From 676a2289da4e1f27ff81339c97cbfa0d377aeb3d Mon Sep 17 00:00:00 2001
From: Domingo Dirutigliano <me@domy.sh>
Date: Tue, 4 Feb 2025 22:51:30 +0100
Subject: [PATCH] improves on the nfregex binary x5

---
 .gitignore                              |  2 +-
 backend/binsrc/classes/netfilter.cpp    |  1 -
 backend/binsrc/nfqueue.cpp              | 10 ++++++----
 frontend/src/components/AddNewRegex.tsx | 17 ++++++++++-------
 tests/benchmark.py                      |  2 --
 5 files changed, 17 insertions(+), 15 deletions(-)

diff --git a/.gitignore b/.gitignore
index 85481dc..4221f2b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -25,7 +25,7 @@ docker-compose.yml
 firegex-compose.yml
 firegex-compose-tmp-file.yml
 firegex.py
-
+/tests/benchmark.csv
 # misc
 **/.DS_Store
 **/.env.local
diff --git a/backend/binsrc/classes/netfilter.cpp b/backend/binsrc/classes/netfilter.cpp
index 59db232..37ff5f7 100644
--- a/backend/binsrc/classes/netfilter.cpp
+++ b/backend/binsrc/classes/netfilter.cpp
@@ -438,7 +438,6 @@ class NetfilterQueue {
 			cerr << "[DEBUG] [NetfilterQueue.queue_cb] Packet received" << endl;
 			cerr << "[DEBUG] [NetfilterQueue.queue_cb] Packet ID: " << ntohl(ph->packet_id) << endl;
 			cerr << "[DEBUG] [NetfilterQueue.queue_cb] Payload size: " << plen << endl;
-			cerr << "[DEBUG] [NetfilterQueue.queue_cb] Payload: " << string(payload, payload+plen) << endl;
 		#endif
 
 		// Check IP protocol version
diff --git a/backend/binsrc/nfqueue.cpp b/backend/binsrc/nfqueue.cpp
index bd7b6b5..0cd3dd7 100644
--- a/backend/binsrc/nfqueue.cpp
+++ b/backend/binsrc/nfqueue.cpp
@@ -72,10 +72,12 @@ bool filter_callback(packet_info& info){
 	if (regex_matcher == nullptr){
 		return true;
 	}
-
+	
 	#ifdef DEBUG
 	cerr << "[DEBUG] [filter_callback] Matching packet with " << (info.is_input ? "input" : "output") << " ruleset" << endl;
-	cerr << "[DEBUG] [filter_callback] Packet: " << info.payload << endl;
+	if (info.payload.size() <= 30){
+		cerr << "[DEBUG] [filter_callback] Packet: " << info.payload << endl;
+	}
 	#endif
 	
 	matched_data match_res;
@@ -153,14 +155,14 @@ int main(int argc, char *argv[]){
 	if (matchmode != nullptr && strcmp(matchmode, "block") == 0){
 		stream_mode = false;
 	}
-	cerr << "[info] [main] Using " << n_of_threads << " threads, stream mode: " << stream_mode << endl;
+
 	regex_config.reset(new RegexRules(stream_mode));
 	
 	NFQueueSequence<filter_callback> queues(n_of_threads);
 	queues.start();
 
 	cout << "QUEUES " << queues.init() << " " << queues.end() << endl;
-	cerr << "[info] [main] Queues: " << queues.init() << ":" << queues.end() << " threads assigned: " << n_of_threads << endl;
+	cerr << "[info] [main] Queues: " << queues.init() << ":" << queues.end() << " threads assigned: " << n_of_threads << " stream mode: " << stream_mode << endl;
 
 	config_updater();
 }
diff --git a/frontend/src/components/AddNewRegex.tsx b/frontend/src/components/AddNewRegex.tsx
index 0f846e1..86d08c7 100644
--- a/frontend/src/components/AddNewRegex.tsx
+++ b/frontend/src/components/AddNewRegex.tsx
@@ -1,4 +1,4 @@
-import { Button, Group, Space, TextInput, Notification, Switch, NativeSelect, Modal } from '@mantine/core';
+import { Button, Group, Space, TextInput, Notification, Switch, Modal, Select } from '@mantine/core';
 import { useForm } from '@mantine/form';
 import { useState } from 'react';
 import { RegexAddForm } from '../js/models';
@@ -17,13 +17,13 @@ function AddNewRegex({ opened, onClose, service }:{ opened:boolean, onClose:()=>
     const form = useForm({
         initialValues: {
             regex:"",
-            mode:"C -> S",
+            mode:"C",
             is_case_insensitive:false,
             deactive:false
         },
         validate:{
             regex: (value) => value !== "" ? null : "Regex is required",
-            mode: (value) => ['C -> S', 'S -> C', 'C <-> S'].includes(value) ? null : "Invalid mode",
+            mode: (value) => ['C', 'S', 'B'].includes(value) ? null : "Invalid mode",
         }
     })
 
@@ -38,12 +38,11 @@ function AddNewRegex({ opened, onClose, service }:{ opened:boolean, onClose:()=>
 
     const submitRequest = (values:RegexAddInfo) => {
         setSubmitLoading(true)
-        const filter_mode = ({'C -> S':'C', 'S -> C':'S', 'C <-> S':'B'}[values.mode])
 
         const request:RegexAddForm = {
             is_case_sensitive: !values.is_case_insensitive,
             service_id: service,
-            mode: filter_mode?filter_mode:"B",
+            mode: values.mode?values.mode:"B",
             regex: b64encode(values.regex),
             active: !values.deactive
         }
@@ -86,8 +85,12 @@ function AddNewRegex({ opened, onClose, service }:{ opened:boolean, onClose:()=>
                 {...form.getInputProps('deactive', { type: 'checkbox' })}
             />
             <Space h="md" />
-            <NativeSelect
-                data={['C -> S', 'S -> C', 'C <-> S']}
+            <Select
+                data={[
+                    { value: 'C', label: 'Client -> Server' },
+                    { value: 'S', label: 'Server -> Client' },
+                    { value: 'B', label: 'Both (Client <-> Server)' },
+                ]}
                 label="Choose the source of the packets to filter"
                 variant="filled"
                 {...form.getInputProps('mode')}
diff --git a/tests/benchmark.py b/tests/benchmark.py
index 2ab8170..55b814b 100644
--- a/tests/benchmark.py
+++ b/tests/benchmark.py
@@ -9,8 +9,6 @@ import argparse
 import base64
 import secrets
 
-
-#TODO: make it work with Proxy and not only netfilter
 parser = argparse.ArgumentParser()
 parser.add_argument("--address", "-a", type=str , required=False, help='Address of firegex backend', default="http://127.0.0.1:4444/")
 parser.add_argument("--port", "-P", type=int , required=False, help='Port of the Benchmark service', default=1337)