From 9720619eb8f462b1c575168915d8c1ad66d44550 Mon Sep 17 00:00:00 2001 From: serega6531 Date: Mon, 13 Apr 2020 00:45:48 +0300 Subject: [PATCH] =?UTF-8?q?=D0=A0=D0=B0=D0=B1=D0=BE=D1=82=D0=B0=20=D0=BD?= =?UTF-8?q?=D0=B0=D0=B4=20=D1=84=D0=B8=D0=BB=D1=8C=D1=82=D1=80=D0=B0=D1=86?= =?UTF-8?q?=D0=B8=D0=B5=D0=B9=20=D1=87=D0=B5=D1=80=D0=B5=D0=B7=20libpcap?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../packmate/pcap/AbstractPcapWorker.java | 16 +++++++++++++++ .../packmate/pcap/FilePcapWorker.java | 3 +++ .../packmate/pcap/LivePcapWorker.java | 2 ++ .../serega6531/packmate/pcap/PcapWorker.java | 2 ++ .../packmate/service/PatternService.java | 4 ++-- .../packmate/service/PcapService.java | 20 +++++++++++++++++++ .../packmate/service/ServicesService.java | 7 +++++++ 7 files changed, 52 insertions(+), 2 deletions(-) diff --git a/src/main/java/ru/serega6531/packmate/pcap/AbstractPcapWorker.java b/src/main/java/ru/serega6531/packmate/pcap/AbstractPcapWorker.java index e211eff..7763205 100644 --- a/src/main/java/ru/serega6531/packmate/pcap/AbstractPcapWorker.java +++ b/src/main/java/ru/serega6531/packmate/pcap/AbstractPcapWorker.java @@ -5,6 +5,7 @@ import lombok.SneakyThrows; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.concurrent.BasicThreadFactory; import org.apache.commons.lang3.tuple.ImmutablePair; +import org.pcap4j.core.BpfProgram; import org.pcap4j.core.PacketListener; import org.pcap4j.core.PcapHandle; import org.pcap4j.packet.IpV4Packet; @@ -36,6 +37,8 @@ public abstract class AbstractPcapWorker implements PcapWorker, PacketListener { protected PcapHandle pcap = null; protected final ExecutorService loopExecutorService; + protected String filter = null; + // во время работы должен быть != null protected ExecutorService processorExecutorService; @@ -255,4 +258,17 @@ public abstract class AbstractPcapWorker implements PcapWorker, PacketListener { }).get(); } + @Override + @SneakyThrows + public void setFilter(String filter) { + this.filter = filter; + applyFilter(); + } + + @SneakyThrows + protected void applyFilter() { + if(filter != null && pcap != null && pcap.isOpen()) { + pcap.setFilter(filter, BpfProgram.BpfCompileMode.OPTIMIZE); + } + } } diff --git a/src/main/java/ru/serega6531/packmate/pcap/FilePcapWorker.java b/src/main/java/ru/serega6531/packmate/pcap/FilePcapWorker.java index 8bc28a7..7c566af 100644 --- a/src/main/java/ru/serega6531/packmate/pcap/FilePcapWorker.java +++ b/src/main/java/ru/serega6531/packmate/pcap/FilePcapWorker.java @@ -44,6 +44,9 @@ public class FilePcapWorker extends AbstractPcapWorker { public void start() { log.info("Using file " + file.getAbsolutePath()); pcap = Pcaps.openOffline(file.getAbsolutePath()); + + applyFilter(); + loopExecutorService.execute(this::runScan); } diff --git a/src/main/java/ru/serega6531/packmate/pcap/LivePcapWorker.java b/src/main/java/ru/serega6531/packmate/pcap/LivePcapWorker.java index 16a38e9..c899a17 100644 --- a/src/main/java/ru/serega6531/packmate/pcap/LivePcapWorker.java +++ b/src/main/java/ru/serega6531/packmate/pcap/LivePcapWorker.java @@ -37,6 +37,8 @@ public class LivePcapWorker extends AbstractPcapWorker { log.info("Using interface " + device.getName()); pcap = device.openLive(65536, PcapNetworkInterface.PromiscuousMode.PROMISCUOUS, 100); + applyFilter(); + try { log.info("Intercept started"); pcap.loop(-1, this, loopExecutorService); diff --git a/src/main/java/ru/serega6531/packmate/pcap/PcapWorker.java b/src/main/java/ru/serega6531/packmate/pcap/PcapWorker.java index b79b891..91f8fde 100644 --- a/src/main/java/ru/serega6531/packmate/pcap/PcapWorker.java +++ b/src/main/java/ru/serega6531/packmate/pcap/PcapWorker.java @@ -18,4 +18,6 @@ public interface PcapWorker { */ int closeTimeoutStreams(Protocol protocol, long timeoutMillis); + void setFilter(String filter); + } diff --git a/src/main/java/ru/serega6531/packmate/service/PatternService.java b/src/main/java/ru/serega6531/packmate/service/PatternService.java index f283903..b6c719d 100644 --- a/src/main/java/ru/serega6531/packmate/service/PatternService.java +++ b/src/main/java/ru/serega6531/packmate/service/PatternService.java @@ -59,10 +59,10 @@ public class PatternService { patterns.put(id, saved); if (enabled) { - log.info("Включен паттерн {} со значением {}", pattern.getName(), pattern.getValue()); + log.info("Enabled pattern '{}' with value '{}'", pattern.getName(), pattern.getValue()); subscriptionService.broadcast(new SubscriptionMessage(SubscriptionMessageType.ENABLE_PATTERN, id)); } else { - log.info("Выключен паттерн {} со значением {}", pattern.getName(), pattern.getValue()); + log.info("Disabled pattern '{}' with value '{}'", pattern.getName(), pattern.getValue()); subscriptionService.broadcast(new SubscriptionMessage(SubscriptionMessageType.DISABLE_PATTERN, id)); } } diff --git a/src/main/java/ru/serega6531/packmate/service/PcapService.java b/src/main/java/ru/serega6531/packmate/service/PcapService.java index dacb64e..7c770dd 100644 --- a/src/main/java/ru/serega6531/packmate/service/PcapService.java +++ b/src/main/java/ru/serega6531/packmate/service/PcapService.java @@ -1,14 +1,20 @@ package ru.serega6531.packmate.service; import lombok.Getter; +import lombok.extern.slf4j.Slf4j; import org.pcap4j.core.PcapNativeException; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; +import ru.serega6531.packmate.model.CtfService; import ru.serega6531.packmate.model.enums.SubscriptionMessageType; import ru.serega6531.packmate.model.pojo.SubscriptionMessage; import ru.serega6531.packmate.pcap.PcapWorker; +import java.util.Collection; +import java.util.stream.Collectors; + @Service +@Slf4j public class PcapService { @Getter @@ -31,4 +37,18 @@ public class PcapService { } } + public void updateFilter(Collection services) { + final String ports = services.stream() + .map(CtfService::getPort) + .map(p -> "port " + p) + .collect(Collectors.joining(" or ")); + + final String format = "(tcp or udp) and (%s)"; + String filter = String.format(format, ports); + + log.info("New filter: " + filter); + + worker.setFilter(filter); + } + } diff --git a/src/main/java/ru/serega6531/packmate/service/ServicesService.java b/src/main/java/ru/serega6531/packmate/service/ServicesService.java index 4eed16d..b348162 100644 --- a/src/main/java/ru/serega6531/packmate/service/ServicesService.java +++ b/src/main/java/ru/serega6531/packmate/service/ServicesService.java @@ -23,6 +23,7 @@ public class ServicesService { private final ServiceRepository repository; private final SubscriptionService subscriptionService; + private final PcapService pcapService; private final InetAddress localIp; @@ -31,9 +32,11 @@ public class ServicesService { @Autowired public ServicesService(ServiceRepository repository, SubscriptionService subscriptionService, + PcapService pcapService, @Value("${local-ip}") String localIpString) throws UnknownHostException { this.repository = repository; this.subscriptionService = subscriptionService; + this.pcapService = pcapService; this.localIp = InetAddress.getByName(localIpString); repository.findAll().forEach(s -> services.put(s.getPort(), s)); @@ -67,9 +70,13 @@ public class ServicesService { public CtfService save(CtfService service) { log.info("Added or edited service '{}' at port {}", service.getName(), service.getPort()); + final CtfService saved = repository.save(service); services.put(saved.getPort(), saved); subscriptionService.broadcast(new SubscriptionMessage(SubscriptionMessageType.SAVE_SERVICE, saved)); + + pcapService.updateFilter(findAll()); + return saved; }