gfwleak/tango-tsg-master
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TSG-8345,修复协议为mail和ftp没有发送icmp不可达报文

Browse Source 
TSG-8403,修复命中策略tamper后无法阻隔sip报文
This commit is contained in:
yangwenlin
2021-11-10 15:44:51 +08:00
parent 26b007c301
commit 946bd1657c
5 changed files with 22 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/tsg_action.cpp
View File

@@ -734,11 +734,11 @@ static unsigned char do_action_tamper(const struct streaminfo *a_stream, Maat_ru
{ {
_context=(struct tcpall_context *)dictator_malloc(a_stream->threadnum, sizeof(struct tcpall_context)); _context=(struct tcpall_context *)dictator_malloc(a_stream->threadnum, sizeof(struct tcpall_context));
memset(_context, 0, sizeof(struct tcpall_context)); memset(_context, 0, sizeof(struct tcpall_context));
_context->method_type=TSG_METHOD_TYPE_TAMPER;
set_struct_project(a_stream, g_tsg_para.tcpall_project_id, (void *)_context); set_struct_project(a_stream, g_tsg_para.tcpall_project_id, (void *)_context);
_context->method_type=TSG_METHOD_TYPE_TAMPER;
_context->tamper_count = 1;
}else{ }else{
if(_context->method_type == TSG_METHOD_TYPE_UNKNOWN) if(_context->method_type != TSG_METHOD_TYPE_TAMPER)
{ {
_context->method_type=TSG_METHOD_TYPE_TAMPER; _context->method_type=TSG_METHOD_TYPE_TAMPER;
} }

1
src/tsg_entry.cpp
View File

@@ -1738,6 +1738,7 @@ static unsigned char tsg_master_all_entry(const struct streaminfo *a_stream, uns
break; break;
case TSG_METHOD_TYPE_TAMPER: case TSG_METHOD_TYPE_TAMPER:
ret = send_tamper_xxx(a_stream, a_packet); ret = send_tamper_xxx(a_stream, a_packet);
context->tamper_count += 1;
if(ret==STATE_DROPPKT){ if(ret==STATE_DROPPKT){
state|=APP_STATE_GIVEME|APP_STATE_DROPPKT; state|=APP_STATE_GIVEME|APP_STATE_DROPPKT;
}else{ }else{

1
src/tsg_entry.h
View File

@@ -206,6 +206,7 @@ struct tcpall_context
{ {
struct mirrored_vlan *vlan; struct mirrored_vlan *vlan;
struct leaky_bucket *bucket; struct leaky_bucket *bucket;
long tamper_count;
void *para; void *para;
}; };
}; };

14
src/tsg_icmp.cpp
View File

@@ -213,21 +213,15 @@ static void format_icmp(const char *raw_pkt, char *icmp_buf, int *icmp_len, int
unsigned char send_icmp_unreachable(const struct streaminfo *a_stream, const void *raw_pkt) unsigned char send_icmp_unreachable(const struct streaminfo *a_stream, const void *raw_pkt)
{ {
char icmp_buf[ICMP_MAX_LEN]; char icmp_buf[ICMP_MAX_LEN] = {0};
unsigned char raw_route_dir = 0;
int icmp_len = 0; int icmp_len = 0;
if(a_stream == NULL){ if((a_stream==NULL)||(raw_pkt==NULL)){
return STATE_DROPPKT;
}
if((a_stream->curdir==DIR_S2C)||(raw_pkt==NULL)){
return STATE_DROPPKT; return STATE_DROPPKT;
} }
format_icmp((char *)raw_pkt, icmp_buf, &icmp_len, a_stream->addr.addrtype); format_icmp((char *)raw_pkt, icmp_buf, &icmp_len, a_stream->addr.addrtype);
raw_route_dir = (a_stream->curdir==DIR_C2S) ? MESA_dir_reverse(a_stream->routedir) : a_stream->routedir; tsg_send_inject_packet(a_stream, SIO_EXCLUDE_THIS_LAYER_HDR, icmp_buf, icmp_len, MESA_dir_reverse(a_stream->routedir));
return STATE_DROPPKT;
return tsg_send_inject_packet(a_stream, SIO_EXCLUDE_THIS_LAYER_HDR, icmp_buf, icmp_len, raw_route_dir);
} }

29
src/tsg_tamper.cpp
View File

@@ -32,28 +32,17 @@
#define IPV6_UDP_PALYLOAD_START_INDEX 48 //ipv6_len(40) + udp_len(8) #define IPV6_UDP_PALYLOAD_START_INDEX 48 //ipv6_len(40) + udp_len(8)
#define IPV6_IP_PAYLOAD_INDEX 4 //ipv6_payload_index(4) #define IPV6_IP_PAYLOAD_INDEX 4 //ipv6_payload_index(4)
int tamper_calc(char *str, int endlen)
int tamper_calc(const struct streaminfo *a_stream, char *str, int endlen)
{ {
int i = 0; int i = 0;
int j = 0; int j = 0;
char temp; char temp;
int startlen = 0;
int data_len = a_stream->ptcpdetail->datalen; //tcp和udp结构体内容一样取tcp的datalen即可
if(endlen<4){ //最少满足2个16bit的长度即最小4字节。
//判断是否需要偏移一个字节
if(data_len%2!=0){
startlen = 1;
}
//最小交换paythod的第2个字节和第四个字节否则不处理
if ((endlen - startlen) < 4){
return 0; return 0;
} }
//start_len+1 : 因为计算校验和是16bit为单位这里调换16bit的低8bit。 for(i=1; i<endlen; i=i+2){
for(i=startlen+1; i<endlen; i=i+2){
for (j=i+2; j<endlen; j=j+2){ for (j=i+2; j<endlen; j=j+2){
if(str[i] != str[j]){ if(str[i] != str[j]){
temp = str[i]; temp = str[i];
@@ -79,18 +68,20 @@ unsigned char send_tamper_xxx(const struct streaminfo *a_stream, const void *raw
p_trans_payload = (char *)a_stream->ptcpdetail->pdata; p_trans_payload = (char *)a_stream->ptcpdetail->pdata;
trans_layload_len = a_stream->ptcpdetail->datalen; trans_layload_len = a_stream->ptcpdetail->datalen;
if((p_trans_payload==NULL)||(trans_layload_len<=0)){ if((p_trans_payload==NULL)||(trans_layload_len<=4)){
return STATE_GIVEME; return STATE_GIVEME;
} }
memcpy(tamper_buf, p_trans_payload, trans_layload_len); memcpy(tamper_buf, p_trans_payload, trans_layload_len);
ret = tamper_calc(a_stream, tamper_buf, trans_layload_len); ret = tamper_calc(tamper_buf, trans_layload_len);
if(ret > 0){
MESA_handle_runtime_log(g_tsg_para.logger, MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG, RLOG_LV_DEBUG,
__FUNCTION__, __FUNCTION__,
"Modify the index position of the payload: %d", "Modify the index(%d) position of the payload:(old: %x %x %x %x, new: %x %x %x %x)",
ret); ret,
if(ret > 0){ p_trans_payload[ret-1],p_trans_payload[ret],p_trans_payload[ret+1], p_trans_payload[ret+2],
tamper_buf[ret-1], tamper_buf[ret], tamper_buf[ret+1], tamper_buf[ret+2]);
ret=tsg_send_inject_packet(a_stream, SIO_DEFAULT, tamper_buf, trans_layload_len, a_stream->routedir); ret=tsg_send_inject_packet(a_stream, SIO_DEFAULT, tamper_buf, trans_layload_len, a_stream->routedir);
if(ret == 0){ if(ret == 0){
return STATE_DROPPKT; return STATE_DROPPKT;