Pndpd/pndp/listener.go

package pndp

import (
	"bytes"
	"fmt"
	"golang.org/x/net/bpf"
	"net"
	"sync"
	"syscall"
)

// Htons Convert a uint16 to host byte order (big endian)
func htons(v uint16) int {
	return int((v << 8) | (v >> 8))
}
func htons16(v uint16) uint16 { return v<<8 | v>>8 }

func listen(iface string, responder chan *ndpRequest, requestType ndpType, stopWG *sync.WaitGroup, stopChan chan struct{}) {
	stopWG.Add(1)
	defer stopWG.Done()

	niface, err := net.InterfaceByName(iface)
	if err != nil {
		panic(err.Error())
	}
	tiface := &syscall.SockaddrLinklayer{
		Protocol: htons16(syscall.ETH_P_IPV6),
		Ifindex:  niface.Index,
	}

	fd, err := syscall.Socket(syscall.AF_PACKET, syscall.SOCK_RAW, htons(syscall.ETH_P_IPV6))
	if err != nil {
		fmt.Println(err.Error())
	}
	go func() {
		<-stopChan
		setPromisc(fd, iface, false, false)
		_ = syscall.Close(fd)
		stopWG.Done() // syscall.read does not release when the file descriptor is closed
	}()
	if GlobalDebug {
		fmt.Println("Obtained fd ", fd)
	}

	if len([]byte(iface)) > syscall.IFNAMSIZ {
		panic("Interface size larger then maximum allowed by the kernel")
	}

	err = syscall.Bind(fd, tiface)
	if err != nil {
		panic(err.Error())
	}

	setPromisc(fd, iface, true, false)

	var protocolNo uint32
	if requestType == ndp_SOL {
		//Neighbor Solicitation
		protocolNo = 0x87
	} else {
		//Neighbor Advertisement
		protocolNo = 0x88
	}
	var f bpfFilter
	f = []bpf.Instruction{
		// Load "EtherType" field from the ethernet header.
		bpf.LoadAbsolute{Off: 12, Size: 2},
		// Jump to the drop packet instruction if EtherType is not IPv6.
		bpf.JumpIf{Cond: bpf.JumpNotEqual, Val: 0x86dd, SkipTrue: 5},
		// Load "Next Header" field from IPV6 header.
		bpf.LoadAbsolute{Off: 20, Size: 1},
		// Jump to the drop packet instruction if Next Header is not ICMPv6.
		bpf.JumpIf{Cond: bpf.JumpNotEqual, Val: 0x3a, SkipTrue: 3},
		// Load "Type" field from ICMPv6 header.
		bpf.LoadAbsolute{Off: 54, Size: 1},
		// Jump to the drop packet instruction if Type is not Neighbor Solicitation / Advertisement.
		bpf.JumpIf{Cond: bpf.JumpNotEqual, Val: protocolNo, SkipTrue: 1},
		// Verdict is: send up to 86 bytes of the packet to userspace.
		bpf.RetConstant{Val: 86},
		// Verdict is: "ignore packet."
		bpf.RetConstant{Val: 0},
	}

	err = f.ApplyTo(fd)
	if err != nil {
		panic(err.Error())
	}

	for {
		buf := make([]byte, 86)
		numRead, err := syscall.Read(fd, buf)
		if err != nil {
			panic(err)
		}
		if numRead < 78 {
			if GlobalDebug {
				fmt.Println("Dropping packet since it does not meet the minimum length requirement")
				fmt.Printf("% X\n", buf[:numRead])
			}
			continue
		}
		if GlobalDebug {
			fmt.Println("Got packet on", iface, "of type", requestType)
			fmt.Printf("% X\n", buf[:numRead])

			fmt.Println("Source mac on ethernet layer:")
			fmt.Printf("% X\n", buf[6:12])
			fmt.Println("Source IP:")
			fmt.Printf("% X\n", buf[22:38])
			fmt.Println("Destination IP:")
			fmt.Printf("% X\n", buf[38:54])
			fmt.Println("Requested IP:")
			fmt.Printf("% X\n", buf[62:78])
			if requestType == ndp_ADV {
				fmt.Println("NDP Flags")
				fmt.Printf("% X\n", buf[58])
			}
			fmt.Println()
		}

		if bytes.Equal(buf[6:12], niface.HardwareAddr) {
			if GlobalDebug {
				fmt.Println("Dropping packet from ourselves")
			}
			continue
		}

		if requestType == ndp_ADV {
			if buf[58] == 0x0 {
				if GlobalDebug {
					fmt.Println("Dropping Advertisement packet without any NDP flags set")
				}
				continue
			}
		}

		responder <- &ndpRequest{
			requestType:    requestType,
			srcIP:          buf[22:38],
			dstIP:          buf[38:54],
			answeringForIP: buf[62:78],
			payload:        buf[54:],
			sourceIface:    iface,
		}
	}
}
Refactor code 2021-12-22 07:01:30 -05:00			`package pndp`
Initial commit 2021-12-20 14:53:42 -05:00
			`import (`
Improvements and Fixes to proxying 2021-12-24 16:43:49 -05:00			`"bytes"`
Initial commit 2021-12-20 14:53:42 -05:00			`"fmt"`
			`"golang.org/x/net/bpf"`
			`"net"`
Add autosense, add config, overhaul code 2021-12-24 11:19:36 -05:00			`"sync"`
Initial commit 2021-12-20 14:53:42 -05:00			`"syscall"`
			`)`

			`// Htons Convert a uint16 to host byte order (big endian)`
			`func htons(v uint16) int {`
			`return int((v << 8) \| (v >> 8))`
			`}`
			`func htons16(v uint16) uint16 { return v<<8 \| v>>8 }`

Add autosense, add config, overhaul code 2021-12-24 11:19:36 -05:00			`func listen(iface string, responder chan ndpRequest, requestType ndpType, stopWG sync.WaitGroup, stopChan chan struct{}) {`
			`stopWG.Add(1)`
			`defer stopWG.Done()`
More Fixes and optimization 2021-12-25 08:21:07 -05:00
Initial commit 2021-12-20 14:53:42 -05:00			`niface, err := net.InterfaceByName(iface)`
			`if err != nil {`
			`panic(err.Error())`
			`}`
			`tiface := &syscall.SockaddrLinklayer{`
			`Protocol: htons16(syscall.ETH_P_IPV6),`
			`Ifindex: niface.Index,`
			`}`

			`fd, err := syscall.Socket(syscall.AF_PACKET, syscall.SOCK_RAW, htons(syscall.ETH_P_IPV6))`
			`if err != nil {`
			`fmt.Println(err.Error())`
			`}`
Release all ressources on shutdown 2021-12-22 06:04:00 -05:00			`go func() {`
Add autosense, add config, overhaul code 2021-12-24 11:19:36 -05:00			`<-stopChan`
No longer set SIOCGIFFLAGS, update README.md 2022-01-07 07:20:32 -05:00			`setPromisc(fd, iface, false, false)`
More Fixes and optimization 2021-12-25 08:21:07 -05:00			`_ = syscall.Close(fd)`
Add autosense, add config, overhaul code 2021-12-24 11:19:36 -05:00			`stopWG.Done() // syscall.read does not release when the file descriptor is closed`
Release all ressources on shutdown 2021-12-22 06:04:00 -05:00			`}()`
Add more debug information 2021-12-24 13:02:57 -05:00			`if GlobalDebug {`
			`fmt.Println("Obtained fd ", fd)`
			`}`
Initial commit 2021-12-20 14:53:42 -05:00
			`if len([]byte(iface)) > syscall.IFNAMSIZ {`
			`panic("Interface size larger then maximum allowed by the kernel")`
			`}`

			`err = syscall.Bind(fd, tiface)`
			`if err != nil {`
Proxying implementation finished 2021-12-21 06:00:28 -05:00			`panic(err.Error())`
Initial commit 2021-12-20 14:53:42 -05:00			`}`

No longer set SIOCGIFFLAGS, update README.md 2022-01-07 07:20:32 -05:00			`setPromisc(fd, iface, true, false)`
Set Interface Allmulti flag 2021-12-26 07:13:48 -05:00
Code cleanup 2021-12-22 06:09:52 -05:00			`var protocolNo uint32`
Refactor code 2021-12-22 07:01:30 -05:00			`if requestType == ndp_SOL {`
Code cleanup 2021-12-22 06:09:52 -05:00			`//Neighbor Solicitation`
			`protocolNo = 0x87`
Initial proxying implementation 2021-12-20 16:46:26 -05:00			`} else {`
Code cleanup 2021-12-22 06:09:52 -05:00			`//Neighbor Advertisement`
			`protocolNo = 0x88`
			`}`
Fix BPF Filter 2021-12-24 18:04:09 -05:00			`var f bpfFilter`
			`f = []bpf.Instruction{`
Code cleanup 2021-12-22 06:09:52 -05:00			`// Load "EtherType" field from the ethernet header.`
			`bpf.LoadAbsolute{Off: 12, Size: 2},`
			`// Jump to the drop packet instruction if EtherType is not IPv6.`
Fix BPF Filter 2021-12-24 18:04:09 -05:00			`bpf.JumpIf{Cond: bpf.JumpNotEqual, Val: 0x86dd, SkipTrue: 5},`
Code cleanup 2021-12-22 06:09:52 -05:00			`// Load "Next Header" field from IPV6 header.`
			`bpf.LoadAbsolute{Off: 20, Size: 1},`
			`// Jump to the drop packet instruction if Next Header is not ICMPv6.`
Fix BPF Filter 2021-12-24 18:04:09 -05:00			`bpf.JumpIf{Cond: bpf.JumpNotEqual, Val: 0x3a, SkipTrue: 3},`
Code cleanup 2021-12-22 06:09:52 -05:00			`// Load "Type" field from ICMPv6 header.`
			`bpf.LoadAbsolute{Off: 54, Size: 1},`
			`// Jump to the drop packet instruction if Type is not Neighbor Solicitation / Advertisement.`
			`bpf.JumpIf{Cond: bpf.JumpNotEqual, Val: protocolNo, SkipTrue: 1},`
Don't check for unnecessary flags, fix potential bottleneck 2021-12-28 12:48:52 -05:00			`// Verdict is: send up to 86 bytes of the packet to userspace.`
			`bpf.RetConstant{Val: 86},`
More Fixes and optimization 2021-12-25 08:21:07 -05:00			`// Verdict is: "ignore packet."`
Code cleanup 2021-12-22 06:09:52 -05:00			`bpf.RetConstant{Val: 0},`
Initial commit 2021-12-20 14:53:42 -05:00			`}`

			`err = f.ApplyTo(fd)`
			`if err != nil {`
			`panic(err.Error())`
			`}`

			`for {`
Don't check for unnecessary flags, fix potential bottleneck 2021-12-28 12:48:52 -05:00			`buf := make([]byte, 86)`
Initial commit 2021-12-20 14:53:42 -05:00			`numRead, err := syscall.Read(fd, buf)`
			`if err != nil {`
			`panic(err)`
			`}`
Don't check for unnecessary flags, fix potential bottleneck 2021-12-28 12:48:52 -05:00			`if numRead < 78 {`
Improvements and Fixes to proxying 2021-12-24 16:43:49 -05:00			`if GlobalDebug {`
			`fmt.Println("Dropping packet since it does not meet the minimum length requirement")`
			`fmt.Printf("% X\n", buf[:numRead])`
			`}`
			`continue`
			`}`
Preliminary config implementation 2021-12-21 06:42:30 -05:00			`if GlobalDebug {`
Add more debug information 2021-12-24 13:02:57 -05:00			`fmt.Println("Got packet on", iface, "of type", requestType)`
Improvements and Fixes to proxying 2021-12-24 16:43:49 -05:00			`fmt.Printf("% X\n", buf[:numRead])`

More Fixes and optimization 2021-12-25 08:21:07 -05:00			`fmt.Println("Source mac on ethernet layer:")`
			`fmt.Printf("% X\n", buf[6:12])`
Preliminary config implementation 2021-12-21 06:42:30 -05:00			`fmt.Println("Source IP:")`
More Fixes and optimization 2021-12-25 08:21:07 -05:00			`fmt.Printf("% X\n", buf[22:38])`
Preliminary config implementation 2021-12-21 06:42:30 -05:00			`fmt.Println("Destination IP:")`
More Fixes and optimization 2021-12-25 08:21:07 -05:00			`fmt.Printf("% X\n", buf[38:54])`
Preliminary config implementation 2021-12-21 06:42:30 -05:00			`fmt.Println("Requested IP:")`
More Fixes and optimization 2021-12-25 08:21:07 -05:00			`fmt.Printf("% X\n", buf[62:78])`
			`if requestType == ndp_ADV {`
			`fmt.Println("NDP Flags")`
			`fmt.Printf("% X\n", buf[58])`
			`}`
Preliminary config implementation 2021-12-21 06:42:30 -05:00			`fmt.Println()`
			`}`
Improvements and Fixes to proxying 2021-12-24 16:43:49 -05:00
More Fixes and optimization 2021-12-25 08:21:07 -05:00			`if bytes.Equal(buf[6:12], niface.HardwareAddr) {`
Improvements and Fixes to proxying 2021-12-24 16:43:49 -05:00			`if GlobalDebug {`
			`fmt.Println("Dropping packet from ourselves")`
			`}`
			`continue`
			`}`

Don't check for unnecessary flags, fix potential bottleneck 2021-12-28 12:48:52 -05:00			`if requestType == ndp_ADV {`
			`if buf[58] == 0x0 {`
			`if GlobalDebug {`
			`fmt.Println("Dropping Advertisement packet without any NDP flags set")`
			`}`
			`continue`
			`}`
			`}`

Refactor code 2021-12-22 07:01:30 -05:00			`responder <- &ndpRequest{`
Small code optimizations 2021-12-27 07:58:10 -05:00			`requestType: requestType,`
			`srcIP: buf[22:38],`
			`dstIP: buf[38:54],`
			`answeringForIP: buf[62:78],`
Don't check for unnecessary flags, fix potential bottleneck 2021-12-28 12:48:52 -05:00			`payload: buf[54:],`
Small code optimizations 2021-12-27 07:58:10 -05:00			`sourceIface: iface,`
Initial commit 2021-12-20 14:53:42 -05:00			`}`
			`}`
			`}`