├── .clang-format
├── .gitignore
├── .gitmodules
├── CMakeLists.txt
├── LICENSE
├── README.md
├── cmake-variants.json
├── include
├── antiblock.h
├── config.h
├── const.h
├── dns_ans.h
├── domains_read.h
├── hash.h
├── net_data.h
├── stat.h
└── tun.h
└── src
├── antiblock.c
├── dns_ans.c
├── domains_read.c
├── hash.c
├── net_data.c
├── stat.c
└── tun.c
/.clang-format:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: GPL-2.0
2 | #
3 | # clang-format configuration file. Intended for clang-format >= 11.
4 | #
5 | # For more information, see:
6 | #
7 | # Documentation/dev-tools/clang-format.rst
8 | # https://clang.llvm.org/docs/ClangFormat.html
9 | # https://clang.llvm.org/docs/ClangFormatStyleOptions.html
10 | #
11 | ---
12 | AccessModifierOffset: -4
13 | AlignAfterOpenBracket: Align
14 | AlignConsecutiveAssignments: false
15 | AlignConsecutiveDeclarations: false
16 | AlignEscapedNewlines: Left
17 | AlignOperands: true
18 | AlignTrailingComments: false
19 | AllowAllParametersOfDeclarationOnNextLine: false
20 | AllowShortBlocksOnASingleLine: false
21 | AllowShortCaseLabelsOnASingleLine: false
22 | AllowShortFunctionsOnASingleLine: None
23 | AllowShortIfStatementsOnASingleLine: false
24 | AllowShortLoopsOnASingleLine: false
25 | AlwaysBreakAfterDefinitionReturnType: None
26 | AlwaysBreakAfterReturnType: None
27 | AlwaysBreakBeforeMultilineStrings: false
28 | AlwaysBreakTemplateDeclarations: false
29 | BinPackArguments: true
30 | BinPackParameters: true
31 | BraceWrapping:
32 | AfterClass: false
33 | AfterControlStatement: false
34 | AfterEnum: false
35 | AfterFunction: true
36 | AfterNamespace: true
37 | AfterObjCDeclaration: false
38 | AfterStruct: false
39 | AfterUnion: false
40 | AfterExternBlock: false
41 | BeforeCatch: false
42 | BeforeElse: false
43 | IndentBraces: false
44 | SplitEmptyFunction: true
45 | SplitEmptyRecord: true
46 | SplitEmptyNamespace: true
47 | BreakBeforeBinaryOperators: None
48 | BreakBeforeBraces: Custom
49 | BreakBeforeInheritanceComma: false
50 | BreakBeforeTernaryOperators: false
51 | BreakConstructorInitializersBeforeComma: false
52 | BreakConstructorInitializers: BeforeComma
53 | BreakAfterJavaFieldAnnotations: false
54 | BreakStringLiterals: false
55 | ColumnLimit: 100
56 | CommentPragmas: '^ IWYU pragma:'
57 | CompactNamespaces: false
58 | ConstructorInitializerAllOnOneLineOrOnePerLine: false
59 | ConstructorInitializerIndentWidth: 4
60 | ContinuationIndentWidth: 4
61 | Cpp11BracedListStyle: false
62 | DerivePointerAlignment: false
63 | DisableFormat: false
64 | ExperimentalAutoDetectBinPacking: false
65 | FixNamespaceComments: false
66 |
67 | # Taken from:
68 | # git grep -h '^#define [^[:space:]]*for_each[^[:space:]]*(' include/ tools/ \
69 | # | sed "s,^#define \([^[:space:]]*for_each[^[:space:]]*\)(.*$, - '\1'," \
70 | # | LC_ALL=C sort -u
71 | ForEachMacros:
72 | - '__ata_qc_for_each'
73 | - '__bio_for_each_bvec'
74 | - '__bio_for_each_segment'
75 | - '__evlist__for_each_entry'
76 | - '__evlist__for_each_entry_continue'
77 | - '__evlist__for_each_entry_from'
78 | - '__evlist__for_each_entry_reverse'
79 | - '__evlist__for_each_entry_safe'
80 | - '__for_each_mem_range'
81 | - '__for_each_mem_range_rev'
82 | - '__for_each_thread'
83 | - '__hlist_for_each_rcu'
84 | - '__map__for_each_symbol_by_name'
85 | - '__pci_bus_for_each_res0'
86 | - '__pci_bus_for_each_res1'
87 | - '__pci_dev_for_each_res0'
88 | - '__pci_dev_for_each_res1'
89 | - '__perf_evlist__for_each_entry'
90 | - '__perf_evlist__for_each_entry_reverse'
91 | - '__perf_evlist__for_each_entry_safe'
92 | - '__rq_for_each_bio'
93 | - '__shost_for_each_device'
94 | - '__sym_for_each'
95 | - 'apei_estatus_for_each_section'
96 | - 'ata_for_each_dev'
97 | - 'ata_for_each_link'
98 | - 'ata_qc_for_each'
99 | - 'ata_qc_for_each_raw'
100 | - 'ata_qc_for_each_with_internal'
101 | - 'ax25_for_each'
102 | - 'ax25_uid_for_each'
103 | - 'bio_for_each_bvec'
104 | - 'bio_for_each_bvec_all'
105 | - 'bio_for_each_folio_all'
106 | - 'bio_for_each_integrity_vec'
107 | - 'bio_for_each_segment'
108 | - 'bio_for_each_segment_all'
109 | - 'bio_list_for_each'
110 | - 'bip_for_each_vec'
111 | - 'bond_for_each_slave'
112 | - 'bond_for_each_slave_rcu'
113 | - 'bpf_for_each'
114 | - 'bpf_for_each_reg_in_vstate'
115 | - 'bpf_for_each_reg_in_vstate_mask'
116 | - 'bpf_for_each_spilled_reg'
117 | - 'bpf_object__for_each_map'
118 | - 'bpf_object__for_each_program'
119 | - 'btree_for_each_safe128'
120 | - 'btree_for_each_safe32'
121 | - 'btree_for_each_safe64'
122 | - 'btree_for_each_safel'
123 | - 'card_for_each_dev'
124 | - 'cgroup_taskset_for_each'
125 | - 'cgroup_taskset_for_each_leader'
126 | - 'cpu_aggr_map__for_each_idx'
127 | - 'cpufreq_for_each_efficient_entry_idx'
128 | - 'cpufreq_for_each_entry'
129 | - 'cpufreq_for_each_entry_idx'
130 | - 'cpufreq_for_each_valid_entry'
131 | - 'cpufreq_for_each_valid_entry_idx'
132 | - 'css_for_each_child'
133 | - 'css_for_each_descendant_post'
134 | - 'css_for_each_descendant_pre'
135 | - 'damon_for_each_region'
136 | - 'damon_for_each_region_from'
137 | - 'damon_for_each_region_safe'
138 | - 'damon_for_each_scheme'
139 | - 'damon_for_each_scheme_safe'
140 | - 'damon_for_each_target'
141 | - 'damon_for_each_target_safe'
142 | - 'damos_for_each_filter'
143 | - 'damos_for_each_filter_safe'
144 | - 'data__for_each_file'
145 | - 'data__for_each_file_new'
146 | - 'data__for_each_file_start'
147 | - 'device_for_each_child_node'
148 | - 'displayid_iter_for_each'
149 | - 'dma_fence_array_for_each'
150 | - 'dma_fence_chain_for_each'
151 | - 'dma_fence_unwrap_for_each'
152 | - 'dma_resv_for_each_fence'
153 | - 'dma_resv_for_each_fence_unlocked'
154 | - 'do_for_each_ftrace_op'
155 | - 'drm_atomic_crtc_for_each_plane'
156 | - 'drm_atomic_crtc_state_for_each_plane'
157 | - 'drm_atomic_crtc_state_for_each_plane_state'
158 | - 'drm_atomic_for_each_plane_damage'
159 | - 'drm_client_for_each_connector_iter'
160 | - 'drm_client_for_each_modeset'
161 | - 'drm_connector_for_each_possible_encoder'
162 | - 'drm_exec_for_each_locked_object'
163 | - 'drm_exec_for_each_locked_object_reverse'
164 | - 'drm_for_each_bridge_in_chain'
165 | - 'drm_for_each_connector_iter'
166 | - 'drm_for_each_crtc'
167 | - 'drm_for_each_crtc_reverse'
168 | - 'drm_for_each_encoder'
169 | - 'drm_for_each_encoder_mask'
170 | - 'drm_for_each_fb'
171 | - 'drm_for_each_legacy_plane'
172 | - 'drm_for_each_plane'
173 | - 'drm_for_each_plane_mask'
174 | - 'drm_for_each_privobj'
175 | - 'drm_gem_for_each_gpuva'
176 | - 'drm_gem_for_each_gpuva_safe'
177 | - 'drm_gpuva_for_each_op'
178 | - 'drm_gpuva_for_each_op_from_reverse'
179 | - 'drm_gpuva_for_each_op_safe'
180 | - 'drm_gpuvm_for_each_va'
181 | - 'drm_gpuvm_for_each_va_range'
182 | - 'drm_gpuvm_for_each_va_range_safe'
183 | - 'drm_gpuvm_for_each_va_safe'
184 | - 'drm_mm_for_each_hole'
185 | - 'drm_mm_for_each_node'
186 | - 'drm_mm_for_each_node_in_range'
187 | - 'drm_mm_for_each_node_safe'
188 | - 'dsa_switch_for_each_available_port'
189 | - 'dsa_switch_for_each_cpu_port'
190 | - 'dsa_switch_for_each_cpu_port_continue_reverse'
191 | - 'dsa_switch_for_each_port'
192 | - 'dsa_switch_for_each_port_continue_reverse'
193 | - 'dsa_switch_for_each_port_safe'
194 | - 'dsa_switch_for_each_user_port'
195 | - 'dsa_tree_for_each_cpu_port'
196 | - 'dsa_tree_for_each_user_port'
197 | - 'dsa_tree_for_each_user_port_continue_reverse'
198 | - 'dso__for_each_symbol'
199 | - 'dsos__for_each_with_build_id'
200 | - 'elf_hash_for_each_possible'
201 | - 'elf_symtab__for_each_symbol'
202 | - 'evlist__for_each_cpu'
203 | - 'evlist__for_each_entry'
204 | - 'evlist__for_each_entry_continue'
205 | - 'evlist__for_each_entry_from'
206 | - 'evlist__for_each_entry_reverse'
207 | - 'evlist__for_each_entry_safe'
208 | - 'flow_action_for_each'
209 | - 'for_each_acpi_consumer_dev'
210 | - 'for_each_acpi_dev_match'
211 | - 'for_each_active_dev_scope'
212 | - 'for_each_active_drhd_unit'
213 | - 'for_each_active_iommu'
214 | - 'for_each_active_route'
215 | - 'for_each_aggr_pgid'
216 | - 'for_each_and_bit'
217 | - 'for_each_andnot_bit'
218 | - 'for_each_available_child_of_node'
219 | - 'for_each_bench'
220 | - 'for_each_bio'
221 | - 'for_each_board_func_rsrc'
222 | - 'for_each_btf_ext_rec'
223 | - 'for_each_btf_ext_sec'
224 | - 'for_each_bvec'
225 | - 'for_each_card_auxs'
226 | - 'for_each_card_auxs_safe'
227 | - 'for_each_card_components'
228 | - 'for_each_card_dapms'
229 | - 'for_each_card_pre_auxs'
230 | - 'for_each_card_prelinks'
231 | - 'for_each_card_rtds'
232 | - 'for_each_card_rtds_safe'
233 | - 'for_each_card_widgets'
234 | - 'for_each_card_widgets_safe'
235 | - 'for_each_cgroup_storage_type'
236 | - 'for_each_child_of_node'
237 | - 'for_each_clear_bit'
238 | - 'for_each_clear_bit_from'
239 | - 'for_each_clear_bitrange'
240 | - 'for_each_clear_bitrange_from'
241 | - 'for_each_cmd'
242 | - 'for_each_cmsghdr'
243 | - 'for_each_collection'
244 | - 'for_each_comp_order'
245 | - 'for_each_compatible_node'
246 | - 'for_each_component_dais'
247 | - 'for_each_component_dais_safe'
248 | - 'for_each_conduit'
249 | - 'for_each_console'
250 | - 'for_each_console_srcu'
251 | - 'for_each_cpu'
252 | - 'for_each_cpu_and'
253 | - 'for_each_cpu_andnot'
254 | - 'for_each_cpu_or'
255 | - 'for_each_cpu_wrap'
256 | - 'for_each_dapm_widgets'
257 | - 'for_each_dedup_cand'
258 | - 'for_each_dev_addr'
259 | - 'for_each_dev_scope'
260 | - 'for_each_dma_cap_mask'
261 | - 'for_each_dpcm_be'
262 | - 'for_each_dpcm_be_rollback'
263 | - 'for_each_dpcm_be_safe'
264 | - 'for_each_dpcm_fe'
265 | - 'for_each_drhd_unit'
266 | - 'for_each_dss_dev'
267 | - 'for_each_efi_memory_desc'
268 | - 'for_each_efi_memory_desc_in_map'
269 | - 'for_each_element'
270 | - 'for_each_element_extid'
271 | - 'for_each_element_id'
272 | - 'for_each_endpoint_of_node'
273 | - 'for_each_event'
274 | - 'for_each_event_tps'
275 | - 'for_each_evictable_lru'
276 | - 'for_each_fib6_node_rt_rcu'
277 | - 'for_each_fib6_walker_rt'
278 | - 'for_each_free_mem_pfn_range_in_zone'
279 | - 'for_each_free_mem_pfn_range_in_zone_from'
280 | - 'for_each_free_mem_range'
281 | - 'for_each_free_mem_range_reverse'
282 | - 'for_each_func_rsrc'
283 | - 'for_each_gpiochip_node'
284 | - 'for_each_group_evsel'
285 | - 'for_each_group_evsel_head'
286 | - 'for_each_group_member'
287 | - 'for_each_group_member_head'
288 | - 'for_each_hstate'
289 | - 'for_each_if'
290 | - 'for_each_inject_fn'
291 | - 'for_each_insn'
292 | - 'for_each_insn_prefix'
293 | - 'for_each_intid'
294 | - 'for_each_iommu'
295 | - 'for_each_ip_tunnel_rcu'
296 | - 'for_each_irq_nr'
297 | - 'for_each_lang'
298 | - 'for_each_link_codecs'
299 | - 'for_each_link_cpus'
300 | - 'for_each_link_platforms'
301 | - 'for_each_lru'
302 | - 'for_each_matching_node'
303 | - 'for_each_matching_node_and_match'
304 | - 'for_each_media_entity_data_link'
305 | - 'for_each_mem_pfn_range'
306 | - 'for_each_mem_range'
307 | - 'for_each_mem_range_rev'
308 | - 'for_each_mem_region'
309 | - 'for_each_member'
310 | - 'for_each_memory'
311 | - 'for_each_migratetype_order'
312 | - 'for_each_missing_reg'
313 | - 'for_each_mle_subelement'
314 | - 'for_each_mod_mem_type'
315 | - 'for_each_net'
316 | - 'for_each_net_continue_reverse'
317 | - 'for_each_net_rcu'
318 | - 'for_each_netdev'
319 | - 'for_each_netdev_continue'
320 | - 'for_each_netdev_continue_rcu'
321 | - 'for_each_netdev_continue_reverse'
322 | - 'for_each_netdev_dump'
323 | - 'for_each_netdev_feature'
324 | - 'for_each_netdev_in_bond_rcu'
325 | - 'for_each_netdev_rcu'
326 | - 'for_each_netdev_reverse'
327 | - 'for_each_netdev_safe'
328 | - 'for_each_new_connector_in_state'
329 | - 'for_each_new_crtc_in_state'
330 | - 'for_each_new_mst_mgr_in_state'
331 | - 'for_each_new_plane_in_state'
332 | - 'for_each_new_plane_in_state_reverse'
333 | - 'for_each_new_private_obj_in_state'
334 | - 'for_each_new_reg'
335 | - 'for_each_node'
336 | - 'for_each_node_by_name'
337 | - 'for_each_node_by_type'
338 | - 'for_each_node_mask'
339 | - 'for_each_node_state'
340 | - 'for_each_node_with_cpus'
341 | - 'for_each_node_with_property'
342 | - 'for_each_nonreserved_multicast_dest_pgid'
343 | - 'for_each_numa_hop_mask'
344 | - 'for_each_of_allnodes'
345 | - 'for_each_of_allnodes_from'
346 | - 'for_each_of_cpu_node'
347 | - 'for_each_of_pci_range'
348 | - 'for_each_old_connector_in_state'
349 | - 'for_each_old_crtc_in_state'
350 | - 'for_each_old_mst_mgr_in_state'
351 | - 'for_each_old_plane_in_state'
352 | - 'for_each_old_private_obj_in_state'
353 | - 'for_each_oldnew_connector_in_state'
354 | - 'for_each_oldnew_crtc_in_state'
355 | - 'for_each_oldnew_mst_mgr_in_state'
356 | - 'for_each_oldnew_plane_in_state'
357 | - 'for_each_oldnew_plane_in_state_reverse'
358 | - 'for_each_oldnew_private_obj_in_state'
359 | - 'for_each_online_cpu'
360 | - 'for_each_online_node'
361 | - 'for_each_online_pgdat'
362 | - 'for_each_or_bit'
363 | - 'for_each_path'
364 | - 'for_each_pci_bridge'
365 | - 'for_each_pci_dev'
366 | - 'for_each_pcm_streams'
367 | - 'for_each_physmem_range'
368 | - 'for_each_populated_zone'
369 | - 'for_each_possible_cpu'
370 | - 'for_each_present_blessed_reg'
371 | - 'for_each_present_cpu'
372 | - 'for_each_prime_number'
373 | - 'for_each_prime_number_from'
374 | - 'for_each_probe_cache_entry'
375 | - 'for_each_process'
376 | - 'for_each_process_thread'
377 | - 'for_each_prop_codec_conf'
378 | - 'for_each_prop_dai_codec'
379 | - 'for_each_prop_dai_cpu'
380 | - 'for_each_prop_dlc_codecs'
381 | - 'for_each_prop_dlc_cpus'
382 | - 'for_each_prop_dlc_platforms'
383 | - 'for_each_property_of_node'
384 | - 'for_each_reg'
385 | - 'for_each_reg_filtered'
386 | - 'for_each_reloc'
387 | - 'for_each_reloc_from'
388 | - 'for_each_requested_gpio'
389 | - 'for_each_requested_gpio_in_range'
390 | - 'for_each_reserved_mem_range'
391 | - 'for_each_reserved_mem_region'
392 | - 'for_each_rtd_codec_dais'
393 | - 'for_each_rtd_components'
394 | - 'for_each_rtd_cpu_dais'
395 | - 'for_each_rtd_dais'
396 | - 'for_each_sband_iftype_data'
397 | - 'for_each_script'
398 | - 'for_each_sec'
399 | - 'for_each_set_bit'
400 | - 'for_each_set_bit_from'
401 | - 'for_each_set_bit_wrap'
402 | - 'for_each_set_bitrange'
403 | - 'for_each_set_bitrange_from'
404 | - 'for_each_set_clump8'
405 | - 'for_each_sg'
406 | - 'for_each_sg_dma_page'
407 | - 'for_each_sg_page'
408 | - 'for_each_sgtable_dma_page'
409 | - 'for_each_sgtable_dma_sg'
410 | - 'for_each_sgtable_page'
411 | - 'for_each_sgtable_sg'
412 | - 'for_each_sibling_event'
413 | - 'for_each_sta_active_link'
414 | - 'for_each_subelement'
415 | - 'for_each_subelement_extid'
416 | - 'for_each_subelement_id'
417 | - 'for_each_sublist'
418 | - 'for_each_subsystem'
419 | - 'for_each_supported_activate_fn'
420 | - 'for_each_supported_inject_fn'
421 | - 'for_each_sym'
422 | - 'for_each_test'
423 | - 'for_each_thread'
424 | - 'for_each_token'
425 | - 'for_each_unicast_dest_pgid'
426 | - 'for_each_valid_link'
427 | - 'for_each_vif_active_link'
428 | - 'for_each_vma'
429 | - 'for_each_vma_range'
430 | - 'for_each_vsi'
431 | - 'for_each_wakeup_source'
432 | - 'for_each_zone'
433 | - 'for_each_zone_zonelist'
434 | - 'for_each_zone_zonelist_nodemask'
435 | - 'func_for_each_insn'
436 | - 'fwnode_for_each_available_child_node'
437 | - 'fwnode_for_each_child_node'
438 | - 'fwnode_for_each_parent_node'
439 | - 'fwnode_graph_for_each_endpoint'
440 | - 'gadget_for_each_ep'
441 | - 'genradix_for_each'
442 | - 'genradix_for_each_from'
443 | - 'genradix_for_each_reverse'
444 | - 'hash_for_each'
445 | - 'hash_for_each_possible'
446 | - 'hash_for_each_possible_rcu'
447 | - 'hash_for_each_possible_rcu_notrace'
448 | - 'hash_for_each_possible_safe'
449 | - 'hash_for_each_rcu'
450 | - 'hash_for_each_safe'
451 | - 'hashmap__for_each_entry'
452 | - 'hashmap__for_each_entry_safe'
453 | - 'hashmap__for_each_key_entry'
454 | - 'hashmap__for_each_key_entry_safe'
455 | - 'hctx_for_each_ctx'
456 | - 'hists__for_each_format'
457 | - 'hists__for_each_sort_list'
458 | - 'hlist_bl_for_each_entry'
459 | - 'hlist_bl_for_each_entry_rcu'
460 | - 'hlist_bl_for_each_entry_safe'
461 | - 'hlist_for_each'
462 | - 'hlist_for_each_entry'
463 | - 'hlist_for_each_entry_continue'
464 | - 'hlist_for_each_entry_continue_rcu'
465 | - 'hlist_for_each_entry_continue_rcu_bh'
466 | - 'hlist_for_each_entry_from'
467 | - 'hlist_for_each_entry_from_rcu'
468 | - 'hlist_for_each_entry_rcu'
469 | - 'hlist_for_each_entry_rcu_bh'
470 | - 'hlist_for_each_entry_rcu_notrace'
471 | - 'hlist_for_each_entry_safe'
472 | - 'hlist_for_each_entry_srcu'
473 | - 'hlist_for_each_safe'
474 | - 'hlist_nulls_for_each_entry'
475 | - 'hlist_nulls_for_each_entry_from'
476 | - 'hlist_nulls_for_each_entry_rcu'
477 | - 'hlist_nulls_for_each_entry_safe'
478 | - 'i3c_bus_for_each_i2cdev'
479 | - 'i3c_bus_for_each_i3cdev'
480 | - 'idr_for_each_entry'
481 | - 'idr_for_each_entry_continue'
482 | - 'idr_for_each_entry_continue_ul'
483 | - 'idr_for_each_entry_ul'
484 | - 'in_dev_for_each_ifa_rcu'
485 | - 'in_dev_for_each_ifa_rtnl'
486 | - 'inet_bind_bucket_for_each'
487 | - 'interval_tree_for_each_span'
488 | - 'intlist__for_each_entry'
489 | - 'intlist__for_each_entry_safe'
490 | - 'kcore_copy__for_each_phdr'
491 | - 'key_for_each'
492 | - 'key_for_each_safe'
493 | - 'klp_for_each_func'
494 | - 'klp_for_each_func_safe'
495 | - 'klp_for_each_func_static'
496 | - 'klp_for_each_object'
497 | - 'klp_for_each_object_safe'
498 | - 'klp_for_each_object_static'
499 | - 'kunit_suite_for_each_test_case'
500 | - 'kvm_for_each_memslot'
501 | - 'kvm_for_each_memslot_in_gfn_range'
502 | - 'kvm_for_each_vcpu'
503 | - 'libbpf_nla_for_each_attr'
504 | - 'list_for_each'
505 | - 'list_for_each_codec'
506 | - 'list_for_each_codec_safe'
507 | - 'list_for_each_continue'
508 | - 'list_for_each_entry'
509 | - 'list_for_each_entry_continue'
510 | - 'list_for_each_entry_continue_rcu'
511 | - 'list_for_each_entry_continue_reverse'
512 | - 'list_for_each_entry_from'
513 | - 'list_for_each_entry_from_rcu'
514 | - 'list_for_each_entry_from_reverse'
515 | - 'list_for_each_entry_lockless'
516 | - 'list_for_each_entry_rcu'
517 | - 'list_for_each_entry_reverse'
518 | - 'list_for_each_entry_safe'
519 | - 'list_for_each_entry_safe_continue'
520 | - 'list_for_each_entry_safe_from'
521 | - 'list_for_each_entry_safe_reverse'
522 | - 'list_for_each_entry_srcu'
523 | - 'list_for_each_from'
524 | - 'list_for_each_prev'
525 | - 'list_for_each_prev_safe'
526 | - 'list_for_each_rcu'
527 | - 'list_for_each_reverse'
528 | - 'list_for_each_safe'
529 | - 'llist_for_each'
530 | - 'llist_for_each_entry'
531 | - 'llist_for_each_entry_safe'
532 | - 'llist_for_each_safe'
533 | - 'lwq_for_each_safe'
534 | - 'map__for_each_symbol'
535 | - 'map__for_each_symbol_by_name'
536 | - 'maps__for_each_entry'
537 | - 'maps__for_each_entry_safe'
538 | - 'mas_for_each'
539 | - 'mci_for_each_dimm'
540 | - 'media_device_for_each_entity'
541 | - 'media_device_for_each_intf'
542 | - 'media_device_for_each_link'
543 | - 'media_device_for_each_pad'
544 | - 'media_entity_for_each_pad'
545 | - 'media_pipeline_for_each_entity'
546 | - 'media_pipeline_for_each_pad'
547 | - 'mlx5_lag_for_each_peer_mdev'
548 | - 'msi_domain_for_each_desc'
549 | - 'msi_for_each_desc'
550 | - 'mt_for_each'
551 | - 'nanddev_io_for_each_page'
552 | - 'netdev_for_each_lower_dev'
553 | - 'netdev_for_each_lower_private'
554 | - 'netdev_for_each_lower_private_rcu'
555 | - 'netdev_for_each_mc_addr'
556 | - 'netdev_for_each_synced_mc_addr'
557 | - 'netdev_for_each_synced_uc_addr'
558 | - 'netdev_for_each_uc_addr'
559 | - 'netdev_for_each_upper_dev_rcu'
560 | - 'netdev_hw_addr_list_for_each'
561 | - 'nft_rule_for_each_expr'
562 | - 'nla_for_each_attr'
563 | - 'nla_for_each_nested'
564 | - 'nlmsg_for_each_attr'
565 | - 'nlmsg_for_each_msg'
566 | - 'nr_neigh_for_each'
567 | - 'nr_neigh_for_each_safe'
568 | - 'nr_node_for_each'
569 | - 'nr_node_for_each_safe'
570 | - 'of_for_each_phandle'
571 | - 'of_property_for_each_string'
572 | - 'of_property_for_each_u32'
573 | - 'pci_bus_for_each_resource'
574 | - 'pci_dev_for_each_resource'
575 | - 'pcl_for_each_chunk'
576 | - 'pcl_for_each_segment'
577 | - 'pcm_for_each_format'
578 | - 'perf_config_items__for_each_entry'
579 | - 'perf_config_sections__for_each_entry'
580 | - 'perf_config_set__for_each_entry'
581 | - 'perf_cpu_map__for_each_cpu'
582 | - 'perf_cpu_map__for_each_idx'
583 | - 'perf_evlist__for_each_entry'
584 | - 'perf_evlist__for_each_entry_reverse'
585 | - 'perf_evlist__for_each_entry_safe'
586 | - 'perf_evlist__for_each_evsel'
587 | - 'perf_evlist__for_each_mmap'
588 | - 'perf_hpp_list__for_each_format'
589 | - 'perf_hpp_list__for_each_format_safe'
590 | - 'perf_hpp_list__for_each_sort_list'
591 | - 'perf_hpp_list__for_each_sort_list_safe'
592 | - 'perf_tool_event__for_each_event'
593 | - 'plist_for_each'
594 | - 'plist_for_each_continue'
595 | - 'plist_for_each_entry'
596 | - 'plist_for_each_entry_continue'
597 | - 'plist_for_each_entry_safe'
598 | - 'plist_for_each_safe'
599 | - 'pnp_for_each_card'
600 | - 'pnp_for_each_dev'
601 | - 'protocol_for_each_card'
602 | - 'protocol_for_each_dev'
603 | - 'queue_for_each_hw_ctx'
604 | - 'radix_tree_for_each_slot'
605 | - 'radix_tree_for_each_tagged'
606 | - 'rb_for_each'
607 | - 'rbtree_postorder_for_each_entry_safe'
608 | - 'rdma_for_each_block'
609 | - 'rdma_for_each_port'
610 | - 'rdma_umem_for_each_dma_block'
611 | - 'resort_rb__for_each_entry'
612 | - 'resource_list_for_each_entry'
613 | - 'resource_list_for_each_entry_safe'
614 | - 'rhl_for_each_entry_rcu'
615 | - 'rhl_for_each_rcu'
616 | - 'rht_for_each'
617 | - 'rht_for_each_entry'
618 | - 'rht_for_each_entry_from'
619 | - 'rht_for_each_entry_rcu'
620 | - 'rht_for_each_entry_rcu_from'
621 | - 'rht_for_each_entry_safe'
622 | - 'rht_for_each_from'
623 | - 'rht_for_each_rcu'
624 | - 'rht_for_each_rcu_from'
625 | - 'rq_for_each_bvec'
626 | - 'rq_for_each_segment'
627 | - 'rq_list_for_each'
628 | - 'rq_list_for_each_safe'
629 | - 'sample_read_group__for_each'
630 | - 'scsi_for_each_prot_sg'
631 | - 'scsi_for_each_sg'
632 | - 'sctp_for_each_hentry'
633 | - 'sctp_skb_for_each'
634 | - 'sec_for_each_insn'
635 | - 'sec_for_each_insn_continue'
636 | - 'sec_for_each_insn_from'
637 | - 'sec_for_each_sym'
638 | - 'shdma_for_each_chan'
639 | - 'shost_for_each_device'
640 | - 'sk_for_each'
641 | - 'sk_for_each_bound'
642 | - 'sk_for_each_bound_bhash2'
643 | - 'sk_for_each_entry_offset_rcu'
644 | - 'sk_for_each_from'
645 | - 'sk_for_each_rcu'
646 | - 'sk_for_each_safe'
647 | - 'sk_nulls_for_each'
648 | - 'sk_nulls_for_each_from'
649 | - 'sk_nulls_for_each_rcu'
650 | - 'snd_array_for_each'
651 | - 'snd_pcm_group_for_each_entry'
652 | - 'snd_soc_dapm_widget_for_each_path'
653 | - 'snd_soc_dapm_widget_for_each_path_safe'
654 | - 'snd_soc_dapm_widget_for_each_sink_path'
655 | - 'snd_soc_dapm_widget_for_each_source_path'
656 | - 'strlist__for_each_entry'
657 | - 'strlist__for_each_entry_safe'
658 | - 'sym_for_each_insn'
659 | - 'sym_for_each_insn_continue_reverse'
660 | - 'symbols__for_each_entry'
661 | - 'tb_property_for_each'
662 | - 'tcf_act_for_each_action'
663 | - 'tcf_exts_for_each_action'
664 | - 'ttm_resource_manager_for_each_res'
665 | - 'twsk_for_each_bound_bhash2'
666 | - 'udp_portaddr_for_each_entry'
667 | - 'udp_portaddr_for_each_entry_rcu'
668 | - 'usb_hub_for_each_child'
669 | - 'v4l2_device_for_each_subdev'
670 | - 'v4l2_m2m_for_each_dst_buf'
671 | - 'v4l2_m2m_for_each_dst_buf_safe'
672 | - 'v4l2_m2m_for_each_src_buf'
673 | - 'v4l2_m2m_for_each_src_buf_safe'
674 | - 'virtio_device_for_each_vq'
675 | - 'while_for_each_ftrace_op'
676 | - 'xa_for_each'
677 | - 'xa_for_each_marked'
678 | - 'xa_for_each_range'
679 | - 'xa_for_each_start'
680 | - 'xas_for_each'
681 | - 'xas_for_each_conflict'
682 | - 'xas_for_each_marked'
683 | - 'xbc_array_for_each_value'
684 | - 'xbc_for_each_key_value'
685 | - 'xbc_node_for_each_array_value'
686 | - 'xbc_node_for_each_child'
687 | - 'xbc_node_for_each_key_value'
688 | - 'xbc_node_for_each_subkey'
689 | - 'zorro_for_each_dev'
690 |
691 | IncludeBlocks: Preserve
692 | IncludeCategories:
693 | - Regex: '.*'
694 | Priority: 1
695 | IncludeIsMainRegex: '(Test)?$'
696 | IndentCaseLabels: false
697 | IndentGotoLabels: false
698 | IndentPPDirectives: None
699 | IndentWidth: 4
700 | IndentWrappedFunctionNames: false
701 | JavaScriptQuotes: Leave
702 | JavaScriptWrapImports: true
703 | KeepEmptyLinesAtTheStartOfBlocks: false
704 | MacroBlockBegin: ''
705 | MacroBlockEnd: ''
706 | MaxEmptyLinesToKeep: 1
707 | NamespaceIndentation: None
708 | ObjCBinPackProtocolList: Auto
709 | ObjCBlockIndentWidth: 4
710 | ObjCSpaceAfterProperty: true
711 | ObjCSpaceBeforeProtocolList: true
712 |
713 | # Taken from git's rules
714 | PenaltyBreakAssignment: 10
715 | PenaltyBreakBeforeFirstCallParameter: 30
716 | PenaltyBreakComment: 10
717 | PenaltyBreakFirstLessLess: 0
718 | PenaltyBreakString: 10
719 | PenaltyExcessCharacter: 100
720 | PenaltyReturnTypeOnItsOwnLine: 60
721 |
722 | PointerAlignment: Right
723 | ReflowComments: false
724 | SortIncludes: false
725 | SortUsingDeclarations: false
726 | SpaceAfterCStyleCast: false
727 | SpaceAfterTemplateKeyword: true
728 | SpaceBeforeAssignmentOperators: true
729 | SpaceBeforeCtorInitializerColon: true
730 | SpaceBeforeInheritanceColon: true
731 | SpaceBeforeParens: ControlStatementsExceptForEachMacros
732 | SpaceBeforeRangeBasedForLoopColon: true
733 | SpaceInEmptyParentheses: false
734 | SpacesBeforeTrailingComments: 1
735 | SpacesInAngles: false
736 | SpacesInContainerLiterals: false
737 | SpacesInCStyleCastParentheses: false
738 | SpacesInParentheses: false
739 | SpacesInSquareBrackets: false
740 | Standard: Cpp03
741 | TabWidth: 4
742 | UseTab: Never
743 | ...
744 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | # CMake
2 | build/
3 |
--------------------------------------------------------------------------------
/.gitmodules:
--------------------------------------------------------------------------------
1 | [submodule "hashmap"]
2 | path = hashmap
3 | url = https://github.com/karen07/hashmap.git
4 |
--------------------------------------------------------------------------------
/CMakeLists.txt:
--------------------------------------------------------------------------------
1 | cmake_minimum_required(VERSION 3.13)
2 |
3 | project(antiblock)
4 |
5 | add_compile_options(-Wall -Wextra -Werror -Wpedantic -DTHREAD_SAFETY -std=gnu99)
6 | add_link_options()
7 | include_directories(include hashmap/include)
8 |
9 | add_subdirectory(hashmap)
10 |
11 | if(CMAKE_BUILD_TYPE MATCHES "Debug_ASan")
12 | add_compile_options(-Og -g -fsanitize=address -fno-omit-frame-pointer)
13 | add_link_options(-g -fsanitize=address)
14 | endif()
15 |
16 | if(CMAKE_BUILD_TYPE MATCHES "Debug_MSan")
17 | add_compile_options(-Og -g -fsanitize=memory -fno-omit-frame-pointer)
18 | add_link_options(-g -fsanitize=memory)
19 | endif()
20 |
21 | file(GLOB SRC "src/*.c")
22 | add_executable(${PROJECT_NAME} ${SRC})
23 | target_link_libraries(${PROJECT_NAME} hashmap curl pcap)
24 |
25 | install(TARGETS ${PROJECT_NAME} DESTINATION /usr/bin)
26 |
27 | find_program(CLANGFORMAT clang-format)
28 | if(CLANGFORMAT)
29 | add_custom_command(TARGET ${PROJECT_NAME} PRE_BUILD
30 | COMMAND clang-format -i ${CMAKE_CURRENT_SOURCE_DIR}/include/* ${CMAKE_CURRENT_SOURCE_DIR}/src/*
31 | )
32 | endif()
33 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | GNU GENERAL PUBLIC LICENSE
2 | Version 3, 29 June 2007
3 |
4 | Copyright (C) 2007 Free Software Foundation, Inc.
5 | Everyone is permitted to copy and distribute verbatim copies
6 | of this license document, but changing it is not allowed.
7 |
8 | Preamble
9 |
10 | The GNU General Public License is a free, copyleft license for
11 | software and other kinds of works.
12 |
13 | The licenses for most software and other practical works are designed
14 | to take away your freedom to share and change the works. By contrast,
15 | the GNU General Public License is intended to guarantee your freedom to
16 | share and change all versions of a program--to make sure it remains free
17 | software for all its users. We, the Free Software Foundation, use the
18 | GNU General Public License for most of our software; it applies also to
19 | any other work released this way by its authors. You can apply it to
20 | your programs, too.
21 |
22 | When we speak of free software, we are referring to freedom, not
23 | price. Our General Public Licenses are designed to make sure that you
24 | have the freedom to distribute copies of free software (and charge for
25 | them if you wish), that you receive source code or can get it if you
26 | want it, that you can change the software or use pieces of it in new
27 | free programs, and that you know you can do these things.
28 |
29 | To protect your rights, we need to prevent others from denying you
30 | these rights or asking you to surrender the rights. Therefore, you have
31 | certain responsibilities if you distribute copies of the software, or if
32 | you modify it: responsibilities to respect the freedom of others.
33 |
34 | For example, if you distribute copies of such a program, whether
35 | gratis or for a fee, you must pass on to the recipients the same
36 | freedoms that you received. You must make sure that they, too, receive
37 | or can get the source code. And you must show them these terms so they
38 | know their rights.
39 |
40 | Developers that use the GNU GPL protect your rights with two steps:
41 | (1) assert copyright on the software, and (2) offer you this License
42 | giving you legal permission to copy, distribute and/or modify it.
43 |
44 | For the developers' and authors' protection, the GPL clearly explains
45 | that there is no warranty for this free software. For both users' and
46 | authors' sake, the GPL requires that modified versions be marked as
47 | changed, so that their problems will not be attributed erroneously to
48 | authors of previous versions.
49 |
50 | Some devices are designed to deny users access to install or run
51 | modified versions of the software inside them, although the manufacturer
52 | can do so. This is fundamentally incompatible with the aim of
53 | protecting users' freedom to change the software. The systematic
54 | pattern of such abuse occurs in the area of products for individuals to
55 | use, which is precisely where it is most unacceptable. Therefore, we
56 | have designed this version of the GPL to prohibit the practice for those
57 | products. If such problems arise substantially in other domains, we
58 | stand ready to extend this provision to those domains in future versions
59 | of the GPL, as needed to protect the freedom of users.
60 |
61 | Finally, every program is threatened constantly by software patents.
62 | States should not allow patents to restrict development and use of
63 | software on general-purpose computers, but in those that do, we wish to
64 | avoid the special danger that patents applied to a free program could
65 | make it effectively proprietary. To prevent this, the GPL assures that
66 | patents cannot be used to render the program non-free.
67 |
68 | The precise terms and conditions for copying, distribution and
69 | modification follow.
70 |
71 | TERMS AND CONDITIONS
72 |
73 | 0. Definitions.
74 |
75 | "This License" refers to version 3 of the GNU General Public License.
76 |
77 | "Copyright" also means copyright-like laws that apply to other kinds of
78 | works, such as semiconductor masks.
79 |
80 | "The Program" refers to any copyrightable work licensed under this
81 | License. Each licensee is addressed as "you". "Licensees" and
82 | "recipients" may be individuals or organizations.
83 |
84 | To "modify" a work means to copy from or adapt all or part of the work
85 | in a fashion requiring copyright permission, other than the making of an
86 | exact copy. The resulting work is called a "modified version" of the
87 | earlier work or a work "based on" the earlier work.
88 |
89 | A "covered work" means either the unmodified Program or a work based
90 | on the Program.
91 |
92 | To "propagate" a work means to do anything with it that, without
93 | permission, would make you directly or secondarily liable for
94 | infringement under applicable copyright law, except executing it on a
95 | computer or modifying a private copy. Propagation includes copying,
96 | distribution (with or without modification), making available to the
97 | public, and in some countries other activities as well.
98 |
99 | To "convey" a work means any kind of propagation that enables other
100 | parties to make or receive copies. Mere interaction with a user through
101 | a computer network, with no transfer of a copy, is not conveying.
102 |
103 | An interactive user interface displays "Appropriate Legal Notices"
104 | to the extent that it includes a convenient and prominently visible
105 | feature that (1) displays an appropriate copyright notice, and (2)
106 | tells the user that there is no warranty for the work (except to the
107 | extent that warranties are provided), that licensees may convey the
108 | work under this License, and how to view a copy of this License. If
109 | the interface presents a list of user commands or options, such as a
110 | menu, a prominent item in the list meets this criterion.
111 |
112 | 1. Source Code.
113 |
114 | The "source code" for a work means the preferred form of the work
115 | for making modifications to it. "Object code" means any non-source
116 | form of a work.
117 |
118 | A "Standard Interface" means an interface that either is an official
119 | standard defined by a recognized standards body, or, in the case of
120 | interfaces specified for a particular programming language, one that
121 | is widely used among developers working in that language.
122 |
123 | The "System Libraries" of an executable work include anything, other
124 | than the work as a whole, that (a) is included in the normal form of
125 | packaging a Major Component, but which is not part of that Major
126 | Component, and (b) serves only to enable use of the work with that
127 | Major Component, or to implement a Standard Interface for which an
128 | implementation is available to the public in source code form. A
129 | "Major Component", in this context, means a major essential component
130 | (kernel, window system, and so on) of the specific operating system
131 | (if any) on which the executable work runs, or a compiler used to
132 | produce the work, or an object code interpreter used to run it.
133 |
134 | The "Corresponding Source" for a work in object code form means all
135 | the source code needed to generate, install, and (for an executable
136 | work) run the object code and to modify the work, including scripts to
137 | control those activities. However, it does not include the work's
138 | System Libraries, or general-purpose tools or generally available free
139 | programs which are used unmodified in performing those activities but
140 | which are not part of the work. For example, Corresponding Source
141 | includes interface definition files associated with source files for
142 | the work, and the source code for shared libraries and dynamically
143 | linked subprograms that the work is specifically designed to require,
144 | such as by intimate data communication or control flow between those
145 | subprograms and other parts of the work.
146 |
147 | The Corresponding Source need not include anything that users
148 | can regenerate automatically from other parts of the Corresponding
149 | Source.
150 |
151 | The Corresponding Source for a work in source code form is that
152 | same work.
153 |
154 | 2. Basic Permissions.
155 |
156 | All rights granted under this License are granted for the term of
157 | copyright on the Program, and are irrevocable provided the stated
158 | conditions are met. This License explicitly affirms your unlimited
159 | permission to run the unmodified Program. The output from running a
160 | covered work is covered by this License only if the output, given its
161 | content, constitutes a covered work. This License acknowledges your
162 | rights of fair use or other equivalent, as provided by copyright law.
163 |
164 | You may make, run and propagate covered works that you do not
165 | convey, without conditions so long as your license otherwise remains
166 | in force. You may convey covered works to others for the sole purpose
167 | of having them make modifications exclusively for you, or provide you
168 | with facilities for running those works, provided that you comply with
169 | the terms of this License in conveying all material for which you do
170 | not control copyright. Those thus making or running the covered works
171 | for you must do so exclusively on your behalf, under your direction
172 | and control, on terms that prohibit them from making any copies of
173 | your copyrighted material outside their relationship with you.
174 |
175 | Conveying under any other circumstances is permitted solely under
176 | the conditions stated below. Sublicensing is not allowed; section 10
177 | makes it unnecessary.
178 |
179 | 3. Protecting Users' Legal Rights From Anti-Circumvention Law.
180 |
181 | No covered work shall be deemed part of an effective technological
182 | measure under any applicable law fulfilling obligations under article
183 | 11 of the WIPO copyright treaty adopted on 20 December 1996, or
184 | similar laws prohibiting or restricting circumvention of such
185 | measures.
186 |
187 | When you convey a covered work, you waive any legal power to forbid
188 | circumvention of technological measures to the extent such circumvention
189 | is effected by exercising rights under this License with respect to
190 | the covered work, and you disclaim any intention to limit operation or
191 | modification of the work as a means of enforcing, against the work's
192 | users, your or third parties' legal rights to forbid circumvention of
193 | technological measures.
194 |
195 | 4. Conveying Verbatim Copies.
196 |
197 | You may convey verbatim copies of the Program's source code as you
198 | receive it, in any medium, provided that you conspicuously and
199 | appropriately publish on each copy an appropriate copyright notice;
200 | keep intact all notices stating that this License and any
201 | non-permissive terms added in accord with section 7 apply to the code;
202 | keep intact all notices of the absence of any warranty; and give all
203 | recipients a copy of this License along with the Program.
204 |
205 | You may charge any price or no price for each copy that you convey,
206 | and you may offer support or warranty protection for a fee.
207 |
208 | 5. Conveying Modified Source Versions.
209 |
210 | You may convey a work based on the Program, or the modifications to
211 | produce it from the Program, in the form of source code under the
212 | terms of section 4, provided that you also meet all of these conditions:
213 |
214 | a) The work must carry prominent notices stating that you modified
215 | it, and giving a relevant date.
216 |
217 | b) The work must carry prominent notices stating that it is
218 | released under this License and any conditions added under section
219 | 7. This requirement modifies the requirement in section 4 to
220 | "keep intact all notices".
221 |
222 | c) You must license the entire work, as a whole, under this
223 | License to anyone who comes into possession of a copy. This
224 | License will therefore apply, along with any applicable section 7
225 | additional terms, to the whole of the work, and all its parts,
226 | regardless of how they are packaged. This License gives no
227 | permission to license the work in any other way, but it does not
228 | invalidate such permission if you have separately received it.
229 |
230 | d) If the work has interactive user interfaces, each must display
231 | Appropriate Legal Notices; however, if the Program has interactive
232 | interfaces that do not display Appropriate Legal Notices, your
233 | work need not make them do so.
234 |
235 | A compilation of a covered work with other separate and independent
236 | works, which are not by their nature extensions of the covered work,
237 | and which are not combined with it such as to form a larger program,
238 | in or on a volume of a storage or distribution medium, is called an
239 | "aggregate" if the compilation and its resulting copyright are not
240 | used to limit the access or legal rights of the compilation's users
241 | beyond what the individual works permit. Inclusion of a covered work
242 | in an aggregate does not cause this License to apply to the other
243 | parts of the aggregate.
244 |
245 | 6. Conveying Non-Source Forms.
246 |
247 | You may convey a covered work in object code form under the terms
248 | of sections 4 and 5, provided that you also convey the
249 | machine-readable Corresponding Source under the terms of this License,
250 | in one of these ways:
251 |
252 | a) Convey the object code in, or embodied in, a physical product
253 | (including a physical distribution medium), accompanied by the
254 | Corresponding Source fixed on a durable physical medium
255 | customarily used for software interchange.
256 |
257 | b) Convey the object code in, or embodied in, a physical product
258 | (including a physical distribution medium), accompanied by a
259 | written offer, valid for at least three years and valid for as
260 | long as you offer spare parts or customer support for that product
261 | model, to give anyone who possesses the object code either (1) a
262 | copy of the Corresponding Source for all the software in the
263 | product that is covered by this License, on a durable physical
264 | medium customarily used for software interchange, for a price no
265 | more than your reasonable cost of physically performing this
266 | conveying of source, or (2) access to copy the
267 | Corresponding Source from a network server at no charge.
268 |
269 | c) Convey individual copies of the object code with a copy of the
270 | written offer to provide the Corresponding Source. This
271 | alternative is allowed only occasionally and noncommercially, and
272 | only if you received the object code with such an offer, in accord
273 | with subsection 6b.
274 |
275 | d) Convey the object code by offering access from a designated
276 | place (gratis or for a charge), and offer equivalent access to the
277 | Corresponding Source in the same way through the same place at no
278 | further charge. You need not require recipients to copy the
279 | Corresponding Source along with the object code. If the place to
280 | copy the object code is a network server, the Corresponding Source
281 | may be on a different server (operated by you or a third party)
282 | that supports equivalent copying facilities, provided you maintain
283 | clear directions next to the object code saying where to find the
284 | Corresponding Source. Regardless of what server hosts the
285 | Corresponding Source, you remain obligated to ensure that it is
286 | available for as long as needed to satisfy these requirements.
287 |
288 | e) Convey the object code using peer-to-peer transmission, provided
289 | you inform other peers where the object code and Corresponding
290 | Source of the work are being offered to the general public at no
291 | charge under subsection 6d.
292 |
293 | A separable portion of the object code, whose source code is excluded
294 | from the Corresponding Source as a System Library, need not be
295 | included in conveying the object code work.
296 |
297 | A "User Product" is either (1) a "consumer product", which means any
298 | tangible personal property which is normally used for personal, family,
299 | or household purposes, or (2) anything designed or sold for incorporation
300 | into a dwelling. In determining whether a product is a consumer product,
301 | doubtful cases shall be resolved in favor of coverage. For a particular
302 | product received by a particular user, "normally used" refers to a
303 | typical or common use of that class of product, regardless of the status
304 | of the particular user or of the way in which the particular user
305 | actually uses, or expects or is expected to use, the product. A product
306 | is a consumer product regardless of whether the product has substantial
307 | commercial, industrial or non-consumer uses, unless such uses represent
308 | the only significant mode of use of the product.
309 |
310 | "Installation Information" for a User Product means any methods,
311 | procedures, authorization keys, or other information required to install
312 | and execute modified versions of a covered work in that User Product from
313 | a modified version of its Corresponding Source. The information must
314 | suffice to ensure that the continued functioning of the modified object
315 | code is in no case prevented or interfered with solely because
316 | modification has been made.
317 |
318 | If you convey an object code work under this section in, or with, or
319 | specifically for use in, a User Product, and the conveying occurs as
320 | part of a transaction in which the right of possession and use of the
321 | User Product is transferred to the recipient in perpetuity or for a
322 | fixed term (regardless of how the transaction is characterized), the
323 | Corresponding Source conveyed under this section must be accompanied
324 | by the Installation Information. But this requirement does not apply
325 | if neither you nor any third party retains the ability to install
326 | modified object code on the User Product (for example, the work has
327 | been installed in ROM).
328 |
329 | The requirement to provide Installation Information does not include a
330 | requirement to continue to provide support service, warranty, or updates
331 | for a work that has been modified or installed by the recipient, or for
332 | the User Product in which it has been modified or installed. Access to a
333 | network may be denied when the modification itself materially and
334 | adversely affects the operation of the network or violates the rules and
335 | protocols for communication across the network.
336 |
337 | Corresponding Source conveyed, and Installation Information provided,
338 | in accord with this section must be in a format that is publicly
339 | documented (and with an implementation available to the public in
340 | source code form), and must require no special password or key for
341 | unpacking, reading or copying.
342 |
343 | 7. Additional Terms.
344 |
345 | "Additional permissions" are terms that supplement the terms of this
346 | License by making exceptions from one or more of its conditions.
347 | Additional permissions that are applicable to the entire Program shall
348 | be treated as though they were included in this License, to the extent
349 | that they are valid under applicable law. If additional permissions
350 | apply only to part of the Program, that part may be used separately
351 | under those permissions, but the entire Program remains governed by
352 | this License without regard to the additional permissions.
353 |
354 | When you convey a copy of a covered work, you may at your option
355 | remove any additional permissions from that copy, or from any part of
356 | it. (Additional permissions may be written to require their own
357 | removal in certain cases when you modify the work.) You may place
358 | additional permissions on material, added by you to a covered work,
359 | for which you have or can give appropriate copyright permission.
360 |
361 | Notwithstanding any other provision of this License, for material you
362 | add to a covered work, you may (if authorized by the copyright holders of
363 | that material) supplement the terms of this License with terms:
364 |
365 | a) Disclaiming warranty or limiting liability differently from the
366 | terms of sections 15 and 16 of this License; or
367 |
368 | b) Requiring preservation of specified reasonable legal notices or
369 | author attributions in that material or in the Appropriate Legal
370 | Notices displayed by works containing it; or
371 |
372 | c) Prohibiting misrepresentation of the origin of that material, or
373 | requiring that modified versions of such material be marked in
374 | reasonable ways as different from the original version; or
375 |
376 | d) Limiting the use for publicity purposes of names of licensors or
377 | authors of the material; or
378 |
379 | e) Declining to grant rights under trademark law for use of some
380 | trade names, trademarks, or service marks; or
381 |
382 | f) Requiring indemnification of licensors and authors of that
383 | material by anyone who conveys the material (or modified versions of
384 | it) with contractual assumptions of liability to the recipient, for
385 | any liability that these contractual assumptions directly impose on
386 | those licensors and authors.
387 |
388 | All other non-permissive additional terms are considered "further
389 | restrictions" within the meaning of section 10. If the Program as you
390 | received it, or any part of it, contains a notice stating that it is
391 | governed by this License along with a term that is a further
392 | restriction, you may remove that term. If a license document contains
393 | a further restriction but permits relicensing or conveying under this
394 | License, you may add to a covered work material governed by the terms
395 | of that license document, provided that the further restriction does
396 | not survive such relicensing or conveying.
397 |
398 | If you add terms to a covered work in accord with this section, you
399 | must place, in the relevant source files, a statement of the
400 | additional terms that apply to those files, or a notice indicating
401 | where to find the applicable terms.
402 |
403 | Additional terms, permissive or non-permissive, may be stated in the
404 | form of a separately written license, or stated as exceptions;
405 | the above requirements apply either way.
406 |
407 | 8. Termination.
408 |
409 | You may not propagate or modify a covered work except as expressly
410 | provided under this License. Any attempt otherwise to propagate or
411 | modify it is void, and will automatically terminate your rights under
412 | this License (including any patent licenses granted under the third
413 | paragraph of section 11).
414 |
415 | However, if you cease all violation of this License, then your
416 | license from a particular copyright holder is reinstated (a)
417 | provisionally, unless and until the copyright holder explicitly and
418 | finally terminates your license, and (b) permanently, if the copyright
419 | holder fails to notify you of the violation by some reasonable means
420 | prior to 60 days after the cessation.
421 |
422 | Moreover, your license from a particular copyright holder is
423 | reinstated permanently if the copyright holder notifies you of the
424 | violation by some reasonable means, this is the first time you have
425 | received notice of violation of this License (for any work) from that
426 | copyright holder, and you cure the violation prior to 30 days after
427 | your receipt of the notice.
428 |
429 | Termination of your rights under this section does not terminate the
430 | licenses of parties who have received copies or rights from you under
431 | this License. If your rights have been terminated and not permanently
432 | reinstated, you do not qualify to receive new licenses for the same
433 | material under section 10.
434 |
435 | 9. Acceptance Not Required for Having Copies.
436 |
437 | You are not required to accept this License in order to receive or
438 | run a copy of the Program. Ancillary propagation of a covered work
439 | occurring solely as a consequence of using peer-to-peer transmission
440 | to receive a copy likewise does not require acceptance. However,
441 | nothing other than this License grants you permission to propagate or
442 | modify any covered work. These actions infringe copyright if you do
443 | not accept this License. Therefore, by modifying or propagating a
444 | covered work, you indicate your acceptance of this License to do so.
445 |
446 | 10. Automatic Licensing of Downstream Recipients.
447 |
448 | Each time you convey a covered work, the recipient automatically
449 | receives a license from the original licensors, to run, modify and
450 | propagate that work, subject to this License. You are not responsible
451 | for enforcing compliance by third parties with this License.
452 |
453 | An "entity transaction" is a transaction transferring control of an
454 | organization, or substantially all assets of one, or subdividing an
455 | organization, or merging organizations. If propagation of a covered
456 | work results from an entity transaction, each party to that
457 | transaction who receives a copy of the work also receives whatever
458 | licenses to the work the party's predecessor in interest had or could
459 | give under the previous paragraph, plus a right to possession of the
460 | Corresponding Source of the work from the predecessor in interest, if
461 | the predecessor has it or can get it with reasonable efforts.
462 |
463 | You may not impose any further restrictions on the exercise of the
464 | rights granted or affirmed under this License. For example, you may
465 | not impose a license fee, royalty, or other charge for exercise of
466 | rights granted under this License, and you may not initiate litigation
467 | (including a cross-claim or counterclaim in a lawsuit) alleging that
468 | any patent claim is infringed by making, using, selling, offering for
469 | sale, or importing the Program or any portion of it.
470 |
471 | 11. Patents.
472 |
473 | A "contributor" is a copyright holder who authorizes use under this
474 | License of the Program or a work on which the Program is based. The
475 | work thus licensed is called the contributor's "contributor version".
476 |
477 | A contributor's "essential patent claims" are all patent claims
478 | owned or controlled by the contributor, whether already acquired or
479 | hereafter acquired, that would be infringed by some manner, permitted
480 | by this License, of making, using, or selling its contributor version,
481 | but do not include claims that would be infringed only as a
482 | consequence of further modification of the contributor version. For
483 | purposes of this definition, "control" includes the right to grant
484 | patent sublicenses in a manner consistent with the requirements of
485 | this License.
486 |
487 | Each contributor grants you a non-exclusive, worldwide, royalty-free
488 | patent license under the contributor's essential patent claims, to
489 | make, use, sell, offer for sale, import and otherwise run, modify and
490 | propagate the contents of its contributor version.
491 |
492 | In the following three paragraphs, a "patent license" is any express
493 | agreement or commitment, however denominated, not to enforce a patent
494 | (such as an express permission to practice a patent or covenant not to
495 | sue for patent infringement). To "grant" such a patent license to a
496 | party means to make such an agreement or commitment not to enforce a
497 | patent against the party.
498 |
499 | If you convey a covered work, knowingly relying on a patent license,
500 | and the Corresponding Source of the work is not available for anyone
501 | to copy, free of charge and under the terms of this License, through a
502 | publicly available network server or other readily accessible means,
503 | then you must either (1) cause the Corresponding Source to be so
504 | available, or (2) arrange to deprive yourself of the benefit of the
505 | patent license for this particular work, or (3) arrange, in a manner
506 | consistent with the requirements of this License, to extend the patent
507 | license to downstream recipients. "Knowingly relying" means you have
508 | actual knowledge that, but for the patent license, your conveying the
509 | covered work in a country, or your recipient's use of the covered work
510 | in a country, would infringe one or more identifiable patents in that
511 | country that you have reason to believe are valid.
512 |
513 | If, pursuant to or in connection with a single transaction or
514 | arrangement, you convey, or propagate by procuring conveyance of, a
515 | covered work, and grant a patent license to some of the parties
516 | receiving the covered work authorizing them to use, propagate, modify
517 | or convey a specific copy of the covered work, then the patent license
518 | you grant is automatically extended to all recipients of the covered
519 | work and works based on it.
520 |
521 | A patent license is "discriminatory" if it does not include within
522 | the scope of its coverage, prohibits the exercise of, or is
523 | conditioned on the non-exercise of one or more of the rights that are
524 | specifically granted under this License. You may not convey a covered
525 | work if you are a party to an arrangement with a third party that is
526 | in the business of distributing software, under which you make payment
527 | to the third party based on the extent of your activity of conveying
528 | the work, and under which the third party grants, to any of the
529 | parties who would receive the covered work from you, a discriminatory
530 | patent license (a) in connection with copies of the covered work
531 | conveyed by you (or copies made from those copies), or (b) primarily
532 | for and in connection with specific products or compilations that
533 | contain the covered work, unless you entered into that arrangement,
534 | or that patent license was granted, prior to 28 March 2007.
535 |
536 | Nothing in this License shall be construed as excluding or limiting
537 | any implied license or other defenses to infringement that may
538 | otherwise be available to you under applicable patent law.
539 |
540 | 12. No Surrender of Others' Freedom.
541 |
542 | If conditions are imposed on you (whether by court order, agreement or
543 | otherwise) that contradict the conditions of this License, they do not
544 | excuse you from the conditions of this License. If you cannot convey a
545 | covered work so as to satisfy simultaneously your obligations under this
546 | License and any other pertinent obligations, then as a consequence you may
547 | not convey it at all. For example, if you agree to terms that obligate you
548 | to collect a royalty for further conveying from those to whom you convey
549 | the Program, the only way you could satisfy both those terms and this
550 | License would be to refrain entirely from conveying the Program.
551 |
552 | 13. Use with the GNU Affero General Public License.
553 |
554 | Notwithstanding any other provision of this License, you have
555 | permission to link or combine any covered work with a work licensed
556 | under version 3 of the GNU Affero General Public License into a single
557 | combined work, and to convey the resulting work. The terms of this
558 | License will continue to apply to the part which is the covered work,
559 | but the special requirements of the GNU Affero General Public License,
560 | section 13, concerning interaction through a network will apply to the
561 | combination as such.
562 |
563 | 14. Revised Versions of this License.
564 |
565 | The Free Software Foundation may publish revised and/or new versions of
566 | the GNU General Public License from time to time. Such new versions will
567 | be similar in spirit to the present version, but may differ in detail to
568 | address new problems or concerns.
569 |
570 | Each version is given a distinguishing version number. If the
571 | Program specifies that a certain numbered version of the GNU General
572 | Public License "or any later version" applies to it, you have the
573 | option of following the terms and conditions either of that numbered
574 | version or of any later version published by the Free Software
575 | Foundation. If the Program does not specify a version number of the
576 | GNU General Public License, you may choose any version ever published
577 | by the Free Software Foundation.
578 |
579 | If the Program specifies that a proxy can decide which future
580 | versions of the GNU General Public License can be used, that proxy's
581 | public statement of acceptance of a version permanently authorizes you
582 | to choose that version for the Program.
583 |
584 | Later license versions may give you additional or different
585 | permissions. However, no additional obligations are imposed on any
586 | author or copyright holder as a result of your choosing to follow a
587 | later version.
588 |
589 | 15. Disclaimer of Warranty.
590 |
591 | THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
592 | APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
593 | HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
594 | OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
595 | THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
596 | PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
597 | IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
598 | ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
599 |
600 | 16. Limitation of Liability.
601 |
602 | IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
603 | WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
604 | THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
605 | GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
606 | USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
607 | DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
608 | PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
609 | EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
610 | SUCH DAMAGES.
611 |
612 | 17. Interpretation of Sections 15 and 16.
613 |
614 | If the disclaimer of warranty and limitation of liability provided
615 | above cannot be given local legal effect according to their terms,
616 | reviewing courts shall apply local law that most closely approximates
617 | an absolute waiver of all civil liability in connection with the
618 | Program, unless a warranty or assumption of liability accompanies a
619 | copy of the Program in return for a fee.
620 |
621 | END OF TERMS AND CONDITIONS
622 |
623 | How to Apply These Terms to Your New Programs
624 |
625 | If you develop a new program, and you want it to be of the greatest
626 | possible use to the public, the best way to achieve this is to make it
627 | free software which everyone can redistribute and change under these terms.
628 |
629 | To do so, attach the following notices to the program. It is safest
630 | to attach them to the start of each source file to most effectively
631 | state the exclusion of warranty; and each file should have at least
632 | the "copyright" line and a pointer to where the full notice is found.
633 |
634 |
635 | Copyright (C)
636 |
637 | This program is free software: you can redistribute it and/or modify
638 | it under the terms of the GNU General Public License as published by
639 | the Free Software Foundation, either version 3 of the License, or
640 | (at your option) any later version.
641 |
642 | This program is distributed in the hope that it will be useful,
643 | but WITHOUT ANY WARRANTY; without even the implied warranty of
644 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
645 | GNU General Public License for more details.
646 |
647 | You should have received a copy of the GNU General Public License
648 | along with this program. If not, see .
649 |
650 | Also add information on how to contact you by electronic and paper mail.
651 |
652 | If the program does terminal interaction, make it output a short
653 | notice like this when it starts in an interactive mode:
654 |
655 | Copyright (C)
656 | This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
657 | This is free software, and you are welcome to redistribute it
658 | under certain conditions; type `show c' for details.
659 |
660 | The hypothetical commands `show w' and `show c' should show the appropriate
661 | parts of the General Public License. Of course, your program's commands
662 | might be different; for a GUI interface, you would use an "about box".
663 |
664 | You should also get your employer (if you work as a programmer) or school,
665 | if any, to sign a "copyright disclaimer" for the program, if necessary.
666 | For more information on this, and how to apply and follow the GNU GPL, see
667 | .
668 |
669 | The GNU General Public License does not permit incorporating your program
670 | into proprietary programs. If your program is a subroutine library, you
671 | may consider it more useful to permit linking proprietary applications with
672 | the library. If this is what you want to do, use the GNU Lesser General
673 | Public License instead of this License. But first, please read
674 | .
675 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # AntiBlock
2 | AntiBlock sniffer DNS requests. The IP addresses of the specified domains are added to the routing table for routing through the specified interfaces.
3 | ## Usage
4 | ```c
5 | Commands:
6 | It is necessary to enter from 1 to 32 values:
7 | Route domains from path/url through gateway:
8 | -r "gateway1 https://test1.com"
9 | -r "gateway2 /test1.txt"
10 | -r "gateway2 /test2.txt"
11 | -r "gateway1 https://test2.com"
12 | .....................................
13 | Required parameters:
14 | -l "x.x.x.x:xx" Address for sniffing packets with this src
15 | Optional parameters:
16 | -b "/test.txt" Subnets not add to the routing table
17 | -o "/test/" Log or stat output folder
18 | --log Show operations log
19 | --stat Show statistics data
20 | --test Test mode
21 | ```
22 | ## Article
23 | You can read about the method in the [article](https://habr.com/ru/articles/847412/).
24 |
--------------------------------------------------------------------------------
/cmake-variants.json:
--------------------------------------------------------------------------------
1 | {
2 | "buildType": {
3 | "default": "Release",
4 | "description": "Build Type Selection",
5 | "choices": {
6 | "Debug": {
7 | "short": "Debug",
8 | "long": "Build with no optimizations and debugging information",
9 | "buildType": "Debug",
10 | "settings": {
11 | "CMAKE_CXX_FLAGS_DEBUG": "-g -Og"
12 | }
13 | },
14 | "Debug_ASan": {
15 | "short": "Debug_ASan",
16 | "long": "Build with no optimizations and debugging information and ASan",
17 | "buildType": "Debug_ASan",
18 | "settings": {
19 | "CMAKE_CXX_FLAGS_DEBUG": "-g -Og"
20 | }
21 | },
22 | "Debug_MSan": {
23 | "short": "Debug_MSan",
24 | "long": "Build with no optimizations and debugging information and MSan",
25 | "buildType": "Debug_MSan",
26 | "settings": {
27 | "CMAKE_CXX_FLAGS_DEBUG": "-g -Og"
28 | }
29 | },
30 | "Release": {
31 | "short": "Release",
32 | "long": "Build with optimizations",
33 | "buildType": "Release",
34 | "settings": {
35 | "CMAKE_CXX_FLAGS_RELEASE": "-O2"
36 | }
37 | }
38 | }
39 | }
40 | }
41 |
--------------------------------------------------------------------------------
/include/antiblock.h:
--------------------------------------------------------------------------------
1 | #include
2 | #include
3 | #include
4 | #include
5 | #include
6 | #include
7 | #include
8 | #include
9 | #include
10 | #include
11 | #include
12 | #include
13 | #include
14 | #include
15 | #include
16 | #include
17 |
18 | /* Initial setup */
19 | //#define MULTIPLE_DNS
20 |
21 | //#define PROXY_MODE
22 | #define PCAP_MODE
23 |
24 | #define ROUTE_TABLE_MODE
25 | //#define TUN_MODE
26 | /* Initial setup */
27 |
28 | //Defines check
29 | #ifdef PCAP_MODE
30 | #ifdef MULTIPLE_DNS
31 | #error "You can't use PCAP_MODE and MULTIPLE_DNS"
32 | #endif
33 | #ifdef PROXY_MODE
34 | #error "You can't use PCAP_MODE and PROXY_MODE"
35 | #endif
36 | #ifdef TUN_MODE
37 | #error "You can't use PCAP_MODE and TUN_MODE"
38 | #endif
39 | #endif
40 | //Defines check
41 |
42 | #ifdef PCAP_MODE
43 | #include
44 | #include
45 | #include
46 | #include
47 | #include
48 | #endif
49 |
50 | #ifdef TUN_MODE
51 | #include
52 | #include
53 | #include
54 | #include
55 | #include
56 | #endif
57 |
58 | #include "array_hashmap.h"
59 |
60 | #ifndef _MEMORY_TYPE
61 | #define _MEMORY_TYPE
62 | typedef struct memory {
63 | char *data;
64 | size_t size;
65 | size_t max_size;
66 | } memory_t;
67 | #endif
68 |
69 | #ifndef _SUBNET_TYPE
70 | #define _SUBNET_TYPE
71 | typedef struct subnet {
72 | uint32_t ip;
73 | uint32_t mask;
74 | } subnet_t;
75 | #endif
76 |
77 | #define BLACKLIST_MAX_COUNT 128
78 |
79 | #define GATEWAY_BITS_COUNT 5
80 | #define OFFSET_BITS_COUNT (32 - GATEWAY_BITS_COUNT)
81 | #define GATEWAY_MAX_COUNT (1 << GATEWAY_BITS_COUNT)
82 |
83 | #ifndef _DOMAINS_TYPE
84 | #define _DOMAINS_TYPE
85 | typedef struct domains_gateway {
86 | unsigned int gateway : GATEWAY_BITS_COUNT;
87 | unsigned int offset : OFFSET_BITS_COUNT;
88 | } domains_gateway_t;
89 | #endif
90 |
91 | extern FILE *log_fd;
92 | extern FILE *stat_fd;
93 |
94 | extern int32_t gateways_count;
95 | extern char *gateway_domains_paths[GATEWAY_MAX_COUNT];
96 |
97 | extern int32_t blacklist_count;
98 | extern subnet_t blacklist[BLACKLIST_MAX_COUNT];
99 |
100 | extern struct sockaddr_in listen_addr;
101 | extern pthread_barrier_t threads_barrier;
102 |
103 | #ifdef TUN_MODE
104 | extern uint32_t tun_ip;
105 | extern uint32_t tun_prefix;
106 | #endif
107 |
108 | #ifdef PROXY_MODE
109 | #ifdef MULTIPLE_DNS
110 | #define DNS_COUNT (gateways_count + 1)
111 | #define DNS_MAX_COUNT (GATEWAY_MAX_COUNT + 1)
112 | #else
113 | #define DNS_COUNT (1)
114 | #define DNS_MAX_COUNT (1)
115 | #endif
116 |
117 | extern struct sockaddr_in dns_addr[DNS_MAX_COUNT];
118 | #endif
119 |
120 | void errmsg(const char *format, ...);
121 |
122 | #ifdef ROUTE_TABLE_MODE
123 | void add_route(int32_t gateway_index, uint32_t dst);
124 | #endif
125 |
--------------------------------------------------------------------------------
/include/config.h:
--------------------------------------------------------------------------------
1 | #define PACKET_MAX_SIZE 1600
2 | #define DOMAIN_MAX_SIZE 300
3 |
4 | #define CNAME_DOMAINS_MAP_MAX_SIZE 500
5 | #ifdef TUN_MODE
6 | #define NAT_MAP_MAX_SIZE 50000
7 | #endif
8 |
9 | #define STAT_PRINT_TIME 10
10 | #define DOMAINS_UPDATE_TIME 60 * 60 * 24
11 | #define DOMAINS_ERROR_UPDATE_TIME 60
12 |
13 | #define ANTIBLOCK_VERSION "2.1.2"
14 |
--------------------------------------------------------------------------------
/include/const.h:
--------------------------------------------------------------------------------
1 | #define FIRST_BIT_UINT16 0x8000
2 | #define FIRST_TWO_BITS_UINT8 0xC0
3 |
--------------------------------------------------------------------------------
/include/dns_ans.h:
--------------------------------------------------------------------------------
1 | #include "antiblock.h"
2 |
3 | typedef struct dns_header {
4 | uint16_t id;
5 | uint16_t flags;
6 | uint16_t quest;
7 | uint16_t ans;
8 | uint16_t auth;
9 | uint16_t add;
10 | } __attribute__((packed)) dns_header_t;
11 |
12 | typedef struct dns_que {
13 | uint16_t type;
14 | uint16_t class;
15 | } __attribute__((packed)) dns_que_t;
16 |
17 | typedef struct dns_ans {
18 | uint16_t type;
19 | uint16_t class;
20 | uint32_t ttl;
21 | uint16_t len;
22 | uint32_t ip4;
23 | } __attribute__((packed)) dns_ans_t;
24 |
25 | #define DNS_QUE 1
26 | #define DNS_ANS 0
27 |
28 | int32_t dns_ans_check(int32_t direction, memory_t *receive_msg, memory_t *que_domain,
29 | memory_t *ans_domain, memory_t *cname_domain);
30 | void dns_ans_check_test(void);
31 |
--------------------------------------------------------------------------------
/include/domains_read.h:
--------------------------------------------------------------------------------
1 | #include "antiblock.h"
2 |
3 | extern memory_t domains;
4 | extern array_hashmap_t domains_map_struct;
5 |
6 | int32_t domains_read(void);
7 |
--------------------------------------------------------------------------------
/include/hash.h:
--------------------------------------------------------------------------------
1 | #include "antiblock.h"
2 |
3 | uint32_t djb33_hash_len(const char *s, size_t len);
4 |
--------------------------------------------------------------------------------
/include/net_data.h:
--------------------------------------------------------------------------------
1 | #include "antiblock.h"
2 |
3 | typedef struct id_map {
4 | uint32_t ip;
5 | uint16_t port;
6 | } id_map_t;
7 |
8 | void init_net_data_threads(void);
9 |
--------------------------------------------------------------------------------
/include/stat.h:
--------------------------------------------------------------------------------
1 | #include "antiblock.h"
2 |
3 | typedef struct statistics {
4 | volatile int32_t processed_count;
5 | volatile int32_t request_parsing_error;
6 | volatile int32_t in_route_table[GATEWAY_MAX_COUNT];
7 |
8 | #ifdef TUN_MODE
9 | int32_t nat_sended_to_client_error;
10 | double nat_sended_to_client_size;
11 | int32_t nat_sended_to_client;
12 |
13 | int32_t nat_sended_to_dev_error;
14 | double nat_sended_to_dev_size;
15 | int32_t nat_sended_to_dev;
16 |
17 | int32_t nat_records;
18 | #endif
19 |
20 | time_t stat_start;
21 | } statistics_t;
22 |
23 | extern statistics_t statistics_data;
24 |
25 | void stat_print(FILE *stat_fd);
26 |
--------------------------------------------------------------------------------
/include/tun.h:
--------------------------------------------------------------------------------
1 | #include "antiblock.h"
2 |
3 | #ifdef TUN_MODE
4 |
5 | typedef struct pseudo_header {
6 | uint32_t source_address;
7 | uint32_t dest_address;
8 | uint16_t protocol;
9 | uint16_t length;
10 | } __attribute__((packed)) pseudo_header_t;
11 |
12 | typedef struct ip_ip_map {
13 | uint32_t ip_local;
14 | uint32_t ip_global;
15 | } ip_ip_map_t;
16 |
17 | typedef struct nat_map_key {
18 | uint32_t src_ip;
19 | uint32_t dst_ip;
20 | uint16_t src_port;
21 | uint16_t dst_port;
22 | char proto;
23 | } __attribute__((packed)) nat_map_key_t;
24 |
25 | typedef struct nat_map_value {
26 | uint32_t old_src_ip;
27 | uint16_t old_src_port;
28 | } nat_map_value_t;
29 |
30 | typedef struct nat_map {
31 | nat_map_key_t key;
32 | nat_map_value_t value;
33 | } nat_map_t;
34 |
35 | typedef struct subnet_range {
36 | uint32_t network_ip;
37 | uint32_t network_prefix;
38 | uint32_t start_ip;
39 | uint32_t end_ip;
40 | int32_t subnet_size;
41 | } subnet_range_t;
42 |
43 | extern array_hashmap_t ip_ip_map_struct;
44 |
45 | extern subnet_range_t NAT;
46 |
47 | void init_tun_thread(void);
48 | void subnet_init(subnet_range_t *subnet);
49 |
50 | #endif
51 |
--------------------------------------------------------------------------------
/src/antiblock.c:
--------------------------------------------------------------------------------
1 | #include "antiblock.h"
2 | #include "config.h"
3 | #include "const.h"
4 | #include "dns_ans.h"
5 | #include "hash.h"
6 | #include "net_data.h"
7 | #include "stat.h"
8 | #include "tun.h"
9 | #include "domains_read.h"
10 |
11 | FILE *log_fd;
12 | FILE *stat_fd;
13 |
14 | int32_t gateways_count;
15 | char *gateway_domains_paths[GATEWAY_MAX_COUNT];
16 |
17 | int32_t blacklist_count;
18 | subnet_t blacklist[BLACKLIST_MAX_COUNT];
19 |
20 | struct sockaddr_in listen_addr;
21 | pthread_barrier_t threads_barrier;
22 |
23 | static char gateway_name[GATEWAY_MAX_COUNT][IFNAMSIZ];
24 |
25 | #ifdef PROXY_MODE
26 | struct sockaddr_in dns_addr[DNS_MAX_COUNT];
27 | #endif
28 |
29 | #ifdef TUN_MODE
30 | uint32_t tun_ip = INADDR_NONE;
31 | uint32_t tun_prefix;
32 | #endif
33 |
34 | #ifdef ROUTE_TABLE_MODE
35 | static int32_t test_mode;
36 | static int32_t route_socket;
37 | static void clean_route_table(void);
38 | #endif
39 |
40 | void errmsg(const char *format, ...)
41 | {
42 | va_list args;
43 |
44 | printf("Error: ");
45 |
46 | va_start(args, format);
47 | vprintf(format, args);
48 | va_end(args);
49 |
50 | #ifdef ROUTE_TABLE_MODE
51 | clean_route_table();
52 | #endif
53 |
54 | if (stat_fd) {
55 | stat_print(stat_fd);
56 | }
57 |
58 | if (log_fd) {
59 | fflush(log_fd);
60 | }
61 |
62 | fflush(stdout);
63 |
64 | exit(EXIT_FAILURE);
65 | }
66 |
67 | #ifdef ROUTE_TABLE_MODE
68 | static void set_route(struct rtentry *route, int32_t gateway_index, uint32_t dst)
69 | {
70 | memset(route, 0, sizeof(*route));
71 |
72 | struct sockaddr_in *route_addr;
73 |
74 | route_addr = (struct sockaddr_in *)(&(route->rt_dst));
75 | route_addr->sin_family = AF_INET;
76 | route_addr->sin_addr.s_addr = dst;
77 |
78 | route_addr = (struct sockaddr_in *)(&(route->rt_genmask));
79 | route_addr->sin_family = AF_INET;
80 | route_addr->sin_addr.s_addr = INADDR_NONE;
81 |
82 | route->rt_dev = gateway_name[gateway_index];
83 | route->rt_flags = RTF_UP;
84 | }
85 |
86 | void add_route(int32_t gateway_index, uint32_t dst)
87 | {
88 | struct rtentry route;
89 |
90 | set_route(&route, gateway_index, dst);
91 |
92 | if (test_mode) {
93 | return;
94 | }
95 |
96 | if (ioctl(route_socket, SIOCADDRT, &route) >= 0) {
97 | statistics_data.in_route_table[gateway_index]++;
98 | return;
99 | }
100 |
101 | if (strcmp(strerror(errno), "File exists")) {
102 | struct in_addr rec_ip;
103 | rec_ip.s_addr = dst;
104 | printf("Ioctl can't add %s for routing via %s \"%s\"\n", inet_ntoa(rec_ip),
105 | gateway_name[gateway_index], strerror(errno));
106 | }
107 | }
108 |
109 | static void del_route(int32_t gateway_index, uint32_t dst)
110 | {
111 | struct rtentry route;
112 |
113 | set_route(&route, gateway_index, dst);
114 |
115 | if (test_mode) {
116 | return;
117 | }
118 |
119 | if (ioctl(route_socket, SIOCDELRT, &route) >= 0) {
120 | return;
121 | }
122 |
123 | if (strcmp(strerror(errno), "No such process")) {
124 | struct in_addr rec_ip;
125 | rec_ip.s_addr = dst;
126 | printf("Ioctl can't delete %s for routing via %s \"%s\"\n", inet_ntoa(rec_ip),
127 | gateway_name[gateway_index], strerror(errno));
128 | }
129 | }
130 |
131 | static void clean_route_table(void)
132 | {
133 | FILE *route_fd = fopen("/proc/net/route", "r");
134 | if (route_fd == NULL) {
135 | errmsg("Can't open /proc/net/route\n");
136 | }
137 |
138 | fseek(route_fd, 128, SEEK_SET);
139 |
140 | char iface[IFNAMSIZ];
141 | uint32_t dest_ip;
142 | uint32_t gate_ip;
143 | uint32_t flags;
144 | uint32_t refcnt;
145 | uint32_t use;
146 | uint32_t metric;
147 | uint32_t mask;
148 | uint32_t mtu;
149 | uint32_t window;
150 | uint32_t irtt;
151 |
152 | while (fscanf(route_fd, "%s %x %x %x %x %x %x %x %x %x %x", iface, &dest_ip, &gate_ip, &flags,
153 | &refcnt, &use, &metric, &mask, &mtu, &window, &irtt) != EOF) {
154 | for (int32_t i = 0; i < gateways_count; i++) {
155 | if ((!strcmp(iface, gateway_name[i])) && (mask == INADDR_NONE)) {
156 | del_route(i, dest_ip);
157 | }
158 | }
159 | }
160 |
161 | fclose(route_fd);
162 | }
163 | #endif
164 |
165 | static void add_blacklist(const char *subnet_str)
166 | {
167 | char tmp_subnet[100];
168 | strcpy(tmp_subnet, subnet_str);
169 |
170 | char *slash_ptr = strchr(tmp_subnet, '/');
171 | if (slash_ptr) {
172 | uint32_t tmp_prefix = 0;
173 | sscanf(slash_ptr + 1, "%u", &tmp_prefix);
174 | *slash_ptr = 0;
175 | if (strlen(tmp_subnet) < INET_ADDRSTRLEN) {
176 | if (blacklist_count < BLACKLIST_MAX_COUNT) {
177 | blacklist[blacklist_count].ip = inet_addr(tmp_subnet);
178 | blacklist[blacklist_count].mask = (0xFFFFFFFF << (32 - tmp_prefix)) & 0xFFFFFFFF;
179 | }
180 | blacklist_count++;
181 | }
182 | *slash_ptr = '/';
183 | } else {
184 | errmsg("Every blacklist line \"x.x.x.x/xx\"\n");
185 | }
186 | }
187 |
188 | static void print_help(void)
189 | {
190 | printf("Commands:\n"
191 | " It is necessary to enter from 1 to %d values:\n"
192 | #ifdef MULTIPLE_DNS
193 | " Route domains from path/url through gateway,\n"
194 | " resolve domains from path/url via DNS:\n"
195 | " -r \"DNS2 gateway1 https://test1.com\"\n"
196 | " -r \"DNS2 gateway2 /test1.txt\"\n"
197 | " -r \"DNS1 gateway2 /test2.txt\"\n"
198 | " -r \"DNS1 gateway1 https://test2.com\"\n"
199 | #else
200 | " Route domains from path/url through gateway:\n"
201 | " -r \"gateway1 https://test1.com\"\n"
202 | " -r \"gateway2 /test1.txt\"\n"
203 | " -r \"gateway2 /test2.txt\"\n"
204 | " -r \"gateway1 https://test2.com\"\n"
205 | #endif
206 | " .....................................\n"
207 | " Required parameters:\n"
208 | #ifdef PROXY_MODE
209 | " -l \"x.x.x.x:xx\" Listen address\n"
210 | " -d \"x.x.x.x:xx\" DNS address\n"
211 | #else
212 | " -l \"x.x.x.x:xx\" Address for sniffing packets with this src\n"
213 | #endif
214 | #ifdef TUN_MODE
215 | " -n \"x.x.x.x/xx\" TUN net\n"
216 | #endif
217 | " Optional parameters:\n"
218 | " -b \"/test.txt\" Subnets not add to the routing table\n"
219 | " -o \"/test/\" Log or stat output folder\n"
220 | " --log Show operations log\n"
221 | " --stat Show statistics data\n"
222 | " --test Test mode\n",
223 | GATEWAY_MAX_COUNT);
224 | }
225 |
226 | static void main_catch_function(int32_t signo)
227 | {
228 | if (signo == SIGINT) {
229 | errmsg("SIGINT catched main\n");
230 | } else if (signo == SIGSEGV) {
231 | errmsg("SIGSEGV catched main\n");
232 | } else if (signo == SIGTERM) {
233 | errmsg("SIGTERM catched main\n");
234 | }
235 | }
236 |
237 | int32_t main(int32_t argc, char *argv[])
238 | {
239 | #ifdef PCAP_MODE
240 | printf("AntiBlock " ANTIBLOCK_VERSION " sniffer DNS requests. The IP addresses of\n"
241 | "the specified domains are added to the routing table for\n"
242 | "routing through the specified interfaces.\n");
243 | #else
244 | printf("AntiBlock " ANTIBLOCK_VERSION " proxies DNS requests. The IP addresses of\n"
245 | "the specified domains are added to the routing table for\n"
246 | "routing through the specified interfaces.\n");
247 | #endif
248 |
249 | if (signal(SIGINT, main_catch_function) == SIG_ERR) {
250 | errmsg("Can't set SIGINT signal handler main\n");
251 | }
252 |
253 | if (signal(SIGSEGV, main_catch_function) == SIG_ERR) {
254 | errmsg("Can't set SIGSEGV signal handler main\n");
255 | }
256 |
257 | if (signal(SIGTERM, main_catch_function) == SIG_ERR) {
258 | errmsg("Can't set SIGTERM signal handler main\n");
259 | }
260 |
261 | int32_t is_log_print = 0;
262 | int32_t is_stat_print = 0;
263 |
264 | char log_or_stat_folder[PATH_MAX - 100];
265 | memset(log_or_stat_folder, 0, PATH_MAX - 100);
266 |
267 | char blacklist_file_path[PATH_MAX];
268 | memset(blacklist_file_path, 0, PATH_MAX);
269 |
270 | listen_addr.sin_addr.s_addr = INADDR_NONE;
271 |
272 | #ifdef PROXY_MODE
273 | for (int32_t i = 0; i < DNS_MAX_COUNT; i++) {
274 | dns_addr[i].sin_addr.s_addr = INADDR_NONE;
275 | }
276 | #endif
277 |
278 | printf("Launch parameters:\n");
279 |
280 | for (int32_t i = 1; i < argc; i++) {
281 | if (!strcmp(argv[i], "-r")) {
282 | if (i != argc - 1) {
283 | printf(" Route \"%s\"\n", argv[i + 1]);
284 | char *first_space_ptr = strchr(argv[i + 1], ' ');
285 | if (first_space_ptr) {
286 | *first_space_ptr = 0;
287 | #ifdef MULTIPLE_DNS
288 | char *colon_ptr = strchr(argv[i + 1], ':');
289 | if (colon_ptr) {
290 | uint16_t tmp_port = 0;
291 | sscanf(colon_ptr + 1, "%hu", &tmp_port);
292 | *colon_ptr = 0;
293 | if (strlen(argv[i + 1]) < INET_ADDRSTRLEN) {
294 | dns_addr[DNS_COUNT].sin_family = AF_INET;
295 | dns_addr[DNS_COUNT].sin_port = htons(tmp_port);
296 | dns_addr[DNS_COUNT].sin_addr.s_addr = inet_addr(argv[i + 1]);
297 | }
298 | *colon_ptr = ':';
299 | }
300 | *first_space_ptr = ' ';
301 | char *second_space_ptr = strchr(first_space_ptr + 1, ' ');
302 | if (second_space_ptr) {
303 | *second_space_ptr = 0;
304 | if (gateways_count < GATEWAY_MAX_COUNT) {
305 | if (strlen(first_space_ptr + 1) < IFNAMSIZ) {
306 | strcpy(gateway_name[gateways_count], first_space_ptr + 1);
307 | }
308 | gateway_domains_paths[gateways_count] = second_space_ptr + 1;
309 | }
310 | *second_space_ptr = ' ';
311 | gateways_count++;
312 | }
313 | #else
314 | *first_space_ptr = 0;
315 | if (gateways_count < GATEWAY_MAX_COUNT) {
316 | if (strlen(argv[i + 1]) < IFNAMSIZ) {
317 | strcpy(gateway_name[gateways_count], argv[i + 1]);
318 | }
319 | gateway_domains_paths[gateways_count] = first_space_ptr + 1;
320 | }
321 | *first_space_ptr = ' ';
322 | gateways_count++;
323 | #endif
324 | }
325 | i++;
326 | }
327 | continue;
328 | }
329 | if (!strcmp(argv[i], "-l")) {
330 | if (i != argc - 1) {
331 | #ifdef PROXY_MODE
332 | printf(" Listen \"%s\"\n", argv[i + 1]);
333 | #else
334 | printf(" Sniffer \"%s\"\n", argv[i + 1]);
335 | #endif
336 | char *colon_ptr = strchr(argv[i + 1], ':');
337 | if (colon_ptr) {
338 | uint16_t tmp_port = 0;
339 | sscanf(colon_ptr + 1, "%hu", &tmp_port);
340 | *colon_ptr = 0;
341 | if (strlen(argv[i + 1]) < INET_ADDRSTRLEN) {
342 | listen_addr.sin_family = AF_INET;
343 | listen_addr.sin_port = htons(tmp_port);
344 | listen_addr.sin_addr.s_addr = inet_addr(argv[i + 1]);
345 | }
346 | *colon_ptr = ':';
347 | }
348 | i++;
349 | }
350 | continue;
351 | }
352 | #ifdef PROXY_MODE
353 | if (!strcmp(argv[i], "-d")) {
354 | if (i != argc - 1) {
355 | printf(" DNS \"%s\"\n", argv[i + 1]);
356 | char *colon_ptr = strchr(argv[i + 1], ':');
357 | if (colon_ptr) {
358 | uint16_t tmp_port = 0;
359 | sscanf(colon_ptr + 1, "%hu", &tmp_port);
360 | *colon_ptr = 0;
361 | if (strlen(argv[i + 1]) < INET_ADDRSTRLEN) {
362 | dns_addr[0].sin_family = AF_INET;
363 | dns_addr[0].sin_port = htons(tmp_port);
364 | dns_addr[0].sin_addr.s_addr = inet_addr(argv[i + 1]);
365 | }
366 | *colon_ptr = ':';
367 | }
368 | i++;
369 | }
370 | continue;
371 | }
372 | #endif
373 | #ifdef TUN_MODE
374 | if (!strcmp(argv[i], "-n")) {
375 | if (i != argc - 1) {
376 | printf(" TUN \"%s\"\n", argv[i + 1]);
377 | char *slash_ptr = strchr(argv[i + 1], '/');
378 | if (slash_ptr) {
379 | sscanf(slash_ptr + 1, "%u", &tun_prefix);
380 | *slash_ptr = 0;
381 | if (strlen(argv[i + 1]) < INET_ADDRSTRLEN) {
382 | tun_ip = inet_addr(argv[i + 1]);
383 | }
384 | *slash_ptr = '/';
385 | }
386 | i++;
387 | }
388 | continue;
389 | }
390 | #endif
391 | if (!strcmp(argv[i], "-b")) {
392 | if (i != argc - 1) {
393 | if (strlen(argv[i + 1]) < PATH_MAX) {
394 | strcpy(blacklist_file_path, argv[i + 1]);
395 | printf(" BlackList \"%s\"\n", blacklist_file_path);
396 | }
397 | i++;
398 | }
399 | continue;
400 | }
401 | if (!strcmp(argv[i], "-o")) {
402 | if (i != argc - 1) {
403 | if (strlen(argv[i + 1]) < PATH_MAX - 100) {
404 | strcpy(log_or_stat_folder, argv[i + 1]);
405 | printf(" Output \"%s\"\n", log_or_stat_folder);
406 | }
407 | i++;
408 | }
409 | continue;
410 | }
411 | if (!strcmp(argv[i], "--log")) {
412 | is_log_print = 1;
413 | printf(" Log enabled\n");
414 | continue;
415 | }
416 | if (!strcmp(argv[i], "--stat")) {
417 | is_stat_print = 1;
418 | printf(" Stat enabled\n");
419 | continue;
420 | }
421 | if (!strcmp(argv[i], "--test")) {
422 | #ifdef ROUTE_TABLE_MODE
423 | test_mode = 1;
424 | #endif
425 | printf(" Test enabled\n");
426 | continue;
427 | }
428 | print_help();
429 | errmsg("Unknown command: %s\n", argv[i]);
430 | }
431 |
432 | if (gateways_count == 0) {
433 | print_help();
434 | errmsg("The program needs at least one correct pair of \"gateway domains\"\n");
435 | }
436 |
437 | if (gateways_count > GATEWAY_MAX_COUNT) {
438 | int32_t tmp_gateways_count = gateways_count;
439 | gateways_count = GATEWAY_MAX_COUNT;
440 | print_help();
441 | errmsg("The program needs a maximum of %d pair of \"gateway domains\", seted %d\n",
442 | GATEWAY_MAX_COUNT, tmp_gateways_count);
443 | }
444 |
445 | for (int32_t i = 0; i < gateways_count; i++) {
446 | if ((gateway_name[i][0] == 0) || (gateway_domains_paths[i][0] == 0)) {
447 | print_help();
448 | errmsg("The program needs correct pairs of \"gateway domains\"\n");
449 | }
450 | }
451 |
452 | if (listen_addr.sin_addr.s_addr == INADDR_NONE) {
453 | print_help();
454 | errmsg("The program need correct listen IP\n");
455 | }
456 |
457 | if (listen_addr.sin_port == 0) {
458 | print_help();
459 | errmsg("The program need correct listen port\n");
460 | }
461 |
462 | #ifdef PROXY_MODE
463 | for (int32_t i = 0; i < DNS_COUNT; i++) {
464 | if (dns_addr[i].sin_addr.s_addr == INADDR_NONE) {
465 | print_help();
466 | errmsg("The program need correct DNS IP\n");
467 | }
468 | if (dns_addr[i].sin_port == 0) {
469 | print_help();
470 | errmsg("The program need correct DNS port\n");
471 | }
472 | }
473 | #endif
474 |
475 | #ifdef TUN_MODE
476 | if (tun_ip == INADDR_NONE) {
477 | print_help();
478 | errmsg("The program need correct TUN IP\n");
479 | }
480 |
481 | if (tun_prefix == 0) {
482 | print_help();
483 | errmsg("The program need correct TUN prefix\n");
484 | }
485 |
486 | if (tun_prefix > 24) {
487 | print_help();
488 | errmsg("The program need TUN net prefix 1 - 24\n");
489 | }
490 | #endif
491 |
492 | if (is_log_print || is_stat_print) {
493 | if (log_or_stat_folder[0] == 0) {
494 | print_help();
495 | errmsg("The program need output folder for log or statistics\n");
496 | }
497 | }
498 |
499 | add_blacklist("0.0.0.0/8");
500 | add_blacklist("10.0.0.0/8");
501 | add_blacklist("100.64.0.0/10");
502 | add_blacklist("127.0.0.0/8");
503 | add_blacklist("172.16.0.0/12");
504 | add_blacklist("192.168.0.0/16");
505 |
506 | if (blacklist_file_path[0] != 0) {
507 | FILE *blacklist_fd;
508 | blacklist_fd = fopen(blacklist_file_path, "r");
509 | if (blacklist_fd == NULL) {
510 | errmsg("Can't open blacklist file %s\n", blacklist_file_path);
511 | }
512 |
513 | char tmp_line[100];
514 |
515 | while (fscanf(blacklist_fd, "%s", tmp_line) != EOF) {
516 | add_blacklist(tmp_line);
517 | }
518 |
519 | if (blacklist_count > BLACKLIST_MAX_COUNT) {
520 | errmsg("The program needs a maximum of %d blacklist subnets, seted %d\n",
521 | BLACKLIST_MAX_COUNT, blacklist_count);
522 | }
523 | }
524 |
525 | dns_ans_check_test();
526 |
527 | if (is_log_print) {
528 | char log_path[PATH_MAX];
529 | sprintf(log_path, "%s%s", log_or_stat_folder, "/log.txt");
530 | log_fd = fopen(log_path, "w");
531 | if (log_fd == NULL) {
532 | errmsg("Can't open log file\n");
533 | }
534 | }
535 |
536 | if (is_stat_print) {
537 | char stat_path[PATH_MAX];
538 | sprintf(stat_path, "%s%s", log_or_stat_folder, "/stat.txt");
539 | stat_fd = fopen(stat_path, "w");
540 | if (stat_fd == NULL) {
541 | errmsg("Can't open stat file\n");
542 | }
543 | }
544 |
545 | int32_t threads_barrier_count = 3;
546 |
547 | #ifdef TUN_MODE
548 | threads_barrier_count += 1;
549 | #endif
550 |
551 | #ifdef PCAP_MODE
552 | threads_barrier_count -= 1;
553 | #endif
554 |
555 | if (pthread_barrier_init(&threads_barrier, NULL, threads_barrier_count)) {
556 | errmsg("Can't create threads_barrier\n");
557 | }
558 |
559 | #ifdef TUN_MODE
560 | init_tun_thread();
561 | #else
562 | route_socket = socket(AF_INET, SOCK_DGRAM, 0);
563 | if (route_socket < 0) {
564 | errmsg("Can't create route_socket \"%s\"\n", strerror(errno));
565 | }
566 | #endif
567 |
568 | init_net_data_threads();
569 |
570 | pthread_barrier_wait(&threads_barrier);
571 |
572 | int32_t circles = 0;
573 | int32_t sleep_circles = 0;
574 |
575 | while (true) {
576 | if (circles++ == 0) {
577 | if (log_fd) {
578 | ftruncate(fileno(log_fd), 0);
579 | fseek(log_fd, 0, SEEK_SET);
580 | fprintf(log_fd, "Reductions:\n");
581 | fprintf(log_fd, " Q(x)-DNS question x type\n");
582 | fprintf(log_fd, " A(x)-DNS answer x type\n");
583 | fprintf(log_fd, " BA(x)-A in x route\n");
584 | fprintf(log_fd, " BC(x)-CNAME in x route\n");
585 | fprintf(log_fd, " BL-IP in blacklist\n");
586 | fprintf(log_fd, " NA-A not in routes\n");
587 | fprintf(log_fd, " NC-CNAME not in routes\n");
588 | }
589 |
590 | memset(&statistics_data, 0, sizeof(statistics_data));
591 | statistics_data.stat_start = time(NULL);
592 |
593 | #ifdef ROUTE_TABLE_MODE
594 | clean_route_table();
595 | #endif
596 |
597 | int32_t domains_read_status = 0;
598 | domains_read_status = domains_read();
599 |
600 | if (domains_read_status) {
601 | sleep_circles = DOMAINS_UPDATE_TIME;
602 | } else {
603 | sleep_circles = DOMAINS_ERROR_UPDATE_TIME;
604 | }
605 |
606 | sleep_circles /= STAT_PRINT_TIME;
607 | }
608 |
609 | circles %= sleep_circles;
610 |
611 | if (stat_fd) {
612 | stat_print(stat_fd);
613 | }
614 |
615 | if (log_fd) {
616 | fflush(log_fd);
617 | }
618 |
619 | fflush(stdout);
620 |
621 | sleep(STAT_PRINT_TIME);
622 | }
623 |
624 | return EXIT_SUCCESS;
625 | }
626 |
--------------------------------------------------------------------------------
/src/dns_ans.c:
--------------------------------------------------------------------------------
1 | #include "antiblock.h"
2 | #include "config.h"
3 | #include "const.h"
4 | #include "dns_ans.h"
5 | #include "hash.h"
6 | #include "net_data.h"
7 | #include "stat.h"
8 | #include "tun.h"
9 | #include "domains_read.h"
10 |
11 | #define DNS_TypeA 1
12 | #define DNS_TypeCNAME 5
13 |
14 | #define GET_DOMAIN_OK 0
15 | #define GET_DOMAIN_FIRST_BYTE_ERROR 1
16 | #define GET_DOMAIN_SECOND_BYTE_ERROR 3
17 | #define GET_DOMAIN_LAST_CH_DOMAIN_ERROR 2
18 | #define GET_DOMAIN_MAX_JUMP_COUNT 100
19 | #define GET_DOMAIN_JUMP_COUNT_ERROR 4
20 | #define GET_DOMAIN_TWO_BITS_ERROR 5
21 | #define GET_DOMAIN_CH_BYTE_ERROR 6
22 | #define GET_DOMAIN_ADD_CH_DOMAIN_ERROR 7
23 | #define GET_DOMAIN_NULL_CH_DOMAIN_ERROR 8
24 |
25 | #define GET_GATEWAY_NOT_IN_ROUTES -1
26 |
27 | #define DNS_ANS_CHECK_HEADER_SIZE_ERROR -2
28 | #define DNS_ANS_CHECK_ID_DUBLICATION -3
29 | #define DNS_ANS_CHECK_RES_TYPE_ERROR -4
30 | #define DNS_ANS_CHECK_QUE_COUNT_ERROR -5
31 | #define DNS_ANS_CHECK_ANS_COUNT_ERROR -6
32 | #define DNS_ANS_CHECK_QUE_URL_GET_ERROR -7
33 | #define DNS_ANS_CHECK_QUE_DATA_GET_ERROR -8
34 | #define DNS_ANS_CHECK_ANS_URL_GET_ERROR -9
35 | #define DNS_ANS_CHECK_ANS_DATA_GET_ERROR -10
36 | #define DNS_ANS_CHECK_ANS_LEN_ERROR -11
37 | #define DNS_ANS_CHECK_CNAME_URL_GET_ERROR -12
38 | #define DNS_ANS_CHECK_NOT_END_ERROR -13
39 |
40 | static int32_t get_domain_from_packet(memory_t *receive_msg, char *cur_pos_ptr,
41 | char **new_cur_pos_ptr, memory_t *domain)
42 | {
43 | uint8_t two_bit_mark = FIRST_TWO_BITS_UINT8;
44 | int32_t part_len = 0;
45 | int32_t domain_len = 0;
46 |
47 | int32_t jump_count = 0;
48 |
49 | *new_cur_pos_ptr = NULL;
50 | char *receive_msg_end = receive_msg->data + receive_msg->size;
51 |
52 | while (true) {
53 | if (part_len == 0) {
54 | if (cur_pos_ptr + sizeof(uint8_t) > receive_msg_end) {
55 | return GET_DOMAIN_FIRST_BYTE_ERROR;
56 | }
57 | uint8_t first_byte_data = (*cur_pos_ptr) & (~two_bit_mark);
58 |
59 | if ((*cur_pos_ptr & two_bit_mark) == 0) {
60 | part_len = first_byte_data;
61 | cur_pos_ptr++;
62 | if (part_len == 0) {
63 | break;
64 | } else {
65 | if (domain_len >= (int32_t)domain->max_size) {
66 | return GET_DOMAIN_LAST_CH_DOMAIN_ERROR;
67 | }
68 | domain->data[domain_len++] = '.';
69 | }
70 | } else if ((*cur_pos_ptr & two_bit_mark) == two_bit_mark) {
71 | if (cur_pos_ptr + sizeof(uint16_t) > receive_msg_end) {
72 | return GET_DOMAIN_SECOND_BYTE_ERROR;
73 | }
74 | if (*new_cur_pos_ptr == NULL) {
75 | *new_cur_pos_ptr = cur_pos_ptr + 2;
76 | }
77 | uint8_t second_byte_data = *(cur_pos_ptr + 1);
78 | int32_t padding = 256 * first_byte_data + second_byte_data;
79 | cur_pos_ptr = receive_msg->data + padding;
80 | if (jump_count++ > GET_DOMAIN_MAX_JUMP_COUNT) {
81 | return GET_DOMAIN_JUMP_COUNT_ERROR;
82 | }
83 | } else {
84 | return GET_DOMAIN_TWO_BITS_ERROR;
85 | }
86 | } else {
87 | if (cur_pos_ptr + sizeof(uint8_t) > receive_msg_end) {
88 | return GET_DOMAIN_CH_BYTE_ERROR;
89 | }
90 | if (domain_len >= (int32_t)domain->max_size) {
91 | return GET_DOMAIN_ADD_CH_DOMAIN_ERROR;
92 | }
93 | domain->data[domain_len++] = *cur_pos_ptr;
94 | cur_pos_ptr++;
95 | part_len--;
96 | }
97 | }
98 |
99 | if (*new_cur_pos_ptr == NULL) {
100 | *new_cur_pos_ptr = cur_pos_ptr;
101 | }
102 |
103 | if (domain_len >= (int32_t)domain->max_size) {
104 | return GET_DOMAIN_NULL_CH_DOMAIN_ERROR;
105 | }
106 | domain->data[domain_len] = 0;
107 | domain->size = domain_len;
108 |
109 | return GET_DOMAIN_OK;
110 | }
111 |
112 | static int32_t get_gateway(memory_t *domain)
113 | {
114 | char *dot_pos = NULL;
115 | int32_t dot_count = 0;
116 | for (int32_t i = domain->size; i >= 0; i--) {
117 | if (domain->data[i] == '.') {
118 | if (dot_count++ == 0) {
119 | continue;
120 | }
121 |
122 | dot_pos = &domain->data[i + 1];
123 |
124 | domains_gateway_t res_elem;
125 |
126 | int32_t find_res = array_hashmap_find_elem(domains_map_struct, dot_pos, &res_elem);
127 | if (find_res == array_hashmap_elem_finded) {
128 | return res_elem.gateway;
129 | }
130 | }
131 | }
132 |
133 | return GET_GATEWAY_NOT_IN_ROUTES;
134 | }
135 |
136 | static int32_t in_subnet(uint32_t ip, subnet_t *subnet)
137 | {
138 | uint32_t ip_h = ntohl(ip);
139 | uint32_t subnet_ip_h = ntohl(subnet->ip);
140 |
141 | return ((subnet_ip_h & subnet->mask) == (ip_h & subnet->mask));
142 | }
143 |
144 | static void dump_dns_data(int32_t error, memory_t *receive_msg)
145 | {
146 | if (log_fd) {
147 | fprintf(log_fd, "Error %d\n", error);
148 | for (int32_t i = 0; i < (int32_t)receive_msg->size; i++) {
149 | if ((i % 16 == 0) && (i != 0)) {
150 | fprintf(log_fd, "\n");
151 | }
152 | fprintf(log_fd, "%02hhx ", receive_msg->data[i]);
153 | }
154 | fprintf(log_fd, "\n");
155 | }
156 | }
157 |
158 | static uint16_t last_processed_id;
159 |
160 | int32_t dns_ans_check(int32_t direction, memory_t *receive_msg, memory_t *que_domain,
161 | memory_t *ans_domain, memory_t *cname_domain)
162 | {
163 | char *cur_pos_ptr = receive_msg->data;
164 | char *receive_msg_end = receive_msg->data + receive_msg->size;
165 |
166 | // DNS HEADER
167 | if (cur_pos_ptr + sizeof(dns_header_t) > receive_msg_end) {
168 | statistics_data.request_parsing_error++;
169 | dump_dns_data(DNS_ANS_CHECK_HEADER_SIZE_ERROR, receive_msg);
170 | return DNS_ANS_CHECK_HEADER_SIZE_ERROR;
171 | }
172 |
173 | dns_header_t *header = (dns_header_t *)cur_pos_ptr;
174 |
175 | uint16_t first_bit_mark = FIRST_BIT_UINT16;
176 | uint16_t flags = ntohs(header->flags);
177 | if ((flags & first_bit_mark) == direction) {
178 | statistics_data.request_parsing_error++;
179 | dump_dns_data(DNS_ANS_CHECK_RES_TYPE_ERROR, receive_msg);
180 | return DNS_ANS_CHECK_RES_TYPE_ERROR;
181 | }
182 |
183 | uint16_t quest_count = ntohs(header->quest);
184 | if (quest_count != 1) {
185 | statistics_data.request_parsing_error++;
186 | dump_dns_data(DNS_ANS_CHECK_QUE_COUNT_ERROR, receive_msg);
187 | return DNS_ANS_CHECK_QUE_COUNT_ERROR;
188 | }
189 |
190 | uint16_t ans_count = ntohs(header->ans);
191 |
192 | cur_pos_ptr += sizeof(dns_header_t);
193 | // DNS HEADER
194 |
195 | if (last_processed_id == header->id) {
196 | return DNS_ANS_CHECK_ID_DUBLICATION;
197 | }
198 | last_processed_id = header->id;
199 |
200 | // QUE DOMAIN
201 | char *que_domain_start = cur_pos_ptr;
202 | char *que_domain_end = NULL;
203 | if (get_domain_from_packet(receive_msg, que_domain_start, &que_domain_end, que_domain) != 0) {
204 | statistics_data.request_parsing_error++;
205 | dump_dns_data(DNS_ANS_CHECK_QUE_URL_GET_ERROR, receive_msg);
206 | return DNS_ANS_CHECK_QUE_URL_GET_ERROR;
207 | }
208 | cur_pos_ptr = que_domain_end;
209 |
210 | int32_t que_domain_gateway = GET_GATEWAY_NOT_IN_ROUTES;
211 | que_domain_gateway = get_gateway(que_domain);
212 | // QUE DOMAIN
213 |
214 | // QUE DATA
215 | if (cur_pos_ptr + sizeof(dns_que_t) > receive_msg_end) {
216 | statistics_data.request_parsing_error++;
217 | dump_dns_data(DNS_ANS_CHECK_QUE_DATA_GET_ERROR, receive_msg);
218 | return DNS_ANS_CHECK_QUE_DATA_GET_ERROR;
219 | }
220 |
221 | dns_que_t *que = (dns_que_t *)cur_pos_ptr;
222 |
223 | uint16_t que_type = ntohs(que->type);
224 |
225 | cur_pos_ptr += sizeof(dns_que_t);
226 | // QUE DATA
227 |
228 | if (log_fd) {
229 | time_t now = time(NULL);
230 | struct tm *tm_struct = localtime(&now);
231 | fprintf(log_fd, "\n%02d:%02d:%02d ", tm_struct->tm_hour, tm_struct->tm_min,
232 | tm_struct->tm_sec);
233 | fprintf(log_fd, "Q(%d) %s\n", que_type, que_domain->data + 1);
234 | }
235 |
236 | for (int32_t i = 0; i < ans_count; i++) {
237 | // ANS DOMAIN
238 | char *ans_domain_start = cur_pos_ptr;
239 | char *ans_domain_end = NULL;
240 | if (get_domain_from_packet(receive_msg, ans_domain_start, &ans_domain_end, ans_domain) !=
241 | 0) {
242 | statistics_data.request_parsing_error++;
243 | dump_dns_data(DNS_ANS_CHECK_ANS_URL_GET_ERROR, receive_msg);
244 | return DNS_ANS_CHECK_ANS_URL_GET_ERROR;
245 | }
246 | cur_pos_ptr = ans_domain_end;
247 |
248 | int32_t ans_domain_gateway = GET_GATEWAY_NOT_IN_ROUTES;
249 | ans_domain_gateway = get_gateway(ans_domain);
250 | // ANS DOMAIN
251 |
252 | // ANS DATA
253 | if (cur_pos_ptr + sizeof(dns_ans_t) - sizeof(uint32_t) > receive_msg_end) {
254 | statistics_data.request_parsing_error++;
255 | dump_dns_data(DNS_ANS_CHECK_ANS_DATA_GET_ERROR, receive_msg);
256 | return DNS_ANS_CHECK_ANS_DATA_GET_ERROR;
257 | }
258 |
259 | dns_ans_t *ans = (dns_ans_t *)cur_pos_ptr;
260 |
261 | uint16_t ans_type = ntohs(ans->type);
262 | __attribute__((unused)) uint32_t ans_ttl = ntohl(ans->ttl);
263 | uint16_t ans_len = ntohs(ans->len);
264 |
265 | if (cur_pos_ptr + sizeof(dns_ans_t) - sizeof(uint32_t) + ans_len > receive_msg_end) {
266 | statistics_data.request_parsing_error++;
267 | dump_dns_data(DNS_ANS_CHECK_ANS_LEN_ERROR, receive_msg);
268 | return DNS_ANS_CHECK_ANS_LEN_ERROR;
269 | }
270 |
271 | if (ans_type == DNS_TypeA) {
272 | if (ans_domain_gateway != GET_GATEWAY_NOT_IN_ROUTES) {
273 | #ifdef TUN_MODE
274 | uint32_t NAT_subnet_start_n = htonl(NAT.start_ip++);
275 |
276 | if (NAT.start_ip == NAT.end_ip) {
277 | subnet_init(&NAT);
278 | }
279 |
280 | ip_ip_map_t add_elem;
281 | add_elem.ip_local = NAT_subnet_start_n;
282 | add_elem.ip_global = ans->ip4;
283 |
284 | array_hashmap_add_elem(ip_ip_map_struct, &add_elem, NULL,
285 | array_hashmap_save_new_func);
286 |
287 | ans->ip4 = NAT_subnet_start_n;
288 |
289 | if (log_fd) {
290 | struct in_addr new_ip;
291 | new_ip.s_addr = add_elem.ip_local;
292 |
293 | fprintf(log_fd, " BA(%d) %s", ans_domain_gateway + 1, inet_ntoa(new_ip));
294 | }
295 | #else
296 |
297 | int32_t correct_ip4_flag = 1;
298 | if (ans->ip4 == 0) {
299 | correct_ip4_flag = 0;
300 | }
301 |
302 | for (int32_t j = 0; j < blacklist_count; j++) {
303 | if (in_subnet(ans->ip4, &blacklist[j])) {
304 | correct_ip4_flag = 0;
305 | break;
306 | }
307 | }
308 |
309 | if (correct_ip4_flag) {
310 | add_route(ans_domain_gateway, ans->ip4);
311 | }
312 |
313 | if (log_fd) {
314 | if (correct_ip4_flag) {
315 | fprintf(log_fd, " BA(%d)", ans_domain_gateway + 1);
316 | } else {
317 | fprintf(log_fd, " BL");
318 | }
319 | }
320 | #endif
321 | } else {
322 | if (log_fd) {
323 | fprintf(log_fd, " NA");
324 | }
325 | }
326 |
327 | if (log_fd) {
328 | struct in_addr new_ip;
329 | new_ip.s_addr = ans->ip4;
330 | fprintf(log_fd, " %s %s\n", ans_domain->data + 1, inet_ntoa(new_ip));
331 | }
332 | }
333 |
334 | if (ans_type == DNS_TypeCNAME) {
335 | char *cname_domain_start = cur_pos_ptr + sizeof(dns_ans_t) - sizeof(uint32_t);
336 | char *cname_domain_end = NULL;
337 | if (get_domain_from_packet(receive_msg, cname_domain_start, &cname_domain_end,
338 | cname_domain) != 0) {
339 | statistics_data.request_parsing_error++;
340 | dump_dns_data(DNS_ANS_CHECK_CNAME_URL_GET_ERROR, receive_msg);
341 | return DNS_ANS_CHECK_CNAME_URL_GET_ERROR;
342 | }
343 |
344 | int32_t cname_domain_gateway = GET_GATEWAY_NOT_IN_ROUTES;
345 | cname_domain_gateway = get_gateway(cname_domain);
346 |
347 | if (ans_domain_gateway != GET_GATEWAY_NOT_IN_ROUTES &&
348 | cname_domain_gateway == GET_GATEWAY_NOT_IN_ROUTES) {
349 | cname_domain_gateway = ans_domain_gateway;
350 | if (domains_map_struct) {
351 | if (domains.size + cname_domain->size < domains.max_size) {
352 | strcpy(&(domains.data[domains.size]), cname_domain->data + 1);
353 |
354 | domains_gateway_t add_elem;
355 | add_elem.offset = domains.size;
356 | add_elem.gateway = cname_domain_gateway;
357 |
358 | domains.size += cname_domain->size;
359 |
360 | array_hashmap_add_elem(domains_map_struct, &add_elem, NULL, NULL);
361 | }
362 | }
363 | }
364 |
365 | if (cname_domain_gateway != GET_GATEWAY_NOT_IN_ROUTES) {
366 | if (log_fd) {
367 | fprintf(log_fd, " BC(%d)", cname_domain_gateway + 1);
368 | }
369 | } else {
370 | if (log_fd) {
371 | fprintf(log_fd, " NC");
372 | }
373 | }
374 |
375 | if (log_fd) {
376 | fprintf(log_fd, " %s %s\n", ans_domain->data + 1, cname_domain->data + 1);
377 | }
378 | }
379 |
380 | if (ans_type != DNS_TypeA && ans_type != DNS_TypeCNAME) {
381 | if (log_fd) {
382 | fprintf(log_fd, " A(%d) %s\n", ans_type, ans_domain->data + 1);
383 | }
384 | }
385 |
386 | cur_pos_ptr += sizeof(dns_ans_t) - sizeof(uint32_t) + ans_len;
387 | // ANS DATA
388 | }
389 |
390 | if ((header->auth == 0) && (header->add == 0)) {
391 | if (cur_pos_ptr != receive_msg_end) {
392 | statistics_data.request_parsing_error++;
393 | dump_dns_data(DNS_ANS_CHECK_NOT_END_ERROR, receive_msg);
394 | return DNS_ANS_CHECK_NOT_END_ERROR;
395 | }
396 | }
397 |
398 | statistics_data.processed_count++;
399 |
400 | return que_domain_gateway;
401 | }
402 |
403 | void dns_ans_check_test(void)
404 | {
405 | memory_t receive_msg;
406 | receive_msg.size = 0;
407 | receive_msg.max_size = PACKET_MAX_SIZE;
408 | receive_msg.data = (char *)malloc(receive_msg.max_size * sizeof(char));
409 | if (receive_msg.data == 0) {
410 | errmsg("No free memory for receive_msg from DNS\n");
411 | }
412 |
413 | memory_t que_domain;
414 | que_domain.size = 0;
415 | que_domain.max_size = DOMAIN_MAX_SIZE;
416 | que_domain.data = (char *)malloc(que_domain.max_size * sizeof(char));
417 | if (que_domain.data == 0) {
418 | errmsg("No free memory for que_domain\n");
419 | }
420 |
421 | memory_t ans_domain;
422 | ans_domain.size = 0;
423 | ans_domain.max_size = DOMAIN_MAX_SIZE;
424 | ans_domain.data = (char *)malloc(ans_domain.max_size * sizeof(char));
425 | if (ans_domain.data == 0) {
426 | errmsg("No free memory for ans_domain\n");
427 | }
428 |
429 | memory_t cname_domain;
430 | cname_domain.size = 0;
431 | cname_domain.max_size = DOMAIN_MAX_SIZE;
432 | cname_domain.data = (char *)malloc(cname_domain.max_size * sizeof(char));
433 | if (cname_domain.data == 0) {
434 | errmsg("No free memory for cname_domain\n");
435 | }
436 |
437 | uint8_t correct_test[] = { 0x0f, 0x32, 0x81, 0x80, 0x00, 0x01, 0x00, 0x02, 0x00, 0x00, 0x00,
438 | 0x00, 0x03, 0x79, 0x74, 0x33, 0x05, 0x67, 0x67, 0x70, 0x68, 0x74,
439 | 0x03, 0x63, 0x6f, 0x6d, 0x00, 0x00, 0x01, 0x00, 0x01, 0xc0, 0x0c,
440 | 0x00, 0x05, 0x00, 0x01, 0x00, 0x00, 0x01, 0x09, 0x00, 0x18, 0x0c,
441 | 0x77, 0x69, 0x64, 0x65, 0x2d, 0x79, 0x6f, 0x75, 0x74, 0x75, 0x62,
442 | 0x65, 0x01, 0x6c, 0x06, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0xc0,
443 | 0x16, 0xc0, 0x2b, 0x00, 0x01, 0x00, 0x01, 0x00, 0x00, 0x01, 0x09,
444 | 0x00, 0x04, 0x40, 0xe9, 0xa1, 0xc6 };
445 |
446 | last_processed_id = 0;
447 | receive_msg.size = sizeof(correct_test);
448 | memcpy(receive_msg.data, correct_test, receive_msg.size);
449 | if (dns_ans_check(DNS_ANS, &receive_msg, &que_domain, &ans_domain, &cname_domain) !=
450 | GET_GATEWAY_NOT_IN_ROUTES) {
451 | errmsg("Test DNS correct fail\n");
452 | }
453 |
454 | last_processed_id = 0;
455 | receive_msg.size = 11;
456 | if (dns_ans_check(DNS_ANS, &receive_msg, &que_domain, &ans_domain, &cname_domain) !=
457 | DNS_ANS_CHECK_HEADER_SIZE_ERROR) {
458 | errmsg("Test DNS header size fail\n");
459 | }
460 | receive_msg.size = sizeof(correct_test);
461 |
462 | last_processed_id = 0;
463 | receive_msg.data[2] = 1;
464 | if (dns_ans_check(DNS_ANS, &receive_msg, &que_domain, &ans_domain, &cname_domain) !=
465 | DNS_ANS_CHECK_RES_TYPE_ERROR) {
466 | errmsg("Test DNS flag fail\n");
467 | }
468 | receive_msg.data[2] = correct_test[2];
469 |
470 | last_processed_id = 0;
471 | receive_msg.data[5] = 2;
472 | if (dns_ans_check(DNS_ANS, &receive_msg, &que_domain, &ans_domain, &cname_domain) !=
473 | DNS_ANS_CHECK_QUE_COUNT_ERROR) {
474 | errmsg("Test DNS quest count fail\n");
475 | }
476 | receive_msg.data[5] = correct_test[5];
477 |
478 | last_processed_id = 0;
479 | receive_msg.size = 26;
480 | if (dns_ans_check(DNS_ANS, &receive_msg, &que_domain, &ans_domain, &cname_domain) !=
481 | DNS_ANS_CHECK_QUE_URL_GET_ERROR) {
482 | errmsg("Test DNS que domain fail\n");
483 | }
484 | receive_msg.size = sizeof(correct_test);
485 |
486 | last_processed_id = 0;
487 | receive_msg.size = 30;
488 | if (dns_ans_check(DNS_ANS, &receive_msg, &que_domain, &ans_domain, &cname_domain) !=
489 | DNS_ANS_CHECK_QUE_DATA_GET_ERROR) {
490 | errmsg("Test DNS header que size fail\n");
491 | }
492 | receive_msg.size = sizeof(correct_test);
493 |
494 | last_processed_id = 0;
495 | receive_msg.size = 32;
496 | if (dns_ans_check(DNS_ANS, &receive_msg, &que_domain, &ans_domain, &cname_domain) !=
497 | DNS_ANS_CHECK_ANS_URL_GET_ERROR) {
498 | errmsg("Test DNS ans domain fail\n");
499 | }
500 | receive_msg.size = sizeof(correct_test);
501 |
502 | last_processed_id = 0;
503 | receive_msg.size = 42;
504 | if (dns_ans_check(DNS_ANS, &receive_msg, &que_domain, &ans_domain, &cname_domain) !=
505 | DNS_ANS_CHECK_ANS_DATA_GET_ERROR) {
506 | errmsg("Test DNS header ans size fail\n");
507 | }
508 | receive_msg.size = sizeof(correct_test);
509 |
510 | last_processed_id = 0;
511 | receive_msg.size = 66;
512 | if (dns_ans_check(DNS_ANS, &receive_msg, &que_domain, &ans_domain, &cname_domain) !=
513 | DNS_ANS_CHECK_ANS_LEN_ERROR) {
514 | errmsg("Test DNS header ans data size fail\n");
515 | }
516 | receive_msg.size = sizeof(correct_test);
517 |
518 | last_processed_id = 0;
519 | receive_msg.data[58] = 0x3F;
520 | if (dns_ans_check(DNS_ANS, &receive_msg, &que_domain, &ans_domain, &cname_domain) !=
521 | DNS_ANS_CHECK_CNAME_URL_GET_ERROR) {
522 | errmsg("Test DNS cname domain fail\n");
523 | }
524 | receive_msg.data[58] = correct_test[58];
525 |
526 | last_processed_id = 0;
527 | receive_msg.size = sizeof(correct_test) + 1;
528 | if (dns_ans_check(DNS_ANS, &receive_msg, &que_domain, &ans_domain, &cname_domain) !=
529 | DNS_ANS_CHECK_NOT_END_ERROR) {
530 | errmsg("Test DNS end fail\n");
531 | }
532 | receive_msg.size = sizeof(correct_test);
533 |
534 | char *tmp_ptr;
535 | if (get_domain_from_packet(&receive_msg, receive_msg.data + 12, &tmp_ptr, &que_domain) !=
536 | GET_DOMAIN_OK) {
537 | errmsg("Test get domain correct fail\n");
538 | }
539 |
540 | receive_msg.size = 12;
541 | if (get_domain_from_packet(&receive_msg, receive_msg.data + 12, &tmp_ptr, &que_domain) !=
542 | GET_DOMAIN_FIRST_BYTE_ERROR) {
543 | errmsg("Test get domain first byte fail\n");
544 | }
545 | receive_msg.size = sizeof(correct_test);
546 |
547 | que_domain.max_size = 0;
548 | if (get_domain_from_packet(&receive_msg, receive_msg.data + 12, &tmp_ptr, &que_domain) !=
549 | GET_DOMAIN_LAST_CH_DOMAIN_ERROR) {
550 | errmsg("Test get domain first byte domain len fail\n");
551 | }
552 | que_domain.max_size = DOMAIN_MAX_SIZE;
553 |
554 | receive_msg.size = 32;
555 | if (get_domain_from_packet(&receive_msg, receive_msg.data + 31, &tmp_ptr, &que_domain) !=
556 | GET_DOMAIN_SECOND_BYTE_ERROR) {
557 | errmsg("Test get domain second byte fail\n");
558 | }
559 | receive_msg.size = sizeof(correct_test);
560 |
561 | receive_msg.data[32] = 0x43;
562 | receive_msg.data[68] = 0x1F;
563 | if (get_domain_from_packet(&receive_msg, receive_msg.data + 31, &tmp_ptr, &que_domain) !=
564 | GET_DOMAIN_JUMP_COUNT_ERROR) {
565 | errmsg("Test get domain endless jumping fail\n");
566 | }
567 | receive_msg.data[32] = correct_test[32];
568 | receive_msg.data[68] = correct_test[68];
569 |
570 | receive_msg.data[31] = 0x7F;
571 | if (get_domain_from_packet(&receive_msg, receive_msg.data + 31, &tmp_ptr, &que_domain) !=
572 | GET_DOMAIN_TWO_BITS_ERROR) {
573 | errmsg("Test get domain byte 01 10 fail\n");
574 | }
575 | receive_msg.data[31] = correct_test[31];
576 |
577 | receive_msg.size = 13;
578 | if (get_domain_from_packet(&receive_msg, receive_msg.data + 12, &tmp_ptr, &que_domain) !=
579 | GET_DOMAIN_CH_BYTE_ERROR) {
580 | errmsg("Test get domain data byte fail\n");
581 | }
582 | receive_msg.size = sizeof(correct_test);
583 |
584 | que_domain.max_size = 1;
585 | if (get_domain_from_packet(&receive_msg, receive_msg.data + 12, &tmp_ptr, &que_domain) !=
586 | GET_DOMAIN_ADD_CH_DOMAIN_ERROR) {
587 | errmsg("Test get domain data domain len fail\n");
588 | }
589 | que_domain.max_size = DOMAIN_MAX_SIZE;
590 |
591 | que_domain.max_size = 14;
592 | if (get_domain_from_packet(&receive_msg, receive_msg.data + 12, &tmp_ptr, &que_domain) !=
593 | GET_DOMAIN_NULL_CH_DOMAIN_ERROR) {
594 | errmsg("Test get domain data domain last byte fail\n");
595 | }
596 | que_domain.max_size = DOMAIN_MAX_SIZE;
597 |
598 | free(receive_msg.data);
599 | free(que_domain.data);
600 | free(ans_domain.data);
601 | free(cname_domain.data);
602 | }
603 |
--------------------------------------------------------------------------------
/src/domains_read.c:
--------------------------------------------------------------------------------
1 | #include "antiblock.h"
2 | #include "config.h"
3 | #include "const.h"
4 | #include "dns_ans.h"
5 | #include "hash.h"
6 | #include "net_data.h"
7 | #include "stat.h"
8 | #include "tun.h"
9 | #include "domains_read.h"
10 | #include
11 |
12 | #define HTTP_OK 200
13 |
14 | memory_t domains;
15 | array_hashmap_t domains_map_struct;
16 |
17 | static array_hashmap_hash domain_add_hash(const void *add_elem_data)
18 | {
19 | const domains_gateway_t *elem = add_elem_data;
20 | return djb33_hash_len(&domains.data[elem->offset], -1);
21 | }
22 |
23 | static array_hashmap_bool domain_add_cmp(const void *add_elem_data, const void *hashmap_elem_data)
24 | {
25 | const domains_gateway_t *elem1 = add_elem_data;
26 | const domains_gateway_t *elem2 = hashmap_elem_data;
27 |
28 | return !strcmp(&domains.data[elem1->offset], &domains.data[elem2->offset]);
29 | }
30 |
31 | static array_hashmap_hash domain_find_hash(const void *find_elem_data)
32 | {
33 | const char *elem = find_elem_data;
34 | return djb33_hash_len(elem, -1);
35 | }
36 |
37 | static array_hashmap_bool domain_find_cmp(const void *find_elem_data, const void *hashmap_elem_data)
38 | {
39 | const char *elem1 = find_elem_data;
40 | const domains_gateway_t *elem2 = hashmap_elem_data;
41 |
42 | return !strcmp(elem1, &domains.data[elem2->offset]);
43 | }
44 |
45 | static size_t cb(void *data, size_t size, size_t nmemb, void *clientp)
46 | {
47 | size_t realsize = size * nmemb;
48 | memory_t *mem = (memory_t *)clientp;
49 |
50 | mem->max_size += realsize;
51 | char *ptr = realloc(mem->data, mem->max_size);
52 | if (ptr == NULL)
53 | return 0;
54 | mem->data = ptr;
55 |
56 | memcpy(&(mem->data[mem->size]), data, realsize);
57 | mem->size = mem->max_size;
58 |
59 | return realsize;
60 | }
61 |
62 | int32_t domains_read(void)
63 | {
64 | array_hashmap_del(&domains_map_struct);
65 |
66 | if (domains.data) {
67 | free(domains.data);
68 | }
69 |
70 | memset(&domains, 0, sizeof(domains));
71 |
72 | uint32_t gateway_domains_offset[GATEWAY_MAX_COUNT + 1];
73 | gateway_domains_offset[0] = 0;
74 |
75 | for (int32_t i = 0; i < gateways_count; i++) {
76 | if (!memcmp(gateway_domains_paths[i], "http", 4)) {
77 | curl_global_init(CURL_GLOBAL_DEFAULT);
78 | CURL *curl = curl_easy_init();
79 | if (curl) {
80 | curl_easy_setopt(curl, CURLOPT_URL, gateway_domains_paths[i]);
81 | curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
82 | curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
83 | curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, cb);
84 | curl_easy_setopt(curl, CURLOPT_WRITEDATA, (void *)&domains);
85 |
86 | CURLcode response;
87 | response = curl_easy_perform(curl);
88 | if (response == CURLE_COULDNT_RESOLVE_HOST) {
89 | printf("Wrong domains url %s\n", gateway_domains_paths[i]);
90 | }
91 |
92 | long http_code = 0;
93 | curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &http_code);
94 | if (http_code != HTTP_OK) {
95 | printf("Wrong status code %s\n", gateway_domains_paths[i]);
96 | }
97 |
98 | curl_easy_cleanup(curl);
99 | }
100 | curl_global_cleanup();
101 | } else {
102 | FILE *domains_fd = fopen(gateway_domains_paths[i], "r");
103 | if (domains_fd == NULL) {
104 | errmsg("Can't open domains file %s\n", gateway_domains_paths[i]);
105 | }
106 |
107 | fseek(domains_fd, 0, SEEK_END);
108 | int64_t domains_file_size_add = ftell(domains_fd);
109 | fseek(domains_fd, 0, SEEK_SET);
110 |
111 | domains.max_size += domains_file_size_add;
112 | domains.data = realloc(domains.data, domains.max_size);
113 | if (domains.data == NULL) {
114 | errmsg("No free memory for domains_file %s\n", gateway_domains_paths[i]);
115 | }
116 |
117 | if (fread(&(domains.data[domains.size]), 1, domains_file_size_add, domains_fd) !=
118 | (size_t)domains_file_size_add) {
119 | errmsg("Can't read domains file %s\n", gateway_domains_paths[i]);
120 | }
121 | domains.size = domains.max_size;
122 |
123 | fclose(domains_fd);
124 | }
125 |
126 | if (!(domains.size < (1 << OFFSET_BITS_COUNT))) {
127 | errmsg("The total size of all domains must be less than %d MB\n",
128 | (1 << OFFSET_BITS_COUNT) / 1024 / 1024);
129 | }
130 |
131 | if (domains.data && domains.max_size) {
132 | if (domains.data[domains.max_size - 1] != '\n') {
133 | domains.max_size += 1;
134 | domains.data = realloc(domains.data, domains.max_size);
135 | if (domains.data == NULL) {
136 | errmsg("No free memory for domains_file %s\n", gateway_domains_paths[i]);
137 | }
138 |
139 | domains.data[domains.max_size - 1] = '\n';
140 | domains.size = domains.max_size;
141 | }
142 | }
143 |
144 | gateway_domains_offset[i + 1] = domains.max_size;
145 | }
146 |
147 | domains.max_size += CNAME_DOMAINS_MAP_MAX_SIZE * DOMAIN_MAX_SIZE;
148 | domains.data = realloc(domains.data, domains.max_size);
149 | if (domains.data == NULL) {
150 | errmsg("No free memory for cname_domains\n");
151 | }
152 |
153 | if (!(domains.size < (1 << OFFSET_BITS_COUNT))) {
154 | errmsg("The total size of all domains must be less than %d MB\n",
155 | (1 << OFFSET_BITS_COUNT) / 1024 / 1024);
156 | }
157 |
158 | int32_t gateway_domains_count[GATEWAY_MAX_COUNT];
159 | memset(gateway_domains_count, 0, sizeof(int32_t) * GATEWAY_MAX_COUNT);
160 |
161 | if (domains.size > 0) {
162 | int32_t domains_map_size = 0;
163 | for (int32_t i = 0; i < (int32_t)domains.size; i++) {
164 | if (domains.data[i] == '\n') {
165 | domains.data[i] = 0;
166 |
167 | domains_map_size++;
168 | }
169 | }
170 |
171 | int32_t domains_map_size_cname = domains_map_size + CNAME_DOMAINS_MAP_MAX_SIZE;
172 | domains_map_struct =
173 | array_hashmap_init(domains_map_size_cname, 1.0, sizeof(domains_gateway_t));
174 | if (domains_map_struct == NULL) {
175 | errmsg("No free memory for domains_map\n");
176 | }
177 |
178 | int32_t is_thread_safety = 0;
179 | is_thread_safety = array_hashmap_is_thread_safety(domains_map_struct);
180 | if (is_thread_safety == 0) {
181 | errmsg("No thread safety hashmap\n");
182 | }
183 |
184 | array_hashmap_set_func(domains_map_struct, domain_add_hash, domain_add_cmp,
185 | domain_find_hash, domain_find_cmp, domain_find_hash,
186 | domain_find_cmp);
187 |
188 | uint32_t domain_offset = 0;
189 | int32_t gateway_id = 0;
190 |
191 | for (int32_t i = 0; i < domains_map_size; i++) {
192 | for (int32_t j = 1; j <= gateways_count; j++) {
193 | if ((gateway_domains_offset[j - 1] <= domain_offset) &&
194 | (domain_offset < gateway_domains_offset[j])) {
195 | gateway_id = j - 1;
196 | gateway_domains_count[gateway_id]++;
197 | }
198 | }
199 |
200 | if (!memcmp(&domains.data[domain_offset], "www.", 4)) {
201 | domain_offset += 4;
202 | }
203 |
204 | domains_gateway_t add_elem;
205 | add_elem.offset = domain_offset;
206 | add_elem.gateway = gateway_id;
207 |
208 | array_hashmap_add_elem(domains_map_struct, &add_elem, NULL, NULL);
209 |
210 | domain_offset = strchr(&domains.data[domain_offset + 1], 0) - domains.data + 1;
211 | }
212 | }
213 |
214 | int32_t status = 1;
215 |
216 | for (int32_t j = 0; j < gateways_count; j++) {
217 | if ((!memcmp(gateway_domains_paths[j], "http", 4)) && (gateway_domains_count[j] == 0)) {
218 | status = 0;
219 | }
220 | printf("From %s readed %d domains\n", gateway_domains_paths[j], gateway_domains_count[j]);
221 | }
222 |
223 | return status;
224 | }
225 |
--------------------------------------------------------------------------------
/src/hash.c:
--------------------------------------------------------------------------------
1 | #include "antiblock.h"
2 | #include "config.h"
3 | #include "const.h"
4 | #include "dns_ans.h"
5 | #include "hash.h"
6 | #include "net_data.h"
7 | #include "stat.h"
8 | #include "tun.h"
9 | #include "domains_read.h"
10 |
11 | uint32_t djb33_hash_len(const char *s, size_t len)
12 | {
13 | uint32_t h = 5381;
14 | while (*s && len--) {
15 | h += (h << 5);
16 | h ^= *s++;
17 | }
18 | return h;
19 | }
20 |
--------------------------------------------------------------------------------
/src/net_data.c:
--------------------------------------------------------------------------------
1 | #include "antiblock.h"
2 | #include "config.h"
3 | #include "const.h"
4 | #include "dns_ans.h"
5 | #include "hash.h"
6 | #include "net_data.h"
7 | #include "stat.h"
8 | #include "tun.h"
9 | #include "domains_read.h"
10 |
11 | #ifdef PROXY_MODE
12 |
13 | static id_map_t *id_map;
14 | static int32_t repeater_DNS_socket;
15 | static int32_t repeater_client_socket;
16 |
17 | static void *DNS_data(__attribute__((unused)) void *arg)
18 | {
19 | struct sockaddr_in repeater_DNS_addr, receive_DNS_addr, client_addr;
20 |
21 | repeater_DNS_addr = listen_addr;
22 | repeater_DNS_addr.sin_port = htons(ntohs(repeater_DNS_addr.sin_port) + 1);
23 |
24 | uint32_t receive_DNS_addr_length = sizeof(receive_DNS_addr);
25 |
26 | repeater_DNS_socket = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
27 | if (repeater_DNS_socket < 0) {
28 | errmsg("Can't create socket for listen from DNS \"%s\"\n", strerror(errno));
29 | }
30 |
31 | if (bind(repeater_DNS_socket, (struct sockaddr *)&repeater_DNS_addr,
32 | sizeof(repeater_DNS_addr)) < 0) {
33 | errmsg("Can't bind to the port for listen from DNS \"%s\"\n", strerror(errno));
34 | }
35 |
36 | memory_t receive_msg;
37 | receive_msg.size = 0;
38 | receive_msg.max_size = PACKET_MAX_SIZE;
39 | receive_msg.data = (char *)malloc(receive_msg.max_size * sizeof(char));
40 | if (receive_msg.data == 0) {
41 | errmsg("No free memory for receive_msg from DNS\n");
42 | }
43 |
44 | memory_t que_domain;
45 | que_domain.size = 0;
46 | que_domain.max_size = DOMAIN_MAX_SIZE;
47 | que_domain.data = (char *)malloc(que_domain.max_size * sizeof(char));
48 | if (que_domain.data == 0) {
49 | errmsg("No free memory for que_domain\n");
50 | }
51 |
52 | memory_t ans_domain;
53 | ans_domain.size = 0;
54 | ans_domain.max_size = DOMAIN_MAX_SIZE;
55 | ans_domain.data = (char *)malloc(ans_domain.max_size * sizeof(char));
56 | if (ans_domain.data == 0) {
57 | errmsg("No free memory for ans_domain\n");
58 | }
59 |
60 | memory_t cname_domain;
61 | cname_domain.size = 0;
62 | cname_domain.max_size = DOMAIN_MAX_SIZE;
63 | cname_domain.data = (char *)malloc(cname_domain.max_size * sizeof(char));
64 | if (cname_domain.data == 0) {
65 | errmsg("No free memory for cname_domain\n");
66 | }
67 |
68 | pthread_barrier_wait(&threads_barrier);
69 |
70 | while (true) {
71 | receive_msg.size = recvfrom(repeater_DNS_socket, receive_msg.data, receive_msg.max_size, 0,
72 | (struct sockaddr *)&receive_DNS_addr, &receive_DNS_addr_length);
73 |
74 | if (receive_msg.size < (int32_t)sizeof(dns_header_t)) {
75 | continue;
76 | }
77 |
78 | dns_header_t *header = (dns_header_t *)receive_msg.data;
79 | uint16_t id = ntohs(header->id);
80 |
81 | if (id_map[id].port == 0 || id_map[id].ip == 0) {
82 | continue;
83 | }
84 |
85 | dns_ans_check(DNS_ANS, &receive_msg, &que_domain, &ans_domain, &cname_domain);
86 |
87 | client_addr.sin_family = AF_INET;
88 | client_addr.sin_port = id_map[id].port;
89 | client_addr.sin_addr.s_addr = id_map[id].ip;
90 |
91 | id_map[id].port = 0;
92 | id_map[id].ip = 0;
93 |
94 | if (sendto(repeater_client_socket, receive_msg.data, receive_msg.size, 0,
95 | (struct sockaddr *)&client_addr, sizeof(client_addr)) < 0) {
96 | printf("Can't send to client \"%s\"\n", strerror(errno));
97 | }
98 | }
99 |
100 | free(receive_msg.data);
101 | free(que_domain.data);
102 | free(ans_domain.data);
103 | free(cname_domain.data);
104 |
105 | return NULL;
106 | }
107 |
108 | static void *client_data(__attribute__((unused)) void *arg)
109 | {
110 | struct sockaddr_in receive_client_addr;
111 |
112 | uint32_t receive_client_addr_length = sizeof(receive_client_addr);
113 |
114 | repeater_client_socket = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
115 | if (repeater_client_socket < 0) {
116 | errmsg("Can't create socket for listen from client \"%s\"\n", strerror(errno));
117 | }
118 |
119 | if (bind(repeater_client_socket, (struct sockaddr *)&listen_addr, sizeof(listen_addr)) < 0) {
120 | errmsg("Can't bind to the port for listen from client \"%s\"\n", strerror(errno));
121 | }
122 |
123 | memory_t receive_msg;
124 | receive_msg.size = 0;
125 | receive_msg.max_size = PACKET_MAX_SIZE;
126 | receive_msg.data = (char *)malloc(receive_msg.max_size * sizeof(char));
127 | if (receive_msg.data == 0) {
128 | errmsg("No free memory for receive_msg from client\n");
129 | }
130 |
131 | memory_t que_domain;
132 | que_domain.size = 0;
133 | que_domain.max_size = DOMAIN_MAX_SIZE;
134 | que_domain.data = (char *)malloc(que_domain.max_size * sizeof(char));
135 | if (que_domain.data == 0) {
136 | errmsg("No free memory for que_domain\n");
137 | }
138 |
139 | pthread_barrier_wait(&threads_barrier);
140 |
141 | while (true) {
142 | receive_msg.size = recvfrom(repeater_client_socket, receive_msg.data, receive_msg.max_size,
143 | 0, (struct sockaddr *)&receive_client_addr,
144 | &receive_client_addr_length);
145 |
146 | if (receive_msg.size < (int32_t)sizeof(dns_header_t)) {
147 | continue;
148 | }
149 |
150 | int32_t dns_id = 0;
151 | #ifdef MULTIPLE_DNS
152 | dns_id = dns_ans_check(DNS_QUE, &receive_msg, &que_domain, NULL, NULL) + 1;
153 | if (dns_id < 0) {
154 | dns_id = 0;
155 | }
156 | #endif
157 |
158 | dns_header_t *header = (dns_header_t *)receive_msg.data;
159 | uint16_t id = ntohs(header->id);
160 |
161 | id_map[id].ip = receive_client_addr.sin_addr.s_addr;
162 | id_map[id].port = receive_client_addr.sin_port;
163 |
164 | if (sendto(repeater_DNS_socket, receive_msg.data, receive_msg.size, 0,
165 | (struct sockaddr *)&dns_addr[dns_id], sizeof(dns_addr[dns_id])) < 0) {
166 | printf("Can't send to DNS \"%s\"\n", strerror(errno));
167 | }
168 | }
169 |
170 | free(receive_msg.data);
171 |
172 | return NULL;
173 | }
174 |
175 | void init_net_data_threads(void)
176 | {
177 | id_map = malloc((USHRT_MAX + 1) * sizeof(id_map_t));
178 | if (id_map == NULL) {
179 | errmsg("No free memory for id_map\n");
180 | }
181 | memset(id_map, 0, (USHRT_MAX + 1) * sizeof(id_map_t));
182 |
183 | pthread_t client_data_thread;
184 | if (pthread_create(&client_data_thread, NULL, client_data, NULL)) {
185 | errmsg("Can't create client_data_thread\n");
186 | }
187 |
188 | if (pthread_detach(client_data_thread)) {
189 | errmsg("Can't detach client_data_thread\n");
190 | }
191 |
192 | pthread_t DNS_data_thread;
193 | if (pthread_create(&DNS_data_thread, NULL, DNS_data, NULL)) {
194 | errmsg("Can't create DNS_data_thread\n");
195 | }
196 |
197 | if (pthread_detach(DNS_data_thread)) {
198 | errmsg("Can't detach DNS_data_thread\n");
199 | }
200 | }
201 |
202 | #else
203 |
204 | static memory_t receive_msg;
205 | static memory_t que_domain;
206 | static memory_t ans_domain;
207 | static memory_t cname_domain;
208 |
209 | static void callback_sll(__attribute__((unused)) u_char *useless, const struct pcap_pkthdr *pkthdr,
210 | const u_char *packet)
211 | {
212 | if (pkthdr->len != pkthdr->caplen) {
213 | return;
214 | }
215 |
216 | if (pkthdr->len <
217 | (int32_t)(sizeof(struct sll_header) + sizeof(struct iphdr) + sizeof(struct udphdr))) {
218 | return;
219 | }
220 |
221 | struct sll_header *eth_h = (struct sll_header *)packet;
222 | if (eth_h->sll_protocol != htons(ETH_P_IP)) {
223 | return;
224 | }
225 |
226 | struct iphdr *iph = (struct iphdr *)((char *)eth_h + sizeof(*eth_h));
227 | if (iph->protocol != IPPROTO_UDP) {
228 | return;
229 | }
230 |
231 | struct udphdr *udph = (struct udphdr *)((char *)iph + sizeof(*iph));
232 | if (udph->source != listen_addr.sin_port) {
233 | return;
234 | }
235 |
236 | receive_msg.size = ntohs(udph->len) - sizeof(*udph);
237 | receive_msg.data = (char *)udph + sizeof(*udph);
238 |
239 | dns_ans_check(DNS_ANS, &receive_msg, &que_domain, &ans_domain, &cname_domain);
240 | }
241 |
242 | static void *PCAP(__attribute__((unused)) void *arg)
243 | {
244 | pcap_t *handle;
245 | char errbuf[PCAP_ERRBUF_SIZE];
246 | struct bpf_program fp;
247 | char filter_exp[1000];
248 |
249 | struct in_addr listen_ip;
250 | listen_ip.s_addr = listen_addr.sin_addr.s_addr;
251 |
252 | sprintf(filter_exp, "udp and src %s and src port %hu", inet_ntoa(listen_ip),
253 | ntohs(listen_addr.sin_port));
254 |
255 | char *device_name = "any";
256 |
257 | handle = pcap_open_live(device_name, BUFSIZ, 0, 1, errbuf);
258 | if (handle == NULL) {
259 | errmsg("Can't open device %s: %s\n", device_name, errbuf);
260 | }
261 | if (pcap_datalink(handle) != DLT_LINUX_SLL) {
262 | errmsg("This program handles only SLL captures\n");
263 | }
264 | if (pcap_compile(handle, &fp, filter_exp, 0, PCAP_NETMASK_UNKNOWN) != 0) {
265 | errmsg("Can't parse filter %s: %s\n", filter_exp, pcap_geterr(handle));
266 | }
267 | if (pcap_setfilter(handle, &fp) != 0) {
268 | errmsg("Can't install filter %s: %s\n", filter_exp, pcap_geterr(handle));
269 | }
270 |
271 | receive_msg.size = 0;
272 | receive_msg.max_size = PACKET_MAX_SIZE;
273 | receive_msg.data = (char *)malloc(receive_msg.max_size * sizeof(char));
274 | if (receive_msg.data == 0) {
275 | errmsg("No free memory for receive_msg from DNS\n");
276 | }
277 |
278 | que_domain.size = 0;
279 | que_domain.max_size = DOMAIN_MAX_SIZE;
280 | que_domain.data = (char *)malloc(que_domain.max_size * sizeof(char));
281 | if (que_domain.data == 0) {
282 | errmsg("No free memory for que_domain\n");
283 | }
284 |
285 | ans_domain.size = 0;
286 | ans_domain.max_size = DOMAIN_MAX_SIZE;
287 | ans_domain.data = (char *)malloc(ans_domain.max_size * sizeof(char));
288 | if (ans_domain.data == 0) {
289 | errmsg("No free memory for ans_domain\n");
290 | }
291 |
292 | cname_domain.size = 0;
293 | cname_domain.max_size = DOMAIN_MAX_SIZE;
294 | cname_domain.data = (char *)malloc(cname_domain.max_size * sizeof(char));
295 | if (cname_domain.data == 0) {
296 | errmsg("No free memory for cname_domain\n");
297 | }
298 |
299 | pthread_barrier_wait(&threads_barrier);
300 |
301 | pcap_loop(handle, 0, callback_sll, NULL);
302 |
303 | return NULL;
304 | }
305 |
306 | void init_net_data_threads(void)
307 | {
308 | pthread_t PCAP_thread;
309 | if (pthread_create(&PCAP_thread, NULL, PCAP, NULL)) {
310 | errmsg("Can't create client_data_thread\n");
311 | }
312 |
313 | if (pthread_detach(PCAP_thread)) {
314 | errmsg("Can't detach client_data_thread\n");
315 | }
316 | }
317 |
318 | #endif
319 |
--------------------------------------------------------------------------------
/src/stat.c:
--------------------------------------------------------------------------------
1 | #include "antiblock.h"
2 | #include "config.h"
3 | #include "const.h"
4 | #include "dns_ans.h"
5 | #include "hash.h"
6 | #include "net_data.h"
7 | #include "stat.h"
8 | #include "tun.h"
9 | #include "domains_read.h"
10 |
11 | statistics_t statistics_data;
12 |
13 | void stat_print(FILE *stat_fd)
14 | {
15 | ftruncate(fileno(stat_fd), 0);
16 | fseek(stat_fd, 0, SEEK_SET);
17 |
18 | fprintf(stat_fd, "Statistics ");
19 |
20 | struct tm *tm_struct = localtime(&statistics_data.stat_start);
21 | fprintf(stat_fd, "%02d.%02d.%04d %02d:%02d:%02d", tm_struct->tm_mday, tm_struct->tm_mon + 1,
22 | tm_struct->tm_year + 1900, tm_struct->tm_hour, tm_struct->tm_min, tm_struct->tm_sec);
23 |
24 | fprintf(stat_fd, " - ");
25 |
26 | time_t now = time(NULL);
27 | tm_struct = localtime(&now);
28 | fprintf(stat_fd, "%02d.%02d.%04d %02d:%02d:%02d", tm_struct->tm_mday, tm_struct->tm_mon + 1,
29 | tm_struct->tm_year + 1900, tm_struct->tm_hour, tm_struct->tm_min, tm_struct->tm_sec);
30 |
31 | fprintf(stat_fd, "\n");
32 |
33 | fprintf(stat_fd, "DNS packets processed: %d\n", statistics_data.processed_count);
34 | fprintf(stat_fd, "DNS parsing errors : %d\n", statistics_data.request_parsing_error);
35 | fprintf(stat_fd, "In route table:\n");
36 | for (int i = 0; i < gateways_count; i++) {
37 | fprintf(stat_fd, " Route %d : %d\n", i + 1, statistics_data.in_route_table[i]);
38 | }
39 |
40 | #ifdef TUN_MODE
41 | double nat_sended_to_dev_size_gb = statistics_data.nat_sended_to_dev_size / 1024 / 1024 / 1024;
42 | fprintf(stat_fd, "NAT sended to internet : %d ptks\n",
43 | statistics_data.nat_sended_to_dev);
44 | fprintf(stat_fd, "NAT sended to internet size : %lf GB\n", nat_sended_to_dev_size_gb);
45 |
46 | fprintf(stat_fd, "\n");
47 |
48 | double nat_sended_to_client_size_gb =
49 | statistics_data.nat_sended_to_client_size / 1024 / 1024 / 1024;
50 | fprintf(stat_fd, "NAT sended to client : %d ptks\n",
51 | statistics_data.nat_sended_to_client);
52 | fprintf(stat_fd, "NAT sended to client size : %lf GB\n", nat_sended_to_client_size_gb);
53 |
54 | fprintf(stat_fd, "\n");
55 |
56 | fprintf(stat_fd, "NAT sended to internet errors : %d ptks\n",
57 | statistics_data.nat_sended_to_dev_error);
58 | fprintf(stat_fd, "NAT sended to client errors : %d ptks\n",
59 | statistics_data.nat_sended_to_client_error);
60 |
61 | fprintf(stat_fd, "\n");
62 |
63 | fprintf(stat_fd, "NAT records count : %d\n", statistics_data.nat_records);
64 | #endif
65 |
66 | fflush(stat_fd);
67 | }
68 |
--------------------------------------------------------------------------------
/src/tun.c:
--------------------------------------------------------------------------------
1 | #include "antiblock.h"
2 | #include "config.h"
3 | #include "const.h"
4 | #include "dns_ans.h"
5 | #include "hash.h"
6 | #include "net_data.h"
7 | #include "stat.h"
8 | #include "tun.h"
9 | #include "domains_read.h"
10 |
11 | #ifdef TUN_MODE
12 |
13 | array_hashmap_t ip_ip_map_struct;
14 | static array_hashmap_t nat_map_struct;
15 |
16 | subnet_range_t NAT;
17 |
18 | void subnet_init(subnet_range_t *subnet)
19 | {
20 | uint32_t netMask = (INADDR_NONE << (32 - (subnet->network_prefix + 1)) & INADDR_NONE);
21 | subnet->start_ip = (ntohl(subnet->network_ip) & netMask) + 2;
22 |
23 | subnet->subnet_size = 1;
24 | subnet->subnet_size <<= 32 - (subnet->network_prefix + 1);
25 | subnet->end_ip = (ntohl(subnet->network_ip) & netMask) + subnet->subnet_size - 2;
26 | }
27 |
28 | int32_t tun_alloc(char *dev, int32_t flags)
29 | {
30 | struct ifreq ifr;
31 | int32_t fd_create;
32 | int32_t fd_setip;
33 | int32_t err;
34 | struct sockaddr_in sin;
35 |
36 | if ((fd_create = open("/dev/net/tun", O_RDWR)) < 0) {
37 | return fd_create;
38 | }
39 |
40 | memset(&ifr, 0, sizeof(ifr));
41 | ifr.ifr_flags = flags;
42 | strncpy(ifr.ifr_name, dev, IFNAMSIZ);
43 |
44 | if ((err = ioctl(fd_create, TUNSETIFF, (void *)&ifr)) < 0) {
45 | return err;
46 | }
47 |
48 | if ((fd_setip = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
49 | return fd_setip;
50 | }
51 |
52 | memset(&ifr, 0, sizeof(ifr));
53 | strncpy(ifr.ifr_name, dev, IFNAMSIZ);
54 |
55 | if ((err = ioctl(fd_setip, SIOCGIFFLAGS, &ifr)) < 0) {
56 | return err;
57 | }
58 |
59 | if (!(ifr.ifr_flags & IFF_UP)) {
60 | ifr.ifr_flags |= IFF_UP;
61 | if ((err = ioctl(fd_setip, SIOCSIFFLAGS, &ifr)) < 0) {
62 | return err;
63 | }
64 | }
65 |
66 | memset(&sin, 0, sizeof(struct sockaddr_in));
67 | sin.sin_family = AF_INET;
68 | sin.sin_addr.s_addr = tun_ip;
69 | memcpy(&ifr.ifr_addr, &sin, sizeof(struct sockaddr));
70 |
71 | if ((err = ioctl(fd_setip, SIOCSIFADDR, &ifr)) < 0) {
72 | return err;
73 | }
74 |
75 | memset(&ifr, 0, sizeof(ifr));
76 | strncpy(ifr.ifr_name, dev, IFNAMSIZ);
77 |
78 | memset(&sin, 0, sizeof(struct sockaddr_in));
79 | sin.sin_family = AF_INET;
80 | sin.sin_addr.s_addr = htonl(INADDR_NONE << (32 - tun_prefix) & INADDR_NONE);
81 | memcpy(&ifr.ifr_netmask, &sin, sizeof(struct sockaddr));
82 |
83 | if ((err = ioctl(fd_setip, SIOCSIFNETMASK, &ifr)) < 0) {
84 | return err;
85 | }
86 |
87 | return fd_create;
88 | }
89 |
90 | static uint16_t checksum(char *buf, uint32_t size)
91 | {
92 | uint32_t sum = 0, i;
93 |
94 | for (i = 0; i < size - 1; i += 2) {
95 | uint16_t word16 = *(uint16_t *)&buf[i];
96 | sum += word16;
97 | }
98 |
99 | if (size & 1) {
100 | uint16_t word16 = (uint8_t)buf[i];
101 | sum += word16;
102 | }
103 |
104 | while (sum >> 16)
105 | sum = (sum & 0xFFFF) + (sum >> 16);
106 |
107 | return ~sum;
108 | }
109 |
110 | static array_hashmap_hash ip_ip_hash(const void *elem_data)
111 | {
112 | const ip_ip_map_t *elem = elem_data;
113 | return elem->ip_local;
114 | }
115 |
116 | static array_hashmap_bool ip_ip_cmp(const void *elem_data, const void *hashmap_elem_data)
117 | {
118 | const ip_ip_map_t *elem1 = elem_data;
119 | const ip_ip_map_t *elem2 = hashmap_elem_data;
120 |
121 | return elem1->ip_local == elem2->ip_local;
122 | }
123 |
124 | static array_hashmap_hash nat_hash(const void *elem_data)
125 | {
126 | const nat_map_t *elem = elem_data;
127 | return djb33_hash_len((const char *)(&elem->key), sizeof(elem->key));
128 | }
129 |
130 | static array_hashmap_bool nat_cmp(const void *elem_data, const void *hashmap_elem_data)
131 | {
132 | const nat_map_t *elem1 = elem_data;
133 | const nat_map_t *elem2 = hashmap_elem_data;
134 |
135 | return !memcmp(&elem1->key, &elem2->key, sizeof(elem1->key));
136 | }
137 |
138 | static void *tun(__attribute__((unused)) void *arg)
139 | {
140 | //char *tap_buffer = NULL;
141 | char *tun_buffer = NULL;
142 | char *pseudogram = NULL;
143 |
144 | //tap_buffer = (char *)malloc(PACKET_MAX_SIZE * sizeof(char));
145 | tun_buffer = (char *)malloc(PACKET_MAX_SIZE * sizeof(char));
146 | pseudogram = (char *)malloc(PACKET_MAX_SIZE * sizeof(char));
147 |
148 | //int32_t tap_fd = 0;
149 | int32_t tun_fd = 0;
150 |
151 | //tap_fd = tun_alloc("AntiBlock_NAT_TAP", IFF_TAP | IFF_NO_PI);
152 | //if (tap_fd < 0) {
153 | // errmsg("Can't allocate TAP interface\n");
154 | //}
155 |
156 | tun_fd = tun_alloc("AntiBlock_NAT", IFF_TUN);
157 | if (tun_fd < 0) {
158 | errmsg("Can't allocate TUN interface\n");
159 | }
160 |
161 | pthread_barrier_wait(&threads_barrier);
162 |
163 | uint32_t nat_icmp_client_ip = 0;
164 |
165 | while (true) {
166 | int32_t nread = read(tun_fd, tun_buffer, PACKET_MAX_SIZE);
167 |
168 | if (nread < 1) {
169 | continue;
170 | }
171 |
172 | struct tun_pi *tun_header = (struct tun_pi *)tun_buffer;
173 |
174 | int32_t proto_L3 = ntohs(tun_header->proto);
175 | if (proto_L3 != ETH_P_IP) {
176 | continue;
177 | }
178 |
179 | char *L3_start_pointer = tun_buffer + sizeof(struct tun_pi);
180 | struct iphdr *iph = (struct iphdr *)L3_start_pointer;
181 |
182 | char proto_L4 = iph->protocol;
183 | if ((proto_L4 != IPPROTO_TCP) && (proto_L4 != IPPROTO_UDP) && (proto_L4 != IPPROTO_ICMP)) {
184 | continue;
185 | }
186 |
187 | if (proto_L4 == IPPROTO_ICMP) {
188 | int32_t iph_daddr_h = ntohl(iph->daddr);
189 | int32_t mask = 1;
190 | mask <<= 32 - (tun_prefix + 1);
191 |
192 | if (iph_daddr_h & mask) {
193 | iph_daddr_h &= ~mask;
194 |
195 | iph->saddr = htonl(iph_daddr_h);
196 | iph->daddr = nat_icmp_client_ip;
197 | } else {
198 | ip_ip_map_t find_elem_ip_ip;
199 | find_elem_ip_ip.ip_local = iph->daddr;
200 |
201 | ip_ip_map_t res_elem_ip_ip;
202 | int32_t find_elem_ip_ip_flag = 0;
203 |
204 | find_elem_ip_ip_flag =
205 | array_hashmap_find_elem(ip_ip_map_struct, &find_elem_ip_ip, &res_elem_ip_ip);
206 | if (find_elem_ip_ip_flag != array_hashmap_elem_finded) {
207 | statistics_data.nat_sended_to_dev_error++;
208 | continue;
209 | }
210 |
211 | iph_daddr_h |= mask;
212 |
213 | nat_icmp_client_ip = iph->saddr;
214 |
215 | iph->saddr = htonl(iph_daddr_h);
216 | iph->daddr = res_elem_ip_ip.ip_global;
217 | }
218 |
219 | iph->check = 0;
220 | iph->check = checksum(L3_start_pointer, iph->ihl << 2);
221 |
222 | //memcpy(tap_buffer + sizeof(struct ethhdr), L3_start_pointer,
223 | // nread - sizeof(struct tun_pi));
224 | //struct ethhdr *ethh = (struct ethhdr *)tap_buffer;
225 | //ethh->h_proto = htons(ETH_P_IP);
226 | //memset(ethh->h_dest, 0xFF, 6);
227 | //memset(ethh->h_source, 0xFF, 6);
228 | //write(tap_fd, tap_buffer, nread - sizeof(struct tun_pi) + sizeof(struct ethhdr));
229 |
230 | write(tun_fd, tun_buffer, nread);
231 |
232 | continue;
233 | }
234 |
235 | uint16_t src_port = 0;
236 | uint16_t dst_port = 0;
237 |
238 | char *L4_start_pointer = L3_start_pointer + sizeof(struct iphdr);
239 | if (proto_L4 == IPPROTO_TCP) {
240 | struct tcphdr *tcph = (struct tcphdr *)L4_start_pointer;
241 |
242 | src_port = tcph->source;
243 | dst_port = tcph->dest;
244 |
245 | tcph->check = 0;
246 | }
247 | if (proto_L4 == IPPROTO_UDP) {
248 | struct udphdr *udph = (struct udphdr *)L4_start_pointer;
249 |
250 | src_port = udph->source;
251 | dst_port = udph->dest;
252 |
253 | udph->check = 0;
254 | }
255 |
256 | struct in_addr src_ip_old;
257 | src_ip_old.s_addr = iph->saddr;
258 |
259 | struct in_addr dst_ip_old;
260 | dst_ip_old.s_addr = iph->daddr;
261 |
262 | uint16_t src_port_old = src_port;
263 | uint16_t dst_port_old = dst_port;
264 |
265 | int32_t in_out_flag = 0;
266 |
267 | int32_t iph_daddr_h = ntohl(iph->daddr);
268 | int32_t mask = 1;
269 | mask <<= 32 - (tun_prefix + 1);
270 |
271 | if (iph_daddr_h & mask) {
272 | nat_map_t find_elem_nat;
273 | find_elem_nat.key.src_ip = iph->daddr;
274 | find_elem_nat.key.dst_ip = iph->saddr;
275 | find_elem_nat.key.src_port = dst_port;
276 | find_elem_nat.key.dst_port = src_port;
277 | find_elem_nat.key.proto = proto_L4;
278 |
279 | nat_map_t res_elem_nat;
280 | int32_t find_elem_nat_flag = 0;
281 |
282 | find_elem_nat_flag =
283 | array_hashmap_find_elem(nat_map_struct, &find_elem_nat, &res_elem_nat);
284 | if (find_elem_nat_flag != array_hashmap_elem_finded) {
285 | statistics_data.nat_sended_to_client_error++;
286 |
287 | continue;
288 | }
289 |
290 | iph_daddr_h &= ~mask;
291 | iph->saddr = htonl(iph_daddr_h);
292 | iph->daddr = res_elem_nat.value.old_src_ip;
293 | dst_port = res_elem_nat.value.old_src_port;
294 |
295 | in_out_flag = 0;
296 |
297 | statistics_data.nat_sended_to_client++;
298 | statistics_data.nat_sended_to_client_size += nread;
299 | } else {
300 | ip_ip_map_t find_elem_ip_ip;
301 | find_elem_ip_ip.ip_local = iph->daddr;
302 |
303 | ip_ip_map_t res_elem_ip_ip;
304 | int32_t find_elem_ip_ip_flag = 0;
305 |
306 | find_elem_ip_ip_flag =
307 | array_hashmap_find_elem(ip_ip_map_struct, &find_elem_ip_ip, &res_elem_ip_ip);
308 | if (find_elem_ip_ip_flag != array_hashmap_elem_finded) {
309 | statistics_data.nat_sended_to_dev_error++;
310 | continue;
311 | }
312 |
313 | uint16_t start_new_srt_port = ntohs(src_port);
314 | int32_t correct_new_srt_port = 1;
315 | nat_map_t add_elem_nat;
316 | iph_daddr_h |= mask;
317 |
318 | while (correct_new_srt_port) {
319 | add_elem_nat.key.src_ip = htonl(iph_daddr_h);
320 | add_elem_nat.key.dst_ip = res_elem_ip_ip.ip_global;
321 | add_elem_nat.key.src_port = htons(start_new_srt_port);
322 | add_elem_nat.key.dst_port = dst_port;
323 | add_elem_nat.key.proto = proto_L4;
324 | add_elem_nat.value.old_src_ip = iph->saddr;
325 | add_elem_nat.value.old_src_port = src_port;
326 |
327 | nat_map_t res_elem_nat;
328 | int32_t add_elem_nat_flag = 0;
329 | add_elem_nat_flag =
330 | array_hashmap_add_elem(nat_map_struct, &add_elem_nat, &res_elem_nat, NULL);
331 | if (add_elem_nat_flag == array_hashmap_elem_finded) {
332 | correct_new_srt_port = 0;
333 | statistics_data.nat_records++;
334 | }
335 | if (add_elem_nat_flag == 0) {
336 | if ((add_elem_nat.value.old_src_ip == res_elem_nat.value.old_src_ip) &&
337 | (add_elem_nat.value.old_src_port == res_elem_nat.value.old_src_port)) {
338 | correct_new_srt_port = 0;
339 | }
340 | }
341 | start_new_srt_port++;
342 | }
343 |
344 | iph->saddr = add_elem_nat.key.src_ip;
345 | iph->daddr = add_elem_nat.key.dst_ip;
346 | src_port = add_elem_nat.key.src_port;
347 |
348 | in_out_flag = 1;
349 |
350 | statistics_data.nat_sended_to_dev++;
351 | statistics_data.nat_sended_to_dev_size += nread;
352 | }
353 |
354 | if (proto_L4 == IPPROTO_TCP) {
355 | struct tcphdr *tcph = (struct tcphdr *)L4_start_pointer;
356 |
357 | tcph->source = src_port;
358 | tcph->dest = dst_port;
359 | }
360 | if (proto_L4 == IPPROTO_UDP) {
361 | struct udphdr *udph = (struct udphdr *)L4_start_pointer;
362 |
363 | udph->source = src_port;
364 | udph->dest = dst_port;
365 | }
366 |
367 | iph->check = 0;
368 |
369 | uint16_t L4_len = ntohs(iph->tot_len) - (iph->ihl << 2);
370 |
371 | pseudo_header_t psh;
372 | psh.source_address = iph->saddr;
373 | psh.dest_address = iph->daddr;
374 | psh.protocol = htons(proto_L4);
375 | psh.length = htons(L4_len);
376 |
377 | memcpy(pseudogram, (char *)&psh, sizeof(pseudo_header_t));
378 | memcpy(pseudogram + sizeof(pseudo_header_t), L4_start_pointer, L4_len);
379 |
380 | int32_t psize = sizeof(pseudo_header_t) + L4_len;
381 | uint16_t checksum_value = checksum(pseudogram, psize);
382 |
383 | if (proto_L4 == IPPROTO_TCP) {
384 | struct tcphdr *tcph = (struct tcphdr *)L4_start_pointer;
385 |
386 | tcph->check = checksum_value;
387 | }
388 |
389 | if (proto_L4 == IPPROTO_UDP) {
390 | struct udphdr *udph = (struct udphdr *)L4_start_pointer;
391 |
392 | udph->check = checksum_value;
393 | }
394 |
395 | iph->check = checksum(L3_start_pointer, iph->ihl << 2);
396 |
397 | //memcpy(tap_buffer + sizeof(struct ethhdr), L3_start_pointer,
398 | // nread - sizeof(struct tun_pi));
399 | //struct ethhdr *ethh = (struct ethhdr *)tap_buffer;
400 | //ethh->h_proto = htons(ETH_P_IP);
401 | //memset(ethh->h_dest, 0xFF, 6);
402 | //memset(ethh->h_source, 0xFF, 6);
403 | //write(tap_fd, tap_buffer, nread - sizeof(struct tun_pi) + sizeof(struct ethhdr));
404 |
405 | write(tun_fd, tun_buffer, nread);
406 | }
407 |
408 | return NULL;
409 | }
410 |
411 | void init_tun_thread(void)
412 | {
413 | NAT.network_ip = tun_ip;
414 | NAT.network_prefix = tun_prefix;
415 | subnet_init(&NAT);
416 |
417 | ip_ip_map_struct = array_hashmap_init(NAT.subnet_size, 1.0, sizeof(ip_ip_map_t));
418 | if (ip_ip_map_struct == NULL) {
419 | errmsg("No free memory for ip_ip_map_struct\n");
420 | }
421 |
422 | array_hashmap_set_func(ip_ip_map_struct, ip_ip_hash, ip_ip_cmp, ip_ip_hash, ip_ip_cmp,
423 | ip_ip_hash, ip_ip_cmp);
424 |
425 | //uint32_t NAT_subnet_start_n = htonl(NAT.start_ip++);
426 | //ip_ip_map_t add_elem;
427 | //add_elem.ip_local = NAT_subnet_start_n;
428 | //add_elem.ip_global = inet_addr("192.168.1.10");
429 | //array_hashmap_add_elem(ip_ip_map_struct, &add_elem, NULL, array_hashmap_save_new_func);
430 |
431 | nat_map_struct = array_hashmap_init(NAT_MAP_MAX_SIZE, 1.0, sizeof(nat_map_t));
432 | if (nat_map_struct == NULL) {
433 | errmsg("No free memory for nat_map_struct\n");
434 | }
435 |
436 | array_hashmap_set_func(nat_map_struct, nat_hash, nat_cmp, nat_hash, nat_cmp, nat_hash, nat_cmp);
437 |
438 | pthread_t tun_thread;
439 | if (pthread_create(&tun_thread, NULL, tun, NULL)) {
440 | errmsg("Can't create tun_thread\n");
441 | }
442 |
443 | if (pthread_detach(tun_thread)) {
444 | errmsg("Can't detach tun_thread\n");
445 | }
446 | }
447 |
448 | #endif
449 |
--------------------------------------------------------------------------------