gfwleak/stellar-stellar
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

rename session_direction to flow_direction

Browse Source
This commit is contained in:
luwenpeng
2024-05-09 14:57:12 +08:00
parent 37d12ebcfc
commit cc380d9271
21 changed files with 610 additions and 556 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
src/stellar/inject.cpp
View File

@@ -155,7 +155,7 @@ static void update_ip6_hdr(struct ip6_hdr *ip6hdr, int trim)
ipv6_hdr_set_payload_len(ip6hdr, len - trim);
}
static inline void calc_tcp_seq_and_ack(const struct session *sess, enum session_direction inj_dir, uint32_t *seq, uint32_t *ack)
static inline void calc_tcp_seq_and_ack(const struct session *sess, enum flow_direction inject_dir, uint32_t *seq, uint32_t *ack)
{
/*
* +--------+ current packet +---------+ C2S RST +--------+
@@ -175,9 +175,9 @@ static inline void calc_tcp_seq_and_ack(const struct session *sess, enum session
* ack = current_packet_seq + current_packet_payload_len
*/
enum session_direction curr_dir = session_get_current_direction(sess);
enum flow_direction curr_dir = session_get_flow_direction(sess);
const struct tcp_half *tcp_curr_half = &sess->tcp_halfs[curr_dir];
if (inj_dir == curr_dir)
if (inject_dir == curr_dir)
{
*seq = tcp_curr_half->seq;
*ack = tcp_curr_half->ack;
@@ -213,8 +213,8 @@ struct fingerprint
};
// return packet length
int build_tcp_packet(const struct packet *first, const struct fingerprint *finger,
uint32_t tcp_seq, uint32_t tcp_ack, uint8_t tcp_flags, char *tcp_pld, int pld_len, char *pkt_buff, int buff_size)
static int build_tcp_packet(const struct packet *first, const struct fingerprint *finger,
uint32_t tcp_seq, uint32_t tcp_ack, uint8_t tcp_flags, char *tcp_pld, int pld_len, char *pkt_buff, int buff_size)
{
int trim = 0;
struct tcphdr *tcphdr;
@@ -224,7 +224,7 @@ int build_tcp_packet(const struct packet *first, const struct fingerprint *finge
struct packet_layer *curr;
struct packet_layer *last;
int len = packet_get_len(first);
int8_t layers = packet_get_layers(first);
int8_t layers = packet_get_layers_number(first);
if ((tcp_pld == NULL && pld_len > 0) || (tcp_pld != NULL && pld_len <= 0))
{
@@ -302,50 +302,44 @@ int build_tcp_packet(const struct packet *first, const struct fingerprint *finge
}
// return 0: success, -1: failed
int stellar_inject_icmp_unreach(const struct session *sess, enum session_direction inj_dir, uint16_t thr_idx)
int stellar_inject_tcp_flags(const struct session *sess, enum flow_direction inject_dir, uint8_t flags)
{
// TODO
return -1;
}
uint16_t thr_idx = stellar_get_current_thread_index();
int stellar_inject_tcp_rst(const struct session *sess, enum session_direction inj_dir, uint16_t thr_idx)
{
if (session_get_type(sess) != SESSION_TYPE_TCP)
{
session_inc_stat((struct session *)sess, inj_dir, STAT_INJ_PKTS_FAIL, 1);
session_inc_stat((struct session *)sess, inject_dir, STAT_INJ_PKTS_FAIL, 1);
INJECT_PACKET_LOG_ERROR("session %ld is not a TCP session, cannot inject TCP RST", session_get_id(sess));
return -1;
}
const struct packet *pkt = session_get_1st_packet(sess, inj_dir);
const struct packet *pkt = session_get_first_packet(sess, inject_dir);
if (pkt == NULL)
{
session_inc_stat((struct session *)sess, inj_dir, STAT_INJ_PKTS_FAIL, 1);
INJECT_PACKET_LOG_ERROR("session %ld has no %s first packet, cannot inject TCP RST", session_get_id(sess), session_direction_to_str(inj_dir));
session_inc_stat((struct session *)sess, inject_dir, STAT_INJ_PKTS_FAIL, 1);
INJECT_PACKET_LOG_ERROR("session %ld has no %s first packet, cannot inject TCP RST", session_get_id(sess), flow_direction_to_str(inject_dir));
return -1;
}
struct fingerprint finger = {0};
uint32_t tcp_seq = 0;
uint32_t tcp_ack = 0;
uint8_t tcp_flags = TH_RST | TH_ACK;
char buff[4096] = {0};
calc_tcp_seq_and_ack(sess, inj_dir, &tcp_seq, &tcp_ack);
calc_tcp_seq_and_ack(sess, inject_dir, &tcp_seq, &tcp_ack);
calc_ipid_ttl_win(&finger.ipid, &finger.ttl, &finger.win);
int len = build_tcp_packet(pkt, &finger, tcp_seq, tcp_ack, tcp_flags, NULL, 0, buff, sizeof(buff));
int len = build_tcp_packet(pkt, &finger, tcp_seq, tcp_ack, flags, NULL, 0, buff, sizeof(buff));
if (len <= 0)
{
INJECT_PACKET_LOG_ERROR("session %ld build TCP %s RST packet failed, %s", session_get_id(sess), session_direction_to_str(inj_dir), strerror(len));
session_inc_stat((struct session *)sess, inj_dir, STAT_INJ_PKTS_FAIL, 1);
INJECT_PACKET_LOG_ERROR("session %ld build TCP %s RST packet failed, %s", session_get_id(sess), flow_direction_to_str(inject_dir), strerror(len));
session_inc_stat((struct session *)sess, inject_dir, STAT_INJ_PKTS_FAIL, 1);
return -1;
}
struct inject_packet_meta meta = {0};
meta.session_id = session_get_id(sess);
session_get_route_ctx(sess, inj_dir, &meta.route);
session_get_sid_list(sess, inj_dir, &meta.sids);
session_get_route_ctx(sess, inject_dir, &meta.route);
session_get_sid_list(sess, inject_dir, &meta.sids);
struct packet inj_pkt;
packet_parse(&inj_pkt, buff, len);
@@ -353,37 +347,25 @@ int stellar_inject_tcp_rst(const struct session *sess, enum session_direction in
packet_set_origin_ctx(&inj_pkt, &meta);
if (packet_io_inject(runtime->packet_io, thr_idx, &inj_pkt, 1) == 1)
{
session_inc_stat((struct session *)sess, inj_dir, STAT_INJ_PKTS_SUSS, 1);
session_inc_stat((struct session *)sess, inj_dir, STAT_INJ_BYTES_SUSS, len);
session_inc_stat((struct session *)sess, inject_dir, STAT_INJ_PKTS_SUSS, 1);
session_inc_stat((struct session *)sess, inject_dir, STAT_INJ_BYTES_SUSS, len);
return 0;
}
else
{
INJECT_PACKET_LOG_ERROR("session %ld inject TCP %s RST packet failed, packet I/O nospace", session_get_id(sess), session_direction_to_str(inj_dir));
session_inc_stat((struct session *)sess, inj_dir, STAT_INJ_PKTS_FAIL, 1);
INJECT_PACKET_LOG_ERROR("session %ld inject TCP %s RST packet failed, packet I/O nospace", session_get_id(sess), flow_direction_to_str(inject_dir));
session_inc_stat((struct session *)sess, inject_dir, STAT_INJ_PKTS_FAIL, 1);
return -1;
}
}
int stellar_inject_tcp_payload(const struct session *sess, enum session_direction inj_dir, uint16_t thr_idx, const char *payload, uint16_t len)
int stellar_inject_payload(const struct session *sess, enum flow_direction inject_dir, const char *payload, uint16_t len)
{
// TODO
return -1;
}
int stellar_inject_udp_payload(const struct session *sess, enum session_direction inj_dir, uint16_t thr_idx, const char *payload, uint16_t len)
{
// TODO
return -1;
}
int stellar_inject_ctrl_msg(const struct session *sess, uint16_t *sids, int nr_sid, uint16_t thr_idx, const char *msg, uint16_t len)
{
// TODO
return -1;
}
int stellar_inject_stateless_pkt(uint16_t link_id, uint16_t thr_idx, const char *packet, uint16_t len)
int stellar_inject_ctrl_msg(const struct session *sess, const struct sid_list *sids, const char *msg, uint16_t len)
{
// TODO
return -1;

23
src/stellar/stellar.cpp
View File

@@ -1,4 +1,5 @@
#include <errno.h>
#include <assert.h>
#include <unistd.h>
#include <pthread.h>
#include <sys/prctl.h>
@@ -19,23 +20,27 @@ static void update_session_stat(struct session *sess, struct packet *pkt)
{
enum session_stat stat_pkt;
enum session_stat stat_byte;
enum session_direction dir = session_get_current_direction(sess);
enum flow_direction dir = session_get_flow_direction(sess);
int is_ctrl = packet_is_ctrl(pkt);
if (packet_need_drop(pkt))
switch (packet_get_action(pkt))
{
case PACKET_ACTION_DROP:
stat_pkt = is_ctrl ? STAT_CTRL_PKTS_DROP : STAT_RAW_PKTS_DROP;
stat_byte = is_ctrl ? STAT_CTRL_BYTES_DROP : STAT_RAW_BYTES_DROP;
}
else
{
break;
case PACKET_ACTION_FORWARD:
break;
stat_pkt = is_ctrl ? STAT_CTRL_PKTS_TX : STAT_RAW_PKTS_TX;
stat_byte = is_ctrl ? STAT_CTRL_BYTES_TX : STAT_RAW_BYTES_TX;
default:
assert(0);
break;
}
session_inc_stat(sess, dir, stat_pkt, 1);
session_inc_stat(sess, dir, stat_byte, packet_get_len(pkt));
session_set_current_packet(sess, NULL);
session_set_current_direction(sess, SESSION_DIRECTION_NONE);
session_set_flow_direction(sess, FLOW_DIRECTION_NONE);
}
}
@@ -167,11 +172,15 @@ static void *work_thread(void *arg)
goto fast_path;
}
}
if (packet_get_session_id(pkt) == 0)
{
packet_set_session_id(pkt, session_get_id(sess));
}
plugin_manager_dispatch_session(plug_mgr, sess, pkt);
fast_path:
update_session_stat(sess, pkt);
if (packet_need_drop(pkt))
if (packet_get_action(pkt) == PACKET_ACTION_DROP)
{
if (pkt == defraged_pkt)
{

35
src/stellar/test/gtest_inject_packet.cpp
View File

@@ -5,6 +5,7 @@
#include <string.h>
#include <signal.h>
#include <stdlib.h>
#include <netinet/tcp.h>
#include "config.h"
#include "timestamp.h"
@@ -15,7 +16,7 @@
#define GMOCK_PLUGIN_MANAGER_LOG_ERROR(format, ...) LOG_ERROR("gmock plugin manager", format, ##__VA_ARGS__)
#define GMOCK_PLUGIN_MANAGER_LOG_DEBUG(format, ...) LOG_DEBUG("gomck plugin manager", format, ##__VA_ARGS__)
static void inject_tcp_rst_condtion(struct session *sess, uint16_t thr_idx)
static void inject_tcp_rst(struct session *sess)
{
uint64_t session_num = sess->mgr_stat->total_nr_tcp_sess_used;
@@ -23,46 +24,46 @@ static void inject_tcp_rst_condtion(struct session *sess, uint16_t thr_idx)
{
case 1:
// recv SYN packet
if (session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 && session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 0)
if (session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 && session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 0)
{
EXPECT_TRUE(stellar_inject_tcp_rst(sess, SESSION_DIRECTION_C2S, thr_idx) == 0);
EXPECT_TRUE(stellar_inject_tcp_rst(sess, SESSION_DIRECTION_S2C, thr_idx) == -1);
EXPECT_TRUE(stellar_inject_tcp_flags(sess, FLOW_DIRECTION_C2S, TH_RST | TH_ACK) == 0);
EXPECT_TRUE(stellar_inject_tcp_flags(sess, FLOW_DIRECTION_S2C, TH_RST | TH_ACK) == -1);
GMOCK_PLUGIN_MANAGER_LOG_DEBUG("=> inject TCP RST for session %u %s on recv SYN packet", session_get_id(sess), session_get_tuple_str(sess));
}
break;
case 2:
// recv SYN-ACK packet
if (session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 && session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1)
if (session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 && session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1)
{
EXPECT_TRUE(stellar_inject_tcp_rst(sess, SESSION_DIRECTION_C2S, thr_idx) == 0);
EXPECT_TRUE(stellar_inject_tcp_rst(sess, SESSION_DIRECTION_S2C, thr_idx) == 0);
EXPECT_TRUE(stellar_inject_tcp_flags(sess, FLOW_DIRECTION_C2S, TH_RST | TH_ACK) == 0);
EXPECT_TRUE(stellar_inject_tcp_flags(sess, FLOW_DIRECTION_S2C, TH_RST | TH_ACK) == 0);
GMOCK_PLUGIN_MANAGER_LOG_DEBUG("=> inject TCP RST for session %u %s on recv SYN-ACK packet", session_get_id(sess), session_get_tuple_str(sess));
}
break;
case 3:
// recv sub-ACK packet
if (session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 2 && session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1)
if (session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 2 && session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1)
{
EXPECT_TRUE(stellar_inject_tcp_rst(sess, SESSION_DIRECTION_C2S, thr_idx) == 0);
EXPECT_TRUE(stellar_inject_tcp_rst(sess, SESSION_DIRECTION_S2C, thr_idx) == 0);
EXPECT_TRUE(stellar_inject_tcp_flags(sess, FLOW_DIRECTION_C2S, TH_RST | TH_ACK) == 0);
EXPECT_TRUE(stellar_inject_tcp_flags(sess, FLOW_DIRECTION_S2C, TH_RST | TH_ACK) == 0);
GMOCK_PLUGIN_MANAGER_LOG_DEBUG("=> inject TCP RST for session %u %s on recv sub-ACK packet", session_get_id(sess), session_get_tuple_str(sess));
}
break;
case 4:
// recv C2S Payload
if (session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_INJ_PKTS_SUSS) == 0 && session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_TCP_SEGS_RX) == 1)
if (session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_INJ_PKTS_SUSS) == 0 && session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_TCP_SEGS_RX) == 1)
{
EXPECT_TRUE(stellar_inject_tcp_rst(sess, SESSION_DIRECTION_C2S, thr_idx) == 0);
EXPECT_TRUE(stellar_inject_tcp_rst(sess, SESSION_DIRECTION_S2C, thr_idx) == 0);
EXPECT_TRUE(stellar_inject_tcp_flags(sess, FLOW_DIRECTION_C2S, TH_RST | TH_ACK) == 0);
EXPECT_TRUE(stellar_inject_tcp_flags(sess, FLOW_DIRECTION_S2C, TH_RST | TH_ACK) == 0);
GMOCK_PLUGIN_MANAGER_LOG_DEBUG("=> inject TCP RST for session %u %s on recv C2S first payload packet", session_get_id(sess), session_get_tuple_str(sess));
}
break;
case 5:
// recv S2C Payload
if (session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_INJ_PKTS_SUSS) == 0 && session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_TCP_SEGS_RX) == 1)
if (session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_INJ_PKTS_SUSS) == 0 && session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_TCP_SEGS_RX) == 1)
{
EXPECT_TRUE(stellar_inject_tcp_rst(sess, SESSION_DIRECTION_C2S, thr_idx) == 0);
EXPECT_TRUE(stellar_inject_tcp_rst(sess, SESSION_DIRECTION_S2C, thr_idx) == 0);
EXPECT_TRUE(stellar_inject_tcp_flags(sess, FLOW_DIRECTION_C2S, TH_RST | TH_ACK) == 0);
EXPECT_TRUE(stellar_inject_tcp_flags(sess, FLOW_DIRECTION_S2C, TH_RST | TH_ACK) == 0);
GMOCK_PLUGIN_MANAGER_LOG_DEBUG("=> inject TCP RST for session %u %s on recv S2C first payload packet", session_get_id(sess), session_get_tuple_str(sess));
}
break;
@@ -123,7 +124,7 @@ void plugin_manager_dispatch_session(struct plugin_manager *mgr, struct session
{
session_free_tcp_segment(sess, seg);
}
inject_tcp_rst_condtion(sess, thr_idx);
inject_tcp_rst(sess);
break;
case SESSION_TYPE_UDP:
break;