From ef120ca1002ba800b6c995cf7b970489e241cbae Mon Sep 17 00:00:00 2001 From: Vadim Vetrov Date: Tue, 26 Nov 2024 19:58:55 +0300 Subject: [PATCH] Update logging Add syslog for daemonize. This allows to log not only to the standard output but also in system log --- README.md | 4 ++- args.c | 69 ++++++++++++++++++++++---------------- config.h | 1 + kytunblock.c | 10 +++--- logging.h | 39 +++++++++++++++++----- mangle.c | 50 ++++++++++++++-------------- quic.c | 2 +- tls.c | 6 ++-- utils.c | 28 ++++++++-------- youtubeUnblock.c | 87 ++++++++++++++++++++++++------------------------ 10 files changed, 166 insertions(+), 130 deletions(-) diff --git a/README.md b/README.md index 1d5d525..12b99f7 100644 --- a/README.md +++ b/README.md @@ -241,7 +241,9 @@ Available flags: - `--threads=` Specifies the amount of threads you want to be running for your program. This defaults to **1** and shouldn't be edited for normal use. But if you really want multiple queue instances of youtubeUnblock, note that you should change --queue-num to --queue balance. For example, with 4 threads, use `--queue-balance 537:540` on iptables and `queue num 537-540` on nftables. -- `--daemonize` Daemonizes the youtubeUnblock (forks and detaches it from the shell). Terminate the program with `killall youtubeUnblock`. +- `--daemonize` Daemonizes the youtubeUnblock (forks and detaches it from the shell). Terminate the program with `killall youtubeUnblock`. If you want to track the logs of youtubeUnblock in logread or journalctl, use **--syslog** flag. + +- `--syslog` Redirects logs to the system log. You can read it with `journalctl` or `logread`. - `--noclose` Usable only with `--daemonize`. Will not redirect io streams to /dev/null. diff --git a/args.c b/args.c index 17a73d9..237d83f 100644 --- a/args.c +++ b/args.c @@ -8,6 +8,7 @@ #include #include "types.h" #include "args.h" +#include "logging.h" static char custom_fake_buf[MAX_FAKE_SIZE]; @@ -24,7 +25,8 @@ struct config_t config = { .custom_configs_len = 0, .daemonize = 0, - .noclose = 0 + .noclose = 0, + .syslog = 0, }; #define OPT_SNI_DOMAINS 1 @@ -39,6 +41,7 @@ struct config_t config = { #define OPT_END_SECTION 30 #define OPT_DAEMONIZE 31 #define OPT_NOCLOSE 32 +#define OPT_SYSLOG 33 #define OPT_FRAG 4 #define OPT_FRAG_SNI_REVERSE 12 #define OPT_FRAG_SNI_FAKED 13 @@ -59,7 +62,7 @@ struct config_t config = { #define OPT_NO_GSO 8 #define OPT_QUEUE_NUM 9 -#define OPT_MAX OPT_NOCLOSE +#define OPT_MAX OPT_SYSLOG static struct option long_opt[] = { {"help", 0, 0, 'h'}, @@ -91,6 +94,7 @@ static struct option long_opt[] = { {"no-ipv6", 0, 0, OPT_NO_IPV6}, {"daemonize", 0, 0, OPT_DAEMONIZE}, {"noclose", 0, 0, OPT_NOCLOSE}, + {"syslog", 0, 0, OPT_SYSLOG}, {"queue-num", 1, 0, OPT_QUEUE_NUM}, {"packet-mark", 1, 0, OPT_PACKET_MARK}, {"fbegin", 0, 0, OPT_START_SECTION}, @@ -161,6 +165,7 @@ void print_usage(const char *argv0) { printf("\t--no-ipv6\n"); printf("\t--daemonize\n"); printf("\t--noclose\n"); + printf("\t--syslog\n"); printf("\t--fbegin\n"); printf("\t--fend\n"); printf("\n"); @@ -217,6 +222,9 @@ int parse_args(int argc, char *argv[]) { case OPT_NOCLOSE: config.noclose = 1; break; + case OPT_SYSLOG: + config.syslog = 1; + break; case OPT_THREADS: if (section_iter != SECT_ITER_DEFAULT) goto invalid_opt; @@ -486,96 +494,99 @@ error: } void print_welcome() { + if (config.syslog) { + printf("Logging to system log\n"); + } if (config.use_gso) { - printf("GSO is enabled\n"); + lginfo("GSO is enabled\n"); } if (config.use_ipv6) { - printf("IPv6 is enabled\n"); + lginfo("IPv6 is enabled\n"); } else { - printf("IPv6 is disabled\n"); + lginfo("IPv6 is disabled\n"); } - printf("Detected %d config sections\n", config.custom_configs_len + 1); - printf("The sections will be processed in order they goes in this output\n"); + lginfo("Detected %d config sections\n", config.custom_configs_len + 1); + lginfo("The sections will be processed in order they goes in this output\n"); ITER_CONFIG_SECTIONS(section) { int section_number = CONFIG_SECTION_NUMBER(section); - printf("Section #%d\n", section_number); + lginfo("Section #%d\n", section_number); switch (section->fragmentation_strategy) { case FRAG_STRAT_TCP: - printf("Using TCP segmentation\n"); + lginfo("Using TCP segmentation\n"); break; case FRAG_STRAT_IP: - printf("Using IP fragmentation\n"); + lginfo("Using IP fragmentation\n"); break; default: - printf("SNI fragmentation is disabled\n"); + lginfo("SNI fragmentation is disabled\n"); break; } if (section->seg2_delay) { - printf("Some outgoing googlevideo request segments will be delayed for %d ms as of seg2_delay define\n", section->seg2_delay); + lginfo("Some outgoing googlevideo request segments will be delayed for %d ms as of seg2_delay define\n", section->seg2_delay); } if (section->fake_sni) { - printf("Fake SNI will be sent before each target client hello\n"); + lginfo("Fake SNI will be sent before each target client hello\n"); } else { - printf("Fake SNI is disabled\n"); + lginfo("Fake SNI is disabled\n"); } if (section->frag_sni_reverse) { - printf("Fragmentation Client Hello will be reversed\n"); + lginfo("Fragmentation Client Hello will be reversed\n"); } if (section->frag_sni_faked) { - printf("Fooling packets will be sent near the original Client Hello\n"); + lginfo("Fooling packets will be sent near the original Client Hello\n"); } if (section->fake_sni_seq_len > 1) { - printf("Faking sequence of length %d will be built as fake sni\n", section->fake_sni_seq_len); + lginfo("Faking sequence of length %d will be built as fake sni\n", section->fake_sni_seq_len); } switch (section->faking_strategy) { case FAKE_STRAT_TTL: - printf("TTL faking strategy will be used with TTL %d\n", section->faking_ttl); + lginfo("TTL faking strategy will be used with TTL %d\n", section->faking_ttl); break; case FAKE_STRAT_RAND_SEQ: - printf("Random seq faking strategy will be used\n"); - printf("Fake seq offset set to %u\n", section->fakeseq_offset); + lginfo("Random seq faking strategy will be used\n"); + lginfo("Fake seq offset set to %u\n", section->fakeseq_offset); break; case FAKE_STRAT_TCP_CHECK: - printf("TCP checksum faking strategy will be used\n"); + lginfo("TCP checksum faking strategy will be used\n"); break; case FAKE_STRAT_PAST_SEQ: - printf("Past seq faking strategy will be used\n"); + lginfo("Past seq faking strategy will be used\n"); break; case FAKE_STRAT_TCP_MD5SUM: - printf("md5sum faking strategy will be used\n"); + lginfo("md5sum faking strategy will be used\n"); break; } if (section->fk_winsize) { - printf("Response TCP window will be set to %d with the appropriate scale\n", section->fk_winsize); + lginfo("Response TCP window will be set to %d with the appropriate scale\n", section->fk_winsize); } if (section->synfake) { - printf("Fake SYN payload will be sent with each TCP request SYN packet\n"); + lginfo("Fake SYN payload will be sent with each TCP request SYN packet\n"); } if (section->quic_drop) { - printf("All QUIC packets will be dropped\n"); + lginfo("All QUIC packets will be dropped\n"); } if (section->sni_detection == SNI_DETECTION_BRUTE) { - printf("Server Name Extension will be parsed in the bruteforce mode\n"); + lginfo("Server Name Extension will be parsed in the bruteforce mode\n"); } if (section->all_domains) { - printf("All Client Hello will be targeted by youtubeUnblock!\n"); + lginfo("All Client Hello will be targeted by youtubeUnblock!\n"); } else { - printf("Target sni domains: %s\n", section->domains_str); + lginfo("Target sni domains: %s\n", section->domains_str); } } } diff --git a/config.h b/config.h index b209f93..02c4969 100644 --- a/config.h +++ b/config.h @@ -77,6 +77,7 @@ struct config_t { int daemonize; // Same as daemon() noclose int noclose; + int syslog; #define VERBOSE_INFO 0 #define VERBOSE_DEBUG 1 diff --git a/kytunblock.c b/kytunblock.c index c5c3591..0deeb6e 100644 --- a/kytunblock.c +++ b/kytunblock.c @@ -162,12 +162,12 @@ static int send_raw_socket(const uint8_t *pkt, uint32_t pktlen) { NETBUF_ALLOC(buff1, MAX_PACKET_SIZE); if (!NETBUF_CHECK(buff1)) { - lgerror("Allocation error", -ENOMEM); + lgerror(-ENOMEM, "Allocation error"); return -ENOMEM; } NETBUF_ALLOC(buff2, MAX_PACKET_SIZE); if (!NETBUF_CHECK(buff2)) { - lgerror("Allocation error", -ENOMEM); + lgerror(-ENOMEM, "Allocation error"); NETBUF_FREE(buff2); return -ENOMEM; } @@ -309,7 +309,7 @@ static NF_CALLBACK(ykb_nf_hook, skb) { ret = skb_linearize(skb); if (ret < 0) { - lgerror("Cannot linearize", ret); + lgerror(ret, "Cannot linearize"); goto accept; } @@ -360,7 +360,7 @@ static int __init ykb_init(void) { for_each_net(n) { ret = nf_register_net_hook(n, &ykb6_nf_reg); if (ret < 0) - lgerror("bad rat",ret); + lgerror(ret, "bad rat"); } #else nf_register_hook(&ykb6_nf_reg); @@ -374,7 +374,7 @@ static int __init ykb_init(void) { for_each_net(n) { ret = nf_register_net_hook(n, &ykb_nf_reg); if (ret < 0) - lgerror("bad rat",ret); + lgerror(ret, "bad rat"); } #else nf_register_hook(&ykb_nf_reg); diff --git a/logging.h b/logging.h index bf6676d..f278725 100644 --- a/logging.h +++ b/logging.h @@ -3,42 +3,65 @@ #include "config.h" #define LOG_LEVEL (config.verbose) +#define USE_SYSLOG (config.syslog) #ifdef KERNEL_SPACE #include #include #define printf pr_info #define perror pr_err -#define lgerror(msg, ret, ...) __extension__ ({ \ + +#define log_message(level, msg, ...) \ +(printf(msg, ##__VA_ARGS__)) + +#define lgerror(ret, msg, ...) __extension__ ({ \ pr_err(msg ": %d\n", ##__VA_ARGS__, ret); \ }) #else #include // IWYU pragma: export #include -#define lgerror(msg, ret, ...) __extension__ ({ \ +#include + +#define log_message(level, msg, ...) \ +(config.syslog ? (void)(syslog((level), msg, ##__VA_ARGS__)) : (void)(printf(msg, ##__VA_ARGS__))) + +#define lgerror(ret, msg, ...) __extension__ ({ \ errno = -(ret); \ - printf(msg ": %s\n", ##__VA_ARGS__, strerror(errno)); \ + log_message(LOG_ERR, msg ": %s\n", ##__VA_ARGS__, strerror(errno)); \ }) #endif /* PROGRAM_SPACE */ +#define lgerr(msg, ...) \ +(log_message(LOG_ERR, msg, ##__VA_ARGS__)) + +#define lgwarning(msg, ...) \ +(log_message(LOG_WARN, msg, ##__VA_ARGS__)) + + +#define lginfo(msg, ...) \ +(log_message(LOG_INFO, msg, ##__VA_ARGS__)) + +#define print_message(...) \ +(lginfo(__VA_ARGS__)) + #define lgdebug(msg, ...) \ -(LOG_LEVEL >= VERBOSE_DEBUG ? printf(msg, ##__VA_ARGS__) : 0) +(LOG_LEVEL >= VERBOSE_DEBUG ? log_message(LOG_INFO, msg, ##__VA_ARGS__) : (void)0) #define lgdebugmsg(msg, ...) lgdebug(msg "\n", ##__VA_ARGS__) #define lgtrace(msg, ...) \ -(LOG_LEVEL >= VERBOSE_TRACE ? printf(msg, ##__VA_ARGS__) : 0) +(LOG_LEVEL >= VERBOSE_TRACE ? log_message(LOG_INFO, msg, ##__VA_ARGS__) : (void)0) #define lgtracemsg(msg, ...) lgtrace(msg "\n", __VA_ARGS__) #define lgtrace_start(msg, ...) \ -(LOG_LEVEL >= VERBOSE_TRACE ? printf("[TRACE] " msg " ( ", ##__VA_ARGS__) : 0) +(LOG_LEVEL >= VERBOSE_TRACE ? log_message(LOG_INFO, "[TRACE] " msg " ( ", ##__VA_ARGS__) : (void)0) #define lgtrace_addp(msg, ...) \ -(LOG_LEVEL >= VERBOSE_TRACE ? printf(msg", ", ##__VA_ARGS__) : 0) +(LOG_LEVEL >= VERBOSE_TRACE ? log_message(LOG_INFO, msg", ", ##__VA_ARGS__) : (void)0) #define lgtrace_end() \ -(LOG_LEVEL >= VERBOSE_TRACE ? printf(") \n") : 0) +(LOG_LEVEL >= VERBOSE_TRACE ? log_message(LOG_INFO, ") \n") : (void)0) #endif /* LOGGING_H */ diff --git a/mangle.c b/mangle.c index ca3b65b..7c36b9f 100644 --- a/mangle.c +++ b/mangle.c @@ -112,7 +112,7 @@ int process_tcp_packet(const struct section_config_t *section, const uint8_t *ra NETBUF_ALLOC(payload, MAX_PACKET_SIZE); if (!NETBUF_CHECK(payload)) { - lgerror("Allocation error", -ENOMEM); + lgerror(-ENOMEM, "Allocation error"); goto accept; } @@ -142,7 +142,7 @@ int process_tcp_packet(const struct section_config_t *section, const uint8_t *ra ret = instance_config.send_raw_packet(payload, iph_len + tcph_len + fake_len); if (ret < 0) { - lgerror("send_syn_altered", ret); + lgerror(ret, "send_syn_altered"); NETBUF_FREE(payload); goto accept; @@ -167,7 +167,7 @@ int process_tcp_packet(const struct section_config_t *section, const uint8_t *ra uint32_t payload_len = raw_payload_len; NETBUF_ALLOC(payload, MAX_PACKET_SIZE); if (!NETBUF_CHECK(payload)) { - lgerror("Allocation error", -ENOMEM); + lgerror(-ENOMEM, "Allocation error"); goto accept; } @@ -185,7 +185,7 @@ int process_tcp_packet(const struct section_config_t *section, const uint8_t *ra &data, &dlen); if (ret < 0) { - lgerror("tcp_payload_split in targ_sni", ret); + lgerror(ret, "tcp_payload_split in targ_sni"); goto accept_lc; } @@ -201,7 +201,7 @@ int process_tcp_packet(const struct section_config_t *section, const uint8_t *ra &iph, &iph_len, &tcph, &tcph_len, &data, &dlen); if (ret < 0) { - lgerror("seqovl_packet delta %d", ret, delta); + lgerror(ret, "seqovl_packet delta %d", delta); } } @@ -241,7 +241,7 @@ int process_tcp_packet(const struct section_config_t *section, const uint8_t *ra ret = send_tcp_frags(section, payload, payload_len, poses, cnt, 0); if (ret < 0) { - lgerror("tcp4 send frags", ret); + lgerror(ret, "tcp4 send frags"); goto accept_lc; } @@ -275,20 +275,20 @@ int process_tcp_packet(const struct section_config_t *section, const uint8_t *ra ret = send_ip4_frags(section, payload, payload_len, poses, cnt, 0); if (ret < 0) { - lgerror("ip4 send frags", ret); + lgerror(ret, "ip4 send frags"); goto accept_lc; } goto drop_lc; } else { - printf("WARNING: IP fragmentation is supported only for IPv4\n"); + lginfo("WARNING: IP fragmentation is supported only for IPv4\n"); goto default_send; } default: default_send: ret = instance_config.send_raw_packet(payload, payload_len); if (ret < 0) { - lgerror("raw pack send", ret); + lgerror(ret, "raw pack send"); goto accept_lc; } @@ -339,11 +339,11 @@ int process_udp_packet(const struct section_config_t *section, const uint8_t *pk } if (dlen > 10 && config.verbose >= VERBOSE_TRACE) { - printf("UDP payload start: [ "); + lginfo("UDP payload start: [ "); for (int i = 0; i < 10; i++) { - printf("%02x ", data[i]); + lginfo("%02x ", data[i]); } - printf("], "); + lginfo("], "); } @@ -405,7 +405,7 @@ int process_udp_packet(const struct section_config_t *section, const uint8_t *pk goto drop; } else { - printf("WARNING: IP fragmentation is supported only for IPv4\n"); + lginfo("WARNING: IP fragmentation is supported only for IPv4\n"); goto accept; } } @@ -442,20 +442,20 @@ int send_ip4_frags(const struct section_config_t *section, const uint8_t *packet } else { NETBUF_ALLOC(frag1, MAX_PACKET_SIZE); if (!NETBUF_CHECK(frag1)) { - lgerror("Allocation error", -ENOMEM); + lgerror(-ENOMEM, "Allocation error"); return -ENOMEM; } NETBUF_ALLOC(frag2, MAX_PACKET_SIZE); if (!NETBUF_CHECK(frag2)) { - lgerror("Allocation error", -ENOMEM); + lgerror(-ENOMEM, "Allocation error"); NETBUF_FREE(frag1); return -ENOMEM; } NETBUF_ALLOC(fake_pad, MAX_PACKET_SIZE); if (!NETBUF_CHECK(fake_pad)) { - lgerror("Allocation error", -ENOMEM); + lgerror(-ENOMEM, "Allocation error"); NETBUF_FREE(frag1); NETBUF_FREE(frag2); return -ENOMEM; @@ -468,7 +468,7 @@ int send_ip4_frags(const struct section_config_t *section, const uint8_t *packet int ret; if (dvs > poses[0]) { - lgerror("send_frags: Recursive dvs(%d) is more than poses0(%d)", -EINVAL, dvs, poses[0]); + lgerror(-EINVAL, "send_frags: Recursive dvs(%d) is more than poses0(%d)", dvs, poses[0]); ret = -EINVAL; goto erret_lc; } @@ -480,7 +480,7 @@ int send_ip4_frags(const struct section_config_t *section, const uint8_t *packet frag1, &f1len, frag2, &f2len); if (ret < 0) { - lgerror("send_frags: frag: with context packet with size %d, position: %d, recursive dvs: %d", ret, pktlen, poses[0], dvs); + lgerror(ret, "send_frags: frag: with context packet with size %d, position: %d, recursive dvs: %d", pktlen, poses[0], dvs); goto erret_lc; } @@ -571,13 +571,13 @@ int send_tcp_frags(const struct section_config_t *section, const uint8_t *packet } else { NETBUF_ALLOC(frag1, MAX_PACKET_SIZE); if (!NETBUF_CHECK(frag1)) { - lgerror("Allocation error", -ENOMEM); + lgerror(-ENOMEM, "Allocation error"); return -ENOMEM; } NETBUF_ALLOC(frag2, MAX_PACKET_SIZE); if (!NETBUF_CHECK(frag2)) { - lgerror("Allocation error", -ENOMEM); + lgerror(-ENOMEM, "Allocation error"); NETBUF_FREE(frag1); return -ENOMEM; } @@ -588,7 +588,7 @@ int send_tcp_frags(const struct section_config_t *section, const uint8_t *packet int ret; if (dvs > poses[0]) { - lgerror("send_frags: Recursive dvs(%d) is more than poses0(%d)", -EINVAL, dvs, poses[0]); + lgerror(-EINVAL, "send_frags: Recursive dvs(%d) is more than poses0(%d)", dvs, poses[0]); ret = -EINVAL; goto erret_lc; } @@ -601,7 +601,7 @@ int send_tcp_frags(const struct section_config_t *section, const uint8_t *packet lgtrace_addp("Packet split in %d bytes position of payload start, dvs: %d to two packets of %d and %d lengths", poses[0], dvs, f1len, f2len); if (ret < 0) { - lgerror("send_frags: tcp_frag: with context packet with size %d, position: %d, recursive dvs: %d", ret, pktlen, poses[0], dvs); + lgerror(ret, "send_frags: tcp_frag: with context packet with size %d, position: %d, recursive dvs: %d", pktlen, poses[0], dvs); goto erret_lc; } @@ -690,7 +690,7 @@ int post_fake_sni(struct fake_type f_type, for (int i = 0; i < fake_seq_type.sequence_len; i++) { NETBUF_ALLOC(fake_sni, MAX_PACKET_SIZE); if (!NETBUF_CHECK(fake_sni)) { - lgerror("Allocation error", -ENOMEM); + lgerror(-ENOMEM, "Allocation error"); return -ENOMEM; } uint32_t fsn_len = MAX_PACKET_SIZE; @@ -700,7 +700,7 @@ int post_fake_sni(struct fake_type f_type, fsiph, iph_len, fstcph, tcph_len, fake_sni, &fsn_len); if (ret < 0) { - lgerror("gen_fake_sni", ret); + lgerror(ret, "gen_fake_sni"); goto erret_lc; } @@ -712,7 +712,7 @@ int post_fake_sni(struct fake_type f_type, ret = instance_config.send_raw_packet(fake_sni, fsn_len); } if (ret < 0) { - lgerror("send fake sni", ret); + lgerror(ret, "send fake sni"); goto erret_lc; } uint32_t iph_len; diff --git a/quic.c b/quic.c index 05ab089..66bdb4e 100644 --- a/quic.c +++ b/quic.c @@ -135,6 +135,6 @@ int quic_parse_initial_message(uint8_t *inpayload, uint32_t inplen, return 0; invalid_packet: - lgerror("QUIC invalid Initial packet", -EINVAL); + lgerror(-EINVAL, "QUIC invalid Initial packet"); return -EINVAL; } diff --git a/tls.c b/tls.c index e67c18c..b3f0e4f 100644 --- a/tls.c +++ b/tls.c @@ -228,12 +228,12 @@ brute: NETBUF_ALLOC(buf, MAX_PACKET_SIZE); if (!NETBUF_CHECK(buf)) { - lgerror("Allocation error", -ENOMEM); + lgerror(-ENOMEM, "Allocation error"); goto out; } NETBUF_ALLOC(nzbuf, MAX_PACKET_SIZE * sizeof(int)); if (!NETBUF_CHECK(nzbuf)) { - lgerror("Allocation error", -ENOMEM); + lgerror(-ENOMEM, "Allocation error"); NETBUF_FREE(buf); goto out; } @@ -324,7 +324,7 @@ int gen_fake_sni(struct fake_type type, #if _NO_GETRANDOM ret = open("/dev/urandom", O_RDONLY); if (ret < 0) { - lgerror("Unable to open /dev/urandom", ret); + lgerror(ret, "Unable to open /dev/urandom"); return ret; } diff --git a/utils.c b/utils.c index 0659bb5..eb3f168 100644 --- a/utils.c +++ b/utils.c @@ -81,20 +81,20 @@ int ip4_payload_split(uint8_t *pkt, uint32_t buflen, struct iphdr **iph, uint32_t *iph_len, uint8_t **payload, uint32_t *plen) { if (pkt == NULL || buflen < sizeof(struct iphdr)) { - lgerror("ip4_payload_split: pkt|buflen", -EINVAL); + lgerror(-EINVAL, "ip4_payload_split: pkt|buflen"); return -EINVAL; } struct iphdr *hdr = (struct iphdr *)pkt; if (netproto_version(pkt, buflen) != IP4VERSION) { - lgerror("ip4_payload_split: ipversion", -EINVAL); + lgerror(-EINVAL, "ip4_payload_split: ipversion"); return -EINVAL; } uint32_t hdr_len = hdr->ihl * 4; uint32_t pktlen = ntohs(hdr->tot_len); if (buflen < pktlen || hdr_len > pktlen) { - lgerror("ip4_payload_split: buflen cmp pktlen", -EINVAL); + lgerror(-EINVAL, "ip4_payload_split: buflen cmp pktlen"); return -EINVAL; } @@ -156,20 +156,20 @@ int ip6_payload_split(uint8_t *pkt, uint32_t buflen, struct ip6_hdr **iph, uint32_t *iph_len, uint8_t **payload, uint32_t *plen) { if (pkt == NULL || buflen < sizeof(struct ip6_hdr)) { - lgerror("ip6_payload_split: pkt|buflen", -EINVAL); + lgerror(-EINVAL, "ip6_payload_split: pkt|buflen"); return -EINVAL; } struct ip6_hdr *hdr = (struct ip6_hdr *)pkt; if (netproto_version(pkt, buflen) != 6) { - lgerror("ip6_payload_split: ip6version", -EINVAL); + lgerror(-EINVAL, "ip6_payload_split: ip6version"); return -EINVAL; } uint32_t hdr_len = sizeof(struct ip6_hdr); uint32_t pktlen = ntohs(hdr->ip6_plen); if (buflen < pktlen) { - lgerror("ip6_payload_split: buflen cmp pktlen: %d %d", -EINVAL, buflen, pktlen); + lgerror(-EINVAL, "ip6_payload_split: buflen cmp pktlen: %d %d", buflen, pktlen); return -EINVAL; } @@ -237,7 +237,7 @@ int tcp_payload_split(uint8_t *pkt, uint32_t buflen, } else if (netvers == IP6VERSION) { return tcp6_payload_split(pkt, buflen, (struct ip6_hdr **)iph, iph_len, tcph, tcph_len, payload, plen); } else { - lgerror("Internet Protocol version is unsupported", -EINVAL); + lgerror(-EINVAL, "Internet Protocol version is unsupported"); return -EINVAL; } } @@ -329,7 +329,7 @@ int udp_payload_split(uint8_t *pkt, uint32_t buflen, } else if (netvers == IP6VERSION) { return udp6_payload_split(pkt, buflen, (struct ip6_hdr **)iph, iph_len, udph, payload, plen); } else { - lgerror("Internet Protocol version is unsupported", -EINVAL); + lgerror(-EINVAL, "Internet Protocol version is unsupported"); return -EINVAL; } } @@ -351,7 +351,7 @@ int ip4_frag(const uint8_t *pkt, uint32_t buflen, uint32_t payload_offset, if ((ret = ip4_payload_split( (uint8_t *)pkt, buflen, &hdr, &hdr_len, (uint8_t **)&payload, &plen)) < 0) { - lgerror("ipv4_frag: TCP Header extract error", ret); + lgerror(ret, "ipv4_frag: TCP Header extract error"); return -EINVAL; } @@ -360,7 +360,7 @@ int ip4_frag(const uint8_t *pkt, uint32_t buflen, uint32_t payload_offset, } if (payload_offset & ((1 << 3) - 1)) { - lgerror("ipv4_frag: Payload offset MUST be a multiply of 8!", -EINVAL); + lgerror(-EINVAL, "ipv4_frag: Payload offset MUST be a multiply of 8!"); return -EINVAL; } @@ -433,7 +433,7 @@ int tcp_frag(const uint8_t *pkt, uint32_t buflen, uint32_t payload_offset, &hdr, &hdr_len, &tcph, &tcph_len, (uint8_t **)&payload, &plen)) < 0) { - lgerror("tcp_frag: tcp_payload_split", ret); + lgerror(ret, "tcp_frag: tcp_payload_split"); return -EINVAL; } @@ -448,7 +448,7 @@ int tcp_frag(const uint8_t *pkt, uint32_t buflen, uint32_t payload_offset, ntohs(iphdr->frag_off) & IP_OFFMASK) { lgdebugmsg("tcp_frag: ip4: frag value: %d", ntohs(iphdr->frag_off)); - lgerror("tcp_frag: ip4: ip fragmentation is set", -EINVAL); + lgerror(-EINVAL, "tcp_frag: ip4: ip fragmentation is set"); return -EINVAL; } } @@ -590,7 +590,7 @@ int fail_packet(struct failing_strategy strategy, uint8_t *payload, uint32_t *pl } else if (ipxv == IP6VERSION) { ((struct ip6_hdr *)iph)->ip6_hops = strategy.faking_ttl; } else { - lgerror("fail_packet: IP version is unsupported", -EINVAL); + lgerror(-EINVAL, "fail_packet: IP version is unsupported"); return -EINVAL; } } else if (strategy.strategy == FAKE_STRAT_TCP_MD5SUM) { @@ -612,7 +612,7 @@ int fail_packet(struct failing_strategy strategy, uint8_t *payload, uint32_t *pl } else if (ipxv == IP6VERSION) { ((struct ip6_hdr *)iph)->ip6_plen = htons(ntohs(((struct ip6_hdr *)iph)->ip6_plen) + delta); } else { - lgerror("fail_packet: IP version is unsupported", -EINVAL); + lgerror(-EINVAL, "fail_packet: IP version is unsupported"); return -EINVAL; } optp_len += delta; diff --git a/youtubeUnblock.c b/youtubeUnblock.c index 67de5cf..6e9dcb2 100644 --- a/youtubeUnblock.c +++ b/youtubeUnblock.c @@ -45,12 +45,12 @@ static int open_socket(struct mnl_socket **_nl) { nl = mnl_socket_open(NETLINK_NETFILTER); if (nl == NULL) { - perror("mnl_socket_open"); + lgerror(errno, "mnl_socket_open"); return -1; } if (mnl_socket_bind(nl, 0, MNL_SOCKET_AUTOPID) < 0) { - perror("mnl_socket_bind"); + lgerror(errno, "mnl_socket_bind"); mnl_socket_close(nl); return -1; } @@ -65,7 +65,7 @@ static int close_socket(struct mnl_socket **_nl) { struct mnl_socket *nl = *_nl; if (nl == NULL) return 1; if (mnl_socket_close(nl) < 0) { - perror("mnl_socket_close"); + lgerror(errno, "mnl_socket_close"); return -1; } @@ -77,26 +77,26 @@ static int close_socket(struct mnl_socket **_nl) { static int open_raw_socket(void) { if (rawsocket != -2) { errno = EALREADY; - perror("Raw socket is already opened"); + lgerror(errno, "Raw socket is already opened"); return -1; } rawsocket = socket(AF_INET, SOCK_RAW, IPPROTO_RAW); if (rawsocket == -1) { - perror("Unable to create raw socket"); + lgerror(errno, "Unable to create raw socket"); return -1; } int mark = config.mark; if (setsockopt(rawsocket, SOL_SOCKET, SO_MARK, &mark, sizeof(mark)) < 0) { - fprintf(stderr, "setsockopt(SO_MARK, %d) failed\n", mark); + lgerror(errno, "setsockopt(SO_MARK, %d) failed\n", mark); return -1; } int mst = pthread_mutex_init(&rawsocket_lock, NULL); if (mst) { - fprintf(stderr, "Mutex err: %d\n", mst); + lgerror(errno, "Mutex err: %d\n", mst); close(rawsocket); errno = mst; @@ -110,12 +110,12 @@ static int open_raw_socket(void) { static int close_raw_socket(void) { if (rawsocket < 0) { errno = EALREADY; - perror("Raw socket is not set"); + lgerror(errno, "Raw socket is not set"); return -1; } if (close(rawsocket)) { - perror("Unable to close raw socket"); + lgerror(errno, "Unable to close raw socket"); pthread_mutex_destroy(&rawsocket_lock); return -1; } @@ -129,26 +129,26 @@ static int close_raw_socket(void) { static int open_raw6_socket(void) { if (raw6socket != -2) { errno = EALREADY; - perror("Raw socket is already opened"); + lgerror(errno, "Raw socket is already opened"); return -1; } raw6socket = socket(AF_INET6, SOCK_RAW, IPPROTO_RAW); if (rawsocket == -1) { - perror("Unable to create raw socket"); + lgerror(errno, "Unable to create raw socket"); return -1; } int mark = config.mark; if (setsockopt(raw6socket, SOL_SOCKET, SO_MARK, &mark, sizeof(mark)) < 0) { - fprintf(stderr, "setsockopt(SO_MARK, %d) failed\n", mark); + lgerror(errno, "setsockopt(SO_MARK, %d) failed\n", mark); return -1; } int mst = pthread_mutex_init(&raw6socket_lock, NULL); if (mst) { - fprintf(stderr, "Mutex err: %d\n", mst); + lgerror(mst, "Mutex err: %d\n", mst); close(raw6socket); errno = mst; @@ -162,12 +162,12 @@ static int open_raw6_socket(void) { static int close_raw6_socket(void) { if (raw6socket < 0) { errno = EALREADY; - perror("Raw socket is not set"); + lgerror(errno, "Raw socket is not set"); return -1; } if (close(raw6socket)) { - perror("Unable to close raw socket"); + lgerror(errno, "Unable to close raw socket"); pthread_mutex_destroy(&rawsocket_lock); return -1; } @@ -256,18 +256,17 @@ static int send_raw_socket(const uint8_t *pkt, uint32_t pktlen) { int ret; if (pktlen > AVAILABLE_MTU) { - if (config.verbose) - printf("Split packet!\n"); + lgtrace("Split packet!\n"); NETBUF_ALLOC(buff1, MNL_SOCKET_BUFFER_SIZE); if (!NETBUF_CHECK(buff1)) { - lgerror("Allocation error", -ENOMEM); + lgerror(-ENOMEM, "Allocation error"); return -ENOMEM; } NETBUF_ALLOC(buff2, MNL_SOCKET_BUFFER_SIZE); if (!NETBUF_CHECK(buff2)) { - lgerror("Allocation error", -ENOMEM); + lgerror(-ENOMEM, "Allocation error"); NETBUF_FREE(buff1); return -ENOMEM; } @@ -313,7 +312,7 @@ free_buffs: } else if (ipvx == IP6VERSION) { ret = send_raw_ipv6(pkt, pktlen); } else { - printf("proto version %d is unsupported\n", ipvx); + lginfo("proto version %d is unsupported\n", ipvx); return -EINVAL; } @@ -346,7 +345,7 @@ static int fallback_accept_packet(uint32_t id, struct queue_data qdata) { nfq_nlmsg_verdict_put(verdnlh, id, NF_ACCEPT); if (mnl_socket_sendto(*qdata._nl, verdnlh, verdnlh->nlmsg_len) < 0) { - perror("mnl_socket_send"); + lgerror(errno, "mnl_socket_send"); return MNL_CB_ERROR; } @@ -371,7 +370,7 @@ void *delay_packet_send_fn(void *data) { int ret = send_raw_socket(pkt, pktlen); if (ret < 0) { errno = -ret; - perror("send delayed raw packet"); + lgerror(errno, "send delayed raw packet"); } free(pkt); @@ -403,13 +402,13 @@ static int queue_cb(const struct nlmsghdr *nlh, void *data) { struct packet_data packet = {0}; if (nfq_nlmsg_parse(nlh, attr) < 0) { - perror("Attr parse"); + lgerror(errno, "Attr parse"); return MNL_CB_ERROR; } if (attr[NFQA_PACKET_HDR] == NULL) { errno = ENODATA; - perror("Metaheader not set"); + lgerror(errno, "Metaheader not set"); return MNL_CB_ERROR; } @@ -422,7 +421,7 @@ static int queue_cb(const struct nlmsghdr *nlh, void *data) { packet.payload = mnl_attr_get_payload(attr[NFQA_PAYLOAD]); if (attr[NFQA_CAP_LEN] != NULL && ntohl(mnl_attr_get_u32(attr[NFQA_CAP_LEN])) != packet.payload_len) { - fprintf(stderr, "The packet was truncated! Skip!\n"); + lgerr("The packet was truncated! Skip!\n"); return fallback_accept_packet(packet.id, *qdata); } @@ -450,7 +449,7 @@ static int queue_cb(const struct nlmsghdr *nlh, void *data) { } if (mnl_socket_sendto(*qdata->_nl, verdnlh, verdnlh->nlmsg_len) < 0) { - perror("mnl_socket_send"); + lgerror(errno, "mnl_socket_send"); return MNL_CB_ERROR; } @@ -463,7 +462,7 @@ int init_queue(int queue_num) { struct mnl_socket *nl; if (open_socket(&nl)) { - perror("Unable to open socket"); + lgerror(errno, "Unable to open socket"); return -1; } @@ -472,7 +471,7 @@ int init_queue(int queue_num) { struct nlmsghdr *nlh; NETBUF_ALLOC(bbuf, BUF_SIZE); if (!NETBUF_CHECK(bbuf)) { - lgerror("Allocation error", -ENOMEM); + lgerror(-ENOMEM, "Allocation error"); goto die_alloc; } char *buf = (char *)bbuf; @@ -485,7 +484,7 @@ int init_queue(int queue_num) { nfq_nlmsg_cfg_put_cmd(nlh, PF_INET, NFQNL_CFG_CMD_PF_UNBIND); if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) { - perror("mnl_socket_send"); + lgerror(errno, "mnl_socket_send"); goto die; } @@ -493,7 +492,7 @@ int init_queue(int queue_num) { nfq_nlmsg_cfg_put_cmd(nlh, PF_INET, NFQNL_CFG_CMD_PF_BIND); if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) { - perror("mnl_socket_send"); + lgerror(errno, "mnl_socket_send"); goto die; } @@ -502,7 +501,7 @@ int init_queue(int queue_num) { nfq_nlmsg_cfg_put_cmd(nlh, PF_INET6, NFQNL_CFG_CMD_PF_UNBIND); if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) { - perror("mnl_socket_send"); + lgerror(errno, "mnl_socket_send"); goto die; } @@ -510,7 +509,7 @@ int init_queue(int queue_num) { nfq_nlmsg_cfg_put_cmd(nlh, PF_INET6, NFQNL_CFG_CMD_PF_BIND); if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) { - perror("mnl_socket_send"); + lgerror(errno, "mnl_socket_send"); goto die; } } @@ -520,7 +519,7 @@ int init_queue(int queue_num) { nfq_nlmsg_cfg_put_cmd(nlh, AF_INET, NFQNL_CFG_CMD_BIND); if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) { - perror("mnl_socket_send"); + lgerror(errno, "mnl_socket_send"); goto die; } @@ -533,7 +532,7 @@ int init_queue(int queue_num) { } if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) { - perror("mnl_socket_send"); + lgerror(errno, "mnl_socket_send"); goto die; } @@ -550,22 +549,22 @@ int init_queue(int queue_num) { .queue_num = queue_num }; - printf("Queue %d started\n", qdata.queue_num); + lginfo("Queue %d started\n", qdata.queue_num); while (1) { ret = mnl_socket_recvfrom(nl, buf, BUF_SIZE); if (ret == -1) { - perror("mnl_socket_recvfrom"); + lgerror(errno, "mnl_socket_recvfrom"); goto die; } ret = mnl_cb_run(buf, ret, 0, portid, queue_cb, &qdata); if (ret < 0) { - lgerror("mnl_cb_run", -EPERM); + lgerror(-EPERM, "mnl_cb_run"); if (errno == EPERM) { - printf("Probably another instance of youtubeUnblock with the same queue number is running\n"); + lgerror(errno, "Probably another instance of youtubeUnblock with the same queue number is running\n"); } else { - printf("Make sure the nfnetlink_queue kernel module is loaded\n"); + lgerror(errno, "Make sure the nfnetlink_queue kernel module is loaded\n"); } goto die; } @@ -602,7 +601,7 @@ void *init_queue_wrapper(void *qdconf) { thres->status = init_queue(qconf->queue_num); - fprintf(stderr, "Thread %d exited with status %d\n", qconf->i, thres->status); + lgerror(thres->status, "Thread %d exited with status %d\n", qconf->i, thres->status); return thres; } @@ -616,7 +615,7 @@ int main(int argc, char *argv[]) { int ret; if ((ret = parse_args(argc, argv)) != 0) { if (ret < 0) { - perror("Unable to parse args"); + lgerror(errno, "Unable to parse args"); exit(EXIT_FAILURE); } exit(EXIT_SUCCESS); @@ -627,13 +626,13 @@ int main(int argc, char *argv[]) { if (open_raw_socket() < 0) { - perror("Unable to open raw socket"); + lgerror(errno, "Unable to open raw socket"); exit(EXIT_FAILURE); } if (config.use_ipv6) { if (open_raw6_socket() < 0) { - perror("Unable to open raw socket for ipv6"); + lgerror(errno, "Unable to open raw socket for ipv6"); close_raw_socket(); exit(EXIT_FAILURE); } @@ -653,7 +652,7 @@ int main(int argc, char *argv[]) { qres = init_queue_wrapper(&tconf); } else { - printf("%d threads wil be used\n", config.threads); + lginfo("%d threads wil be used\n", config.threads); struct queue_conf thread_confs[MAX_THREADS]; pthread_t threads[MAX_THREADS];