gfwleak/stellar-stellar
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

recv SYN after FIN or RST is considered to be TCP port reuse

Browse Source
This commit is contained in:
luwenpeng
2024-05-17 17:38:08 +08:00
parent 32ae4618ef
commit c22e4e5955
5 changed files with 36 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
test/packet_injector.cpp
View File

@@ -51,16 +51,23 @@ struct inject_rule
static void inject_packet_plugin(struct session *sess, struct packet *pkt, struct inject_rule *rule)
{
char buffer[1024] = {0};
const struct tuple6 *tuple = session_get_tuple6(sess);
if (rule->ip_type == 4 && memcmp(&tuple->src_addr.v4, &rule->v4, sizeof(struct in_addr)) && memcmp(&tuple->dst_addr.v4, &rule->v4, sizeof(struct in_addr)))
if (rule->ip_type == 4 &&
memcmp(&tuple->src_addr.v4, &rule->v4, sizeof(struct in_addr)) &&
memcmp(&tuple->dst_addr.v4, &rule->v4, sizeof(struct in_addr)))
{
return;
}
if (rule->ip_type == 6 && memcmp(&tuple->src_addr.v6, &rule->v6, sizeof(struct in6_addr)) && memcmp(&tuple->dst_addr.v6, &rule->v6, sizeof(struct in6_addr)))
if (rule->ip_type == 6 &&
memcmp(&tuple->src_addr.v6, &rule->v6, sizeof(struct in6_addr)) &&
memcmp(&tuple->dst_addr.v6, &rule->v6, sizeof(struct in6_addr)))
{
return;
}
if (rule->port != 0 && tuple->src_port != rule->port && tuple->dst_port != rule->port)
if (rule->port != 0 &&
tuple->src_port != rule->port &&
tuple->dst_port != rule->port)
{
return;
}
@@ -72,7 +79,8 @@ static void inject_packet_plugin(struct session *sess, struct packet *pkt, struc
{
return;
}
if (session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_INJECTED_PACKETS_SUCCESS) > 0 && session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_INJECTED_PACKETS_SUCCESS) > 0)
if (session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_INJECTED_PACKETS_SUCCESS) > 0 ||
session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_INJECTED_PACKETS_SUCCESS) > 0)
{
return;
}
@@ -89,6 +97,13 @@ static void inject_packet_plugin(struct session *sess, struct packet *pkt, struc
EXPECT_TRUE(stellar_inject_tcp_fin(sess, FLOW_DIRECTION_S2C) > 0);
break;
case INJECT_TYPE_TCP_PAYLOAD:
packet_set_action(pkt, PACKET_ACTION_DROP);
snprintf(buffer, sizeof(buffer), "HTTP/1.1 200 OK\r\nContent-Length: %d\r\n\r\n%s", 5 + 5 + 2, "Hello");
EXPECT_TRUE(stellar_inject_payload(sess, FLOW_DIRECTION_S2C, buffer, strlen(buffer)) > 0); // inject payload to client
EXPECT_TRUE(stellar_inject_payload(sess, FLOW_DIRECTION_S2C, "World\r\n", 7) > 0);
EXPECT_TRUE(stellar_inject_tcp_fin(sess, FLOW_DIRECTION_S2C) > 0); // inject FIN to client
EXPECT_TRUE(stellar_inject_tcp_rst(sess, FLOW_DIRECTION_C2S) > 0); // inject RST to server
break;
case INJECT_TYPE_UDP_PAYLOAD:
packet_set_action(pkt, PACKET_ACTION_DROP);
EXPECT_TRUE(stellar_inject_payload(sess, FLOW_DIRECTION_C2S, "Hello Server", 12) > 0);