From 453c44e7b27d4259461795ab4ec6ef264085dd28 Mon Sep 17 00:00:00 2001 From: Guus Sliepen Date: Sun, 22 May 2011 14:17:30 +0200 Subject: [PATCH] Add the ability to dump all traffic going through route() over a control connection. One can get the packet stream in pcap format, which can be decoded using tcpdump, for example: tincctl -n pcap | tcpdump -r - --- src/connection.h | 3 +- src/control.c | 9 +++++ src/control_common.h | 1 + src/route.c | 19 +++++++++++ src/route.h | 1 + src/tincctl.c | 79 ++++++++++++++++++++++++++++++++++++++++++-- 6 files changed, 109 insertions(+), 3 deletions(-) diff --git a/src/connection.h b/src/connection.h index 41986723..77ca87a5 100644 --- a/src/connection.h +++ b/src/connection.h @@ -43,7 +43,8 @@ typedef struct connection_status_t { int decryptin:1; /* 1 if we have to decrypt incoming traffic */ int mst:1; /* 1 if this connection is part of a minimum spanning tree */ int control:1; - int unused:22; + int pcap:1; + int unused:21; } connection_status_t; #include "edge.h" diff --git a/src/control.c b/src/control.c index ade012ac..e03e67da 100644 --- a/src/control.c +++ b/src/control.c @@ -24,7 +24,11 @@ #include "control_common.h" #include "graph.h" #include "logger.h" +#include "meta.h" +#include "net.h" #include "protocol.h" +#include "route.h" +#include "splay_tree.h" #include "utils.h" #include "xalloc.h" @@ -116,6 +120,11 @@ bool control_h(connection_t *c, char *request) { case REQ_DUMP_TRAFFIC: return dump_traffic(c); + case REQ_PCAP: + c->status.pcap = true; + pcap = true; + return true; + default: return send_request(c, "%d %d", CONTROL, REQ_INVALID); } diff --git a/src/control_common.h b/src/control_common.h index 56b2bde9..615e10a7 100644 --- a/src/control_common.h +++ b/src/control_common.h @@ -38,6 +38,7 @@ enum request_type { REQ_CONNECT, REQ_DISCONNECT, REQ_DUMP_TRAFFIC, + REQ_PCAP, }; #define TINC_CTL_VERSION_CURRENT 0 diff --git a/src/route.c b/src/route.c index 9897d0d7..618b0ab9 100644 --- a/src/route.c +++ b/src/route.c @@ -22,10 +22,12 @@ #include "splay_tree.h" #include "connection.h" +#include "control_common.h" #include "ethernet.h" #include "ipv4.h" #include "ipv6.h" #include "logger.h" +#include "meta.h" #include "net.h" #include "protocol.h" #include "route.h" @@ -39,6 +41,7 @@ bool priorityinheritance = false; int macexpire = 600; bool overwrite_mac = false; mac_t mymac = {{0xFE, 0xFD, 0, 0, 0, 0}}; +bool pcap = false; /* Sizes of various headers */ @@ -860,7 +863,23 @@ static void route_mac(node_t *source, vpn_packet_t *packet) { send_packet(subnet->owner, packet); } +static void send_pcap(vpn_packet_t *packet) { + pcap = false; + for(splay_node_t *node = connection_tree->head; node; node = node->next) { + connection_t *c = node->data; + if(!c->status.pcap) + continue; + else + pcap = true; + if(send_request(c, "%d %d %d", CONTROL, REQ_PCAP, packet->len)) + send_meta(c, (char *)packet->data, packet->len); + } +} + void route(node_t *source, vpn_packet_t *packet) { + if(pcap) + send_pcap(packet); + if(forwarding_mode == FMODE_KERNEL && source != myself) { send_packet(myself, packet); return; diff --git a/src/route.h b/src/route.h index cfe39e4b..5af2a094 100644 --- a/src/route.h +++ b/src/route.h @@ -42,6 +42,7 @@ extern bool directonly; extern bool overwrite_mac; extern bool priorityinheritance; extern int macexpire; +extern bool pcap; extern mac_t mymac; diff --git a/src/tincctl.c b/src/tincctl.c index 641fb9c4..000d383e 100644 --- a/src/tincctl.c +++ b/src/tincctl.c @@ -98,6 +98,7 @@ static void usage(bool status) { #ifdef HAVE_CURSES " top Show real-time statistics\n" #endif + " pcap Dump traffic in pcap format\n" "\n"); printf("Report bugs to tinc@tinc-vpn.org.\n"); } @@ -301,9 +302,10 @@ static void make_names(void) { } } +static char buffer[4096]; +static size_t blen = 0; + bool recvline(int fd, char *line, size_t len) { - static char buffer[4096]; - static size_t blen = 0; char *newline = NULL; while(!(newline = memchr(buffer, '\n', blen))) { @@ -328,6 +330,23 @@ bool recvline(int fd, char *line, size_t len) { return true; } +bool recvdata(int fd, char *data, size_t len) { + while(blen < len) { + int result = recv(fd, buffer + blen, sizeof buffer - blen, 0); + if(result == -1 && errno == EINTR) + continue; + else if(result <= 0) + return false; + blen += result; + } + + memcpy(data, buffer, len); + memmove(buffer, buffer + len, blen - len); + blen -= len; + + return true; +} + bool sendline(int fd, char *format, ...) { static char buffer[4096]; char *p = buffer; @@ -357,6 +376,57 @@ bool sendline(int fd, char *format, ...) { return true; } +void pcap(int fd, FILE *out) { + sendline(fd, "%d %d", CONTROL, REQ_PCAP); + char data[9018]; + + struct { + uint32_t magic; + uint16_t major; + uint16_t minor; + uint32_t tz_offset; + uint32_t tz_accuracy; + uint32_t snaplen; + uint32_t ll_type; + } header = { + 0xa1b2c3d4, + 2, 4, + 0, 0, + sizeof data, + 1, + }; + + struct { + uint32_t tv_sec; + uint32_t tv_usec; + uint32_t len; + uint32_t origlen; + } packet; + + struct timeval tv; + + fwrite(&header, sizeof header, 1, out); + fflush(out); + + char line[32]; + while(recvline(fd, line, sizeof line)) { + int code, req, len; + int n = sscanf(line, "%d %d %d", &code, &req, &len); + gettimeofday(&tv, NULL); + if(n != 3 || code != CONTROL || req != REQ_PCAP || len < 0 || len > sizeof data) + break; + if(!recvdata(fd, data, len)) + break; + packet.tv_sec = tv.tv_sec; + packet.tv_usec = tv.tv_usec; + packet.len = len; + packet.origlen = len; + fwrite(&packet, sizeof packet, 1, out); + fwrite(data, len, 1, out); + fflush(out); + } +} + int main(int argc, char *argv[], char *envp[]) { int fd; int result; @@ -636,6 +706,11 @@ int main(int argc, char *argv[], char *envp[]) { } #endif + if(!strcasecmp(argv[optind], "pcap")) { + pcap(fd, stdout); + return 0; + } + fprintf(stderr, "Unknown command `%s'.\n", argv[optind]); usage(true); -- 2.20.1