diff options
| author |  netblue30 <netblue30@protonmail.com> | 2022-10-25 14:34:17 -0400 |
|---|---|---|
| committer | netblue30 <netblue30@protonmail.com> | 2022-10-25 14:34:17 -0400 |
| commit | c90e2998f6ddb225efba3538f3e06b8a79f2c023 (patch) | |
| tree | 3161a24ada741da5a00b78b04c6749d5e9c86d06 /src/fnettrace-dns | |
| parent | fix nolocal netfilter (diff) | |
| download | firejail-c90e2998f6ddb225efba3538f3e06b8a79f2c023.tar.gz firejail-c90e2998f6ddb225efba3538f3e06b8a79f2c023.tar.zst firejail-c90e2998f6ddb225efba3538f3e06b8a79f2c023.zip | |
nettrace: various fixes
Diffstat (limited to 'src/fnettrace-dns')
| -rw-r--r-- | src/fnettrace-dns/main.c | 33 |
1 files changed, 27 insertions, 6 deletions
diff --git a/src/fnettrace-dns/main.c b/src/fnettrace-dns/main.c index eb2eb7238..32122754f 100644 --- a/src/fnettrace-dns/main.c +++ b/src/fnettrace-dns/main.c | |||
| @@ -22,6 +22,8 @@ | |||
| 22 | #include <time.h> | 22 | #include <time.h> |
| 23 | #include <linux/filter.h> | 23 | #include <linux/filter.h> |
| 24 | #include <linux/if_ether.h> | 24 | #include <linux/if_ether.h> |
| 25 | #include <sys/prctl.h> | ||
| 26 | #include <signal.h> | ||
| 25 | #define MAX_BUF_SIZE (64 * 1024) | 27 | #define MAX_BUF_SIZE (64 * 1024) |
| 26 | 28 | ||
| 27 | static char last[512] = {'\0'}; | 29 | static char last[512] = {'\0'}; |
| @@ -106,6 +108,18 @@ static void custom_bpf(int sock) { | |||
| 106 | } | 108 | } |
| 107 | } | 109 | } |
| 108 | 110 | ||
| 111 | static void print_date(void) { | ||
| 112 | static int day = -1; | ||
| 113 | time_t now = time(NULL); | ||
| 114 | struct tm *t = localtime(&now); | ||
| 115 | |||
| 116 | if (day != t->tm_yday) { | ||
| 117 | printf("\nDNS trace for %s", ctime(&now)); | ||
| 118 | day = t->tm_yday; | ||
| 119 | } | ||
| 120 | fflush(0); | ||
| 121 | } | ||
| 122 | |||
| 109 | static void run_trace(void) { | 123 | static void run_trace(void) { |
| 110 | // grab all Ethernet packets and use a custom BPF filter to get only UDP from source port 53 | 124 | // grab all Ethernet packets and use a custom BPF filter to get only UDP from source port 53 |
| 111 | int s = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL)); | 125 | int s = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL)); |
| @@ -113,19 +127,24 @@ static void run_trace(void) { | |||
| 113 | errExit("socket"); | 127 | errExit("socket"); |
| 114 | custom_bpf(s); | 128 | custom_bpf(s); |
| 115 | 129 | ||
| 130 | struct timeval tv; | ||
| 131 | tv.tv_sec = 10; | ||
| 132 | tv.tv_usec = 0; | ||
| 116 | unsigned char buf[MAX_BUF_SIZE]; | 133 | unsigned char buf[MAX_BUF_SIZE]; |
| 117 | while (1) { | 134 | while (1) { |
| 118 | fd_set rfds; | 135 | fd_set rfds; |
| 119 | FD_ZERO(&rfds); | 136 | FD_ZERO(&rfds); |
| 120 | FD_SET(s, &rfds); | 137 | FD_SET(s, &rfds); |
| 121 | struct timeval tv; | ||
| 122 | tv.tv_sec = 1; | ||
| 123 | tv.tv_usec = 0; | ||
| 124 | int rv = select(s + 1, &rfds, NULL, NULL, &tv); | 138 | int rv = select(s + 1, &rfds, NULL, NULL, &tv); |
| 125 | if (rv < 0) | 139 | if (rv < 0) |
| 126 | errExit("select"); | 140 | errExit("select"); |
| 127 | else if (rv == 0) | 141 | else if (rv == 0) { |
| 142 | print_date(); | ||
| 143 | tv.tv_sec = 10; | ||
| 144 | tv.tv_usec = 0; | ||
| 128 | continue; | 145 | continue; |
| 146 | } | ||
| 147 | |||
| 129 | unsigned bytes = recvfrom(s, buf, MAX_BUF_SIZE, 0, NULL, NULL); | 148 | unsigned bytes = recvfrom(s, buf, MAX_BUF_SIZE, 0, NULL, NULL); |
| 130 | 149 | ||
| 131 | if (bytes >= (14 + 20 + 8)) { // size of MAC + IP + UDP headers | 150 | if (bytes >= (14 + 20 + 8)) { // size of MAC + IP + UDP headers |
| @@ -174,8 +193,10 @@ int main(int argc, char **argv) { | |||
| 174 | return 1; | 193 | return 1; |
| 175 | } | 194 | } |
| 176 | 195 | ||
| 177 | time_t now = time(NULL); | 196 | // kill the process if the parent died |
| 178 | printf("DNS trace for %s\n", ctime(&now)); | 197 | prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0); |
| 198 | |||
| 199 | print_date(); | ||
| 179 | run_trace(); | 200 | run_trace(); |
| 180 | 201 | ||
| 181 | return 0; | 202 | return 0; |