├── .gitignore ├── src ├── lib.rs ├── main.rs ├── packet.rs ├── code.rs └── config.rs ├── bpf ├── bytecode.x86.o ├── Makefile └── bytecode.c ├── .vscode └── c_cpp_properties.json ├── Cargo.toml ├── examples ├── ipv6RuleConfig.json └── ruleConfig.json ├── README.md └── Cargo.lock /.gitignore: -------------------------------------------------------------------------------- 1 | /target 2 | /bpf/bytecode.x86.o 3 | .vscode/ -------------------------------------------------------------------------------- /src/lib.rs: -------------------------------------------------------------------------------- 1 | pub mod code; 2 | pub mod config; 3 | pub mod packet; 4 | -------------------------------------------------------------------------------- /bpf/bytecode.x86.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nimrodshn/packetfilter/HEAD/bpf/bytecode.x86.o -------------------------------------------------------------------------------- /.vscode/c_cpp_properties.json: -------------------------------------------------------------------------------- 1 | { 2 | "configurations": [ 3 | { 4 | "name": "Linux", 5 | "includePath": [ 6 | "${workspaceFolder}/**" 7 | ], 8 | "defines": [], 9 | "compilerPath": "/usr/bin/clang", 10 | "cStandard": "c11", 11 | "cppStandard": "c++14", 12 | "intelliSenseMode": "linux-clang-x64" 13 | } 14 | ], 15 | "version": 4 16 | } -------------------------------------------------------------------------------- /Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "packetfilter" 3 | version = "0.1.0" 4 | edition = "2021" 5 | 6 | # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html 7 | 8 | [dependencies] 9 | clap = "~2.27.0" 10 | log = "0.4" 11 | ctrlc = "3.2" 12 | tokio = { version = "1", features = ["full"] } 13 | bytes = "1" 14 | serde_json = "1.0" 15 | serde = { version = "1.0", features = ["derive"] } 16 | ipnet = { version = "2", features = ["serde"] } 17 | 18 | [dependencies.anyhow] 19 | version = "1.0.45" 20 | features = ["backtrace"] 21 | 22 | [dependencies.aya] 23 | git = "https://github.com/aya-rs/aya" 24 | branch="main" 25 | features = ["async_tokio"] 26 | 27 | [dependencies.pnet] 28 | version = "0.28.0" 29 | 30 | [dependencies.zerocopy] 31 | version = "0.6.1" -------------------------------------------------------------------------------- /bpf/Makefile: -------------------------------------------------------------------------------- 1 | CLANG ?= clang 2 | LLC ?= llc-10 3 | OPT ?= opt 4 | DIS ?= llvm-dis 5 | 6 | ARCH ?= $(shell uname -m | sed -e 's/aarch64/arm64/' -e 's/x86_64/x86/') 7 | KERNEL ?= /usr/src/linux 8 | 9 | CFLAGS += \ 10 | -O2 -g -emit-llvm \ 11 | -D__KERNEL__ \ 12 | -D__BPF_TRACING__ \ 13 | -D__ASM_SYSREG_H \ 14 | -Wno-unused-value \ 15 | -Wno-pointer-sign \ 16 | -Wno-compare-distinct-pointer-types \ 17 | -Wno-address-of-packed-member \ 18 | -Wno-tautological-compare \ 19 | -Wno-unknown-warning-option \ 20 | -Wno-gnu-variable-sized-type-not-at-end \ 21 | -fno-asynchronous-unwind-tables 22 | 23 | bytecode.$(ARCH).o: bytecode.c 24 | $(CLANG) $(CFLAGS) -emit-llvm -c $< -o - | \ 25 | $(LLC) -march=bpf -filetype=obj -o $@ -------------------------------------------------------------------------------- /examples/ipv6RuleConfig.json: -------------------------------------------------------------------------------- 1 | { 2 | "NetworkRuleCollections": [ 3 | { 4 | "Name": "netrc1", 5 | "Priority": 200, 6 | "Rules": [ 7 | { 8 | "Actions": [ 9 | { 10 | "Type": "Deny" 11 | } 12 | ], 13 | "Description": null, 14 | "Direction": "Outbound", 15 | "Name": "rule1", 16 | "Priority": 200, 17 | "Protocols": [ 18 | "TCP", 19 | "UDP" 20 | ], 21 | "SourceIps": [ 22 | "2345:425:2CA1:0000:0000:0567:5673:23b5/64" 23 | ], 24 | "DestinationPorts": [ 25 | "8080" 26 | ] 27 | } 28 | ] 29 | } 30 | ] 31 | } 32 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # packetfilter 2 | 3 | An [eBPF](https://ebpf.io/) based `packetfilter` for tracking incoming requests and filtering based on a set of rules. 4 | 5 | ## Dependencies 6 | - llvm >= 10 7 | - clang >= 10 8 | --- 9 | 1. Retrieve the archive signature for `llvm-10`: 10 | ``` 11 | wget --no-check-certificate -O - https://apt.llvm.org/llvm-snapshot.gpg.key | sudo apt-key add - 12 | ``` 13 | 14 | 2. Add the PPA where to install from: 15 | ``` 16 | add-apt-repository 'deb http://apt.llvm.org/bionic/ llvm-toolchain-bionic-10 main' 17 | ``` 18 | 3. Update packages: `sudo apt update`. 19 | 4. Install the dependencies: 20 | ``` 21 | sudo apt-get install llvm-10 \ 22 | lldb-10 \ 23 | llvm-10-dev \ 24 | libllvm10 \ 25 | llvm-10-runtime 26 | ``` 27 | 28 | ## Important note 29 | The BPF program under `/bpf` is intentionally targeting the Azure VM running `Ubuntu 18.04` and the kernel version that comes with it - version `5.4.0-1064-azure` (as opposed to the CO-RE paradigm) as it is intended to run on such a machine. 30 | 31 | ## Setting up XDP 32 | Make sure to disable LRO (Large receive offloading) as XDP does not support jumbo frames or LRO: 33 | ``` 34 | sudo ethtool --offload eth0 lro off 35 | ``` 36 | 37 | ## Running the packetfilter 38 | An example `config-file` is provided under `/examples`. 39 | ``` 40 | sudo ./target/debug/packetfilter run --config-file=/path/to/config.json 41 | ``` 42 | -------------------------------------------------------------------------------- /src/main.rs: -------------------------------------------------------------------------------- 1 | use anyhow::{anyhow, Result}; 2 | use clap::{App, Arg, ArgMatches, SubCommand}; 3 | use packetfilter::code::Code; 4 | use packetfilter::config::Config; 5 | use std::fs; 6 | use std::path::Path; 7 | 8 | const RUN_COMMAND: &str = "run"; 9 | const BPF_PROGRAM_FILE: &str = "bpf-program-file"; 10 | const CONFIG_FILE: &str = "config-file"; 11 | 12 | #[cfg(target_arch = "aarch64")] 13 | const BYTECODE: &[u8] = include_bytes!("../bpf/bytecode.arm64.o"); 14 | 15 | #[cfg(target_arch = "x86_64")] 16 | const BYTECODE: &[u8] = include_bytes!("../bpf/bytecode.x86.o"); 17 | 18 | #[tokio::main] 19 | async fn main() -> Result<()> { 20 | let matches = App::new("packetfilter") 21 | .version("0.1.0") 22 | .about("An eBPF based packetfilter") 23 | .subcommand( 24 | SubCommand::with_name(RUN_COMMAND) 25 | .about("run the packetfilter") 26 | .arg( 27 | Arg::with_name(CONFIG_FILE) 28 | .help("contains the rules used to filter and DNAT packets") 29 | .long(CONFIG_FILE) 30 | .value_name("CONFIG-FILE") 31 | .takes_value(true) 32 | .required(true), 33 | ) 34 | .arg( 35 | Arg::with_name(BPF_PROGRAM_FILE) 36 | .help("contains the bpf program to attach the host kernel") 37 | .long(BPF_PROGRAM_FILE) 38 | .takes_value(true) 39 | .value_name("FILE") 40 | .required(false), 41 | ), 42 | ) 43 | .get_matches(); 44 | 45 | if let Some(args) = matches.subcommand_matches(RUN_COMMAND) { 46 | return run_command(args).await; 47 | } 48 | 49 | Ok(()) 50 | } 51 | 52 | async fn run_command(args: &ArgMatches<'_>) -> Result<()> { 53 | let bpf_program: Vec = match args.value_of(BPF_PROGRAM_FILE) { 54 | Some(path) => fs::read(path)?, 55 | None => BYTECODE.to_vec(), 56 | }; 57 | 58 | let config_file_path: &Path = match args.value_of(CONFIG_FILE) { 59 | Some(path) => Path::new(path), 60 | None => return Err(anyhow!("Failed to find config-file path.")), 61 | }; 62 | 63 | let config = Config::new(config_file_path)?; 64 | 65 | let mut code = Code::new(&bpf_program, config)?; 66 | code.exec().await 67 | } 68 | -------------------------------------------------------------------------------- /src/packet.rs: -------------------------------------------------------------------------------- 1 | use anyhow::{anyhow, Result}; 2 | use zerocopy::{AsBytes, FromBytes, LayoutVerified, Unaligned}; 3 | 4 | const ETHER_TYPE_IPV4_BE: [u8; 2] = [0x08, 0x00]; 5 | const ETHER_TYPE_IPV6_BE: [u8; 2] = [0x86, 0xDD]; 6 | 7 | #[derive(Debug, FromBytes, AsBytes, Default)] 8 | #[repr(C)] 9 | pub struct EthernetHeader { 10 | pub dest: [u8; 6], 11 | pub src: [u8; 6], 12 | pub ether_type: [u8; 2], 13 | } 14 | 15 | /// An in-memory representation of a packet recieved. 16 | /// Packets can be either IPv4 or IPv6 not other protocols are supported. 17 | pub struct Packet<'a> { 18 | pub ether_header: LayoutVerified<&'a [u8], EthernetHeader>, 19 | pub ip_header: Layer3Hdr<&'a [u8]>, 20 | } 21 | 22 | pub enum Layer3Hdr { 23 | IPv4(LayoutVerified), 24 | IPv6(LayoutVerified), 25 | } 26 | 27 | #[derive(FromBytes, AsBytes, Debug, Unaligned)] 28 | #[repr(C)] 29 | pub struct Ipv4Header { 30 | pub src: [u8; 4], 31 | pub dst: [u8; 4], 32 | } 33 | 34 | #[derive(FromBytes, AsBytes, Debug, Unaligned)] 35 | #[repr(C)] 36 | pub struct Ipv6Header { 37 | pub src: [u8; 16], 38 | pub dst: [u8; 16], 39 | } 40 | 41 | impl<'a> Packet<'a> { 42 | pub fn new(frame: &'a [u8]) -> Result> { 43 | let (ether_header, datagram) = LayoutVerified::<_, EthernetHeader>::new_from_prefix(frame) 44 | .ok_or_else(|| anyhow!("Failed to serialize Ethernet header."))?; 45 | let ip_header = match ether_header.ether_type { 46 | ETHER_TYPE_IPV4_BE => { 47 | let (ip_header, _) = 48 | LayoutVerified::<_, Ipv4Header>::new_unaligned_from_prefix(datagram) 49 | .ok_or_else(|| { 50 | anyhow!("Failed to serialize layer three header on an IPv4 packet.") 51 | })?; 52 | Layer3Hdr::IPv4(ip_header) 53 | } 54 | ETHER_TYPE_IPV6_BE => { 55 | let (ip_header, _) = 56 | LayoutVerified::<_, Ipv6Header>::new_unaligned_from_prefix(datagram) 57 | .ok_or_else(|| { 58 | anyhow!("Failed to serialize layer three header on an IPv6 packet.") 59 | })?; 60 | Layer3Hdr::IPv6(ip_header) 61 | } 62 | _ => { 63 | return Err(anyhow!( 64 | "Unkown EtherType {:?}, The following protocols are supported: IPv4, IPv6", 65 | ether_header.ether_type 66 | )) 67 | } 68 | }; 69 | 70 | Ok(Packet { 71 | ether_header, 72 | ip_header, 73 | }) 74 | } 75 | } 76 | -------------------------------------------------------------------------------- /src/code.rs: -------------------------------------------------------------------------------- 1 | use crate::config::Config; 2 | use crate::packet::{Layer3Hdr, Packet}; 3 | use anyhow::{anyhow, Result}; 4 | use aya::{ 5 | maps::{lpm_trie::LpmTrie, perf::AsyncPerfEventArray}, 6 | programs::{Xdp, XdpFlags}, 7 | util::online_cpus, 8 | Bpf, 9 | }; 10 | use bytes::BytesMut; 11 | use std::{ 12 | convert::{TryFrom, TryInto}, 13 | net::{Ipv4Addr, Ipv6Addr}, 14 | }; 15 | use tokio::{signal, task}; 16 | 17 | const IFACE: &str = "lo"; 18 | 19 | pub struct Code { 20 | bpf: Bpf, 21 | config: Config, 22 | } 23 | 24 | impl Code { 25 | pub fn new(bytecode: &[u8], config: Config) -> Result { 26 | let bpf = Bpf::load(bytecode)?; 27 | Ok(Self { bpf, config }) 28 | } 29 | 30 | pub async fn exec(&mut self) -> Result<()> { 31 | let program_names = self 32 | .bpf 33 | .programs() 34 | .map(|(name, _)| name.to_owned()) 35 | .collect::>(); 36 | 37 | for name in program_names { 38 | let probe: &mut Xdp = self 39 | .bpf 40 | .program_mut(&name) 41 | .ok_or(anyhow!("Failed to find a BPF program with name: {}", name))? 42 | .try_into()?; 43 | probe.load()?; 44 | probe.attach(IFACE, XdpFlags::default())?; 45 | } 46 | 47 | let source_ip_blacklist = self.bpf.map_mut("source_ip_blacklist")?; 48 | let source_ip_trie = LpmTrie::try_from(source_ip_blacklist)?; 49 | 50 | let source_ip_keys = self.config.as_ipv6_trie_keys()?; 51 | for key in source_ip_keys.into_iter() { 52 | source_ip_trie.insert(&key, 1 as u32, 0)?; 53 | } 54 | 55 | let events = self.bpf.map_mut("events")?; 56 | let mut events = AsyncPerfEventArray::try_from(events)?; 57 | 58 | for cpu in online_cpus()? { 59 | let mut buf = events.open(cpu, None)?; 60 | let mut bufs = (0..10) 61 | .map(|_| BytesMut::with_capacity(1024)) 62 | .collect::>(); 63 | 64 | task::spawn(async move { 65 | loop { 66 | let events = buf.read_events(&mut bufs).await.unwrap(); 67 | for i in 0..events.read { 68 | let buf = bufs[i].to_owned(); 69 | let packet = Packet::new(&buf).unwrap(); 70 | match packet.ip_header { 71 | Layer3Hdr::IPv4(ipv4) => { 72 | println!( 73 | "IPV4 PACKET LOG: SOURCE: {}, DESTINATION: {}", 74 | Ipv4Addr::from(ipv4.src), 75 | Ipv4Addr::from(ipv4.dst), 76 | ) 77 | } 78 | Layer3Hdr::IPv6(ipv6) => { 79 | println!( 80 | "IPV6 PACKET LOG: SOURCE: {}, DESTINATION: {}", 81 | Ipv6Addr::from(ipv6.src), 82 | Ipv6Addr::from(ipv6.dst), 83 | ) 84 | } 85 | }; 86 | } 87 | } 88 | }); 89 | } 90 | 91 | wait_until_terminated().await 92 | } 93 | } 94 | 95 | async fn wait_until_terminated() -> Result<(), anyhow::Error> { 96 | signal::ctrl_c().await?; 97 | println!("Exiting..."); 98 | Ok(()) 99 | } 100 | -------------------------------------------------------------------------------- /src/config.rs: -------------------------------------------------------------------------------- 1 | use anyhow::Result; 2 | use aya::maps::lpm_trie; 3 | use serde::{Deserialize, Serialize}; 4 | use std::path::Path; 5 | use std::{fs::read_to_string, str::FromStr}; 6 | 7 | use std::net::IpAddr; 8 | 9 | #[derive(Deserialize, Serialize, Debug)] 10 | #[serde(rename_all = "PascalCase")] 11 | pub struct Config { 12 | network_rule_collections: Vec, 13 | } 14 | 15 | impl Config { 16 | pub fn new(path: &Path) -> Result { 17 | let contents = read_to_string(path)?; 18 | let res: Config = serde_json::from_str(&contents)?; 19 | Ok(res) 20 | } 21 | } 22 | 23 | #[derive(Deserialize, Serialize, Debug)] 24 | #[serde(rename_all = "PascalCase")] 25 | struct NetworkRuleCollection { 26 | name: String, 27 | priority: u32, 28 | rules: Vec, 29 | } 30 | 31 | #[derive(Deserialize, Serialize, Debug)] 32 | enum RuleActionType { 33 | Deny, 34 | Allow, 35 | LogOnly, 36 | } 37 | 38 | #[derive(Deserialize, Serialize, Debug)] 39 | #[serde(rename_all = "PascalCase")] 40 | struct RuleAction { 41 | // 'type'j is a keyword, in order to serialize this field name the compiler requires the 'r#' prefix. 42 | r#type: RuleActionType, 43 | } 44 | 45 | #[derive(Deserialize, Serialize, Debug)] 46 | #[serde(rename_all = "PascalCase")] 47 | struct NetworkRule { 48 | actions: Vec, 49 | destination_ips: Option>, 50 | destination_ip_groups: Option>, 51 | destination_fqdns: Option>, 52 | destination_ports: Vec, 53 | name: String, 54 | priority: u32, 55 | protocols: Vec, 56 | source_ips: Option>, 57 | source_ip_groups: Option>, 58 | ip_set_hash: Option, 59 | index: Option, 60 | } 61 | 62 | impl Config { 63 | /// as_ipv6_trie_keys converts the given configuration under network_rule_collections 64 | /// to aya::lpm_trie::Key struct to be used as an index for an LPMTrie map. 65 | pub fn as_ipv6_trie_keys(&self) -> Result>> { 66 | let mut res = vec![]; 67 | for collection in &self.network_rule_collections { 68 | for rule in &collection.rules { 69 | if let Some(source_ips) = &rule.source_ips { 70 | for ip in source_ips { 71 | let prefix: u32; 72 | let ip_addr: IpAddr; 73 | if ip.contains("/") { 74 | let (addr, mask) = ip.split_once("/").unwrap(); 75 | prefix = mask.parse()?; 76 | ip_addr = IpAddr::from_str(addr)?; 77 | } else { 78 | ip_addr = IpAddr::from_str(ip)?; 79 | match ip_addr { 80 | IpAddr::V4(_) => prefix = 32, 81 | IpAddr::V6(_) => prefix = 128, 82 | }; 83 | } 84 | match ip_addr { 85 | // Drop IPv4 addresses as were interested in IPv6. 86 | IpAddr::V4(_) => {} 87 | IpAddr::V6(ipaddr) => { 88 | // We write our addresses in BigEndian as network order is always big endian 89 | // regardles of the machine. 90 | res.push(lpm_trie::Key::new(prefix, u128::from(ipaddr).to_be())); 91 | } 92 | } 93 | } 94 | } 95 | } 96 | } 97 | Ok(res) 98 | } 99 | } 100 | -------------------------------------------------------------------------------- /bpf/bytecode.c: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | #include 4 | #include 5 | #include 6 | #include 7 | #include 8 | #include 9 | #include 10 | #include "bpf_helpers.h" 11 | 12 | // source_ip_blacklist contains the IPv6 addresses to filter. 13 | struct bpf_map_def SEC("maps/source_ip_blacklist") source_ip_blacklist = { 14 | .type = BPF_MAP_TYPE_LPM_TRIE, 15 | .key_size = sizeof(struct bpf_lpm_trie_key) + sizeof(__u32) * 4, 16 | .value_size = sizeof(uint32_t), 17 | .max_entries = 10000, 18 | .map_flags = BPF_F_NO_PREALLOC, 19 | }; 20 | 21 | struct bpf_map_def SEC("maps/events") events = { 22 | .type = BPF_MAP_TYPE_PERF_EVENT_ARRAY, 23 | .key_size = sizeof(__u32), 24 | .value_size = sizeof(__u32), 25 | .max_entries = 1024, 26 | }; 27 | 28 | // ipv4_header is the subset of the ipv4 header which will get sent to 29 | // the user space. 30 | struct ipv4_header { 31 | unsigned int src; 32 | unsigned int dst; 33 | }; 34 | 35 | const int IPV6_ALEN = 16; 36 | 37 | // ipv6_header is the header information sent to the user space. 38 | struct ipv6_header { 39 | struct in6_addr src; 40 | struct in6_addr dst; 41 | }; 42 | 43 | // ip_header is a union containing either an ipv6 or ipv4 header. 44 | union ip_header { 45 | struct ipv4_header ipv4; 46 | struct ipv6_header ipv6; 47 | }; 48 | 49 | // eth_packet is the Ethernet packet sent to the user space. 50 | struct __attribute__((__packed__)) eth_packet { 51 | unsigned char h_dest[ETH_ALEN]; 52 | unsigned char h_source[ETH_ALEN]; 53 | u_int16_t h_protocol; 54 | union ip_header ipheader; 55 | }; 56 | 57 | SEC("xdp") 58 | int _xdp_ip_filter(struct xdp_md *ctx) { 59 | void *data_end = (void *)(long)ctx->data_end; 60 | void *data = (void *)(long)ctx->data; 61 | struct ethhdr *eth = data; 62 | 63 | // check packet size 64 | if ((void*)eth + sizeof(*eth) > data_end) { 65 | return XDP_PASS; 66 | } 67 | 68 | // check packet size 69 | struct iphdr *ip = data + sizeof(*eth); 70 | if ((void*)ip + sizeof(*ip) > data_end) { 71 | return XDP_PASS; 72 | } 73 | 74 | struct eth_packet packet = { 75 | .h_protocol = eth->h_proto, 76 | }; 77 | 78 | for (int i=0; ih_source[i]; 80 | packet.h_dest[i] = eth->h_dest[i]; 81 | }; 82 | 83 | if (packet.h_protocol == ntohs(ETH_P_IP)) { 84 | struct iphdr *ip = data + sizeof(*eth); 85 | if ((void*)ip + sizeof(*ip) <= data_end) { 86 | struct ipv4_header iphdr = { 87 | .src = ip->saddr, 88 | .dst = ip->daddr 89 | }; 90 | packet.ipheader.ipv4 = iphdr; 91 | } 92 | } 93 | 94 | if (packet.h_protocol == ntohs(ETH_P_IPV6)) { 95 | struct ipv6hdr *ip = data + sizeof(*eth); 96 | if ((void*)ip + sizeof(*ip) <= data_end) { 97 | // lookup struct is used for matching against blacklist. 98 | struct __attribute__((__packed__)) key { 99 | struct bpf_lpm_trie_key base; 100 | __uint128_t data; 101 | } lookup; 102 | 103 | lookup.base.prefixlen = 128; 104 | memcpy(&lookup.data, &ip->saddr, sizeof(__uint128_t)); 105 | uint32_t *val = bpf_map_lookup_elem(&source_ip_blacklist, &lookup); 106 | if (val != NULL) { 107 | bpf_printk("Found a match for packet blacklist, dropping..\n"); 108 | return XDP_DROP; 109 | } 110 | 111 | struct ipv6_header iphdr; 112 | // iphdr struct is used for tracing 113 | memcpy(&iphdr.src, &ip->saddr, sizeof(ip->saddr)); 114 | memcpy(&iphdr.dst, &ip->daddr, sizeof(ip->saddr)); 115 | 116 | packet.ipheader.ipv6 = iphdr; 117 | } 118 | } 119 | 120 | // send the ethernet packet to the userspace program. 121 | bpf_perf_event_output(ctx, &events, BPF_F_CURRENT_CPU, &packet, sizeof(packet)); 122 | return XDP_PASS; 123 | } 124 | 125 | 126 | char _license[] SEC("license") = "GPL"; 127 | 128 | -------------------------------------------------------------------------------- /examples/ruleConfig.json: -------------------------------------------------------------------------------- 1 | { 2 | "ApplicationRuleCollections": [ 3 | { 4 | "Name": "DEFAULT_COLLECTION", 5 | "Priority": 65535, 6 | "Rules": [ 7 | { 8 | "Name": "DEFAULT_RULE", 9 | "Priority": 5000, 10 | "TargetUrls": [ 11 | "*" 12 | ], 13 | "Protocols": [ 14 | { 15 | "Port": 80, 16 | "ProtocolType": "http" 17 | }, 18 | { 19 | "Port": 443, 20 | "ProtocolType": "https" 21 | } 22 | ], 23 | "Actions": [ 24 | { 25 | "Type": "Deny" 26 | } 27 | ] 28 | }, 29 | { 30 | "Name": "ruleSourceIpGroupHttps", 31 | "Priority": 300, 32 | "TargetUrls": [ 33 | "*.de" 34 | ], 35 | "Protocols": [ 36 | { 37 | "Port": 80, 38 | "ProtocolType": "http" 39 | }, 40 | { 41 | "Port": 443, 42 | "ProtocolType": "https" 43 | } 44 | ], 45 | "SourceIpGroups": [ 46 | "/subscriptions/e407ae4c-40b6-44e2-9614-d4e938faa0a9/resourceGroups/someRG/providers/Microsoft.Network/ipGroups/ipGroup1" 47 | ], 48 | "Actions": [ 49 | { 50 | "Type": "Allow" 51 | } 52 | ] 53 | }, 54 | { 55 | "Name": "ruleSourceIpGroupMsSql", 56 | "Priority": 350, 57 | "TargetUrls": [ 58 | "sql1.database.windows.net" 59 | ], 60 | "Protocols": [ 61 | { 62 | "ProtocolType": "Mssql", 63 | "Port": 1433 64 | } 65 | ], 66 | "SourceIpGroups": [ 67 | "/subscriptions/e407ae4c-40b6-44e2-9614-d4e938faa0a9/resourceGroups/someRG/providers/Microsoft.Network/ipGroups/ipGroup1", 68 | "/subscriptions/e407ae4c-40b6-44e2-9614-d4e938faa0a9/resourceGroups/someRG/providers/Microsoft.Network/ipGroups/ipGroup2" 69 | ], 70 | "Actions": [ 71 | { 72 | "Type": "Allow" 73 | } 74 | ] 75 | } 76 | ] 77 | }, 78 | { 79 | "Name": "collection123", 80 | "Priority": 27, 81 | "Rules": [ 82 | { 83 | "Name": "rule774", 84 | "Priority": 8, 85 | "TargetUrls": [ 86 | "www.google.com", 87 | "www.bing.com", 88 | "*.windows.net", 89 | "*", 90 | "*a.edu" 91 | ], 92 | "Protocols": [ 93 | { 94 | "Port": 80, 95 | "ProtocolType": "http" 96 | }, 97 | { 98 | "Port": 443, 99 | "ProtocolType": "https" 100 | } 101 | ], 102 | "Actions": [ 103 | { 104 | "Type": "Allow" 105 | } 106 | ] 107 | }, 108 | { 109 | "Name": "rule7235", 110 | "Priority": 3, 111 | "Description": "super one", 112 | "Protocols": [ 113 | { 114 | "Port": 777, 115 | "ProtocolType": "http" 116 | }, 117 | { 118 | "Port": 888, 119 | "ProtocolType": "https" 120 | } 121 | ], 122 | "SourceIps": [], 123 | "TargetUrls": [ 124 | "www.yahoo.com" 125 | ], 126 | "Actions": [ 127 | { 128 | "Type": "Deny" 129 | } 130 | ] 131 | }, 132 | { 133 | "Name": "rule2835", 134 | "Priority": 2, 135 | "Protocols": [ 136 | { 137 | "Port": 80, 138 | "ProtocolType": "http" 139 | }, 140 | { 141 | "Port": 443, 142 | "ProtocolType": "https" 143 | } 144 | ], 145 | "SourceIps": [ 146 | "192.168.2.0/24", 147 | "192.168.2.5", 148 | "*" 149 | ], 150 | "TargetUrls": [ 151 | "*.com" 152 | ], 153 | "Actions": [ 154 | { 155 | "Type": "Allow" 156 | } 157 | ] 158 | } 159 | ] 160 | }, 161 | { 162 | "Name": "collection456", 163 | "Priority": 13, 164 | "Rules": [ 165 | { 166 | "Name": "rule825", 167 | "Priority": 6, 168 | "Protocols": [ 169 | { 170 | "Port": 444, 171 | "ProtocolType": "http" 172 | }, 173 | { 174 | "Port": 555, 175 | "ProtocolType": "https" 176 | } 177 | ], 178 | "TargetUrls": [ 179 | "www.wikipedia.org", 180 | "www.msn.com" 181 | ], 182 | "Actions": [ 183 | { 184 | "Type": "Allow" 185 | } 186 | ] 187 | }, 188 | { 189 | "Name": "rule023", 190 | "Priority": 9, 191 | "Protocols": [ 192 | { 193 | "Port": 80, 194 | "ProtocolType": "http" 195 | }, 196 | { 197 | "Port": 443, 198 | "ProtocolType": "https" 199 | } 200 | ], 201 | "TargetUrls": [ 202 | "www.google.com", 203 | "www.msn.com" 204 | ], 205 | "Actions": [ 206 | { 207 | "Type": "Deny" 208 | } 209 | ] 210 | }, 211 | { 212 | "Name": "rule19593", 213 | "Priority": 13, 214 | "Description": "second one", 215 | "Protocols": [ 216 | { 217 | "Port": 80, 218 | "ProtocolType": "http" 219 | }, 220 | { 221 | "Port": 443, 222 | "ProtocolType": "https" 223 | } 224 | ], 225 | "TargetUrls": [ 226 | "www.yahoo.com", 227 | "www.b92.net", 228 | "b92s.net", 229 | "*.firefox.com", 230 | "*.windows.net", 231 | "*.firefox.com", 232 | "*.msftconnecttest.com", 233 | "*.windows.com", 234 | "*.microsoft.com", 235 | "*.yimg.com" 236 | ], 237 | "Actions": [ 238 | { 239 | "Type": "Allow" 240 | } 241 | ] 242 | } 243 | ] 244 | } 245 | ], 246 | "NetworkRuleCollections": [ 247 | { 248 | "Name": "netrc1", 249 | "Priority": 200, 250 | "Rules": [ 251 | { 252 | "Actions": [ 253 | { 254 | "Type": "Allow" 255 | } 256 | ], 257 | "Description": null, 258 | "DestinationIps": [ 259 | "12.12.12.44" 260 | ], 261 | "DestinationIpGroups": [ 262 | "/subscriptions/e407ae4c-40b6-44e2-9614-d4e938faa0a9/resourceGroups/someRG/providers/Microsoft.Network/ipGroups/ipGroup2", 263 | "/subscriptions/e407ae4c-40b6-44e2-9614-d4e938faa0a9/resourceGroups/someRG232/providers/Microsoft.Network/ipGroups/ipGroup09" 264 | ], 265 | "DestinationPorts": [ 266 | "80", 267 | "443", 268 | "8000-8999" 269 | ], 270 | "Direction": "Outbound", 271 | "Name": "rule1", 272 | "Priority": 200, 273 | "Protocols": [ 274 | "TCP", 275 | "UDP" 276 | ], 277 | "SourceIps": [ 278 | "10.11.12.0/24" 279 | ], 280 | "SourceIpGroups": [ 281 | "/subscriptions/e407ae4c-40b6-44e2-9614-d4e938faa0a9/resourceGroups/someRG/providers/Microsoft.Network/ipGroups/ipGroup2" 282 | ] 283 | } 284 | ] 285 | }, 286 | { 287 | "Name": "netrc2", 288 | "Priority": 150, 289 | "Rules": [ 290 | { 291 | "Actions": [ 292 | { 293 | "Type": "Deny" 294 | } 295 | ], 296 | "Description": null, 297 | "DestinationIps": [ 298 | "10.16.10.0/24", 299 | "11.16.11.87", 300 | "AzureActiveDirectory" 301 | ], 302 | "DestinationPorts": [ 303 | "40000", 304 | "*", 305 | "40001" 306 | ], 307 | "Direction": "Outbound", 308 | "Name": "netrc2_rule1", 309 | "Priority": 100, 310 | "Protocols": [ 311 | "TCP" 312 | ], 313 | "SourceIps": [ 314 | "10.11.12.0/24" 315 | ] 316 | }, 317 | { 318 | "Actions": [ 319 | { 320 | "Type": "Deny" 321 | } 322 | ], 323 | "Description": null, 324 | "DestinationIps": [], 325 | "DestinationPorts": [ 326 | "20002-20008", 327 | "20018", 328 | "20200-30112", 329 | "30113", 330 | "30114", 331 | "30115", 332 | "30116", 333 | "30117", 334 | "30118", 335 | "30119", 336 | "30120", 337 | "30121", 338 | "30122", 339 | "30123", 340 | "30124", 341 | "30125", 342 | "30126", 343 | "30127", 344 | "30128", 345 | "30129", 346 | "30130", 347 | "30131" 348 | ], 349 | "Direction": "Outbound", 350 | "Name": "netrc3_rule60", 351 | "Priority": 142, 352 | "Protocols": [ 353 | "udp", 354 | "icmp" 355 | ], 356 | "SourceIps": [] 357 | }, 358 | { 359 | "Actions": [ 360 | { 361 | "Type": "Deny" 362 | } 363 | ], 364 | "Description": null, 365 | "DestinationIps": [ 366 | "10.16.10.0/24", 367 | "AppService", 368 | "11.16.11.5" 369 | ], 370 | "DestinationPorts": [ 371 | "10001-10005", 372 | "10008", 373 | "10009-10012" 374 | ], 375 | "Direction": "Outbound", 376 | "Name": "netrc3_rule1", 377 | "Priority": 121, 378 | "Protocols": [ 379 | "any" 380 | ], 381 | "SourceIps": [ ], 382 | "SourceIpGroups": [ 383 | "/subscriptions/e407ae4c-40b6-44e2-9614-d4e938faa0a9/resourceGroups/someRG232/providers/Microsoft.Network/ipGroups/ipGroup09" 384 | ] 385 | }, 386 | { 387 | "Actions": [ 388 | { 389 | "Type": "Allow" 390 | } 391 | ], 392 | "Description": null, 393 | "DestinationIps": [ 394 | "20.26.20.0/16", 395 | "50.50.50.50-60.60.60.60", 396 | "41.46.41.5", 397 | "70.70.70.70-80.80.80.80" 398 | ], 399 | "DestinationPorts": [ 400 | "50000-50003", 401 | "50007-50012" 402 | ], 403 | "Direction": "Outbound", 404 | "Name": "netrc2_rule2", 405 | "Priority": 50, 406 | "Protocols": [ 407 | "UDP" 408 | ], 409 | "SourceIps": [ 410 | "10.11.12.0/24", 411 | "10.11.16.5", 412 | "10.11.13.0/24" 413 | ] 414 | }, 415 | { 416 | "Actions": [ 417 | { 418 | "Type": "Allow" 419 | } 420 | ], 421 | "Description": null, 422 | "DestinationIps": [], 423 | "DestinationPorts": [], 424 | "Direction": "Outbound", 425 | "Name": "allow_all_10.1.0.0/16", 426 | "Priority": 10, 427 | "Protocols": [ 428 | "any" 429 | ], 430 | "SourceIps": [ 431 | "10.1.0.0/16" 432 | ] 433 | } 434 | ] 435 | }, 436 | { 437 | "Name": "netrc3", 438 | "Priority": 300, 439 | "Rules": [ 440 | { 441 | "Actions": [ 442 | { 443 | "Type": "Allow" 444 | } 445 | ], 446 | "Description": null, 447 | "DestinationIps": [ 448 | "*" 449 | ], 450 | "DestinationIpGroups": [ 451 | "/subscriptions/e407ae4c-40b6-44e2-9614-d4e938faa0a9/resourceGroups/someRG/providers/Microsoft.Network/ipGroups/ipGroup1" 452 | ], 453 | "DestinationPorts": [ 454 | "80", 455 | "443", 456 | "8000-8999" 457 | ], 458 | "Direction": "Outbound", 459 | "Name": "rule552", 460 | "Priority": 200, 461 | "Protocols": [ 462 | "TCP", 463 | "UDP", 464 | "ICMP" 465 | ], 466 | "SourceIps": [ 467 | "41.41.41.0/24" 468 | ], 469 | "SourceIpGroups": [ 470 | "/subscriptions/e407ae4c-40b6-44e2-9614-d4e938faa0a9/resourceGroups/someRG/providers/Microsoft.Network/ipGroups/ipGroup2" 471 | ] 472 | } 473 | ] 474 | } 475 | ], 476 | "NatRuleCollections": [ 477 | { 478 | "Name": "natRc1", 479 | "Priority": 201, 480 | "Action": { 481 | "Type": "Dnat" 482 | }, 483 | "Rules": [ 484 | { 485 | "Name": "DnatRule3", 486 | "Protocols": [ 487 | "UDP" 488 | ], 489 | "SourceIps": [ 490 | "100.99.99.99" 491 | ], 492 | "SourceIpGroups": [ 493 | "/subscriptions/e407ae4c-40b6-44e2-9614-d4e938faa0a9/resourceGroups/someRG/providers/Microsoft.Network/ipGroups/ipGroup2", 494 | "/subscriptions/e407ae4c-40b6-44e2-9614-d4e938faa0a9/resourceGroups/someRG/providers/Microsoft.Network/ipGroups/ipGroup1", 495 | "/subscriptions/e407ae4c-40b6-44e2-9614-d4e938faa0a9/resourceGroups/someRG232/providers/Microsoft.Network/ipGroups/ipGroup09" 496 | ], 497 | "DestinationIps": [ 498 | "52.253.225.60" 499 | ], 500 | "DestinationPorts": [ 501 | "63016" 502 | ], 503 | "TranslatedIp": "10.0.2.5", 504 | "TranslatedPort": "50000" 505 | }, 506 | { 507 | "Name": "DnatRule4", 508 | "Protocols": [ 509 | "TCP" 510 | ], 511 | "SourceIps": [ 512 | "*" 513 | ], 514 | "DestinationIps": [ 515 | "52.253.225.83" 516 | ], 517 | "DestinationPorts": [ 518 | "63021" 519 | ], 520 | "TranslatedIp": "10.0.2.4", 521 | "TranslatedPort": "3389" 522 | }, 523 | { 524 | "Name": "DnatRule5", 525 | "Protocols": [ 526 | "TCP" 527 | ], 528 | "SourceIps": [ 529 | "*" 530 | ], 531 | "DestinationIps": [ 532 | "52.253.225.90" 533 | ], 534 | "DestinationPorts": [ 535 | "63022" 536 | ], 537 | "TranslatedIp": "10.0.2.5", 538 | "TranslatedPort": "22" 539 | }, 540 | { 541 | "Name": "DnatRule6", 542 | "Protocols": [ 543 | "TCP" 544 | ], 545 | "SourceIps": null, 546 | "SourceIpGroups": [ 547 | "/subscriptions/e407ae4c-40b6-44e2-9614-d4e938faa0a9/resourceGroups/someRG/providers/Microsoft.Network/ipGroups/ipGroup1", 548 | "/subscriptions/e407ae4c-40b6-44e2-9614-d4e938faa0a9/resourceGroups/someRG/providers/Microsoft.Network/ipGroups/ipGroup2" 549 | ], 550 | "DestinationIps": [ 551 | "150.150.150.150" 552 | ], 553 | "DestinationPorts": [ 554 | "63022" 555 | ], 556 | "TranslatedFqdn": "server1.internal.com", 557 | "TranslatedPort": "22" 558 | } 559 | ] 560 | } 561 | ], 562 | "ThreatIntel": { 563 | "Mode": 0, 564 | "Whitelist": { 565 | "FQDNs": [ 566 | "www.microsoft.com", 567 | "www.google.com" 568 | ], 569 | "IPAddresses": [ 570 | "8.8.8.8", 571 | "0.0.0.0" 572 | ] 573 | } 574 | }, 575 | "IpGroups": [ 576 | { 577 | "Id": "/subscriptions/e407ae4c-40b6-44e2-9614-d4e938faa0a9/resourceGroups/someRG/providers/Microsoft.Network/ipGroups/ipGroup1", 578 | "IpAddresses": [ 579 | "10.0.0.0/24", 580 | "11.9.0.0/24", 581 | "13.9.0.0-15.6.6.7", 582 | "115.15.15.15" 583 | ] 584 | }, 585 | { 586 | "Id": "/subscriptions/e407ae4c-40b6-44e2-9614-d4e938faa0a9/resourceGroups/someRG/providers/Microsoft.Network/ipGroups/ipGroup2", 587 | "IpAddresses": [ 588 | "12.0.0.0/24", 589 | "13.9.0.0/24" 590 | ] 591 | }, 592 | { 593 | "Id": "/subscriptions/e407ae4c-40b6-44e2-9614-d4e938faa0a9/resourceGroups/someRG232/providers/Microsoft.Network/ipGroups/ipGroup09", 594 | "IpAddresses": [ 595 | "25.0.0.0/24", 596 | "86.9.0.0/24", 597 | "*" 598 | ] 599 | } 600 | ] 601 | } 602 | -------------------------------------------------------------------------------- /Cargo.lock: -------------------------------------------------------------------------------- 1 | # This file is automatically @generated by Cargo. 2 | # It is not intended for manual editing. 3 | version = 3 4 | 5 | [[package]] 6 | name = "addr2line" 7 | version = "0.17.0" 8 | source = "registry+https://github.com/rust-lang/crates.io-index" 9 | checksum = "b9ecd88a8c8378ca913a680cd98f0f13ac67383d35993f86c90a70e3f137816b" 10 | dependencies = [ 11 | "gimli", 12 | ] 13 | 14 | [[package]] 15 | name = "adler" 16 | version = "1.0.2" 17 | source = "registry+https://github.com/rust-lang/crates.io-index" 18 | checksum = "f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe" 19 | 20 | [[package]] 21 | name = "aho-corasick" 22 | version = "0.7.18" 23 | source = "registry+https://github.com/rust-lang/crates.io-index" 24 | checksum = "1e37cfd5e7657ada45f742d6e99ca5788580b5c529dc78faf11ece6dc702656f" 25 | dependencies = [ 26 | "memchr", 27 | ] 28 | 29 | [[package]] 30 | name = "ansi_term" 31 | version = "0.9.0" 32 | source = "registry+https://github.com/rust-lang/crates.io-index" 33 | checksum = "23ac7c30002a5accbf7e8987d0632fa6de155b7c3d39d0067317a391e00a2ef6" 34 | 35 | [[package]] 36 | name = "anyhow" 37 | version = "1.0.47" 38 | source = "registry+https://github.com/rust-lang/crates.io-index" 39 | checksum = "38d9ff5d688f1c13395289f67db01d4826b46dd694e7580accdc3e8430f2d98e" 40 | dependencies = [ 41 | "backtrace", 42 | ] 43 | 44 | [[package]] 45 | name = "atty" 46 | version = "0.2.14" 47 | source = "registry+https://github.com/rust-lang/crates.io-index" 48 | checksum = "d9b39be18770d11421cdb1b9947a45dd3f37e93092cbf377614828a319d5fee8" 49 | dependencies = [ 50 | "hermit-abi", 51 | "libc", 52 | "winapi", 53 | ] 54 | 55 | [[package]] 56 | name = "autocfg" 57 | version = "1.0.1" 58 | source = "registry+https://github.com/rust-lang/crates.io-index" 59 | checksum = "cdb031dd78e28731d87d56cc8ffef4a8f36ca26c38fe2de700543e627f8a464a" 60 | 61 | [[package]] 62 | name = "aya" 63 | version = "0.10.6" 64 | source = "git+https://github.com/aya-rs/aya?branch=main#2a1823934671ced3c910a2e6f287ba569bea9c60" 65 | dependencies = [ 66 | "bitflags 1.3.2", 67 | "bytes", 68 | "futures", 69 | "lazy_static", 70 | "libc", 71 | "log", 72 | "object 0.28.1", 73 | "parking_lot", 74 | "thiserror", 75 | "tokio", 76 | ] 77 | 78 | [[package]] 79 | name = "backtrace" 80 | version = "0.3.63" 81 | source = "registry+https://github.com/rust-lang/crates.io-index" 82 | checksum = "321629d8ba6513061f26707241fa9bc89524ff1cd7a915a97ef0c62c666ce1b6" 83 | dependencies = [ 84 | "addr2line", 85 | "cc", 86 | "cfg-if", 87 | "libc", 88 | "miniz_oxide", 89 | "object 0.27.1", 90 | "rustc-demangle", 91 | ] 92 | 93 | [[package]] 94 | name = "bitflags" 95 | version = "0.9.1" 96 | source = "registry+https://github.com/rust-lang/crates.io-index" 97 | checksum = "4efd02e230a02e18f92fc2735f44597385ed02ad8f831e7c1c1156ee5e1ab3a5" 98 | 99 | [[package]] 100 | name = "bitflags" 101 | version = "1.3.2" 102 | source = "registry+https://github.com/rust-lang/crates.io-index" 103 | checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" 104 | 105 | [[package]] 106 | name = "byteorder" 107 | version = "1.4.3" 108 | source = "registry+https://github.com/rust-lang/crates.io-index" 109 | checksum = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610" 110 | 111 | [[package]] 112 | name = "bytes" 113 | version = "1.1.0" 114 | source = "registry+https://github.com/rust-lang/crates.io-index" 115 | checksum = "c4872d67bab6358e59559027aa3b9157c53d9358c51423c17554809a8858e0f8" 116 | 117 | [[package]] 118 | name = "cc" 119 | version = "1.0.72" 120 | source = "registry+https://github.com/rust-lang/crates.io-index" 121 | checksum = "22a9137b95ea06864e018375b72adfb7db6e6f68cfc8df5a04d00288050485ee" 122 | 123 | [[package]] 124 | name = "cfg-if" 125 | version = "1.0.0" 126 | source = "registry+https://github.com/rust-lang/crates.io-index" 127 | checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" 128 | 129 | [[package]] 130 | name = "clap" 131 | version = "2.27.1" 132 | source = "registry+https://github.com/rust-lang/crates.io-index" 133 | checksum = "1b8c532887f1a292d17de05ae858a8fe50a301e196f9ef0ddb7ccd0d1d00f180" 134 | dependencies = [ 135 | "ansi_term", 136 | "atty", 137 | "bitflags 0.9.1", 138 | "strsim", 139 | "textwrap", 140 | "unicode-width", 141 | "vec_map", 142 | ] 143 | 144 | [[package]] 145 | name = "ctrlc" 146 | version = "3.2.1" 147 | source = "registry+https://github.com/rust-lang/crates.io-index" 148 | checksum = "a19c6cedffdc8c03a3346d723eb20bd85a13362bb96dc2ac000842c6381ec7bf" 149 | dependencies = [ 150 | "nix", 151 | "winapi", 152 | ] 153 | 154 | [[package]] 155 | name = "futures" 156 | version = "0.3.17" 157 | source = "registry+https://github.com/rust-lang/crates.io-index" 158 | checksum = "a12aa0eb539080d55c3f2d45a67c3b58b6b0773c1a3ca2dfec66d58c97fd66ca" 159 | dependencies = [ 160 | "futures-channel", 161 | "futures-core", 162 | "futures-io", 163 | "futures-sink", 164 | "futures-task", 165 | "futures-util", 166 | ] 167 | 168 | [[package]] 169 | name = "futures-channel" 170 | version = "0.3.17" 171 | source = "registry+https://github.com/rust-lang/crates.io-index" 172 | checksum = "5da6ba8c3bb3c165d3c7319fc1cc8304facf1fb8db99c5de877183c08a273888" 173 | dependencies = [ 174 | "futures-core", 175 | "futures-sink", 176 | ] 177 | 178 | [[package]] 179 | name = "futures-core" 180 | version = "0.3.17" 181 | source = "registry+https://github.com/rust-lang/crates.io-index" 182 | checksum = "88d1c26957f23603395cd326b0ffe64124b818f4449552f960d815cfba83a53d" 183 | 184 | [[package]] 185 | name = "futures-io" 186 | version = "0.3.17" 187 | source = "registry+https://github.com/rust-lang/crates.io-index" 188 | checksum = "522de2a0fe3e380f1bc577ba0474108faf3f6b18321dbf60b3b9c39a75073377" 189 | 190 | [[package]] 191 | name = "futures-sink" 192 | version = "0.3.17" 193 | source = "registry+https://github.com/rust-lang/crates.io-index" 194 | checksum = "36ea153c13024fe480590b3e3d4cad89a0cfacecc24577b68f86c6ced9c2bc11" 195 | 196 | [[package]] 197 | name = "futures-task" 198 | version = "0.3.17" 199 | source = "registry+https://github.com/rust-lang/crates.io-index" 200 | checksum = "1d3d00f4eddb73e498a54394f228cd55853bdf059259e8e7bc6e69d408892e99" 201 | 202 | [[package]] 203 | name = "futures-util" 204 | version = "0.3.17" 205 | source = "registry+https://github.com/rust-lang/crates.io-index" 206 | checksum = "36568465210a3a6ee45e1f165136d68671471a501e632e9a98d96872222b5481" 207 | dependencies = [ 208 | "autocfg", 209 | "futures-channel", 210 | "futures-core", 211 | "futures-io", 212 | "futures-sink", 213 | "futures-task", 214 | "memchr", 215 | "pin-project-lite", 216 | "pin-utils", 217 | "slab", 218 | ] 219 | 220 | [[package]] 221 | name = "gimli" 222 | version = "0.26.1" 223 | source = "registry+https://github.com/rust-lang/crates.io-index" 224 | checksum = "78cc372d058dcf6d5ecd98510e7fbc9e5aec4d21de70f65fea8fecebcd881bd4" 225 | 226 | [[package]] 227 | name = "glob" 228 | version = "0.3.0" 229 | source = "registry+https://github.com/rust-lang/crates.io-index" 230 | checksum = "9b919933a397b79c37e33b77bb2aa3dc8eb6e165ad809e58ff75bc7db2e34574" 231 | 232 | [[package]] 233 | name = "hermit-abi" 234 | version = "0.1.19" 235 | source = "registry+https://github.com/rust-lang/crates.io-index" 236 | checksum = "62b467343b94ba476dcb2500d242dadbb39557df889310ac77c5d99100aaac33" 237 | dependencies = [ 238 | "libc", 239 | ] 240 | 241 | [[package]] 242 | name = "instant" 243 | version = "0.1.12" 244 | source = "registry+https://github.com/rust-lang/crates.io-index" 245 | checksum = "7a5bbe824c507c5da5956355e86a746d82e0e1464f65d862cc5e71da70e94b2c" 246 | dependencies = [ 247 | "cfg-if", 248 | ] 249 | 250 | [[package]] 251 | name = "ipnet" 252 | version = "2.3.1" 253 | source = "registry+https://github.com/rust-lang/crates.io-index" 254 | checksum = "68f2d64f2edebec4ce84ad108148e67e1064789bee435edc5b60ad398714a3a9" 255 | dependencies = [ 256 | "serde", 257 | ] 258 | 259 | [[package]] 260 | name = "ipnetwork" 261 | version = "0.18.0" 262 | source = "registry+https://github.com/rust-lang/crates.io-index" 263 | checksum = "4088d739b183546b239688ddbc79891831df421773df95e236daf7867866d355" 264 | dependencies = [ 265 | "serde", 266 | ] 267 | 268 | [[package]] 269 | name = "itoa" 270 | version = "0.4.8" 271 | source = "registry+https://github.com/rust-lang/crates.io-index" 272 | checksum = "b71991ff56294aa922b450139ee08b3bfc70982c6b2c7562771375cf73542dd4" 273 | 274 | [[package]] 275 | name = "lazy_static" 276 | version = "1.4.0" 277 | source = "registry+https://github.com/rust-lang/crates.io-index" 278 | checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" 279 | 280 | [[package]] 281 | name = "libc" 282 | version = "0.2.108" 283 | source = "registry+https://github.com/rust-lang/crates.io-index" 284 | checksum = "8521a1b57e76b1ec69af7599e75e38e7b7fad6610f037db8c79b127201b5d119" 285 | 286 | [[package]] 287 | name = "lock_api" 288 | version = "0.4.5" 289 | source = "registry+https://github.com/rust-lang/crates.io-index" 290 | checksum = "712a4d093c9976e24e7dbca41db895dabcbac38eb5f4045393d17a95bdfb1109" 291 | dependencies = [ 292 | "scopeguard", 293 | ] 294 | 295 | [[package]] 296 | name = "log" 297 | version = "0.4.14" 298 | source = "registry+https://github.com/rust-lang/crates.io-index" 299 | checksum = "51b9bbe6c47d51fc3e1a9b945965946b4c44142ab8792c50835a980d362c2710" 300 | dependencies = [ 301 | "cfg-if", 302 | ] 303 | 304 | [[package]] 305 | name = "memchr" 306 | version = "2.4.1" 307 | source = "registry+https://github.com/rust-lang/crates.io-index" 308 | checksum = "308cc39be01b73d0d18f82a0e7b2a3df85245f84af96fdddc5d202d27e47b86a" 309 | 310 | [[package]] 311 | name = "memoffset" 312 | version = "0.6.4" 313 | source = "registry+https://github.com/rust-lang/crates.io-index" 314 | checksum = "59accc507f1338036a0477ef61afdae33cde60840f4dfe481319ce3ad116ddf9" 315 | dependencies = [ 316 | "autocfg", 317 | ] 318 | 319 | [[package]] 320 | name = "miniz_oxide" 321 | version = "0.4.4" 322 | source = "registry+https://github.com/rust-lang/crates.io-index" 323 | checksum = "a92518e98c078586bc6c934028adcca4c92a53d6a958196de835170a01d84e4b" 324 | dependencies = [ 325 | "adler", 326 | "autocfg", 327 | ] 328 | 329 | [[package]] 330 | name = "mio" 331 | version = "0.7.14" 332 | source = "registry+https://github.com/rust-lang/crates.io-index" 333 | checksum = "8067b404fe97c70829f082dec8bcf4f71225d7eaea1d8645349cb76fa06205cc" 334 | dependencies = [ 335 | "libc", 336 | "log", 337 | "miow", 338 | "ntapi", 339 | "winapi", 340 | ] 341 | 342 | [[package]] 343 | name = "miow" 344 | version = "0.3.7" 345 | source = "registry+https://github.com/rust-lang/crates.io-index" 346 | checksum = "b9f1c5b025cda876f66ef43a113f91ebc9f4ccef34843000e0adf6ebbab84e21" 347 | dependencies = [ 348 | "winapi", 349 | ] 350 | 351 | [[package]] 352 | name = "nix" 353 | version = "0.23.0" 354 | source = "registry+https://github.com/rust-lang/crates.io-index" 355 | checksum = "f305c2c2e4c39a82f7bf0bf65fb557f9070ce06781d4f2454295cc34b1c43188" 356 | dependencies = [ 357 | "bitflags 1.3.2", 358 | "cc", 359 | "cfg-if", 360 | "libc", 361 | "memoffset", 362 | ] 363 | 364 | [[package]] 365 | name = "ntapi" 366 | version = "0.3.6" 367 | source = "registry+https://github.com/rust-lang/crates.io-index" 368 | checksum = "3f6bb902e437b6d86e03cce10a7e2af662292c5dfef23b65899ea3ac9354ad44" 369 | dependencies = [ 370 | "winapi", 371 | ] 372 | 373 | [[package]] 374 | name = "num_cpus" 375 | version = "1.13.0" 376 | source = "registry+https://github.com/rust-lang/crates.io-index" 377 | checksum = "05499f3756671c15885fee9034446956fff3f243d6077b91e5767df161f766b3" 378 | dependencies = [ 379 | "hermit-abi", 380 | "libc", 381 | ] 382 | 383 | [[package]] 384 | name = "object" 385 | version = "0.27.1" 386 | source = "registry+https://github.com/rust-lang/crates.io-index" 387 | checksum = "67ac1d3f9a1d3616fd9a60c8d74296f22406a238b6a72f5cc1e6f314df4ffbf9" 388 | dependencies = [ 389 | "memchr", 390 | ] 391 | 392 | [[package]] 393 | name = "object" 394 | version = "0.28.1" 395 | source = "registry+https://github.com/rust-lang/crates.io-index" 396 | checksum = "7ce8b38d41f9f3618fc23f908faae61510f8d8ce2d99cbe910641e8f1971f084" 397 | dependencies = [ 398 | "memchr", 399 | ] 400 | 401 | [[package]] 402 | name = "once_cell" 403 | version = "1.8.0" 404 | source = "registry+https://github.com/rust-lang/crates.io-index" 405 | checksum = "692fcb63b64b1758029e0a96ee63e049ce8c5948587f2f7208df04625e5f6b56" 406 | 407 | [[package]] 408 | name = "packetfilter" 409 | version = "0.1.0" 410 | dependencies = [ 411 | "anyhow", 412 | "aya", 413 | "bytes", 414 | "clap", 415 | "ctrlc", 416 | "ipnet", 417 | "log", 418 | "pnet", 419 | "serde", 420 | "serde_json", 421 | "tokio", 422 | "zerocopy", 423 | ] 424 | 425 | [[package]] 426 | name = "parking_lot" 427 | version = "0.11.2" 428 | source = "registry+https://github.com/rust-lang/crates.io-index" 429 | checksum = "7d17b78036a60663b797adeaee46f5c9dfebb86948d1255007a1d6be0271ff99" 430 | dependencies = [ 431 | "instant", 432 | "lock_api", 433 | "parking_lot_core", 434 | ] 435 | 436 | [[package]] 437 | name = "parking_lot_core" 438 | version = "0.8.5" 439 | source = "registry+https://github.com/rust-lang/crates.io-index" 440 | checksum = "d76e8e1493bcac0d2766c42737f34458f1c8c50c0d23bcb24ea953affb273216" 441 | dependencies = [ 442 | "cfg-if", 443 | "instant", 444 | "libc", 445 | "redox_syscall", 446 | "smallvec", 447 | "winapi", 448 | ] 449 | 450 | [[package]] 451 | name = "pin-project-lite" 452 | version = "0.2.7" 453 | source = "registry+https://github.com/rust-lang/crates.io-index" 454 | checksum = "8d31d11c69a6b52a174b42bdc0c30e5e11670f90788b2c471c31c1d17d449443" 455 | 456 | [[package]] 457 | name = "pin-utils" 458 | version = "0.1.0" 459 | source = "registry+https://github.com/rust-lang/crates.io-index" 460 | checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" 461 | 462 | [[package]] 463 | name = "pnet" 464 | version = "0.28.0" 465 | source = "registry+https://github.com/rust-lang/crates.io-index" 466 | checksum = "4b6d2a0409666964722368ef5fb74b9f93fac11c18bef3308693c16c6733f103" 467 | dependencies = [ 468 | "ipnetwork", 469 | "pnet_base", 470 | "pnet_datalink", 471 | "pnet_packet", 472 | "pnet_sys", 473 | "pnet_transport", 474 | ] 475 | 476 | [[package]] 477 | name = "pnet_base" 478 | version = "0.28.0" 479 | source = "registry+https://github.com/rust-lang/crates.io-index" 480 | checksum = "25488cd551a753dcaaa6fffc9f69a7610a412dd8954425bf7ffad5f7d1156fb8" 481 | 482 | [[package]] 483 | name = "pnet_datalink" 484 | version = "0.28.0" 485 | source = "registry+https://github.com/rust-lang/crates.io-index" 486 | checksum = "d4d1f8ab1ef6c914cf51dc5dfe0be64088ea5f3b08bbf5a31abc70356d271198" 487 | dependencies = [ 488 | "ipnetwork", 489 | "libc", 490 | "pnet_base", 491 | "pnet_sys", 492 | "winapi", 493 | ] 494 | 495 | [[package]] 496 | name = "pnet_macros" 497 | version = "0.28.0" 498 | source = "registry+https://github.com/rust-lang/crates.io-index" 499 | checksum = "30490e0852e58402b8fae0d39897b08a24f493023a4d6cf56b2e30f31ed57548" 500 | dependencies = [ 501 | "proc-macro2", 502 | "quote", 503 | "regex", 504 | "syn", 505 | ] 506 | 507 | [[package]] 508 | name = "pnet_macros_support" 509 | version = "0.28.0" 510 | source = "registry+https://github.com/rust-lang/crates.io-index" 511 | checksum = "d4714e10f30cab023005adce048f2d30dd4ac4f093662abf2220855655ef8f90" 512 | dependencies = [ 513 | "pnet_base", 514 | ] 515 | 516 | [[package]] 517 | name = "pnet_packet" 518 | version = "0.28.0" 519 | source = "registry+https://github.com/rust-lang/crates.io-index" 520 | checksum = "8588067671d03c9f4254b2e66fecb4d8b93b5d3e703195b84f311cd137e32130" 521 | dependencies = [ 522 | "glob", 523 | "pnet_base", 524 | "pnet_macros", 525 | "pnet_macros_support", 526 | ] 527 | 528 | [[package]] 529 | name = "pnet_sys" 530 | version = "0.28.0" 531 | source = "registry+https://github.com/rust-lang/crates.io-index" 532 | checksum = "d9a3f32b0df45515befd19eed04616f6b56a488da92afc61164ef455e955f07f" 533 | dependencies = [ 534 | "libc", 535 | "winapi", 536 | ] 537 | 538 | [[package]] 539 | name = "pnet_transport" 540 | version = "0.28.0" 541 | source = "registry+https://github.com/rust-lang/crates.io-index" 542 | checksum = "932b2916d693bcc5fa18443dc99142e0a6fd31a6ce75a511868f7174c17e2bce" 543 | dependencies = [ 544 | "libc", 545 | "pnet_base", 546 | "pnet_packet", 547 | "pnet_sys", 548 | ] 549 | 550 | [[package]] 551 | name = "proc-macro2" 552 | version = "1.0.32" 553 | source = "registry+https://github.com/rust-lang/crates.io-index" 554 | checksum = "ba508cc11742c0dc5c1659771673afbab7a0efab23aa17e854cbab0837ed0b43" 555 | dependencies = [ 556 | "unicode-xid", 557 | ] 558 | 559 | [[package]] 560 | name = "quote" 561 | version = "1.0.10" 562 | source = "registry+https://github.com/rust-lang/crates.io-index" 563 | checksum = "38bc8cc6a5f2e3655e0899c1b848643b2562f853f114bfec7be120678e3ace05" 564 | dependencies = [ 565 | "proc-macro2", 566 | ] 567 | 568 | [[package]] 569 | name = "redox_syscall" 570 | version = "0.2.10" 571 | source = "registry+https://github.com/rust-lang/crates.io-index" 572 | checksum = "8383f39639269cde97d255a32bdb68c047337295414940c68bdd30c2e13203ff" 573 | dependencies = [ 574 | "bitflags 1.3.2", 575 | ] 576 | 577 | [[package]] 578 | name = "regex" 579 | version = "1.5.4" 580 | source = "registry+https://github.com/rust-lang/crates.io-index" 581 | checksum = "d07a8629359eb56f1e2fb1652bb04212c072a87ba68546a04065d525673ac461" 582 | dependencies = [ 583 | "aho-corasick", 584 | "memchr", 585 | "regex-syntax", 586 | ] 587 | 588 | [[package]] 589 | name = "regex-syntax" 590 | version = "0.6.25" 591 | source = "registry+https://github.com/rust-lang/crates.io-index" 592 | checksum = "f497285884f3fcff424ffc933e56d7cbca511def0c9831a7f9b5f6153e3cc89b" 593 | 594 | [[package]] 595 | name = "rustc-demangle" 596 | version = "0.1.21" 597 | source = "registry+https://github.com/rust-lang/crates.io-index" 598 | checksum = "7ef03e0a2b150c7a90d01faf6254c9c48a41e95fb2a8c2ac1c6f0d2b9aefc342" 599 | 600 | [[package]] 601 | name = "ryu" 602 | version = "1.0.6" 603 | source = "registry+https://github.com/rust-lang/crates.io-index" 604 | checksum = "3c9613b5a66ab9ba26415184cfc41156594925a9cf3a2057e57f31ff145f6568" 605 | 606 | [[package]] 607 | name = "scopeguard" 608 | version = "1.1.0" 609 | source = "registry+https://github.com/rust-lang/crates.io-index" 610 | checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd" 611 | 612 | [[package]] 613 | name = "serde" 614 | version = "1.0.130" 615 | source = "registry+https://github.com/rust-lang/crates.io-index" 616 | checksum = "f12d06de37cf59146fbdecab66aa99f9fe4f78722e3607577a5375d66bd0c913" 617 | dependencies = [ 618 | "serde_derive", 619 | ] 620 | 621 | [[package]] 622 | name = "serde_derive" 623 | version = "1.0.130" 624 | source = "registry+https://github.com/rust-lang/crates.io-index" 625 | checksum = "d7bc1a1ab1961464eae040d96713baa5a724a8152c1222492465b54322ec508b" 626 | dependencies = [ 627 | "proc-macro2", 628 | "quote", 629 | "syn", 630 | ] 631 | 632 | [[package]] 633 | name = "serde_json" 634 | version = "1.0.72" 635 | source = "registry+https://github.com/rust-lang/crates.io-index" 636 | checksum = "d0ffa0837f2dfa6fb90868c2b5468cad482e175f7dad97e7421951e663f2b527" 637 | dependencies = [ 638 | "itoa", 639 | "ryu", 640 | "serde", 641 | ] 642 | 643 | [[package]] 644 | name = "signal-hook-registry" 645 | version = "1.4.0" 646 | source = "registry+https://github.com/rust-lang/crates.io-index" 647 | checksum = "e51e73328dc4ac0c7ccbda3a494dfa03df1de2f46018127f60c693f2648455b0" 648 | dependencies = [ 649 | "libc", 650 | ] 651 | 652 | [[package]] 653 | name = "slab" 654 | version = "0.4.5" 655 | source = "registry+https://github.com/rust-lang/crates.io-index" 656 | checksum = "9def91fd1e018fe007022791f865d0ccc9b3a0d5001e01aabb8b40e46000afb5" 657 | 658 | [[package]] 659 | name = "smallvec" 660 | version = "1.7.0" 661 | source = "registry+https://github.com/rust-lang/crates.io-index" 662 | checksum = "1ecab6c735a6bb4139c0caafd0cc3635748bbb3acf4550e8138122099251f309" 663 | 664 | [[package]] 665 | name = "strsim" 666 | version = "0.6.0" 667 | source = "registry+https://github.com/rust-lang/crates.io-index" 668 | checksum = "b4d15c810519a91cf877e7e36e63fe068815c678181439f2f29e2562147c3694" 669 | 670 | [[package]] 671 | name = "syn" 672 | version = "1.0.81" 673 | source = "registry+https://github.com/rust-lang/crates.io-index" 674 | checksum = "f2afee18b8beb5a596ecb4a2dce128c719b4ba399d34126b9e4396e3f9860966" 675 | dependencies = [ 676 | "proc-macro2", 677 | "quote", 678 | "unicode-xid", 679 | ] 680 | 681 | [[package]] 682 | name = "synstructure" 683 | version = "0.12.6" 684 | source = "registry+https://github.com/rust-lang/crates.io-index" 685 | checksum = "f36bdaa60a83aca3921b5259d5400cbf5e90fc51931376a9bd4a0eb79aa7210f" 686 | dependencies = [ 687 | "proc-macro2", 688 | "quote", 689 | "syn", 690 | "unicode-xid", 691 | ] 692 | 693 | [[package]] 694 | name = "textwrap" 695 | version = "0.9.0" 696 | source = "registry+https://github.com/rust-lang/crates.io-index" 697 | checksum = "c0b59b6b4b44d867f1370ef1bd91bfb262bf07bf0ae65c202ea2fbc16153b693" 698 | dependencies = [ 699 | "unicode-width", 700 | ] 701 | 702 | [[package]] 703 | name = "thiserror" 704 | version = "1.0.30" 705 | source = "registry+https://github.com/rust-lang/crates.io-index" 706 | checksum = "854babe52e4df1653706b98fcfc05843010039b406875930a70e4d9644e5c417" 707 | dependencies = [ 708 | "thiserror-impl", 709 | ] 710 | 711 | [[package]] 712 | name = "thiserror-impl" 713 | version = "1.0.30" 714 | source = "registry+https://github.com/rust-lang/crates.io-index" 715 | checksum = "aa32fd3f627f367fe16f893e2597ae3c05020f8bba2666a4e6ea73d377e5714b" 716 | dependencies = [ 717 | "proc-macro2", 718 | "quote", 719 | "syn", 720 | ] 721 | 722 | [[package]] 723 | name = "tokio" 724 | version = "1.14.0" 725 | source = "registry+https://github.com/rust-lang/crates.io-index" 726 | checksum = "70e992e41e0d2fb9f755b37446f20900f64446ef54874f40a60c78f021ac6144" 727 | dependencies = [ 728 | "autocfg", 729 | "bytes", 730 | "libc", 731 | "memchr", 732 | "mio", 733 | "num_cpus", 734 | "once_cell", 735 | "parking_lot", 736 | "pin-project-lite", 737 | "signal-hook-registry", 738 | "tokio-macros", 739 | "winapi", 740 | ] 741 | 742 | [[package]] 743 | name = "tokio-macros" 744 | version = "1.6.0" 745 | source = "registry+https://github.com/rust-lang/crates.io-index" 746 | checksum = "c9efc1aba077437943f7515666aa2b882dfabfbfdf89c819ea75a8d6e9eaba5e" 747 | dependencies = [ 748 | "proc-macro2", 749 | "quote", 750 | "syn", 751 | ] 752 | 753 | [[package]] 754 | name = "unicode-width" 755 | version = "0.1.9" 756 | source = "registry+https://github.com/rust-lang/crates.io-index" 757 | checksum = "3ed742d4ea2bd1176e236172c8429aaf54486e7ac098db29ffe6529e0ce50973" 758 | 759 | [[package]] 760 | name = "unicode-xid" 761 | version = "0.2.2" 762 | source = "registry+https://github.com/rust-lang/crates.io-index" 763 | checksum = "8ccb82d61f80a663efe1f787a51b16b5a51e3314d6ac365b08639f52387b33f3" 764 | 765 | [[package]] 766 | name = "vec_map" 767 | version = "0.8.2" 768 | source = "registry+https://github.com/rust-lang/crates.io-index" 769 | checksum = "f1bddf1187be692e79c5ffeab891132dfb0f236ed36a43c7ed39f1165ee20191" 770 | 771 | [[package]] 772 | name = "winapi" 773 | version = "0.3.9" 774 | source = "registry+https://github.com/rust-lang/crates.io-index" 775 | checksum = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419" 776 | dependencies = [ 777 | "winapi-i686-pc-windows-gnu", 778 | "winapi-x86_64-pc-windows-gnu", 779 | ] 780 | 781 | [[package]] 782 | name = "winapi-i686-pc-windows-gnu" 783 | version = "0.4.0" 784 | source = "registry+https://github.com/rust-lang/crates.io-index" 785 | checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" 786 | 787 | [[package]] 788 | name = "winapi-x86_64-pc-windows-gnu" 789 | version = "0.4.0" 790 | source = "registry+https://github.com/rust-lang/crates.io-index" 791 | checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" 792 | 793 | [[package]] 794 | name = "zerocopy" 795 | version = "0.6.1" 796 | source = "registry+https://github.com/rust-lang/crates.io-index" 797 | checksum = "332f188cc1bcf1fe1064b8c58d150f497e697f49774aa846f2dc949d9a25f236" 798 | dependencies = [ 799 | "byteorder", 800 | "zerocopy-derive", 801 | ] 802 | 803 | [[package]] 804 | name = "zerocopy-derive" 805 | version = "0.3.1" 806 | source = "registry+https://github.com/rust-lang/crates.io-index" 807 | checksum = "a0fbc82b82efe24da867ee52e015e58178684bd9dd64c34e66bdf21da2582a9f" 808 | dependencies = [ 809 | "proc-macro2", 810 | "syn", 811 | "synstructure", 812 | ] 813 | --------------------------------------------------------------------------------