diff --git a/src/common.h b/src/common.h index 6ed4df9..a1f628e 100644 --- a/src/common.h +++ b/src/common.h @@ -36,9 +36,3 @@ void rkpFree(void* p) { kfree(p); } - -#include "rkpSetting.h" -#include "rkpPacket.h" -#include "rkpMap.h" -#include "rkpStream.h" -#include "rkpManager.h" \ No newline at end of file diff --git a/src/rkpMap.h b/src/rkpMap.h index 95fc9e9..9d32016 100644 --- a/src/rkpMap.h +++ b/src/rkpMap.h @@ -2,21 +2,28 @@ #include "common.h" struct rkpMap -// 以相对序列号记录应用层数据中需要修改的部分的位置,提供修改的函数 +// 记录应用层数据中需要修改的部分的位置,提供修改的函数 + { - int32_t begin, length; // begin 为绝对序列号 - // int32_t &seq_offset = beign; // 需要一个差不多的数值作为偏移来计算序列号谁先谁后的问题,这个偏移取为 begin + uint32_t begin, length; + // begin 为绝对序列号 + struct rkpMap *prev, *next; }; -struct rkpMap* rkpMap_new(int32_t, int32_t); // 两个参数分别为起始和终止绝对序列号 +struct rkpMap* rkpMap_new(uint32_t, uint32_t); void rkpMap_delete(struct rkpMap*); -unsigned char __rkpMap_map(const struct rkpMap*, int32_t); // 返回某个序列号对应的映射后的值。假定参数是合法的。这里的参数是相对序列号 -void rkpMap_modify(struct rkpMap**, struct rkpPacket**); // 对一列序列号连续且递增的包进行修改 +unsigned char __rkpMap_ua(uint32_t); +// 获得 ua(例如,"RKP/99")第几个位置上的字符 -void rkpMap_insert_begin(struct rkpMap**, struct rkpMap*); // 在开头位置插入一个映射 +void rkpMap_modify(struct rkpMap**, struct rkpPacket**); +// 对一列序列号连续且递增的包进行修改 + +void rkpMap_insert_begin(struct rkpMap**, struct rkpMap*); void rkpMap_insert_end(struct rkpMap**, struct rkpMap*); +// 在指定位置插入映射,假定要插入的映射的前后指针已经置零 + void rkpMap_refresh(struct rkpMap**, int32_t); // 对于一列序列号递增的映射,删除已经回应的映射 struct rkpMap* rkpMap_new(int32_t seql, int32_t seqr) diff --git a/src/rkpPacket.h b/src/rkpPacket.h index 0f5d038..8747592 100644 --- a/src/rkpPacket.h +++ b/src/rkpPacket.h @@ -3,22 +3,37 @@ struct rkpPacket // 存储一个个数据包的类,完全被 rkpStream 和 rkpManager 包裹 + { struct rkpPacket *prev, *next; + // 双向链表 + struct sk_buff* skb; + u_int8_t sid; + // 取两端口之和的低8位,作为 hash 表的键 + u_int32_t lid[3]; + // 对于非 ack 的包,分别为源地址、目标地址、源端口、目标端口,作为流的唯一标识。 + // 对于 ack,则是目标地址、源地址、目标端口、源端口 + bool ack; }; struct rkpPacket* rkpPacket_new(struct sk_buff*, bool); void rkpPacket_send(struct rkpPacket*); + void rkpPacket_delete(struct rkpPacket*); +// 释放一个 packet 对象,不会释放附属的 skb + void rkpPacket_drop(struct rkpPacket*); +// 释放一个 packet 对象,同时释放附属的 skb unsigned char* rkpPacket_appBegin(const struct rkpPacket*); unsigned char* rkpPacket_appEnd(const struct rkpPacket*); unsigned rkpPacket_appLen(const struct rkpPacket*); +// 得到 skb 应用层内容的位置和长度 + int32_t rkpPacket_seq(const struct rkpPacket*, const int32_t); int32_t rkpPacket_seqAck(const struct rkpPacket*, const int32_t); u_int32_t rkpPacket_sip(const struct rkpPacket*); @@ -28,43 +43,59 @@ u_int16_t rkpPacket_dport(const struct rkpPacket*); bool rkpPacket_psh(const struct rkpPacket*); bool rkpPacket_syn(const struct rkpPacket*); bool rkpPacket_ack(const struct rkpPacket*); +// 得到 skb 中的其它信息 void rkpPacket_csum(struct rkpPacket*); +// 重新计算 ip 和 tcp 的校验和 + bool __rkpPacket_makeWriteable(struct rkpPacket*); +// 使得 skb 可以写。有时,内核不会将包的内容按照顺序紧密放置,而是共享其它部分的资源(只丢个指针在 skb 里)。 +// 需要这一步来保证内容全部复制到 skb 里,可以自由修改 void rkpPacket_makeOffset(const struct rkpPacket*, int32_t*); +// 发出一个包后,该流的序列号的偏移需要相应修改。在发出这个包前,调用这个函数来修改流的序列号偏移 -void rkpPacket_insert_auto(struct rkpPacket**, struct rkpPacket*, int32_t offset); // 在指定链表中插入一个包,自动根据序列号确定插入的位置 -void rkpPacket_insert_begin(struct rkpPacket**, struct rkpPacket*); // 在指定链表的头部插入一个包 -void rkpPacket_insert_end(struct rkpPacket**, struct rkpPacket*); // 在指定链表尾部插入一个包 -struct rkpPacket* rkpPacket_pop_begin(struct rkpPacket**); // 将指定链表头部的包取出 -struct rkpPacket* rkpPacket_pop_end(struct rkpPacket**); // 将指定链表尾部的包取出 -unsigned rkpPacket_num(struct rkpPacket**); // 返回指定链表中包的数目 +void rkpPacket_insert_auto(struct rkpPacket**, struct rkpPacket*, int32_t offset); +// 在链表中插入一个包,自动根据序列号确定插入的位置 +// 假定包的指向前后位置的指针已经置零 + +void rkpPacket_insert_begin(struct rkpPacket**, struct rkpPacket*); +void rkpPacket_insert_end(struct rkpPacket**, struct rkpPacket*); +// 在链表的相应位置插入一个包 +// 假定包的指向前后位置的指针已经置零 + +struct rkpPacket* rkpPacket_pop_begin(struct rkpPacket**); +struct rkpPacket* rkpPacket_pop_end(struct rkpPacket**); +// 取出流的指定位置的包,假定流不空 + +unsigned rkpPacket_num(struct rkpPacket**); +// 返回链表中包的数目 void rkpPacket_sendl(struct rkpPacket**); void rkpPacket_deletel(struct rkpPacket**); void rkpPacket_dropl(struct rkpPacket**); +// 将整个链表 send、delete 或 drop struct rkpPacket* rkpPacket_new(struct sk_buff* skb, bool ack) { struct rkpPacket* rkpp = rkpMalloc(sizeof(struct rkpPacket)); if(rkpp == 0) return 0; - rkpp -> prev = rkpp -> next = 0; - rkpp -> skb = skb; - rkpp -> ack = ack; - rkpp -> sid = (rkpPacket_sport(rkpp) + rkpPacket_dport(rkpp)) & 0xFF; + rkpp->prev = rkpp->next = 0; + rkpp->skb = skb; + rkpp->ack = ack; + rkpp->sid = (rkpPacket_sport(rkpp) + rkpPacket_dport(rkpp)) & 0xFF; if(!ack) { - rkpp -> lid[0] = rkpPacket_sip(rkpp); - rkpp -> lid[1] = rkpPacket_dip(rkpp); - rkpp -> lid[2] = (rkpPacket_sport(rkpp) << 16) + rkpPacket_dport(rkpp); + rkpp->lid[0] = rkpPacket_sip(rkpp); + rkpp->lid[1] = rkpPacket_dip(rkpp); + rkpp->lid[2] = (rkpPacket_sport(rkpp) << 16) + rkpPacket_dport(rkpp); } else { - rkpp -> lid[0] = rkpPacket_dip(rkpp); - rkpp -> lid[1] = rkpPacket_sip(rkpp); - rkpp -> lid[2] = (rkpPacket_dport(rkpp) << 16) + rkpPacket_sport(rkpp); + rkpp->lid[0] = rkpPacket_dip(rkpp); + rkpp->lid[1] = rkpPacket_sip(rkpp); + rkpp->lid[2] = (rkpPacket_dport(rkpp) << 16) + rkpPacket_sport(rkpp); } if(!__rkpPacket_makeWriteable(rkpp)) { @@ -75,10 +106,10 @@ struct rkpPacket* rkpPacket_new(struct sk_buff* skb, bool ack) } void rkpPacket_send(struct rkpPacket* rkpp) { - if(dev_queue_xmit(rkpp -> skb)) + if(dev_queue_xmit(rkpp->skb)) { printk("rkp-ua: rkpPacket_new: Send failed. Drop it.\n"); - kfree_skb(rkpp -> skb); + kfree_skb(rkpp->skb); } rkpFree(rkpp); } @@ -88,76 +119,89 @@ void rkpPacket_delete(struct rkpPacket* rkpp) } void rkpPacket_drop(struct rkpPacket* rkpp) { - kfree_skb(rkpp -> skb); + kfree_skb(rkpp->skb); rkpFree(rkpp); } unsigned char* rkpPacket_appBegin(const struct rkpPacket* rkpp) { - return ((unsigned char*)tcp_hdr(rkpp -> skb)) + tcp_hdr(rkpp -> skb) -> doff * 4; + return ((unsigned char*)tcp_hdr(rkpp->skb)) + tcp_hdr(rkpp->skb)->doff * 4; } unsigned char* rkpPacket_appEnd(const struct rkpPacket* rkpp) { - return ((unsigned char*)ip_hdr(rkpp -> skb)) + ntohs(ip_hdr(rkpp -> skb) -> tot_len); + return ((unsigned char*)ip_hdr(rkpp->skb)) + ntohs(ip_hdr(rkpp->skb)->tot_len); } unsigned rkpPacket_appLen(const struct rkpPacket* rkpp) { - return ntohs(ip_hdr(rkpp -> skb) -> tot_len) - ip_hdr(rkpp -> skb) -> ihl * 4 - tcp_hdr(rkpp -> skb) -> doff * 4; + return ntohs(ip_hdr(rkpp->skb)->tot_len) - ip_hdr(rkpp->skb)->ihl * 4 - tcp_hdr(rkpp->skb)->doff * 4; } int32_t rkpPacket_seq(const struct rkpPacket* rkpp, const int32_t offset) { - return (int32_t)ntohl(tcp_hdr(rkpp -> skb) -> seq) - offset; + return (int32_t)ntohl(tcp_hdr(rkpp->skb)->seq) - offset; } int32_t rkpPacket_seqAck(const struct rkpPacket* rkpp, const int32_t offset) { - return (int32_t)ntohl(tcp_hdr(rkpp -> skb) -> ack_seq) - offset; + return (int32_t)ntohl(tcp_hdr(rkpp->skb)->ack_seq) - offset; } u_int32_t rkpPacket_sip(const struct rkpPacket* rkpp) { - return ntohl(ip_hdr(rkpp -> skb) -> saddr); + return ntohl(ip_hdr(rkpp->skb)->saddr); } u_int32_t rkpPacket_dip(const struct rkpPacket* rkpp) { - return ntohl(ip_hdr(rkpp -> skb) -> daddr); + return ntohl(ip_hdr(rkpp->skb)->daddr); } u_int16_t rkpPacket_sport(const struct rkpPacket* rkpp) { - return ntohs(tcp_hdr(rkpp -> skb) -> source); + return ntohs(tcp_hdr(rkpp->skb)->source); } u_int16_t rkpPacket_dport(const struct rkpPacket* rkpp) { - return ntohs(tcp_hdr(rkpp -> skb) -> dest); + return ntohs(tcp_hdr(rkpp->skb)->dest); } bool rkpPacket_psh(const struct rkpPacket* rkpp) { - return tcp_hdr(rkpp -> skb) -> psh; + return tcp_hdr(rkpp->skb)->psh; } bool rkpPacket_syn(const struct rkpPacket* rkpp) { - return tcp_hdr(rkpp -> skb) -> syn; + return tcp_hdr(rkpp->skb)->syn; } bool rkpPacket_ack(const struct rkpPacket* rkpp) { - return tcp_hdr(rkpp -> skb) -> ack; + return tcp_hdr(rkpp->skb)->ack; } void rkpPacket_csum(struct rkpPacket* rkpp) { - struct iphdr* iph = ip_hdr(rkpp -> skb); - struct tcphdr* tcph = tcp_hdr(rkpp -> skb); - tcph -> check = 0; - iph -> check = 0; - rkpp -> skb -> csum = skb_checksum(rkpp -> skb, iph -> ihl * 4, ntohs(iph -> tot_len) - iph -> ihl * 4, 0); - iph -> check = ip_fast_csum((unsigned char*)iph, iph -> ihl); - tcph -> check = csum_tcpudp_magic(iph -> saddr, iph -> daddr, ntohs(iph -> tot_len) - iph -> ihl * 4, IPPROTO_TCP, rkpp -> skb -> csum); + struct iphdr* iph = ip_hdr(rkpp->skb); + struct tcphdr* tcph = tcp_hdr(rkpp->skb); + tcph->check = 0; + iph->check = 0; + rkpp->skb->csum = skb_checksum + ( + rkpp->skb, + iph->ihl * 4, + ntohs(iph->tot_len) - iph->ihl * 4, + 0 + ); + iph->check = ip_fast_csum((unsigned char*)iph, iph->ihl); + tcph->check = csum_tcpudp_magic + ( + iph->saddr, + iph->daddr, + ntohs(iph->tot_len) - iph->ihl * 4, + IPPROTO_TCP, + rkpp->skb->csum + ); } bool __rkpPacket_makeWriteable(struct rkpPacket* rkpp) { #if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 19, 0) - if(skb_ensure_writable(rkpp -> skb, rkpPacket_appEnd(rkpp) - (unsigned char*)rkpp -> skb -> data) || rkpp -> skb -> data == 0) + if(skb_ensure_writable(rkpp->skb, rkpPacket_appEnd(rkpp) - (unsigned char*)rkpp->skb->data) || rkpp->skb->data == 0) #else - if(!skb_make_writable(rkpp -> skb, rkpPacket_appEnd(rkpp)- (unsigned char*)rkpp -> skb -> data) || rkpp -> skb -> data == 0) + if(!skb_make_writable(rkpp->skb, rkpPacket_appEnd(rkpp) - (unsigned char*)rkpp->skb->data) || rkpp->skb->data == 0) #endif { printk("rkp-ua: rkpPacket_makeWriteable: failed.\n"); @@ -176,24 +220,25 @@ void rkpPacket_insert_auto(struct rkpPacket** buff, struct rkpPacket* rkpp, int3 // 如果链表是空的,那么就直接加进去 if(*buff == 0) *buff = rkpp; + // 又或者,要插入的包需要排到第一个 else if(rkpPacket_seq(*buff, offset) >= rkpPacket_seq(rkpp, offset)) { - (*buff) -> prev = rkpp; - rkpp -> next = *buff; + (*buff)->prev = rkpp; + rkpp->next = *buff; *buff = rkpp; } // 接下来寻找最后一个序列号小于 rkpp 的包,插入到它的后面。 else { struct rkpPacket* rkpp2 = *buff; - while(rkpp2 -> next != 0 && rkpPacket_seq(rkpp2 -> next, offset) < rkpPacket_seq(rkpp, offset)) - rkpp2 = rkpp2 -> next; - rkpp -> next = rkpp2 -> next; - rkpp -> prev = rkpp2; - if(rkpp -> next != 0) - rkpp -> next -> prev = rkpp; - rkpp2 -> next = rkpp; + while(rkpp2->next != 0 && rkpPacket_seq(rkpp2->next, offset) < rkpPacket_seq(rkpp, offset)) + rkpp2 = rkpp2->next; + rkpp->next = rkpp2->next; + rkpp->prev = rkpp2; + if(rkpp->next != 0) + rkpp->next->prev = rkpp; + rkpp2->next = rkpp; } } void rkpPacket_insert_begin(struct rkpPacket** buff, struct rkpPacket* rkpp) @@ -202,8 +247,8 @@ void rkpPacket_insert_begin(struct rkpPacket** buff, struct rkpPacket* rkpp) *buff = rkpp; else { - (*buff) -> prev = rkpp; - rkpp -> next = *buff; + (*buff)->prev = rkpp; + rkpp->next = *buff; *buff = rkpp; } } @@ -214,36 +259,36 @@ void rkpPacket_insert_end(struct rkpPacket** buff, struct rkpPacket* rkpp) else { struct rkpPacket* rkpp2 = *buff; - while(rkpp2 -> next != 0) - rkpp2 = rkpp2 -> next; - rkpp2 -> next = rkpp; - rkpp -> prev = rkpp2; + while(rkpp2->next != 0) + rkpp2 = rkpp2->next; + rkpp2->next = rkpp; + rkpp->prev = rkpp2; } } struct rkpPacket* rkpPacket_pop_begin(struct rkpPacket** buff) { struct rkpPacket* rkpp = *buff; - if(rkpp -> next == 0) + if(rkpp->next == 0) *buff = 0; else { - *buff = rkpp -> next; - rkpp -> next = 0; - (*buff) -> prev = 0; + *buff = rkpp->next; + rkpp->next = 0; + (*buff)->prev = 0; } return rkpp; } struct rkpPacket* rkpPacket_pop_end(struct rkpPacket** buff) { struct rkpPacket* rkpp = *buff; - while(rkpp -> next != 0) - rkpp = rkpp -> next; + while(rkpp->next != 0) + rkpp = rkpp->next; if(rkpp == *buff) *buff = 0; else { - rkpp -> prev -> next = 0; - rkpp -> prev = 0; + rkpp->prev->next = 0; + rkpp->prev = 0; } return rkpp; } @@ -253,7 +298,7 @@ unsigned rkpPacket_num(struct rkpPacket** buff) const struct rkpPacket* rkpp = *buff; while(rkpp != 0) { - rkpp = rkpp -> next; + rkpp = rkpp->next; n++; } return n; @@ -261,34 +306,16 @@ unsigned rkpPacket_num(struct rkpPacket** buff) void rkpPacket_sendl(struct rkpPacket** rkppl) { - struct rkpPacket *rkpp = *rkppl, *rkpp2; - while(rkpp != 0) - { - rkpp2 = rkpp -> next; - rkpPacket_send(rkpp); - rkpp = rkpp2; - } - *rkppl = 0; + while(*rkppl != 0) + rkpPacket_send(rkpPacket_pop_begin(rkppl)); } void rkpPacket_deletel(struct rkpPacket** rkppl) { - struct rkpPacket *rkpp = *rkppl, *rkpp2; - while(rkpp != 0) - { - rkpp2 = rkpp -> next; - rkpPacket_delete(rkpp); - rkpp = rkpp2; - } - *rkppl = 0; + while(*rkppl != 0) + rkpPacket_delete(rkpPacket_pop_begin(rkppl)); } void rkpPacket_dropl(struct rkpPacket** rkppl) { - struct rkpPacket *rkpp = *rkppl, *rkpp2; - while(rkpp != 0) - { - rkpp2 = rkpp -> next; - rkpPacket_drop(rkpp); - rkpp = rkpp2; - } - *rkppl = 0; -} \ No newline at end of file + while(*rkppl != 0) + rkpPacket_drop(rkpPacket_pop_begin(rkppl)); +} diff --git a/src/rkpSetting.h b/src/rkpSetting.h index 5fa3eb6..fe22cf3 100644 --- a/src/rkpSetting.h +++ b/src/rkpSetting.h @@ -6,41 +6,51 @@ static_assert(sizeof(unsigned long) >= sizeof(void*), "ulong is too short."); static bool autocapture = true; module_param(autocapture, bool, 0); + static char* str_preserve[128]; static unsigned n_str_preserve = 0; module_param_array(str_preserve, charp, &n_str_preserve, 0); + static unsigned mark_capture = 0x100; module_param(mark_capture, uint, 0); + static unsigned mark_ack = 0x200; module_param(mark_ack, uint, 0); -static unsigned time_keepalive = 1200; + +static unsigned time_keepalive = 60; module_param(time_keepalive, uint, 0); + static unsigned len_ua = 2; module_param(len_ua, uint, 0); -static bool verbose = false; -module_param(verbose, bool, 0); + static bool debug = false; module_param(debug, bool, 0); bool rkpSetting_capture(const struct sk_buff*); +// 检查一个 skb 仅按照 ip 和端口来看,是否应该被捕获 + bool rkpSetting_ack(const struct sk_buff*); +// 检查一个 skb 是否是回应的包 bool rkpSetting_capture(const struct sk_buff* skb) { if(!autocapture) { - return (skb -> mark & mark_capture) == mark_capture; + return (skb->mark & mark_capture) == mark_capture; } else { if(rkpSetting_ack(skb)) return true; - if(ip_hdr(skb) -> protocol != IPPROTO_TCP) + if(ip_hdr(skb)->protocol != IPPROTO_TCP) return false; - else if(ntohs(tcp_hdr(skb) -> dest) != 80) + else if(ntohs(tcp_hdr(skb)->dest) != 80) return false; - else if((ntohl(ip_hdr(skb) -> saddr) & 0xFFFF0000) != (192 << 24) + (168 << 16) - || (ntohl(ip_hdr(skb) -> daddr) & 0xFFFF0000) == (192 << 24) + (168 << 16)) + else if + ( + (ntohl(ip_hdr(skb)->saddr) & 0xFFFF0000) != (192 << 24) + (168 << 16) || + (ntohl(ip_hdr(skb)->daddr) & 0xFFFF0000) == (192 << 24) + (168 << 16) + ) return false; else return true; @@ -50,18 +60,21 @@ bool rkpSetting_ack(const struct sk_buff* skb) { if(!autocapture) { - return (skb -> mark & mark_ack) == mark_ack; + return (skb->mark & mark_ack) == mark_ack; } else { - if(ip_hdr(skb) -> protocol != IPPROTO_TCP) + if(ip_hdr(skb)->protocol != IPPROTO_TCP) return false; - else if(ntohs(tcp_hdr(skb) -> source) != 80) + else if(ntohs(tcp_hdr(skb)->source) != 80) return false; - else if((ntohl(ip_hdr(skb) -> daddr) & 0xFFFF0000) != (192 << 24) + (168 << 16) - || (ntohl(ip_hdr(skb) -> saddr) & 0xFFFF0000) == (192 << 24) + (168 << 16)) + else if + ( + (ntohl(ip_hdr(skb)->daddr) & 0xFFFF0000) != (192 << 24) + (168 << 16) || + (ntohl(ip_hdr(skb)->saddr) & 0xFFFF0000) == (192 << 24) + (168 << 16) + ) return false; else - return tcp_hdr(skb) -> ack; + return tcp_hdr(skb)->ack; } } \ No newline at end of file