christian
/
punchd
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

close raw sockets too

This commit is contained in:
Christian Ulrich 2020-10-06 23:50:13 +02:00
parent 1f16800b73
commit 99658cb49c
No known key found for this signature in database
GPG Key ID: 8241BE099775A097
1 changed files with 23 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
tcp_syni.nim
View File

@ -95,6 +95,7 @@ proc injectTcpPacket(rawFd: AsyncFD, ipPacket: IpPacket) {.async.} =
proc captureSeqNumbers(attempt: ConnectAttempt, rawFd: AsyncFD, proc captureSeqNumbers(attempt: ConnectAttempt, rawFd: AsyncFD,
cb: PunchProgressCb) {.async.} = cb: PunchProgressCb) {.async.} =
# FIXME: timeout? # FIXME: timeout?
# FIXME: create raw socket here
var seqNums = newSeq[uint32]() var seqNums = newSeq[uint32]()
while seqNums.len < attempt.dstPorts.len: while seqNums.len < attempt.dstPorts.len:
let packet = await rawFd.recv(4000) let packet = await rawFd.recv(4000)
@ -110,26 +111,31 @@ proc captureSeqNumbers(attempt: ConnectAttempt, rawFd: AsyncFD,
if parsed.tcpPortDst.int == port.int: if parsed.tcpPortDst.int == port.int:
seqNums.add(parsed.tcpSeqNumber) seqNums.add(parsed.tcpSeqNumber)
break break
closeSocket(rawFd)
await cb(seqNums) await cb(seqNums)
proc captureAndResendAck(attempt: ConnectAttempt, captureFd: AsyncFD, proc captureAndResendAck(attempt: ConnectAttempt, captureFd: AsyncFD,
injectFd: AsyncFD) {.async.} = injectFd: AsyncFD) {.async.} =
while true: # FIXME: create raw socket here
let packet = await captureFd.recv(4000) block loops:
if packet == "": while true:
break let packet = await captureFd.recv(4000)
var parsed = parseEthernetPacket(packet) if packet == "":
if parsed.protocol == tcp and break
parsed.ipAddrSrc == attempt.srcIp and var parsed = parseEthernetPacket(packet)
parsed.tcpPortSrc.int == attempt.srcPort.int and if parsed.protocol == tcp and
parsed.ipAddrDst == attempt.dstIp and parsed.ipAddrSrc == attempt.srcIp and
parsed.tcpFlags == {ACK}: parsed.tcpPortSrc.int == attempt.srcPort.int and
for port in attempt.dstPorts: parsed.ipAddrDst == attempt.dstIp and
if parsed.tcpPortDst.int == port.int: parsed.tcpFlags == {ACK}:
parsed.ipTTL = 64 for port in attempt.dstPorts:
echo &"[{parsed.ipAddrSrc}:{parsed.tcpPortSrc.int} -> {parsed.ipAddrDst}:{parsed.tcpPortDst}, SEQ {parsed.tcpSeqNumber}] resending ACK with TTL {parsed.ipTTL}" if parsed.tcpPortDst.int == port.int:
await injectFd.injectTcpPacket(parsed) parsed.ipTTL = 64
return echo &"[{parsed.ipAddrSrc}:{parsed.tcpPortSrc.int} -> {parsed.ipAddrDst}:{parsed.tcpPortDst}, SEQ {parsed.tcpSeqNumber}] resending ACK with TTL {parsed.ipTTL}"
await injectFd.injectTcpPacket(parsed)
break loops
closeSocket(captureFd)
closeSocket(injectFd)
proc initPuncher*(): TcpSyniPuncher = TcpSyniPuncher() proc initPuncher*(): TcpSyniPuncher = TcpSyniPuncher()
@ -291,6 +297,7 @@ proc accept*(puncher: TcpSyniPuncher, srcPort: Port, dstIp: IpAddress,
tcpFlags: {SYN}, tcpWindowSize: 1452 * 10) tcpFlags: {SYN}, tcpWindowSize: 1452 * 10)
echo &"[{ipPacket.ipAddrSrc}:{ipPacket.tcpPortSrc} -> {ipPacket.ipAddrDst}:{ipPacket.tcpPortDst}, SEQ {ipPacket.tcpSeqNumber}] injecting SYN" echo &"[{ipPacket.ipAddrSrc}:{ipPacket.tcpPortSrc} -> {ipPacket.ipAddrDst}:{ipPacket.tcpPortDst}, SEQ {ipPacket.tcpSeqNumber}] injecting SYN"
asyncCheck rawFd.injectTcpPacket(ipPacket) asyncCheck rawFd.injectTcpPacket(ipPacket)
closeSocket(rawFd)
await attempt.future or sleepAsync(Timeout) await attempt.future or sleepAsync(Timeout)
await attempt.deleteFirewallRules() await attempt.deleteFirewallRules()
puncher.acceptAttempts.del(puncher.acceptAttempts.find(attempt)) puncher.acceptAttempts.del(puncher.acceptAttempts.find(attempt))