blob: f646906e87f853519f5b3927d84b31f3402f9e70 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
|
# Packet Detector
XDP program that prints "hello world" when detecting "hell0123" in packets on enp1s0.
# this has been moved to automated testing! in run_test.sh in the root dir! this file is just for documenting the basic stuff of what happens
#todo:
make the design of port lo and port hi better
figure out how this structure gets parsed and how to make my own equivalent
fn schemes() -> Vec<SignatureScheme> {
rustls::crypto::ring::default_provider()
.signature_verification_algorithms
.supported_schemes()
make it such that i dont block the ip immediately, allow for % number of bad requests from that ip address and then block it
make this test from a separate ip address instead of localhost! so this feature can be made
make a directory where it reads pem files, checks their validity, and then adds them to the list of allowed certs.
userspace loop has too much indetation/ nested stuff. make this design better?
make error checking better? anyhow or something like that
add script for benchmarking! normal userspace. maybe remove the test.sh? and use rust-native testing? so cargo run test or summat?
what abotu TC hooks instead of XDP?
#
./build.sh #
sudo ./target/release/packet-detector
sudo tcpdump -i enp1s0 -X udp port 9999
echo "hell0123" | nc -u 192.168.122.154 9999
^C[root@rust1 packet-detector]# sudo ./target/release/packet-detector
XDP program attached to enp1s0. Waiting for 'hell0123' at offset 42...
Press Ctrl+C to exit
hello world
hello world
root@rust1 ~]# sudo tcpdump -i enp1s0 -X udp port 9999
dropped privs to tcpdump
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on enp1s0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
16:08:13.495858 IP _gateway.36253 > rust1.distinct: UDP, length 9
0x0000: 4500 0025 f4ed 4000 4011 cfed c0a8 7a01 E..%..@.@.....z.
0x0010: c0a8 7a9a 8d9d 270f 0011 93fc 6865 6c6c ..z...'.....hell
0x0020: 3031 3233 0a 0123.
16:11:26.438958 IP _gateway.51421 > rust1.distinct: UDP, length 9
0x0000: 4500 0025 3f88 4000 4011 8553 c0a8 7a01 E..%?.@.@..S..z.
0x0010: c0a8 7a9a c8dd 270f 0011 58bc 6865 6c6c ..z...'...X.hell
0x0020: 3031 3233 0a 0123.
16:20:35.902662 IP _gateway.38275 > rust1.distinct: UDP, length 9
0x0000: 4500 0025 fc3e 4000 4011 c89c c0a8 7a01 E..%.>@.@.....z.
0x0010: c0a8 7a9a 9583 270f 0011 8c16 6865 6c6c ..z...'.....hell
0x0020: 3031 3233 0a
|
