6] {
6 => Protocol::TCP,
17 => Protocol::UDP,
p => Protocol::Unsupported(p)
p => Protocol::Unsupported(p),
},
dns
dns,
};
if !matches!(v6.protocol(), Protocol::Unsupported(_)) {
println!("{v6}");
} else {
// TODO: make --debug option which will include this diagnostic, for general use this
if !matches!(v6.protocol(), Protocol::Unsupported(_)) {
println!("{v6}");
} else {
// TODO: make --debug option which will include this diagnostic, for general use this
// should be off
// println!("oppsie unsupported protocol: {:?}", v6.protocol());
// println!("oppsie unsupported protocol: {:?}", v6.protocol());
}
Ok(v6)
},
ver => {
Err(format!("unsuppiorted ver: {ver}").into())
}
ver => Err(format!("unsuppiorted ver: {ver}").into()),
}
}

1
src/sniffing/metadata.rs
View file

@ -0,0 +1 @@

4
src/startup.rs
View file

@ -1,7 +1,7 @@
// Here we iniitialize systems crucial for nsc
use std::io::Read;
use crate::sniffing::headers::sniff_raw_packets;
use crate::sniffing::headers::Protocol;
use crate::sniffing::headers::sniff_raw_packets;
use std::io::Read;
pub fn init() -> Result<(), Box<dyn std::error::Error + Send + Sync + 'static>> {
let mut config = tun::Configuration::default();
config

32
tests/headers.rs
View file

@ -1,8 +1,8 @@
use nsc::sniffing::*;
use crate::headers::Protocol;
use nsc::sniffing::headers::sniff_raw_packets;
use nsc::sniffing::headers::PacketInfo;
use nsc::sniffing::headers::sniff_raw_packets;
#[test]
fn generic_typeck() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
@ -115,7 +115,8 @@ fn generic_typeck() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
// [0] IPv4 TCP 192.168.1.100:4832 → 93.184.216.34:443
assert_eq!(
sniff_raw_packets(test_suite[0])?,
PacketInfo::V6 { dns: false,
PacketInfo::V6 {
dns: false,
src_ip: [192, 168, 1, 100],
src_port: 4832,
dst_ip: [93, 184, 216, 34],
@ -127,7 +128,8 @@ fn generic_typeck() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
// [1] IPv4 UDP 10.0.0.9:5353 → 224.0.0.251:5353 (mDNS)
assert_eq!(
sniff_raw_packets(test_suite[1])?,
PacketInfo::V6 { dns: false,
PacketInfo::V6 {
dns: false,
src_ip: [10, 0, 0, 9],
src_port: 5353,
dst_ip: [224, 0, 0, 251],
@ -139,7 +141,8 @@ fn generic_typeck() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
// [2] IPv4 UDP 10.0.0.9:1024 → 8.8.8.8:53 (DNS)
assert_eq!(
sniff_raw_packets(test_suite[2])?,
PacketInfo::V6 { dns: false,
PacketInfo::V6 {
dns: false,
src_ip: [10, 0, 0, 9],
src_port: 1024,
dst_ip: [8, 8, 8, 8],
@ -151,7 +154,8 @@ fn generic_typeck() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
// [3] IPv4 TCP 10.0.0.5:54321 → 10.0.0.1:80 (HTTP)
assert_eq!(
sniff_raw_packets(test_suite[3])?,
PacketInfo::V6 { dns: false,
PacketInfo::V6 {
dns: false,
src_ip: [10, 0, 0, 5],
src_port: 54321,
dst_ip: [10, 0, 0, 1],
@ -163,7 +167,8 @@ fn generic_typeck() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
// [4] IPv4 TCP 172.16.0.1:65535 → 172.16.0.2:8080
assert_eq!(
sniff_raw_packets(test_suite[4])?,
PacketInfo::V6 { dns: false,
PacketInfo::V6 {
dns: false,
src_ip: [172, 16, 0, 1],
src_port: 65535,
dst_ip: [172, 16, 0, 2],
@ -175,7 +180,8 @@ fn generic_typeck() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
// [5] IPv4 TCP IHL=6 10.0.0.1:9090 → 10.0.0.2:22 (requires IHL-based offset)
assert_eq!(
sniff_raw_packets(test_suite[5])?,
PacketInfo::V6 { dns: false,
PacketInfo::V6 {
dns: false,
src_ip: [10, 0, 0, 1],
src_port: 9090,
dst_ip: [10, 0, 0, 2],
@ -187,7 +193,8 @@ fn generic_typeck() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
// [6] IPv4 ICMP (unsupported, "ports" are just ICMP body bytes)
assert_eq!(
sniff_raw_packets(test_suite[6])?,
PacketInfo::V6 { dns: false,
PacketInfo::V6 {
dns: false,
src_ip: [10, 0, 0, 9],
src_port: 2048,
dst_ip: [10, 0, 0, 1],
@ -199,7 +206,8 @@ fn generic_typeck() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
// [7] IPv6 TCP [::1]:4000 → [2606:4700::1]:443
assert_eq!(
sniff_raw_packets(test_suite[7])?,
PacketInfo::V6 { dns: false,
PacketInfo::V6 {
dns: false,
src_ip: [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1],
src_port: 4000,
dst_ip: [0x26, 0x06, 0x47, 0x00, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1],
@ -211,7 +219,8 @@ fn generic_typeck() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
// [8] IPv6 UDP [fd00::9]:1234 → [fd00::1]:53 (requires fixing 17 => UDP)
assert_eq!(
sniff_raw_packets(test_suite[8])?,
PacketInfo::V6 { dns: false,
PacketInfo::V6 {
dns: false,
src_ip: [0xFD, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 9],
src_port: 1234,
dst_ip: [0xFD, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1],
@ -223,7 +232,8 @@ fn generic_typeck() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
// [9] IPv6 ICMPv6 (unsupported, "ports" are ICMPv6 body bytes)
assert_eq!(
sniff_raw_packets(test_suite[9])?,
PacketInfo::V6 { dns: false,
PacketInfo::V6 {
dns: false,
src_ip: [0xFE, 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1],
src_port: 32768,
dst_ip: [0xFF, 0x02, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1],

16
tests/v2ray_geosite.rs
View file

@ -30,7 +30,11 @@ fn get_geosite_service() -> Result<GeoSiteService, Box<dyn std::error::Error>> {
#[test]
fn geosite_service_creation() {
let service = get_geosite_service();
assert!(service.is_ok(), "Failed to create GeoSiteService: {:?}", service.err());
assert!(
service.is_ok(),
"Failed to create GeoSiteService: {:?}",
service.err()
);
}
#[test]
@ -51,7 +55,10 @@ fn lookup_nonexistent_domain() {
};
let result = service.lookup(domain.value.as_str());
assert!(result.is_none(), "Should return none for not existing domain");
assert!(
result.is_none(),
"Should return none for not existing domain"
);
println!("{:?}", result);
}
@ -59,10 +66,7 @@ fn lookup_nonexistent_domain() {
fn geosite_list_not_empty() {
let service = get_geosite_service().expect("Failed to create service");
assert!(
!service.is_empty(),
"GeoSiteList should not be empty"
);
assert!(!service.is_empty(), "GeoSiteList should not be empty");
println!("Loaded {} GeoSite entries", service.len());
}