mosers
/
eaas-vde-proxy
Archiviert
1
0
Fork 0

Added wireshark mode, fixed DHCP bug

main
Simon Moser vor 3 Jahren
Ursprung 9b24f13471
Commit af165f5573
Signiert von: mosers
GPG-Schlüssel-ID: 96B3365A234B500C

@ -52,6 +52,8 @@ Usage of ./proxy:
Main switch sock path, - for stdin/out (default "/run/vde/sw_main.sock") Main switch sock path, - for stdin/out (default "/run/vde/sw_main.sock")
-sproxy string -sproxy string
Proxy switch sock path (default "/run/vde/sw_proxy1.sock") Proxy switch sock path (default "/run/vde/sw_proxy1.sock")
-wireshark
Whether to write all traffic to /tmp
``` ```
### envctl - control VMs, network etc ### envctl - control VMs, network etc

@ -35,6 +35,7 @@ var DHCPMask []byte
var DHCPState dhcp4.MessageType var DHCPState dhcp4.MessageType
var DHCPCandidate net.IP var DHCPCandidate net.IP
var UId string var UId string
var Wireshark bool
// Start the two plugs and run two concurrent forward methods // Start the two plugs and run two concurrent forward methods
func main() { func main() {
@ -49,6 +50,7 @@ func main() {
sockProxy := flag.String("sproxy", "/run/vde/sw_proxy1.sock", "Proxy switch sock path") sockProxy := flag.String("sproxy", "/run/vde/sw_proxy1.sock", "Proxy switch sock path")
pidFile := flag.String("pidfile", "", "Location to write the pid to") pidFile := flag.String("pidfile", "", "Location to write the pid to")
logFile := flag.String("logfile", "", "Location to write output to") logFile := flag.String("logfile", "", "Location to write output to")
wireshark := flag.Bool("wireshark", false, "Whether to write all traffic to /tmp")
flag.Parse() flag.Parse()
log.SetLevel(log.Level(*logLvl)) log.SetLevel(log.Level(*logLvl))
OldMAC, _ = net.ParseMAC(*oldMAC) OldMAC, _ = net.ParseMAC(*oldMAC)
@ -56,6 +58,7 @@ func main() {
OldIP = net.ParseIP(*oldIP).To4() OldIP = net.ParseIP(*oldIP).To4()
NewIP = net.ParseIP(*newIP).To4() NewIP = net.ParseIP(*newIP).To4()
Passthrough = *passthrough Passthrough = *passthrough
Wireshark = *wireshark
UId = GenerateUId(*sockProxy) UId = GenerateUId(*sockProxy)
log.SetFormatter(&log.TextFormatter{ log.SetFormatter(&log.TextFormatter{
DisableTimestamp: true, DisableTimestamp: true,
@ -114,9 +117,12 @@ func pipeForward(prefix string) {
log.Fatal(prefix, "Error reading frame data") log.Fatal(prefix, "Error reading frame data")
} }
if Wireshark {
WritePcap("/tmp/pkg_"+strconv.FormatInt(time.Now().Unix(), 10)+".pcap", frameBytes)
}
// Convert frame to full stack packet // Convert frame to full stack packet
packet := gopacket.NewPacket(frameBytes, layers.LayerTypeEthernet, gopacket.Default) packet := gopacket.NewPacket(frameBytes, layers.LayerTypeEthernet, gopacket.Default)
// isInteresting := false // Debug Help
// Handle Ethernet frame // Handle Ethernet frame
frame := packet.Layer(layers.LayerTypeEthernet).(*layers.Ethernet) frame := packet.Layer(layers.LayerTypeEthernet).(*layers.Ethernet)
@ -129,9 +135,11 @@ func pipeForward(prefix string) {
log.Debug("IP Protocol ", ipv4Packet.Protocol) log.Debug("IP Protocol ", ipv4Packet.Protocol)
// Handle DHCPv4 packet (based on IPv4) // Handle DHCPv4 packet (based on IPv4)
if dhcpLayer := packet.Layer(layers.LayerTypeDHCPv4); dhcpLayer != nil && !Passthrough { if dhcpLayer := packet.Layer(layers.LayerTypeDHCPv4); dhcpLayer != nil {
handleDHCP(dhcpLayer.LayerContents(), frame.DstMAC, frame.SrcMAC, prefix) if !Passthrough {
continue handleDHCP(dhcpLayer.LayerContents(), frame.DstMAC, frame.SrcMAC, prefix)
continue
}
} }
filterIP(prefix, &ipv4Packet.DstIP, &ipv4Packet.SrcIP, ipv4Packet.LayerType()) filterIP(prefix, &ipv4Packet.DstIP, &ipv4Packet.SrcIP, ipv4Packet.LayerType())
@ -146,7 +154,15 @@ func pipeForward(prefix string) {
if tcpLayer := packet.Layer(layers.LayerTypeTCP); tcpLayer != nil { if tcpLayer := packet.Layer(layers.LayerTypeTCP); tcpLayer != nil {
tcpPacket, _ := tcpLayer.(*layers.TCP) tcpPacket, _ := tcpLayer.(*layers.TCP)
if err := tcpPacket.SetNetworkLayerForChecksum(ipv4Packet); err != nil { if err := tcpPacket.SetNetworkLayerForChecksum(ipv4Packet); err != nil {
log.Error(prefix, "Error setting network layer for checksum", err) log.Error(prefix, "Error setting network layer for TCP checksum", err)
}
}
// Handle UDP packet
if udpLayer := packet.Layer(layers.LayerTypeUDP); udpLayer != nil {
udpPacket, _ := udpLayer.(*layers.UDP)
if err := udpPacket.SetNetworkLayerForChecksum(ipv4Packet); err != nil {
log.Error(prefix, "Error setting network layer for UDP checksum", err)
} }
} }
} }
@ -189,13 +205,6 @@ func pipeForward(prefix string) {
newFrameLength := make([]byte, 2) newFrameLength := make([]byte, 2)
binary.BigEndian.PutUint16(newFrameLength, uint16(len(newFrameBytes))) binary.BigEndian.PutUint16(newFrameLength, uint16(len(newFrameBytes)))
// Write interesting things to debug file
/*if isInteresting {
WriteBinary(fmt.Sprintf("/tmp/pck_%di.dat", time.Now().Unix()), frameBytes)
WriteBinary(fmt.Sprintf("/tmp/pck_%do.dat", time.Now().Unix()), newFrameBytes)
//WritePcapNg("xyz.pcap", packet.Data(), packet.Metadata().CaptureInfo)
}*/
// Forward modified frame to other plug // Forward modified frame to other plug
if _, err := writer.Write(newFrameLength); err != nil { if _, err := writer.Write(newFrameLength); err != nil {
log.Error("Error forwarding packet length", err) log.Error("Error forwarding packet length", err)
@ -391,8 +400,8 @@ func sendDHCPReply(req dhcp4.Packet, mt dhcp4.MessageType, lease net.IP, reqOpt
// Getting the options // Getting the options
opt := dhcp4.Options{ opt := dhcp4.Options{
dhcp4.OptionSubnetMask: DHCPMask, dhcp4.OptionSubnetMask: DHCPMask,
dhcp4.OptionRouter: RouterIP, dhcp4.OptionRouter: RouterIP,
dhcp4.OptionDomainNameServer: DNSIP, dhcp4.OptionDomainNameServer: DNSIP,
}.SelectOrderOrAll(reqOpt[dhcp4.OptionParameterRequestList]) }.SelectOrderOrAll(reqOpt[dhcp4.OptionParameterRequestList])
@ -412,7 +421,7 @@ func sendDHCPReply(req dhcp4.Packet, mt dhcp4.MessageType, lease net.IP, reqOpt
TTL: 128, TTL: 128,
Protocol: layers.IPProtocolUDP, Protocol: layers.IPProtocolUDP,
SrcIP: DHCPIP, SrcIP: DHCPIP,
DstIP: lease, DstIP: net.IPv4bcast,
} }
udp := layers.UDP{ udp := layers.UDP{
SrcPort: 67, SrcPort: 67,
@ -454,7 +463,7 @@ func sendDHCPRequest(mt dhcp4.MessageType, reqIP net.IP) {
} }
eth := layers.Ethernet{ eth := layers.Ethernet{
SrcMAC: NewMAC, SrcMAC: NewMAC,
DstMAC: If(mt == dhcp4.Discover).MAC([]byte{255,255,255,255,255,255}, DHCPMAC), DstMAC: If(mt == dhcp4.Discover).MAC([]byte{255, 255, 255, 255, 255, 255}, DHCPMAC),
EthernetType: layers.EthernetTypeIPv4, EthernetType: layers.EthernetTypeIPv4,
} }
ipv4 := layers.IPv4{ ipv4 := layers.IPv4{
@ -475,7 +484,7 @@ func sendDHCPRequest(mt dhcp4.MessageType, reqIP net.IP) {
}, },
{ {
Code: dhcp4.OptionParameterRequestList, Code: dhcp4.OptionParameterRequestList,
Value: []byte{1, 3, 6}, // Subnet Mask, Router, Domain Name Server Value: []byte{1, 3, 6}, // Subnet Mask, Router, Domain Name Server
}, },
} }
if mt == dhcp4.Request { if mt == dhcp4.Request {
@ -492,7 +501,6 @@ func sendDHCPRequest(mt dhcp4.MessageType, reqIP net.IP) {
log.Error("Error serializing DHCP request: ", err) log.Error("Error serializing DHCP request: ", err)
} }
packetData := buf.Bytes() packetData := buf.Bytes()
WritePcap("/tmp/dhcpreq_" +strconv.FormatInt(time.Now().Unix(), 10)+ ".pcap", packetData)
// Sending layer through VM's pipe // Sending layer through VM's pipe
packetLength := make([]byte, 2) packetLength := make([]byte, 2)