diff options
author | netblue30 <netblue30@protonmail.com> | 2023-07-23 10:30:50 -0400 |
---|---|---|
committer | netblue30 <netblue30@protonmail.com> | 2023-07-23 10:30:50 -0400 |
commit | b093b66047241896330e09ef7faa981a77cf9e1c (patch) | |
tree | 7ef4981c748ac07eb7dbfeff107ee62378ba076e | |
parent | contrib/syntax: run make syntax (diff) | |
download | firejail-b093b66047241896330e09ef7faa981a77cf9e1c.tar.gz firejail-b093b66047241896330e09ef7faa981a77cf9e1c.tar.zst firejail-b093b66047241896330e09ef7faa981a77cf9e1c.zip |
fnettrace: trace ICPM ECHO (ping) traffic
-rw-r--r-- | src/fnettrace/main.c | 19 | ||||
-rw-r--r-- | src/fnettrace/static-ip-map.txt | 68 |
2 files changed, 66 insertions, 21 deletions
diff --git a/src/fnettrace/main.c b/src/fnettrace/main.c index 932afff61..c996adb19 100644 --- a/src/fnettrace/main.c +++ b/src/fnettrace/main.c | |||
@@ -30,7 +30,7 @@ static int arg_tail = 0; | |||
30 | static char *arg_log = NULL; | 30 | static char *arg_log = NULL; |
31 | 31 | ||
32 | uint32_t stats_pkts = 0; | 32 | uint32_t stats_pkts = 0; |
33 | uint32_t stats_icmp = 0; | 33 | uint32_t stats_icmp_echo = 0; |
34 | uint32_t stats_dns = 0; | 34 | uint32_t stats_dns = 0; |
35 | 35 | ||
36 | 36 | ||
@@ -291,7 +291,7 @@ static inline const char *common_port(uint16_t port) { | |||
291 | } | 291 | } |
292 | 292 | ||
293 | if (port <= 194) { | 293 | if (port <= 194) { |
294 | PortType *ptr =&ports[0]; | 294 | PortType *ptr = &ports[0]; |
295 | while(ptr->service != NULL) { | 295 | while(ptr->service != NULL) { |
296 | if (ptr->port == port) | 296 | if (ptr->port == port) |
297 | return ptr->service; | 297 | return ptr->service; |
@@ -440,10 +440,9 @@ static void hnode_print(unsigned bw) { | |||
440 | 440 | ||
441 | 441 | ||
442 | void print_stats(void) { | 442 | void print_stats(void) { |
443 | printf("\nIP table: %d entries, %d unknown\n", radix_nodes, geoip_calls); | 443 | printf("\nIP table: %d entries - address network (packets)\n", radix_nodes); |
444 | printf(" address network (packets)\n"); | ||
445 | radix_print(1); | 444 | radix_print(1); |
446 | printf("Packets: %u total, ICMP %u, DNS %u\n", stats_pkts, stats_icmp, stats_dns); | 445 | printf("Packets: %u total, PING %u, DNS %u\n", stats_pkts, stats_icmp_echo, stats_dns); |
447 | } | 446 | } |
448 | 447 | ||
449 | // trace rx traffic coming in | 448 | // trace rx traffic coming in |
@@ -557,9 +556,11 @@ static void run_trace(void) { | |||
557 | 556 | ||
558 | // stats | 557 | // stats |
559 | stats_pkts++; | 558 | stats_pkts++; |
560 | if (icmp) | 559 | if (icmp) { |
561 | stats_icmp++; | 560 | if (*(buf + hlen) == 0 || *(buf + hlen) == 8) |
562 | if (port_src == 53) | 561 | stats_icmp_echo++; |
562 | } | ||
563 | else if (port_src == 53) | ||
563 | stats_dns++; | 564 | stats_dns++; |
564 | 565 | ||
565 | } | 566 | } |
@@ -775,7 +776,7 @@ int main(int argc, char **argv) { | |||
775 | return 0; | 776 | return 0; |
776 | } | 777 | } |
777 | else if (strncmp(argv[i], "--squash-map=", 13) == 0) { | 778 | else if (strncmp(argv[i], "--squash-map=", 13) == 0) { |
778 | if (i !=(argc - 1)) { | 779 | if (i != (argc - 1)) { |
779 | fprintf(stderr, "Error: please provide a map file\n"); | 780 | fprintf(stderr, "Error: please provide a map file\n"); |
780 | return 1; | 781 | return 1; |
781 | } | 782 | } |
diff --git a/src/fnettrace/static-ip-map.txt b/src/fnettrace/static-ip-map.txt index 756658562..1f799fd2c 100644 --- a/src/fnettrace/static-ip-map.txt +++ b/src/fnettrace/static-ip-map.txt | |||
@@ -86,15 +86,41 @@ | |||
86 | 4.2.2.4/32 Level3 DNS | 86 | 4.2.2.4/32 Level3 DNS |
87 | 8.8.4.0/24 Google DNS | 87 | 8.8.4.0/24 Google DNS |
88 | 8.8.8.0/24 Google DNS | 88 | 8.8.8.0/24 Google DNS |
89 | 8.20.247.20 Comodo DNS | ||
90 | 8.26.56.26 Comodo DNS | ||
89 | 9.9.9.0/24 Quad9 DNS | 91 | 9.9.9.0/24 Quad9 DNS |
90 | 45.90.28.0/22 NextDNS | 92 | 45.90.28.0/22 NextDNS |
93 | 45.11.45.0/24 DNS-SB | ||
94 | 64.6.64.6/32 Neustar DNS | ||
95 | 64.6.65.6/32 Neustar DNS | ||
96 | 69.197.138.24/29 BitChute | ||
97 | 74.82.42.42/32 Hurricane Electric DNS | ||
98 | 76.76.2.0/24 ControlD DNS | ||
99 | 76.76.10.0/24 ControlD DNS | ||
100 | 76.76.19.0/24 Alternate DNS | ||
101 | 76.223.122.150/32 Alternate DNS | ||
102 | 77.88.8.8/32 Yandex DNS | ||
103 | 77.88.8.1/32 Yandex DNS | ||
104 | 80.80.80.0/24 Freenom DNS Cloud | ||
105 | 80.80.81.0/24 Freenom DNS Cloud | ||
106 | 84.200.69.80/32 DSN Watch | ||
107 | 84.200.70.40/32 DNS Watch | ||
91 | 94.140.14.0/23 Adguard DNS | 108 | 94.140.14.0/23 Adguard DNS |
92 | 149.112.112.0/24 Quad9 DNS | 109 | 149.112.112.0/24 Quad9 DNS |
93 | 149.112.120.0/21 CIRA DNS Canada | 110 | 149.112.120.0/21 CIRA DNS Canada |
94 | 146.255.56.96/29 Applied Privacy | 111 | 146.255.56.96/29 Applied Privacy |
95 | 176.103.128.0/19 Adguard DNS | 112 | 176.103.128.0/19 Adguard DNS |
113 | 185.222.222.0/24 DNS-SB | ||
96 | 185.228.168.0/24 Cleanbrowsing DNS | 114 | 185.228.168.0/24 Cleanbrowsing DNS |
115 | 185.236.104.0/24 FlashStart DNS | ||
116 | 185.236.105.0/24 FlashStart DNS | ||
117 | 185.253.5.0/24 NextDNS | ||
118 | 193.110.81.0/24 NextDNS | ||
119 | 205.171.3.66/32 CentyrLink DNS | ||
120 | 205.171.202.166/32 CentyrLink DNS | ||
97 | 208.67.216.0/21 OpenDNS | 121 | 208.67.216.0/21 OpenDNS |
122 | 216.146.35.35/32 Dyn DNS | ||
123 | 216.146.36.36/32 Dyn DNS | ||
98 | 124 | ||
99 | # whois | 125 | # whois |
100 | 192.0.32.0/20 ICANN | 126 | 192.0.32.0/20 ICANN |
@@ -106,6 +132,7 @@ | |||
106 | 199.212.0.0/24 whois.arin.net US | 132 | 199.212.0.0/24 whois.arin.net US |
107 | 200.3.12.0/22 whois.lacnic.net Uruguay | 133 | 200.3.12.0/22 whois.lacnic.net Uruguay |
108 | 201.159.220.0/22 whois.lacnic.net Ecuador | 134 | 201.159.220.0/22 whois.lacnic.net Ecuador |
135 | 203.119.100.0/22 apnic.net Australia | ||
109 | 136 | ||
110 | # some popular websites | 137 | # some popular websites |
111 | 5.255.255.0/24 Yandex | 138 | 5.255.255.0/24 Yandex |
@@ -132,9 +159,14 @@ | |||
132 | 66.211.168.0/22 PayPal | 159 | 66.211.168.0/22 PayPal |
133 | 66.211.172.0/22 eBay | 160 | 66.211.172.0/22 eBay |
134 | 66.211.176.0/20 eBay | 161 | 66.211.176.0/20 eBay |
162 | 66.218.64.0/19 Yahoo | ||
135 | 66.220.144.0/20 Facebook | 163 | 66.220.144.0/20 Facebook |
164 | 69.30.200.200/29 BitChute | ||
136 | 69.53.224.0/19 Netflix | 165 | 69.53.224.0/19 Netflix |
137 | 69.171.224.0/19 Facebook | 166 | 69.171.224.0/19 Facebook |
167 | 69.197.182.184/29 BitChute | ||
168 | 74.6.0.0/16 Yahoo | ||
169 | 74.91.29.208/29 BitChute | ||
138 | 87.250.254.0/24 Yandex | 170 | 87.250.254.0/24 Yandex |
139 | 91.105.192.0/23 Telegram | 171 | 91.105.192.0/23 Telegram |
140 | 91.108.4.0/22 Telegram | 172 | 91.108.4.0/22 Telegram |
@@ -147,14 +179,20 @@ | |||
147 | 91.189.94.0/24 Ubuntu One | 179 | 91.189.94.0/24 Ubuntu One |
148 | 95.161.64.0/20 Telegram | 180 | 95.161.64.0/20 Telegram |
149 | 99.181.64.0/18 Twitch | 181 | 99.181.64.0/18 Twitch |
150 | 103.53.48.0/23 Twitch | ||
151 | 104.244.40.0/21 Twitter | ||
152 | 103.10.124.0/23 Steam | 182 | 103.10.124.0/23 Steam |
153 | 103.28.54.0/24 Steam | 183 | 103.28.54.0/24 Steam |
184 | 103.53.48.0/23 Twitch | ||
185 | 104.244.40.0/21 Twitter | ||
186 | 107.150.32.0/19 BitChute | ||
187 | 107.150.35.192/29 BitChute | ||
188 | 107.150.45.120/29 BitChute | ||
154 | 108.160.160.0/20 Dropbox | 189 | 108.160.160.0/20 Dropbox |
155 | 108.175.32.0/20 Netflix | 190 | 108.175.32.0/20 Netflix |
156 | 129.134.0.0/16 Facebook | 191 | 129.134.0.0/16 Facebook |
157 | 140.82.112.0/20 GitHub | 192 | 140.82.112.0/20 GitHub |
193 | 142.54.180.104/29 BitChute | ||
194 | 142.54.181.184/29 BitChute | ||
195 | 142.54.189.192/29 BitChute | ||
158 | 143.55.64.0/20 Github | 196 | 143.55.64.0/20 Github |
159 | 146.66.152.0/24 Steam | 197 | 146.66.152.0/24 Steam |
160 | 146.66.155.0/24 Steam | 198 | 146.66.155.0/24 Steam |
@@ -174,6 +212,9 @@ | |||
174 | 162.213.32.0/22 Ubuntu One | 212 | 162.213.32.0/22 Ubuntu One |
175 | 162.254.192.0/21 Steam | 213 | 162.254.192.0/21 Steam |
176 | 172.98.56.0/22 Rumble | 214 | 172.98.56.0/22 Rumble |
215 | 173.208.154.8/29 BitChute | ||
216 | 173.208.185.200/29 BitChute | ||
217 | 173.208.219.112/29 BitChute | ||
177 | 178.154.131.0/24 Yandex | 218 | 178.154.131.0/24 Yandex |
178 | 185.2.220.0/22 Netflix | 219 | 185.2.220.0/22 Netflix |
179 | 185.9.188.0/22 Netflix | 220 | 185.9.188.0/22 Netflix |
@@ -195,22 +236,30 @@ | |||
195 | 192.69.96.0/22 Steam | 236 | 192.69.96.0/22 Steam |
196 | 192.108.239.0/24 Twitch | 237 | 192.108.239.0/24 Twitch |
197 | 192.173.64.0/18 Netflix | 238 | 192.173.64.0/18 Netflix |
239 | 192.187.97.88/29 BitChute | ||
240 | 192.187.123.112/29 BitChute | ||
198 | 192.189.200.0/23 Dropbox | 241 | 192.189.200.0/23 Dropbox |
199 | 194.169.254.0/24 Ubuntu One | 242 | 194.169.254.0/24 Ubuntu One |
200 | 198.38.96.0/19 Netflix | 243 | 198.38.96.0/19 Netflix |
201 | 198.45.48.0/20 Netflix | 244 | 198.45.48.0/20 Netflix |
245 | 198.204.226.120/29 BitChute | ||
246 | 198.204.245.88/29 BitChute | ||
247 | 198.252.206.0/24 Stack Exchange | ||
202 | 199.9.248.0/21 Twitch | 248 | 199.9.248.0/21 Twitch |
203 | 199.16.156.0/22 Twitter | 249 | 199.16.156.0/22 Twitter |
204 | 199.59.148.0/22 Twitter | 250 | 199.59.148.0/22 Twitter |
205 | 199.168.96.24/29 BitChute | 251 | 199.168.96.24/29 BitChute |
252 | 204.12.194.176/29 BitChute | ||
206 | 205.185.194.0/24 Steam | 253 | 205.185.194.0/24 Steam |
207 | 205.196.6.0/24 Steam | 254 | 205.196.6.0/24 Steam |
208 | 207.45.72.0/22 Netflix | 255 | 207.45.72.0/22 Netflix |
209 | 207.241.224.0/20 Internet Archive | 256 | 207.241.224.0/20 Internet Archive |
257 | 208.82.236.0/22 Creiglist | ||
210 | 208.64.200.0/22 Steam | 258 | 208.64.200.0/22 Steam |
211 | 208.75.76.0/22 Netflix | 259 | 208.75.76.0/22 Netflix |
212 | 208.78.164.0/22 Steam | 260 | 208.78.164.0/22 Steam |
213 | 208.80.152.0/22 Wikipedia | 261 | 208.80.152.0/22 Wikipedia |
262 | 208.110.68.56/29 BitChute | ||
214 | 209.140.128.0/18 eBay | 263 | 209.140.128.0/18 eBay |
215 | 264 | ||
216 | # Imperva | 265 | # Imperva |
@@ -261,15 +310,6 @@ | |||
261 | 205.224.0.0/14 Level 3 | 310 | 205.224.0.0/14 Level 3 |
262 | 209.244.0.0/14 Level 3 | 311 | 209.244.0.0/14 Level 3 |
263 | 312 | ||
264 | # WholeSale Internet | ||
265 | 69.30.192.0/18 WholeSale Internet | ||
266 | 69.197.128.0/18 WholeSale Internet | ||
267 | 173.208.128.0/17 WholeSale Internet | ||
268 | 204.12.192.0/18 WholeSale Internet | ||
269 | 208.67.0.0/21 WholeSale Internet | ||
270 | 208.110.64.0/19 WholeSale Internet | ||
271 | 208.110.91.0/24 WholeSale Internet | ||
272 | |||
273 | # StackPath | 313 | # StackPath |
274 | 69.16.173.0/24 StackPath | 314 | 69.16.173.0/24 StackPath |
275 | 69.16.174.0/23 StackPath | 315 | 69.16.174.0/23 StackPath |
@@ -299,6 +339,8 @@ | |||
299 | 205.185.220.0/24 StackPath | 339 | 205.185.220.0/24 StackPath |
300 | 340 | ||
301 | # Linode | 341 | # Linode |
342 | 45.79.0.0/16 Linode | ||
343 | 50.116.0.0/18 Linode | ||
302 | 66.175.208.0/20 Linode | 344 | 66.175.208.0/20 Linode |
303 | 103.29.68.0/22 Linode | 345 | 103.29.68.0/22 Linode |
304 | 104.200.16.0/21 Linode | 346 | 104.200.16.0/21 Linode |
@@ -397,6 +439,7 @@ | |||
397 | 172.105.0.0/19 Linode | 439 | 172.105.0.0/19 Linode |
398 | 172.105.112.0/20 Linode | 440 | 172.105.112.0/20 Linode |
399 | 172.105.128.0/23 Linode | 441 | 172.105.128.0/23 Linode |
442 | 173.255.192.0/18 Linode | ||
400 | 443 | ||
401 | # Akamai | 444 | # Akamai |
402 | 2.16.0.0/13 Akamai | 445 | 2.16.0.0/13 Akamai |
@@ -576,7 +619,7 @@ | |||
576 | 103.21.244.0/22 Cloudflare | 619 | 103.21.244.0/22 Cloudflare |
577 | 103.22.200.0/22 Cloudflare | 620 | 103.22.200.0/22 Cloudflare |
578 | 103.31.4.0/22 Cloudflare | 621 | 103.31.4.0/22 Cloudflare |
579 | 104.16.0.0/13 Cloudflare | 622 | 104.16.0.0/12 Cloudflare |
580 | 104.24.0.0/14 Cloudflare | 623 | 104.24.0.0/14 Cloudflare |
581 | 108.162.192.0/18 Cloudflare | 624 | 108.162.192.0/18 Cloudflare |
582 | 131.0.72.0/22 Cloudflare | 625 | 131.0.72.0/22 Cloudflare |
@@ -684,6 +727,7 @@ | |||
684 | 3.136.0.0/13 Amazon | 727 | 3.136.0.0/13 Amazon |
685 | 3.144.0.0/13 Amazon | 728 | 3.144.0.0/13 Amazon |
686 | 3.152.0.0/13 Amazon | 729 | 3.152.0.0/13 Amazon |
730 | 3.160.0.0/14 Amazon | ||
687 | 3.208.0.0/12 Amazon | 731 | 3.208.0.0/12 Amazon |
688 | 3.224.0.0/12 Amazon | 732 | 3.224.0.0/12 Amazon |
689 | 3.240.0.0/13 Amazon | 733 | 3.240.0.0/13 Amazon |