Mirror/zapret
1
0
Fork 0
mirror of https://github.com/bol-van/zapret.git synced 2026-02-01 07:10:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

nfqws: --debug to file and syslog

Browse Source
This commit is contained in:
bol-van
2024-08-23 14:42:21 +03:00
parent 7252046362
commit ea9435a737
9 changed files with 479 additions and 285 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
nfq/darkmagic.c
View File

@@ -699,7 +699,7 @@ static void str_srcdst_ip(char *s, size_t s_len, const void *saddr,const void *d
inet_ntop(AF_INET, daddr, d_ip, sizeof(d_ip));
snprintf(s,s_len,"%s => %s",s_ip,d_ip);
}
static void str_ip(char *s, size_t s_len, const struct ip *ip)
void str_ip(char *s, size_t s_len, const struct ip *ip)
{
char ss[35],s_proto[16];
str_srcdst_ip(ss,sizeof(ss),&ip->ip_src,&ip->ip_dst);
@@ -712,7 +712,7 @@ void print_ip(const struct ip *ip)
str_ip(s,sizeof(s),ip);
printf("%s",s);
}
static void str_srcdst_ip6(char *s, size_t s_len, const void *saddr,const void *daddr)
void str_srcdst_ip6(char *s, size_t s_len, const void *saddr,const void *daddr)
{
char s_ip[40],d_ip[40];
*s_ip=*d_ip=0;
@@ -720,7 +720,7 @@ static void str_srcdst_ip6(char *s, size_t s_len, const void *saddr,const void *
inet_ntop(AF_INET6, daddr, d_ip, sizeof(d_ip));
snprintf(s,s_len,"%s => %s",s_ip,d_ip);
}
static void str_ip6hdr(char *s, size_t s_len, const struct ip6_hdr *ip6hdr, uint8_t proto)
void str_ip6hdr(char *s, size_t s_len, const struct ip6_hdr *ip6hdr, uint8_t proto)
{
char ss[83],s_proto[16];
str_srcdst_ip6(ss,sizeof(ss),&ip6hdr->ip6_src,&ip6hdr->ip6_dst);
@@ -733,7 +733,7 @@ void print_ip6hdr(const struct ip6_hdr *ip6hdr, uint8_t proto)
str_ip6hdr(s,sizeof(s),ip6hdr,proto);
printf("%s",s);
}
static void str_tcphdr(char *s, size_t s_len, const struct tcphdr *tcphdr)
void str_tcphdr(char *s, size_t s_len, const struct tcphdr *tcphdr)
{
char flags[7],*f=flags;
if (tcphdr->th_flags & TH_SYN) *f++='S';
@@ -751,7 +751,7 @@ void print_tcphdr(const struct tcphdr *tcphdr)
str_tcphdr(s,sizeof(s),tcphdr);
printf("%s",s);
}
static void str_udphdr(char *s, size_t s_len, const struct udphdr *udphdr)
void str_udphdr(char *s, size_t s_len, const struct udphdr *udphdr)
{
snprintf(s,s_len,"sport=%u dport=%u",htons(udphdr->uh_sport),htons(udphdr->uh_dport));
}
@@ -937,11 +937,11 @@ void tcp_rewrite_wscale(struct tcphdr *tcp, uint8_t scale_factor)
scale_factor_old=scale[2];
// do not allow increasing scale factor
if (scale_factor>=scale_factor_old)
DLOG("Scale factor %u unchanged\n", scale_factor_old)
DLOG("Scale factor %u unchanged\n", scale_factor_old);
else
{
scale[2]=scale_factor;
DLOG("Scale factor change %u => %u\n", scale_factor_old, scale_factor)
DLOG("Scale factor change %u => %u\n", scale_factor_old, scale_factor);
}
}
}
@@ -953,7 +953,7 @@ void tcp_rewrite_winsize(struct tcphdr *tcp, uint16_t winsize, uint8_t scale_fac
winsize_old = htons(tcp->th_win); // << scale_factor;
tcp->th_win = htons(winsize);
DLOG("Window size change %u => %u\n", winsize_old, winsize)
DLOG("Window size change %u => %u\n", winsize_old, winsize);
tcp_rewrite_wscale(tcp, scale_factor);
}
@@ -1342,10 +1342,10 @@ static HANDLE windivert_init_filter(const char *filter, UINT64 flags)
FormatMessageA(FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS,
NULL, w_win32_error, MAKELANGID(LANG_ENGLISH, SUBLANG_DEFAULT), (LPSTR)&errormessage, 0, NULL);
fprintf(stderr, "windivert: error opening filter: %s", errormessage);
DLOG_ERR("windivert: error opening filter: %s", errormessage);
LocalFree(errormessage);
if (w_win32_error == ERROR_INVALID_IMAGE_HASH)
fprintf(stderr,"windivert: try to disable secure boot and install OS patches\n");
DLOG_ERR("windivert: try to disable secure boot and install OS patches\n");
return NULL;
}
@@ -1592,14 +1592,14 @@ static bool set_socket_fwmark(int sock, uint32_t fwmark)
#ifdef SO_USER_COOKIE
if (setsockopt(sock, SOL_SOCKET, SO_USER_COOKIE, &fwmark, sizeof(fwmark)) == -1)
{
perror("rawsend: setsockopt(SO_USER_COOKIE)");
DLOG_PERROR("rawsend: setsockopt(SO_USER_COOKIE)");
return false;
}
#endif
#elif defined(__linux__)
if (setsockopt(sock, SOL_SOCKET, SO_MARK, &fwmark, sizeof(fwmark)) == -1)
{
perror("rawsend: setsockopt(SO_MARK)");
DLOG_PERROR("rawsend: setsockopt(SO_MARK)");
return false;
}
@@ -1631,28 +1631,28 @@ static int rawsend_socket(sa_family_t family)
#endif
if (*sock==-1)
{
perror("rawsend: socket()");
DLOG_PERROR("rawsend: socket()");
return -1;
}
#ifdef __linux__
if (setsockopt(*sock, SOL_SOCKET, SO_PRIORITY, &pri, sizeof(pri)) == -1)
{
perror("rawsend: setsockopt(SO_PRIORITY)");
DLOG_PERROR("rawsend: setsockopt(SO_PRIORITY)");
goto exiterr;
}
if (family==AF_INET && setsockopt(*sock, IPPROTO_IP, IP_NODEFRAG, &yes, sizeof(yes)) == -1)
{
perror("rawsend: setsockopt(IP_NODEFRAG)");
DLOG_PERROR("rawsend: setsockopt(IP_NODEFRAG)");
goto exiterr;
}
if (family==AF_INET && setsockopt(*sock, IPPROTO_IP, IP_FREEBIND, &yes, sizeof(yes)) == -1)
{
perror("rawsend: setsockopt(IP_FREEBIND)");
DLOG_PERROR("rawsend: setsockopt(IP_FREEBIND)");
goto exiterr;
}
if (family==AF_INET6 && setsockopt(*sock, SOL_IPV6, IPV6_FREEBIND, &yes, sizeof(yes)) == -1)
{
//perror("rawsend: setsockopt(IPV6_FREEBIND)");
//DLOG_PERROR("rawsend: setsockopt(IPV6_FREEBIND)");
// dont error because it's supported only from kernel 4.15
}
#endif
@@ -1686,7 +1686,7 @@ bool rawsend(const struct sockaddr* dst,uint32_t fwmark,const char *ifout,const
bytes = rawsend_sendto_divert(dst->sa_family,sock,data,len);
if (bytes==-1)
{
perror("rawsend: sendto_divert");
DLOG_PERROR("rawsend: sendto_divert");
return false;
}
return true;
@@ -1711,19 +1711,19 @@ bool rawsend(const struct sockaddr* dst,uint32_t fwmark,const char *ifout,const
//printf("family %u dev %s bind : ", dst->sa_family, ifout); print_sockaddr((struct sockaddr *)&sa_src); printf("\n");
if (setsockopt(sock, SOL_SOCKET, SO_BINDTODEVICE, ifout, ifout ? strlen(ifout)+1 : 0) == -1)
{
perror("rawsend: setsockopt(SO_BINDTODEVICE)");
DLOG_PERROR("rawsend: setsockopt(SO_BINDTODEVICE)");
return false;
}
if (bind(sock, (const struct sockaddr*)&sa_src, dst->sa_family==AF_INET ? sizeof(struct sockaddr_in) : sizeof(struct sockaddr_in6)))
{
perror("rawsend: bind (ignoring)");
DLOG_PERROR("rawsend: bind (ignoring)");
// do not fail. this can happen regardless of IP_FREEBIND
// rebind to any address
memset(&sa_src,0,sizeof(sa_src));
sa_src.ss_family = dst->sa_family;
if (bind(sock, (const struct sockaddr*)&sa_src, dst->sa_family==AF_INET ? sizeof(struct sockaddr_in) : sizeof(struct sockaddr_in6)))
{
perror("rawsend: bind to any");
DLOG_PERROR("rawsend: bind to any");
return false;
}
}
@@ -1734,7 +1734,7 @@ nofix:
bytes = sendto(sock, data, len, 0, (struct sockaddr*)&dst2, salen);
if (bytes==-1)
{
perror("rawsend: sendto");
DLOG_PERROR("rawsend: sendto");
return false;
}
return true;