diff options
author | netblue30 <netblue30@protonmail.com> | 2022-10-11 11:01:01 -0400 |
---|---|---|
committer | netblue30 <netblue30@protonmail.com> | 2022-10-11 11:01:01 -0400 |
commit | 95a725b61cd9b96cacb73ecef254db9860afb38d (patch) | |
tree | 22ebde6bd6a092e5741321518c6579dc32ad0105 /src/fnettrace-sni | |
parent | build(deps): bump actions/checkout from 3.0.2 to 3.1.0 (diff) | |
download | firejail-95a725b61cd9b96cacb73ecef254db9860afb38d.tar.gz firejail-95a725b61cd9b96cacb73ecef254db9860afb38d.tar.zst firejail-95a725b61cd9b96cacb73ecef254db9860afb38d.zip |
nettrace-dns and nettrace-sni
Diffstat (limited to 'src/fnettrace-sni')
-rw-r--r-- | src/fnettrace-sni/main.c | 19 |
1 files changed, 14 insertions, 5 deletions
diff --git a/src/fnettrace-sni/main.c b/src/fnettrace-sni/main.c index ea7a91548..571089e29 100644 --- a/src/fnettrace-sni/main.c +++ b/src/fnettrace-sni/main.c | |||
@@ -24,6 +24,8 @@ | |||
24 | #include <linux/if_ether.h> | 24 | #include <linux/if_ether.h> |
25 | #define MAX_BUF_SIZE (64 * 1024) | 25 | #define MAX_BUF_SIZE (64 * 1024) |
26 | 26 | ||
27 | static char last[512] = {'\0'}; | ||
28 | |||
27 | // pkt - start of TLS layer | 29 | // pkt - start of TLS layer |
28 | static void print_tls(uint32_t ip_dest, unsigned char *pkt, unsigned len) { | 30 | static void print_tls(uint32_t ip_dest, unsigned char *pkt, unsigned len) { |
29 | assert(pkt); | 31 | assert(pkt); |
@@ -67,18 +69,25 @@ static void print_tls(uint32_t ip_dest, unsigned char *pkt, unsigned len) { | |||
67 | i++; | 69 | i++; |
68 | } | 70 | } |
69 | 71 | ||
70 | if (name) | 72 | if (name) { |
71 | printf("%02d:%02d:%02d %15s %s\n", t->tm_hour, t->tm_min, t->tm_sec, ip, name); | 73 | // filter output |
74 | char tmp[sizeof(last)]; | ||
75 | snprintf(tmp, sizeof(last), "%02d:%02d:%02d %-15s %s", t->tm_hour, t->tm_min, t->tm_sec, ip, name); | ||
76 | if (strcmp(tmp, last)) { | ||
77 | printf("%s\n", tmp); | ||
78 | strcpy(last, tmp); | ||
79 | } | ||
80 | } | ||
72 | else | 81 | else |
73 | goto nosni; | 82 | goto nosni; |
74 | return; | 83 | return; |
75 | 84 | ||
76 | errout: | 85 | errout: |
77 | printf("%02d:%02d:%02d %15s Error: invalid TLS packet\n", t->tm_hour, t->tm_min, t->tm_sec, ip); | 86 | printf("%02d:%02d:%02d %-15s Error: invalid TLS packet\n", t->tm_hour, t->tm_min, t->tm_sec, ip); |
78 | return; | 87 | return; |
79 | 88 | ||
80 | nosni: | 89 | nosni: |
81 | printf("%02d:%02d:%02d %15s no SNI\n", t->tm_hour, t->tm_min, t->tm_sec, ip); | 90 | printf("%02d:%02d:%02d %-15s no SNI\n", t->tm_hour, t->tm_min, t->tm_sec, ip); |
82 | return; | 91 | return; |
83 | } | 92 | } |
84 | 93 | ||
@@ -131,7 +140,7 @@ static void custom_bpf(int sock) { | |||
131 | } | 140 | } |
132 | 141 | ||
133 | static void run_trace(void) { | 142 | static void run_trace(void) { |
134 | // grab all Ethernet packets and use a custom BPF filter to get only UDP from source port 53 | 143 | // grab all Ethernet packets and use a custom BPF filter to get TLS/SNI packets |
135 | int s = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL)); | 144 | int s = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL)); |
136 | if (s < 0) | 145 | if (s < 0) |
137 | errExit("socket"); | 146 | errExit("socket"); |