From 33d96331fe5e00fe86404581d7d766954347b78b Mon Sep 17 00:00:00 2001 From: wangyu- Date: Fri, 15 Jun 2018 11:47:57 -0500 Subject: [PATCH] implement dummy socket --- main.cpp | 68 +++++++++++++++++++++++++++++++++++++++++++++-------- misc.cpp | 6 +++++ misc.h | 2 +- network.cpp | 6 ++--- network.h | 1 + 5 files changed, 69 insertions(+), 14 deletions(-) diff --git a/main.cpp b/main.cpp index 8a6f149..a83337e 100755 --- a/main.cpp +++ b/main.cpp @@ -20,6 +20,8 @@ int use_udp_for_detection=0; int use_tcp_for_detection=1; + + int client_on_timer(conn_info_t &conn_info) //for client. called when a timer is ready in epoll { packet_info_t &send_info=conn_info.raw_info.send_info; @@ -138,13 +140,15 @@ int client_on_timer(conn_info_t &conn_info) //for client. called when a timer is if (source_port == 0) { - send_info.src_port = client_bind_to_a_new_port(bind_fd,local_ip_uint32); + send_info.src_port = client_bind_to_a_new_port(bind_fd,0); } else { send_info.src_port = source_port; + assert(try_to_list_and_bind(bind_fd,0,source_port)==0); } + if (raw_mode == mode_icmp) { send_info.dst_port = send_info.src_port; @@ -161,8 +165,30 @@ int client_on_timer(conn_info_t &conn_info) //for client. called when a timer is } if(raw_mode==mode_faketcp) { - conn_info.state.client_current_state=client_tcp_handshake; - mylog(log_info,"state changed from client_idle to client_tcp_handshake\n"); + if(use_tcp_dummy_socket) + { + + struct sockaddr_in remote_addr_in={0}; + socklen_t slen = sizeof(sockaddr_in); + //memset(&remote_addr_in, 0, sizeof(remote_addr_in)); + remote_addr_in.sin_family = AF_INET; + remote_addr_in.sin_port = htons(remote_port); + remote_addr_in.sin_addr.s_addr = remote_ip_uint32; + + //int new_tcp_fd=socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); + + setnonblocking(bind_fd); + int ret=connect(bind_fd,(struct sockaddr *)&remote_addr_in,sizeof(remote_addr_in)); + mylog(log_info,"ret=%d,errno=%s,%d %d\n",ret,strerror(errno),bind_fd,remote_port); + conn_info.state.client_current_state=client_tcp_handshake_dummy; + mylog(log_info,"state changed from client_idle to client_tcp_handshake_dummy\n"); + } + else + { + + conn_info.state.client_current_state=client_tcp_handshake; + mylog(log_info,"state changed from client_idle to client_tcp_handshake\n"); + } } conn_info.last_state_time=get_current_time(); @@ -207,6 +233,17 @@ int client_on_timer(conn_info_t &conn_info) //for client. called when a timer is } return 0; } + else if(conn_info.state.client_current_state==client_tcp_handshake_dummy) + { + assert(raw_mode==mode_faketcp); + if (get_current_time() - conn_info.last_state_time > client_handshake_timeout) + { + conn_info.state.client_current_state = client_idle; + mylog(log_info, "state back to client_idle from client_tcp_handshake_dummy\n"); + return 0; + + } + } else if(conn_info.state.client_current_state==client_handshake1)//send and resend handshake1 { if(get_current_time()-conn_info.last_state_time>client_handshake_timeout) @@ -232,7 +269,9 @@ int client_on_timer(conn_info_t &conn_info) //for client. called when a timer is send_info.psh = 0; send_info.syn = 0; send_info.ack = 1; - send_raw0(raw_info, 0, 0); + + if(!use_tcp_dummy_socket) + send_raw0(raw_info, 0, 0); send_handshake(raw_info,conn_info.my_id,0,const_id); @@ -359,7 +398,7 @@ int client_on_raw_recv(conn_info_t &conn_info) //called when raw fd received a p //my_queue.pop_front(); //pthread_mutex_unlock(&queue_mutex); } - else if(conn_info.state.client_current_state==client_tcp_handshake)//received syn ack + else if(conn_info.state.client_current_state==client_tcp_handshake||conn_info.state.client_current_state==client_tcp_handshake_dummy)//received syn ack { assert(raw_mode==mode_faketcp); if(recv_raw0(raw_info,data,data_len)<0) @@ -373,14 +412,23 @@ int client_on_raw_recv(conn_info_t &conn_info) //called when raw fd received a p } if(data_len==0&&raw_info.recv_info.syn==1&&raw_info.recv_info.ack==1) { - if(recv_info.ack_seq!=send_info.seq+1) + if(conn_info.state.client_current_state==client_tcp_handshake) { - mylog(log_debug,"seq ack_seq mis match\n"); - return -1; + if(recv_info.ack_seq!=send_info.seq+1) + { + mylog(log_debug,"seq ack_seq mis match\n"); + return -1; + } + mylog(log_info,"state changed from client_tcp_handshake to client_handshake1\n"); + } + else + { + send_info.seq=recv_info.ack_seq-1; + mylog(log_info,"state changed from client_tcp_dummy to client_handshake1\n"); + //send_info.ack_seq=recv_info.seq+1; } - conn_info.state.client_current_state = client_handshake1; - mylog(log_info,"state changed from client_tcp_handshake to client_handshake1\n"); + conn_info.last_state_time = get_current_time(); conn_info.last_hb_sent_time=0; client_on_timer(conn_info); diff --git a/misc.cpp b/misc.cpp index 1b92554..2a45857 100644 --- a/misc.cpp +++ b/misc.cpp @@ -285,6 +285,7 @@ void process_arg(int argc, char *argv[]) //process all options {"dev", required_argument, 0, 1}, {"dns-resolve", no_argument, 0, 1}, {"pcap-send", no_argument, 0, 1}, + {"easy-tcp", no_argument, 0, 1}, {NULL, 0, 0, 0} }; @@ -681,6 +682,11 @@ void process_arg(int argc, char *argv[]) //process all options send_with_pcap=1; mylog(log_info,"--pcap-send enabled, now pcap will be used for sending packet instead of libnet\n"); } + else if(strcmp(long_options[option_index].name,"easy-tcp")==0) + { + use_tcp_dummy_socket=1; + mylog(log_info,"--easy-tcp enabled, now a dummy tcp socket will be created for handshake and block rst\n"); + } else { mylog(log_warn,"ignored unknown long option ,option_index:%d code:<%x>\n",option_index, optopt); diff --git a/misc.h b/misc.h index 5c5555b..19bcde4 100644 --- a/misc.h +++ b/misc.h @@ -62,7 +62,7 @@ const uint32_t server_conn_timeout=conv_timeout+60000;//ms. this should be 60s+ const u32_t iptables_rule_keep_interval=20;//unit: second; enum server_current_state_t {server_idle=0,server_handshake1,server_ready}; //server state machine -enum client_current_state_t {client_idle=0,client_tcp_handshake,client_handshake1,client_handshake2,client_ready};//client state machine +enum client_current_state_t {client_idle=0,client_tcp_handshake,client_handshake1,client_handshake2,client_ready,client_tcp_handshake_dummy};//client state machine enum raw_mode_t{mode_faketcp=0,mode_udp,mode_icmp,mode_end}; enum program_mode_t {unset_mode=0,client_mode,server_mode}; diff --git a/network.cpp b/network.cpp index b1d8614..ce5ec43 100644 --- a/network.cpp +++ b/network.cpp @@ -67,6 +67,7 @@ int send_with_pcap=0; int pcap_header_captured=0; int pcap_header_buf[buf_len]; +int use_tcp_dummy_socket=0; /* struct sock_filter code_tcp_old[] = { { 0x28, 0, 0, 0x0000000c },//0 @@ -2138,7 +2139,7 @@ int try_to_list_and_bind(int &fd,u32_t local_ip_uint32,int port) //try to bind if(raw_mode==mode_faketcp) { - fd=socket(AF_INET,SOCK_STREAM,0); + fd=socket(AF_INET,SOCK_STREAM,IPPROTO_TCP); } else if(raw_mode==mode_udp||raw_mode==mode_icmp) { @@ -2161,9 +2162,8 @@ int try_to_list_and_bind(int &fd,u32_t local_ip_uint32,int port) //try to bind mylog(log_debug,"bind fail\n"); return -1; } - if(raw_mode==mode_faketcp) + if(raw_mode==mode_faketcp &&!use_tcp_dummy_socket) { - if (listen(fd, SOMAXCONN) != 0) { mylog(log_warn,"listen fail\n"); return -1; diff --git a/network.h b/network.h index 0ca75e1..af25750 100644 --- a/network.h +++ b/network.h @@ -45,6 +45,7 @@ extern int send_with_pcap; extern int pcap_header_captured; extern int pcap_header_buf[buf_len]; +extern int use_tcp_dummy_socket; struct icmphdr { uint8_t type;