diff options
| author |  netblue30 <netblue30@protonmail.com> | 2022-01-16 08:53:39 -0500 |
|---|---|---|
| committer | netblue30 <netblue30@protonmail.com> | 2022-01-16 08:53:39 -0500 |
| commit | 281d236835e546a71b96da4045b4998752f89eba (patch) | |
| tree | 08b6bb349dd45ccf225d1fa1f9e875ea4ef0b7ce | |
| parent | Merge pull request #4856 from smitsohu/fildes (diff) | |
| download | firejail-281d236835e546a71b96da4045b4998752f89eba.tar.gz firejail-281d236835e546a71b96da4045b4998752f89eba.tar.zst firejail-281d236835e546a71b96da4045b4998752f89eba.zip | |
more on nettrace
| -rw-r--r-- | src/fnettrace/fnettrace.h | 1 | ||||
| -rw-r--r-- | src/fnettrace/hostnames.c | 12 | ||||
| -rw-r--r-- | src/fnettrace/main.c | 49 | ||||
| -rw-r--r-- | src/fnettrace/radix.c | 104 | ||||
| -rw-r--r-- | src/fnettrace/radix.h | 15 |
5 files changed, 29 insertions, 152 deletions
diff --git a/src/fnettrace/fnettrace.h b/src/fnettrace/fnettrace.h index 50c538a71..59b9618a9 100644 --- a/src/fnettrace/fnettrace.h +++ b/src/fnettrace/fnettrace.h | |||
| @@ -62,6 +62,5 @@ void logprintf(char* fmt, ...); | |||
| 62 | extern int geoip_calls; | 62 | extern int geoip_calls; |
| 63 | void load_hostnames(const char *fname); | 63 | void load_hostnames(const char *fname); |
| 64 | char* retrieve_hostname(uint32_t ip); | 64 | char* retrieve_hostname(uint32_t ip); |
| 65 | void build_list(const char *fname); | ||
| 66 | 65 | ||
| 67 | #endif \ No newline at end of file | 66 | #endif \ No newline at end of file |
diff --git a/src/fnettrace/hostnames.c b/src/fnettrace/hostnames.c index 5422166e6..dd92070bf 100644 --- a/src/fnettrace/hostnames.c +++ b/src/fnettrace/hostnames.c | |||
| @@ -29,7 +29,7 @@ char *retrieve_hostname(uint32_t ip) { | |||
| 29 | if (geoip_not_found) | 29 | if (geoip_not_found) |
| 30 | return NULL; | 30 | return NULL; |
| 31 | geoip_calls++; | 31 | geoip_calls++; |
| 32 | 32 | ||
| 33 | char *rv = NULL; | 33 | char *rv = NULL; |
| 34 | char *cmd; | 34 | char *cmd; |
| 35 | if (asprintf(&cmd, "/usr/bin/geoiplookup %d.%d.%d.%d", PRINT_IP(ip)) == -1) | 35 | if (asprintf(&cmd, "/usr/bin/geoiplookup %d.%d.%d.%d", PRINT_IP(ip)) == -1) |
| @@ -46,7 +46,7 @@ char *retrieve_hostname(uint32_t ip) { | |||
| 46 | ptr = buf + 22; | 46 | ptr = buf + 22; |
| 47 | if (*ptr == ' ' && *(ptr + 3) == ',' && *(ptr + 4) == ' ') { | 47 | if (*ptr == ' ' && *(ptr + 3) == ',' && *(ptr + 4) == ' ') { |
| 48 | rv = ptr + 5; | 48 | rv = ptr + 5; |
| 49 | radix_add(ip, 0xffffffff, ptr + 5); | 49 | rv = radix_add(ip, 0xffffffff, rv); |
| 50 | } | 50 | } |
| 51 | } | 51 | } |
| 52 | } | 52 | } |
| @@ -55,7 +55,7 @@ char *retrieve_hostname(uint32_t ip) { | |||
| 55 | } | 55 | } |
| 56 | else | 56 | else |
| 57 | geoip_not_found = 1; | 57 | geoip_not_found = 1; |
| 58 | 58 | ||
| 59 | free(cmd); | 59 | free(cmd); |
| 60 | 60 | ||
| 61 | return NULL; | 61 | return NULL; |
| @@ -122,9 +122,3 @@ errexit: | |||
| 122 | exit(1); | 122 | exit(1); |
| 123 | } | 123 | } |
| 124 | 124 | ||
| 125 | void build_list(const char *fname) { | ||
| 126 | assert(fname); | ||
| 127 | load_hostnames(fname); | ||
| 128 | radix_build_list(); | ||
| 129 | } | ||
| 130 | |||
diff --git a/src/fnettrace/main.c b/src/fnettrace/main.c index 352d61bbd..d5772328c 100644 --- a/src/fnettrace/main.c +++ b/src/fnettrace/main.c | |||
| @@ -29,7 +29,6 @@ typedef struct hnode_t { | |||
| 29 | struct hnode_t *hnext; // used for hash table | 29 | struct hnode_t *hnext; // used for hash table |
| 30 | struct hnode_t *dnext; // used to display stremas on the screen | 30 | struct hnode_t *dnext; // used to display stremas on the screen |
| 31 | uint32_t ip_src; | 31 | uint32_t ip_src; |
| 32 | uint32_t ip_dst; | ||
| 33 | uint32_t bytes; // number of bytes received in the last display interval | 32 | uint32_t bytes; // number of bytes received in the last display interval |
| 34 | uint16_t port_src; | 33 | uint16_t port_src; |
| 35 | uint8_t protocol; | 34 | uint8_t protocol; |
| @@ -46,7 +45,7 @@ HNode *htable[HMAX] = {NULL}; | |||
| 46 | // display linked list | 45 | // display linked list |
| 47 | HNode *dlist = NULL; | 46 | HNode *dlist = NULL; |
| 48 | 47 | ||
| 49 | static void hnode_add(uint32_t ip_src, uint32_t ip_dst, uint8_t protocol, uint16_t port_src, uint32_t bytes) { | 48 | static void hnode_add(uint32_t ip_src, uint8_t protocol, uint16_t port_src, uint32_t bytes) { |
| 50 | uint8_t h = hash(ip_src); | 49 | uint8_t h = hash(ip_src); |
| 51 | 50 | ||
| 52 | // find | 51 | // find |
| @@ -55,7 +54,7 @@ static void hnode_add(uint32_t ip_src, uint32_t ip_dst, uint8_t protocol, uint16 | |||
| 55 | while (ptr) { | 54 | while (ptr) { |
| 56 | if (ptr->ip_src == ip_src) { | 55 | if (ptr->ip_src == ip_src) { |
| 57 | ip_instance++; | 56 | ip_instance++; |
| 58 | if (ptr->ip_dst == ip_dst && ptr->port_src == port_src && ptr->protocol == protocol) { | 57 | if (ptr->port_src == port_src && ptr->protocol == protocol) { |
| 59 | ptr->bytes += bytes; | 58 | ptr->bytes += bytes; |
| 60 | return; | 59 | return; |
| 61 | } | 60 | } |
| @@ -71,7 +70,6 @@ static void hnode_add(uint32_t ip_src, uint32_t ip_dst, uint8_t protocol, uint16 | |||
| 71 | errExit("malloc"); | 70 | errExit("malloc"); |
| 72 | hnew->hostname = NULL; | 71 | hnew->hostname = NULL; |
| 73 | hnew->ip_src = ip_src; | 72 | hnew->ip_src = ip_src; |
| 74 | hnew->ip_dst = ip_dst; | ||
| 75 | hnew->port_src = port_src; | 73 | hnew->port_src = port_src; |
| 76 | hnew->protocol = protocol; | 74 | hnew->protocol = protocol; |
| 77 | hnew->hnext = NULL; | 75 | hnew->hnext = NULL; |
| @@ -119,8 +117,6 @@ static void hnode_free(HNode *elem) { | |||
| 119 | htable[h] = elem->hnext; | 117 | htable[h] = elem->hnext; |
| 120 | else | 118 | else |
| 121 | prev->hnext = elem->hnext; | 119 | prev->hnext = elem->hnext; |
| 122 | if (elem->hostname) | ||
| 123 | free(elem->hostname); | ||
| 124 | free(elem); | 120 | free(elem); |
| 125 | } | 121 | } |
| 126 | 122 | ||
| @@ -245,18 +241,12 @@ static void hnode_print(unsigned bw) { | |||
| 245 | else | 241 | else |
| 246 | snprintf(bytes, 11, "%u B/s ", (unsigned) (ptr->bytes / DISPLAY_INTERVAL)); | 242 | snprintf(bytes, 11, "%u B/s ", (unsigned) (ptr->bytes / DISPLAY_INTERVAL)); |
| 247 | 243 | ||
| 248 | char *hostname = ptr->hostname; | 244 | if (!ptr->hostname) |
| 249 | if (!hostname) | 245 | ptr->hostname = radix_longest_prefix_match(ptr->ip_src); |
| 250 | hostname = radix_find_last(ptr->ip_src); | 246 | if (!ptr->hostname) |
| 251 | if (!hostname) | 247 | ptr->hostname = retrieve_hostname(ptr->ip_src); |
| 252 | hostname = retrieve_hostname(ptr->ip_src); | 248 | if (!ptr->hostname) |
| 253 | if (!hostname) | 249 | ptr->hostname = " "; |
| 254 | hostname = " "; | ||
| 255 | else { | ||
| 256 | ptr->hostname = strdup(hostname); | ||
| 257 | if (!ptr->hostname) | ||
| 258 | errExit("strdup"); | ||
| 259 | } | ||
| 260 | 250 | ||
| 261 | unsigned bwunit = bw / DISPLAY_BW_UNITS; | 251 | unsigned bwunit = bw / DISPLAY_BW_UNITS; |
| 262 | char *bwline; | 252 | char *bwline; |
| @@ -274,13 +264,13 @@ static void hnode_print(unsigned bw) { | |||
| 274 | protocol = "(UDP)"; | 264 | protocol = "(UDP)"; |
| 275 | /* | 265 | /* |
| 276 | else (ptr->port_src == 443) | 266 | else (ptr->port_src == 443) |
| 277 | protocol = "SSL"; | 267 | protocol = "TLS"; |
| 278 | else if (ptr->port_src == 53) | 268 | else if (ptr->port_src == 53) |
| 279 | protocol = "DNS"; | 269 | protocol = "DNS"; |
| 280 | */ | 270 | */ |
| 281 | 271 | ||
| 282 | len = snprintf(line, LINE_MAX, "%10s %s %d.%d.%d.%d:%u%s %s\n", | 272 | len = snprintf(line, LINE_MAX, "%10s %s %d.%d.%d.%d:%u%s %s\n", |
| 283 | bytes, bwline, PRINT_IP(ptr->ip_src), ptr->port_src, protocol, hostname); | 273 | bytes, bwline, PRINT_IP(ptr->ip_src), ptr->port_src, protocol, ptr->hostname); |
| 284 | adjust_line(line, len, cols); | 274 | adjust_line(line, len, cols); |
| 285 | printf("%s", line); | 275 | printf("%s", line); |
| 286 | 276 | ||
| @@ -360,16 +350,12 @@ static void run_trace(void) { | |||
| 360 | memcpy(&ip_src, buf + 12, 4); | 350 | memcpy(&ip_src, buf + 12, 4); |
| 361 | ip_src = ntohl(ip_src); | 351 | ip_src = ntohl(ip_src); |
| 362 | 352 | ||
| 363 | uint32_t ip_dst; | ||
| 364 | memcpy(&ip_dst, buf + 16, 4); | ||
| 365 | ip_dst = ntohl(ip_dst); | ||
| 366 | |||
| 367 | uint8_t hlen = (buf[0] & 0x0f) * 4; | 353 | uint8_t hlen = (buf[0] & 0x0f) * 4; |
| 368 | uint16_t port_src; | 354 | uint16_t port_src; |
| 369 | memcpy(&port_src, buf + hlen, 2); | 355 | memcpy(&port_src, buf + hlen, 2); |
| 370 | port_src = ntohs(port_src); | 356 | port_src = ntohs(port_src); |
| 371 | 357 | ||
| 372 | hnode_add(ip_src, ip_dst, buf[9], port_src, bytes + 14); | 358 | hnode_add(ip_src, buf[9], port_src, bytes + 14); |
| 373 | } | 359 | } |
| 374 | } | 360 | } |
| 375 | } | 361 | } |
| @@ -537,7 +523,6 @@ void logprintf(char* fmt, ...) { | |||
| 537 | static void usage(void) { | 523 | static void usage(void) { |
| 538 | printf("Usage: fnetlock [OPTIONS]\n"); | 524 | printf("Usage: fnetlock [OPTIONS]\n"); |
| 539 | printf("Options:\n"); | 525 | printf("Options:\n"); |
| 540 | printf(" --build=filename - compact list of addresses\n"); | ||
| 541 | printf(" --help, -? - this help screen\n"); | 526 | printf(" --help, -? - this help screen\n"); |
| 542 | printf(" --log=filename - netlocker logfile\n"); | 527 | printf(" --log=filename - netlocker logfile\n"); |
| 543 | printf(" --netfilter - build the firewall rules and commit them.\n"); | 528 | printf(" --netfilter - build the firewall rules and commit them.\n"); |
| @@ -552,21 +537,15 @@ int main(int argc, char **argv) { | |||
| 552 | radix_add(0x09000000, 0xff000000, "IBM"); | 537 | radix_add(0x09000000, 0xff000000, "IBM"); |
| 553 | radix_add(0x09090909, 0xffffffff, "Quad9 DNS"); | 538 | radix_add(0x09090909, 0xffffffff, "Quad9 DNS"); |
| 554 | radix_add(0x09000000, 0xff000000, "IBM"); | 539 | radix_add(0x09000000, 0xff000000, "IBM"); |
| 555 | radix_print(); | ||
| 556 | printf("This test should print \"IBM, Quad9 DNS, IBM\"\n"); | 540 | printf("This test should print \"IBM, Quad9 DNS, IBM\"\n"); |
| 557 | char *name = radix_find_first(0x09090909); | 541 | char *name = radix_longest_prefix_match(0x09040404); |
| 558 | printf("%s, ", name); | 542 | printf("%s, ", name); |
| 559 | name = radix_find_last(0x09090909); | 543 | name = radix_longest_prefix_match(0x09090909); |
| 560 | printf("%s, ", name); | 544 | printf("%s, ", name); |
| 561 | name = radix_find_last(0x09322209); | 545 | name = radix_longest_prefix_match(0x09322209); |
| 562 | printf("%s\n", name); | 546 | printf("%s\n", name); |
| 563 | #endif | 547 | #endif |
| 564 | 548 | ||
| 565 | if (argc == 2 && strncmp(argv[1], "--build=", 8) == 0) { | ||
| 566 | build_list(argv[1] + 8); | ||
| 567 | return 0; | ||
| 568 | } | ||
| 569 | |||
| 570 | if (getuid() != 0) { | 549 | if (getuid() != 0) { |
| 571 | fprintf(stderr, "Error: you need to be root to run this program\n"); | 550 | fprintf(stderr, "Error: you need to be root to run this program\n"); |
| 572 | return 1; | 551 | return 1; |
diff --git a/src/fnettrace/radix.c b/src/fnettrace/radix.c index 96d6bcf41..c800c8708 100644 --- a/src/fnettrace/radix.c +++ b/src/fnettrace/radix.c | |||
| @@ -25,6 +25,12 @@ | |||
| 25 | #include "radix.h" | 25 | #include "radix.h" |
| 26 | #include "fnettrace.h" | 26 | #include "fnettrace.h" |
| 27 | 27 | ||
| 28 | typedef struct rnode_t { | ||
| 29 | struct rnode_t *zero; | ||
| 30 | struct rnode_t *one; | ||
| 31 | char *name; | ||
| 32 | } RNode; | ||
| 33 | |||
| 28 | RNode *head = 0; | 34 | RNode *head = 0; |
| 29 | int radix_nodes = 0; | 35 | int radix_nodes = 0; |
| 30 | 36 | ||
| @@ -35,10 +41,7 @@ static inline RNode *addOne(RNode *ptr, uint32_t ip, uint32_t mask, char *name) | |||
| 35 | RNode *node = malloc(sizeof(RNode)); | 41 | RNode *node = malloc(sizeof(RNode)); |
| 36 | if (!node) | 42 | if (!node) |
| 37 | errExit("malloc"); | 43 | errExit("malloc"); |
| 38 | radix_nodes++; | ||
| 39 | memset(node, 0, sizeof(RNode)); | 44 | memset(node, 0, sizeof(RNode)); |
| 40 | node->ip = ip; | ||
| 41 | node->mask = mask; | ||
| 42 | if (name) { | 45 | if (name) { |
| 43 | node->name = strdup(name); | 46 | node->name = strdup(name); |
| 44 | if (!node->name) | 47 | if (!node->name) |
| @@ -57,8 +60,6 @@ static inline RNode *addZero(RNode *ptr, uint32_t ip, uint32_t mask, char *name) | |||
| 57 | if (!node) | 60 | if (!node) |
| 58 | errExit("malloc"); | 61 | errExit("malloc"); |
| 59 | memset(node, 0, sizeof(RNode)); | 62 | memset(node, 0, sizeof(RNode)); |
| 60 | node->ip = ip; | ||
| 61 | node->mask = mask; | ||
| 62 | if (name) { | 63 | if (name) { |
| 63 | node->name = strdup(name); | 64 | node->name = strdup(name); |
| 64 | if (!node->name) | 65 | if (!node->name) |
| @@ -71,7 +72,7 @@ static inline RNode *addZero(RNode *ptr, uint32_t ip, uint32_t mask, char *name) | |||
| 71 | 72 | ||
| 72 | 73 | ||
| 73 | // add to radix tree | 74 | // add to radix tree |
| 74 | void radix_add(uint32_t ip, uint32_t mask, char *name) { | 75 | char *radix_add(uint32_t ip, uint32_t mask, char *name) { |
| 75 | assert(name); | 76 | assert(name); |
| 76 | uint32_t m = 0x80000000; | 77 | uint32_t m = 0x80000000; |
| 77 | uint32_t lastm = 0; | 78 | uint32_t lastm = 0; |
| @@ -80,6 +81,7 @@ void radix_add(uint32_t ip, uint32_t mask, char *name) { | |||
| 80 | memset(head, 0, sizeof(RNode)); | 81 | memset(head, 0, sizeof(RNode)); |
| 81 | } | 82 | } |
| 82 | RNode *ptr = head; | 83 | RNode *ptr = head; |
| 84 | radix_nodes++; | ||
| 83 | 85 | ||
| 84 | int i; | 86 | int i; |
| 85 | for (i = 0; i < 32; i++, m >>= 1) { | 87 | for (i = 0; i < 32; i++, m >>= 1) { |
| @@ -99,32 +101,12 @@ void radix_add(uint32_t ip, uint32_t mask, char *name) { | |||
| 99 | if (!ptr->name) | 101 | if (!ptr->name) |
| 100 | errExit("strdup"); | 102 | errExit("strdup"); |
| 101 | } | 103 | } |
| 102 | } | ||
| 103 | |||
| 104 | // find first match | ||
| 105 | char *radix_find_first(uint32_t ip) { | ||
| 106 | if (!head) | ||
| 107 | return NULL; | ||
| 108 | 104 | ||
| 109 | uint32_t m = 0x80000000; | 105 | return ptr->name; |
| 110 | RNode *ptr = head; | ||
| 111 | |||
| 112 | int i; | ||
| 113 | for (i = 0; i < 32; i++, m >>= 1) { | ||
| 114 | if (m & ip) | ||
| 115 | ptr = ptr->one; | ||
| 116 | else | ||
| 117 | ptr = ptr->zero; | ||
| 118 | if (!ptr) | ||
| 119 | return NULL; | ||
| 120 | if (ptr->name) | ||
| 121 | return ptr->name; | ||
| 122 | } | ||
| 123 | return NULL; | ||
| 124 | } | 106 | } |
| 125 | 107 | ||
| 126 | // find last match | 108 | // find last match |
| 127 | char *radix_find_last(uint32_t ip) { | 109 | char *radix_longest_prefix_match(uint32_t ip) { |
| 128 | if (!head) | 110 | if (!head) |
| 129 | return NULL; | 111 | return NULL; |
| 130 | 112 | ||
| @@ -147,69 +129,3 @@ char *radix_find_last(uint32_t ip) { | |||
| 147 | return (rv)? rv->name: NULL; | 129 | return (rv)? rv->name: NULL; |
| 148 | } | 130 | } |
| 149 | 131 | ||
| 150 | static void radix_print_node(RNode *ptr, int level) { | ||
| 151 | assert(ptr); | ||
| 152 | |||
| 153 | int i; | ||
| 154 | for (i = 0; i < level; i++) | ||
| 155 | printf(" "); | ||
| 156 | printf("%08x %08x", ptr->ip, ptr->mask); | ||
| 157 | if (ptr->name) | ||
| 158 | printf(" (%s)\n", ptr->name); | ||
| 159 | else | ||
| 160 | printf(" (NULL)\n"); | ||
| 161 | |||
| 162 | if (ptr->zero) | ||
| 163 | radix_print_node(ptr->zero, level + 1); | ||
| 164 | if (ptr->one) | ||
| 165 | radix_print_node(ptr->one, level + 1); | ||
| 166 | } | ||
| 167 | |||
| 168 | void radix_print(void) { | ||
| 169 | if (!head) { | ||
| 170 | printf("radix tree is empty\n"); | ||
| 171 | return; | ||
| 172 | } | ||
| 173 | |||
| 174 | printf("radix IPv4 tree\n"); | ||
| 175 | radix_print_node(head, 0); | ||
| 176 | } | ||
| 177 | |||
| 178 | |||
| 179 | static inline int mask2cidr(uint32_t mask) { | ||
| 180 | uint32_t m = 0x80000000; | ||
| 181 | int i; | ||
| 182 | int cnt = 0; | ||
| 183 | for (i = 0; i < 32; i++, m = m >> 1) { | ||
| 184 | if (mask & m) | ||
| 185 | cnt++; | ||
| 186 | } | ||
| 187 | |||
| 188 | return cnt; | ||
| 189 | } | ||
| 190 | |||
| 191 | static void radix_build_list_node(RNode *ptr) { | ||
| 192 | assert(ptr); | ||
| 193 | |||
| 194 | |||
| 195 | if (ptr->name) { | ||
| 196 | printf("%d.%d.%d.%d/%d %s\n", PRINT_IP(ptr->ip), mask2cidr(ptr->mask), ptr->name); | ||
| 197 | return; | ||
| 198 | } | ||
| 199 | else { | ||
| 200 | if (ptr->zero) | ||
| 201 | radix_build_list_node(ptr->zero); | ||
| 202 | if (ptr->one) | ||
| 203 | radix_build_list_node(ptr->one); | ||
| 204 | } | ||
| 205 | } | ||
| 206 | |||
| 207 | void radix_build_list(void) { | ||
| 208 | if (!head) { | ||
| 209 | printf("radix tree is empty\n"); | ||
| 210 | return; | ||
| 211 | } | ||
| 212 | |||
| 213 | radix_build_list_node(head); | ||
| 214 | } | ||
| 215 | |||
diff --git a/src/fnettrace/radix.h b/src/fnettrace/radix.h index ed7ae0cb7..c22c5c547 100644 --- a/src/fnettrace/radix.h +++ b/src/fnettrace/radix.h | |||
| @@ -20,19 +20,8 @@ | |||
| 20 | #ifndef RADIX_H | 20 | #ifndef RADIX_H |
| 21 | #define RADIX_H | 21 | #define RADIX_H |
| 22 | 22 | ||
| 23 | typedef struct rnode_t { | ||
| 24 | struct rnode_t *zero; | ||
| 25 | struct rnode_t *one; | ||
| 26 | uint32_t ip; | ||
| 27 | uint32_t mask; | ||
| 28 | char *name; | ||
| 29 | } RNode; | ||
| 30 | |||
| 31 | extern int radix_nodes; | 23 | extern int radix_nodes; |
| 32 | char *radix_find_first(uint32_t ip); | 24 | char *radix_longest_prefix_match(uint32_t ip); |
| 33 | char *radix_find_last(uint32_t ip); | 25 | char *radix_add(uint32_t ip, uint32_t mask, char *name); |
| 34 | void radix_add(uint32_t ip, uint32_t mask, char *name); | ||
| 35 | void radix_print(void); | ||
| 36 | void radix_build_list(void); | ||
| 37 | 26 | ||
| 38 | #endif \ No newline at end of file | 27 | #endif \ No newline at end of file |