diff options
author | netblue30 <netblue30@protonmail.com> | 2022-10-25 14:34:17 -0400 |
---|---|---|
committer | netblue30 <netblue30@protonmail.com> | 2022-10-25 14:34:17 -0400 |
commit | c90e2998f6ddb225efba3538f3e06b8a79f2c023 (patch) | |
tree | 3161a24ada741da5a00b78b04c6749d5e9c86d06 /src/fnettrace-dns/main.c | |
parent | fix nolocal netfilter (diff) | |
download | firejail-c90e2998f6ddb225efba3538f3e06b8a79f2c023.tar.gz firejail-c90e2998f6ddb225efba3538f3e06b8a79f2c023.tar.zst firejail-c90e2998f6ddb225efba3538f3e06b8a79f2c023.zip |
nettrace: various fixes
Diffstat (limited to 'src/fnettrace-dns/main.c')
-rw-r--r-- | src/fnettrace-dns/main.c | 33 |
1 files changed, 27 insertions, 6 deletions
diff --git a/src/fnettrace-dns/main.c b/src/fnettrace-dns/main.c index eb2eb7238..32122754f 100644 --- a/src/fnettrace-dns/main.c +++ b/src/fnettrace-dns/main.c | |||
@@ -22,6 +22,8 @@ | |||
22 | #include <time.h> | 22 | #include <time.h> |
23 | #include <linux/filter.h> | 23 | #include <linux/filter.h> |
24 | #include <linux/if_ether.h> | 24 | #include <linux/if_ether.h> |
25 | #include <sys/prctl.h> | ||
26 | #include <signal.h> | ||
25 | #define MAX_BUF_SIZE (64 * 1024) | 27 | #define MAX_BUF_SIZE (64 * 1024) |
26 | 28 | ||
27 | static char last[512] = {'\0'}; | 29 | static char last[512] = {'\0'}; |
@@ -106,6 +108,18 @@ static void custom_bpf(int sock) { | |||
106 | } | 108 | } |
107 | } | 109 | } |
108 | 110 | ||
111 | static void print_date(void) { | ||
112 | static int day = -1; | ||
113 | time_t now = time(NULL); | ||
114 | struct tm *t = localtime(&now); | ||
115 | |||
116 | if (day != t->tm_yday) { | ||
117 | printf("\nDNS trace for %s", ctime(&now)); | ||
118 | day = t->tm_yday; | ||
119 | } | ||
120 | fflush(0); | ||
121 | } | ||
122 | |||
109 | static void run_trace(void) { | 123 | static void run_trace(void) { |
110 | // grab all Ethernet packets and use a custom BPF filter to get only UDP from source port 53 | 124 | // grab all Ethernet packets and use a custom BPF filter to get only UDP from source port 53 |
111 | int s = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL)); | 125 | int s = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL)); |
@@ -113,19 +127,24 @@ static void run_trace(void) { | |||
113 | errExit("socket"); | 127 | errExit("socket"); |
114 | custom_bpf(s); | 128 | custom_bpf(s); |
115 | 129 | ||
130 | struct timeval tv; | ||
131 | tv.tv_sec = 10; | ||
132 | tv.tv_usec = 0; | ||
116 | unsigned char buf[MAX_BUF_SIZE]; | 133 | unsigned char buf[MAX_BUF_SIZE]; |
117 | while (1) { | 134 | while (1) { |
118 | fd_set rfds; | 135 | fd_set rfds; |
119 | FD_ZERO(&rfds); | 136 | FD_ZERO(&rfds); |
120 | FD_SET(s, &rfds); | 137 | FD_SET(s, &rfds); |
121 | struct timeval tv; | ||
122 | tv.tv_sec = 1; | ||
123 | tv.tv_usec = 0; | ||
124 | int rv = select(s + 1, &rfds, NULL, NULL, &tv); | 138 | int rv = select(s + 1, &rfds, NULL, NULL, &tv); |
125 | if (rv < 0) | 139 | if (rv < 0) |
126 | errExit("select"); | 140 | errExit("select"); |
127 | else if (rv == 0) | 141 | else if (rv == 0) { |
142 | print_date(); | ||
143 | tv.tv_sec = 10; | ||
144 | tv.tv_usec = 0; | ||
128 | continue; | 145 | continue; |
146 | } | ||
147 | |||
129 | unsigned bytes = recvfrom(s, buf, MAX_BUF_SIZE, 0, NULL, NULL); | 148 | unsigned bytes = recvfrom(s, buf, MAX_BUF_SIZE, 0, NULL, NULL); |
130 | 149 | ||
131 | if (bytes >= (14 + 20 + 8)) { // size of MAC + IP + UDP headers | 150 | if (bytes >= (14 + 20 + 8)) { // size of MAC + IP + UDP headers |
@@ -174,8 +193,10 @@ int main(int argc, char **argv) { | |||
174 | return 1; | 193 | return 1; |
175 | } | 194 | } |
176 | 195 | ||
177 | time_t now = time(NULL); | 196 | // kill the process if the parent died |
178 | printf("DNS trace for %s\n", ctime(&now)); | 197 | prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0); |
198 | |||
199 | print_date(); | ||
179 | run_trace(); | 200 | run_trace(); |
180 | 201 | ||
181 | return 0; | 202 | return 0; |