2020-07-07 19:39:28 +02:00
|
|
|
import asyncdispatch
|
2020-07-11 14:45:18 +02:00
|
|
|
from nativesockets import
|
|
|
|
|
AF_INET,
|
|
|
|
|
IPPROTO_IP,
|
|
|
|
|
IPPROTO_TCP,
|
|
|
|
|
SOCK_RAW,
|
|
|
|
|
bindAddr,
|
|
|
|
|
htons,
|
|
|
|
|
setSockOptInt
|
2020-07-07 19:39:28 +02:00
|
|
|
from posix import setsockopt, SockAddr, SockLen, SocketHandle
|
|
|
|
|
import network_interface
|
|
|
|
|
|
|
|
|
|
type
|
|
|
|
|
RawSocketError* = object of CatchableError
|
|
|
|
|
|
|
|
|
|
Sockaddr_ll {.importc: "struct sockaddr_ll", pure, final,
|
|
|
|
|
header: "<linux/if_packet.h>".} = object
|
|
|
|
|
sll_family: cushort # Always AF_PACKET
|
|
|
|
|
sll_protocol: cushort # Physical-layer protocol
|
|
|
|
|
sll_ifindex: cint # Interface number
|
|
|
|
|
sll_hatype: cushort # ARP hardware type
|
|
|
|
|
sll_pkttype: cuchar # Packet type
|
|
|
|
|
sll_halen: cuchar # Length of address
|
|
|
|
|
sll_addr: array[8, cuchar] # Physical-layer address
|
|
|
|
|
|
|
|
|
|
Packet_mreq {.importc: "struct packet_mreq", pure, final,
|
|
|
|
|
header: "<linux/if_packet.h>".} = object
|
|
|
|
|
mr_ifindex: cint
|
|
|
|
|
mr_type: cushort
|
|
|
|
|
mr_alen: cushort
|
|
|
|
|
mr_address: array[8, cuchar]
|
|
|
|
|
|
|
|
|
|
var
|
|
|
|
|
AF_PACKET {.importc: "AF_PACKET", header: "<sys/socket.h>".}: cushort
|
|
|
|
|
SOL_PACKET {.importc: "SOL_PACKET", header: "<sys/socket.h>".}: cushort
|
|
|
|
|
ETH_P_ALL {.importc: "ETH_P_ALL", header: "<linux/if_ether.h>".}: cushort
|
2020-07-11 14:45:18 +02:00
|
|
|
IP_HDRINCL {.importc: "IP_HDRINCL", header: "<netinet/in.h>".}: cint
|
2020-07-07 19:39:28 +02:00
|
|
|
PACKET_ADD_MEMBERSHIP {.importc: "PACKET_ADD_MEMBERSHIP", header: "<linux/if_packet.h>".}: cushort
|
|
|
|
|
PACKET_MR_PROMISC {.importc: "PACKET_MR_PROMISC", header: "<linux/if_packet.h>".}: cushort
|
|
|
|
|
|
2020-07-09 21:10:25 +02:00
|
|
|
proc setupEthernetCapturingSocket*(iface: NetworkInterface): AsyncFD =
|
2020-07-07 19:39:28 +02:00
|
|
|
# Create a raw packet socket. For accessing outgoing packets we need to use
|
|
|
|
|
# ETH_P_ALL which is needed in network byte order, see packet(7) man page.
|
|
|
|
|
result = createAsyncNativeSocket(AF_PACKET.cint,
|
|
|
|
|
SOCK_RAW.cint,
|
|
|
|
|
htons(ETH_P_ALL).cint)
|
|
|
|
|
|
|
|
|
|
# Limit capturing of packets to the desired network interface, see
|
|
|
|
|
# netdevice(7) man page
|
|
|
|
|
echo "interface: ", iface.name, ", index: ", iface.index
|
|
|
|
|
var sa = Sockaddr_ll(sll_family: AF_PACKET,
|
|
|
|
|
sll_protocol: htons(ETH_P_ALL),
|
|
|
|
|
sll_ifindex: iface.index)
|
|
|
|
|
if bindAddr(result.SocketHandle,
|
|
|
|
|
cast[ptr SockAddr](addr sa),
|
|
|
|
|
sizeof(Sockaddr_ll).SockLen) != 0:
|
|
|
|
|
raise newException(RawSocketError, "cannot bind to interface")
|
|
|
|
|
|
|
|
|
|
# Enable promiscuous mode, see netdevice(7) man page
|
|
|
|
|
var req = Packet_mreq(mr_ifindex: iface.index, mr_type: PACKET_MR_PROMISC)
|
|
|
|
|
if setsockopt(result.SocketHandle,
|
|
|
|
|
SOL_PACKET.cint,
|
|
|
|
|
PACKET_ADD_MEMBERSHIP.cint,
|
|
|
|
|
addr req,
|
|
|
|
|
sizeof(req).SockLen) != 0:
|
|
|
|
|
raise newException(RawSocketError, "cannot enable promiscuous mode")
|
|
|
|
|
|
2020-07-11 14:45:18 +02:00
|
|
|
proc setupTcpInjectingSocket*(): AsyncFD =
|
|
|
|
|
# FIXME: would bindAddr be beneficial?
|
|
|
|
|
result = createAsyncNativeSocket(AF_INET.cint, SOCK_RAW.cint,
|
|
|
|
|
IPPROTO_TCP.cint)
|
2020-07-07 19:39:28 +02:00
|
|
|
|
2020-07-11 14:45:18 +02:00
|
|
|
# Tell the kernel to not generate an IP header, as we generate it ourselves,
|
|
|
|
|
# see raw(7) man page.
|
|
|
|
|
setSockOptInt(result.SocketHandle, IPPROTO_IP.int, IP_HDRINCL, 1)
|
