Filtering on respond implementation

2021-12-21 06:14:56 -05:00 · 2021-12-21 06:14:56 -05:00 · 79f4cbf97d
commit 79f4cbf97d
parent b7ca59b1bd
2 changed files with 26 additions and 7 deletions
--- a/main.go
+++ b/main.go
@ -2,6 +2,7 @@ package main

 import (
 	"fmt"
+	"net"
 	"os"
 	"os/signal"
 	"syscall"
@ -27,7 +28,8 @@ func main() {
 func simpleRespond(iface string) {
 	requests := make(chan *NDRequest, 100)
 	defer close(requests)
-	go respond(iface, requests, NDP_ADV)
+	_, test, _ := net.ParseCIDR("fd44::/64")
+	go respond(iface, requests, NDP_ADV, []*net.IPNet{test})
 	go listen(iface, requests, NDP_SOL)

 	sigCh := make(chan os.Signal)
@ -43,22 +45,22 @@ func proxy(iface1, iface2 string) {
 	req_iface1_sol_iface2 := make(chan *NDRequest, 100)
 	defer close(req_iface1_sol_iface2)
 	go listen(iface1, req_iface1_sol_iface2, NDP_SOL)
-	go respond(iface2, req_iface1_sol_iface2, NDP_SOL)
+	go respond(iface2, req_iface1_sol_iface2, NDP_SOL, nil)

 	req_iface2_sol_iface1 := make(chan *NDRequest, 100)
 	defer close(req_iface2_sol_iface1)
 	go listen(iface2, req_iface2_sol_iface1, NDP_SOL)
-	go respond(iface1, req_iface2_sol_iface1, NDP_SOL)
+	go respond(iface1, req_iface2_sol_iface1, NDP_SOL, nil)

 	req_iface1_adv_iface2 := make(chan *NDRequest, 100)
 	defer close(req_iface1_adv_iface2)
 	go listen(iface1, req_iface1_adv_iface2, NDP_ADV)
-	go respond(iface2, req_iface1_adv_iface2, NDP_ADV)
+	go respond(iface2, req_iface1_adv_iface2, NDP_ADV, nil)

 	req_iface2_adv_iface1 := make(chan *NDRequest, 100)
 	defer close(req_iface2_adv_iface1)
 	go listen(iface2, req_iface2_adv_iface1, NDP_ADV)
-	go respond(iface1, req_iface2_adv_iface1, NDP_ADV)
+	go respond(iface1, req_iface2_adv_iface1, NDP_ADV, nil)

 	sigCh := make(chan os.Signal)
 	signal.Notify(sigCh, os.Interrupt, syscall.SIGTERM)
--- a/responder.go
+++ b/responder.go
@ -9,7 +9,7 @@ import (

 var globalFd int

-func respond(iface string, requests chan *NDRequest, respondType NDPType) {
+func respond(iface string, requests chan *NDRequest, respondType NDPType, filter []*net.IPNet) {
 	fd, err := syscall.Socket(syscall.AF_INET6, syscall.SOCK_RAW, syscall.IPPROTO_RAW)
 	if err != nil {
 		panic(err)
@ -47,6 +47,20 @@ func respond(iface string, requests chan *NDRequest, respondType NDPType) {

 	for {
 		n := <-requests
+		if filter != nil {
+			ok := false
+			for _, i := range filter {
+				if i.Contains(n.answeringForIP) {
+					fmt.Println("filter allowed IP", n.answeringForIP)
+					ok = true
+					break
+				}
+			}
+			if !ok {
+				continue
+			}
+		}
+
 		if n.sourceIface == iface {
 			pkt(result, n.srcIP, n.answeringForIP, niface.HardwareAddr, respondType)
 		} else {
@ -79,6 +93,9 @@ func pkt(ownIP []byte, dstIP []byte, tgtip []byte, mac []byte, respondType NDPTy
 	fmt.Println("Sending packet of type", respondType, "to")
 	fmt.Printf("% X\n", t)

+	fmt.Println(globalFd)
 	err = syscall.Sendto(globalFd, response, 0, &d)
+	if err != nil {
 		fmt.Println(err.Error())
 	}
+}