1
0
mirror of https://code.semirocket.science/wrapsix synced 2024-11-10 00:01:01 +02:00

Basic filtering of IPv6 traffic

This commit is contained in:
Michal Zima 2010-02-06 11:31:29 +01:00
parent ad28a7c7f9
commit ecefe998eb
5 changed files with 100 additions and 2 deletions

View File

@ -1,3 +1,4 @@
sbin_PROGRAMS = wrapsix-dnsproxy wrapsix-wrapper sbin_PROGRAMS = wrapsix-dnsproxy wrapsix-wrapper
wrapsix_dnsproxy_SOURCES = dnsproxy.c wrapsix_dnsproxy_SOURCES = dnsproxy.c
wrapsix_wrapper_SOURCES = wrapper.c wrapper.h wrapsix_wrapper_SOURCES = wrapper.c wrapper.h \
ipv6.c ipv6.h

41
src/ipv6.c Normal file
View File

@ -0,0 +1,41 @@
/*
* WrapSix
* Copyright (C) 2008-2010 Michal Zima <xhire@mujmalysvet.cz>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include <stdio.h>
#include <string.h> /* memcpy */
#include "wrapper.h"
#include "ipv6.h"
int ipv6(struct s_ethernet *eth, char *packet)
{
struct s_ipv6 *ip;
char *payload;
/* load data into structures */
ip = (struct s_ipv6*) packet;
payload = packet + sizeof(struct s_ipv6);
if (memcmp(&wrapsix_ipv6_prefix, &ip->ip_dest, 12) != 0 &&
memcmp(&ndp_multicast_addr, &ip->ip_dest, 13) != 0) {
printf("[Debug] This is unfamiliar packet\n");
return 1;
}
return 0;
}

41
src/ipv6.h Normal file
View File

@ -0,0 +1,41 @@
/*
* WrapSix
* Copyright (C) 2008-2010 Michal Zima <xhire@mujmalysvet.cz>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef IPV6_H
#define IPV6_H
/* IPv6 address structure */
struct s_ipv6_addr {
unsigned char addr[16];
} __attribute__ ((__packed__));
/* IPv6 header structure */
struct s_ipv6 {
unsigned char ver; /* 8 b; version */
unsigned char traffic_class; /* 8 b; traffic class */
unsigned short flow_label; /* 16 b; flow label (qos) */
unsigned short len; /* 16 b; payload length */
unsigned char next_header; /* 8 b; next header */
unsigned char hop_limit; /* 8 b; hop limit (replaces ttl) */
struct s_ipv6_addr ip_src; /* 128 b; source address */
struct s_ipv6_addr ip_dest; /* 128 b; destination address */
} __attribute__ ((__packed__));
int ipv6(struct s_ethernet *eth, char *payload);
#endif /* IPV6_H */

View File

@ -28,9 +28,14 @@
#include <unistd.h> /* close */ #include <unistd.h> /* close */
#include "wrapper.h" #include "wrapper.h"
#include "ipv6.h"
#define INTERFACE "eth0" #define INTERFACE "eth0"
#define BUFFER_SIZE 65536 #define BUFFER_SIZE 65536
#define PREFIX "::"
struct s_ipv6_addr ndp_multicast_addr;
struct s_ipv6_addr wrapsix_ipv6_prefix;
int process(char *packet); int process(char *packet);
@ -68,6 +73,13 @@ int main(int argc, char **argv)
return 1; return 1;
} }
/* some preparations */
/* compute binary IPv6 address of NDP multicast */
inet_pton(AF_INET6, "ff02::1:ff00:0", &ndp_multicast_addr);
/* compute binary IPv6 address of WrapSix prefix */
inet_pton(AF_INET6, PREFIX, &wrapsix_ipv6_prefix);
/* sniff! :c) */ /* sniff! :c) */
for (;;) { for (;;) {
addr_size = sizeof(addr); addr_size = sizeof(addr);
@ -107,7 +119,7 @@ int process(char *packet)
return -1; return -1;
case ETHERTYPE_IPV6: case ETHERTYPE_IPV6:
printf("[Debug] HW Protocol: IPv6\n"); printf("[Debug] HW Protocol: IPv6\n");
return -1; return ipv6(eth, payload);
case ETHERTYPE_ARP: case ETHERTYPE_ARP:
printf("[Debug] HW Protocol: ARP\n"); printf("[Debug] HW Protocol: ARP\n");
return -1; return -1;

View File

@ -36,4 +36,7 @@ struct s_ethernet {
unsigned short type; /* 16 b; IP/ARP/RARP/... */ unsigned short type; /* 16 b; IP/ARP/RARP/... */
} __attribute__ ((__packed__)); } __attribute__ ((__packed__));
extern struct s_ipv6_addr ndp_multicast_addr;
extern struct s_ipv6_addr wrapsix_ipv6_prefix;
#endif /* WRAPPER_H */ #endif /* WRAPPER_H */