Example #1
0
func Hop(port, ttl int, IP_addr net.IP) (*Hop_ret, error) {

	ret_addr := net.IPv4(0, 0, 0, 0)
	success := false
	// make sockets
	send_udp_s, err := syscall.Socket(syscall.AF_INET, syscall.SOCK_DGRAM, syscall.IPPROTO_UDP)
	if err != nil {
		return nil, err
	}
	recv_icmp_s, err := syscall.Socket(syscall.AF_INET, syscall.SOCK_RAW, syscall.IPPROTO_ICMP)
	if err != nil {
		return nil, err
	}

	//editing TTL value for outgoing IPv4 packets
	if err := syscall.SetsockoptInt(send_udp_s, syscall.SOL_IP, syscall.IP_TTL, ttl); err != nil {
		return nil, err
	}
	tv := syscall.NsecToTimeval(1000 * 1000 * TIME_OUT_MS)
	syscall.SetsockoptTimeval(recv_icmp_s, syscall.SOL_SOCKET, syscall.SO_RCVTIMEO, &tv)

	defer syscall.Close(send_udp_s)
	defer syscall.Close(recv_icmp_s)

	//connect sockets
	if err := syscall.Bind(recv_icmp_s, &syscall.SockaddrInet4{Port: port, Addr: [4]byte{137, 224, 226, 47}}); err != nil {
		return nil, err
	}

	//send udp-packet
	var IP [4]byte
	copy(IP[:], IP_addr.To4())
	if err := syscall.Sendto(send_udp_s, []byte{0x42, 0x42}, 0, &syscall.SockaddrInet4{Port: 1337, Addr: IP}); err != nil {
		return nil, err
	}

	//receive ICMP
	recv_buffer := make([]byte, 4096)
	_, _, err = syscall.Recvfrom(recv_icmp_s, recv_buffer, 0)
	if err == nil {
		header, err := ipv4.ParseHeader(recv_buffer)
		if err != nil {
			log.Errorf("%q", err)
		}
		success = true
		ret_addr = header.Src
	} else {
		//time out
		success = false
		ret_addr = net.IPv4(0, 0, 0, 0)
		//log.Errorf("%q", err)
	}
	//resolve (timeout) errors, retry or return false...
	return &Hop_ret{Addr: ret_addr, TTL: ttl, success: success}, nil
}
Example #2
0
func NewConnectionFromPacket(packet []byte) (Connection, error) {

	ipheader, err := ipv4.ParseHeader(packet)
	if err != nil {
		return Connection{}, err
	}

	tcpheader, err := tcp.ParseHeader(packet[ipheader.Len:])
	if err != nil {
		return Connection{}, err
	}

	return NewConnectionFromPacketAndIPHeaderAndTCPHeader(packet, ipheader, tcpheader)
}
Example #3
0
func TestParseHeader(t *testing.T) {
	var wh []byte
	switch runtime.GOOS {
	case "linux", "openbsd":
		wh = wireHeaderFromKernel[:]
	default:
		wh = wireHeaderFromTradBSDKernel[:]
	}
	h, err := ipv4.ParseHeader(wh)
	if err != nil {
		t.Fatalf("ipv4.ParseHeader failed: %v", err)
	}
	if !reflect.DeepEqual(h, testHeader) {
		t.Fatalf("ipv4.ParseHeader failed: %#v not equal %#v", h, testHeader)
	}
}
Example #4
0
func (t *connectionManager) Process() error {

	var wg sync.WaitGroup

	for i := 0; i < t.configuration.Manager.Agents; i++ {
		wg.Add(1)
		go func() {
			defer wg.Done()

			for {
				message := <-t.reader.output

				ipheader, err := ipv4.ParseHeader(message)
				if err != nil {
					log.Println("Error: Parsing IPHeader:" + err.Error())
					log.Printf("Message:%v\n", message)
					continue
				}

				if int(ipheader.Flags) < 2 {
					log.Printf("Warning: More Fragments Flag Is Set\n")
				}

				tcpheader, err := tcp.ParseHeader(message[ipheader.Len:])
				if err != nil {
					log.Println("Error: Parsing TCPHeader:" + err.Error())
					log.Printf("Message:%v\n", message)
					continue
				}

				connectionhelper, err := datastore.GetConnectionHelper()
				if err != nil {
					log.Printf("Error: Getting Connection Helper: %v\n", err.Error())
					return
				}

				connectionhelper.Lock()
				connection, err := connectionhelper.GetConnection(ipheader.Src, tcpheader.SourcePort, ipheader.Dst, tcpheader.DestinationPort)
				if err != nil {
					log.Printf("Error: Getting Connection: %v\n", err.Error())
					connectionhelper.Unlock()
					return
				}

				if bytes.Equal(connection.SourceIP(), net.IP{}) {
					//No connection found
					connection, err = datastore.NewConnectionFromPacketAndIPHeaderAndTCPHeader(message, ipheader, tcpheader)
					if err != nil {
						log.Printf("Error: Creating New Connection: %v\n", err.Error())
						connectionhelper.Unlock()
						continue
					}

					err = connectionhelper.SetConnection(connection)
					if err != nil {
						log.Printf("Error: Saving New Connection: %v\n", err.Error())
						connectionhelper.Unlock()
						continue
					}

				} else {
					//Connection found
					//We need to find out if the connection is still for this device and user
					devicehelper, err := datastore.GetDeviceHelper()
					if err != nil {
						log.Printf("Error: Getting Device Helper: %v\n", err.Error())
						connectionhelper.Unlock()
						return
					}

					device, err := devicehelper.GetDeviceByIP(ipheader.Src)
					if err != nil {
						log.Printf("Error: Getting Source Device By IP(%v) \"%v\"\n", ipheader.Src.String(), err.Error())
					}

					if bytes.Equal(device.MACAddress, net.HardwareAddr{}) {
						device, err = devicehelper.GetDeviceByIP(ipheader.Dst)
						if err != nil {
							log.Printf("Error: Getting Destination Device By IP(%v) \"%v\"\n", ipheader.Dst.String(), err.Error())
						}
					}

					//If we have a device, is now or it's empty
					currentuser := ""
					if device.GetActiveUser() != nil {
						currentuser = device.GetActiveUser().Username
					}

					//Device, User or Number of In Memory Packets Breached...
					if !bytes.Equal(device.MACAddress, connection.DeviceID()) || (connection.Username() != currentuser) || connection.NumberOfPackets() >= t.configuration.Manager.MaxPackets {
						//Device or User has changed.
						err = connectionhelper.RemoveConnection(connection)
						if err != nil {
							log.Printf("Error: Removing Connection: %v\n", err.Error())
							connectionhelper.Unlock()
							continue
						}

						//If a channel is registered and we had no errors closing it.
						if t.manager.output != nil {
							select {
							case t.manager.output <- connection:
							default:
								log.Println("Error: Manager Queue is full! Discarding Closed Connection..")
							}

						}

						//Create A New Connection
						connection, err := datastore.NewConnectionFromPacketAndIPHeaderAndTCPHeader(message, ipheader, tcpheader)
						if err != nil {
							log.Printf("Error: Creating New Connection After Remove: %v\n", err.Error())
							connectionhelper.Unlock()
							continue
						}

						err = connectionhelper.SetConnection(connection)
						if err != nil {
							log.Printf("Error: Saving New Connection After Remove: %v\n", err.Error())
							connectionhelper.Unlock()
							continue
						}
					} else {
						err = connection.AddPacket(message)
						if err != nil {
							log.Printf("Error: Adding Packet: %v\n", err.Error())
							connectionhelper.Unlock()
							continue
						}

						err = connectionhelper.SetConnection(connection)
						if err != nil {
							log.Printf("Error: Saving Packet after adding packet: %v\n", err.Error())
							connectionhelper.Unlock()
							continue
						}
					}

				}
				connectionhelper.Unlock()
			}

		}()
	}

	wg.Wait()
	log.Println("Error: We seem to be existing packet processing??")
	return errors.New("Error: Packet Processing Exited?")
}