All Downloads are FREE. Search and download functionalities are using the official Maven repository.

io.netty.handler.pcap.PcapWriteHandler Maven / Gradle / Ivy

/*
 * Copyright 2020 The Netty Project
 *
 * The Netty Project licenses this file to you under the Apache License,
 * version 2.0 (the "License"); you may not use this file except in compliance
 * with the License. You may obtain a copy of the License at:
 *
 * https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 * License for the specific language governing permissions and limitations
 * under the License.
 */
package io.netty.handler.pcap;

import io.netty.buffer.ByteBuf;
import io.netty.buffer.ByteBufAllocator;
import io.netty.channel.Channel;
import io.netty.channel.ChannelDuplexHandler;
import io.netty.channel.ChannelHandlerContext;
import io.netty.channel.ChannelInboundHandlerAdapter;
import io.netty.channel.ChannelPromise;
import io.netty.channel.ServerChannel;
import io.netty.channel.socket.DatagramChannel;
import io.netty.channel.socket.DatagramPacket;
import io.netty.channel.socket.ServerSocketChannel;
import io.netty.channel.socket.SocketChannel;
import io.netty.util.NetUtil;
import io.netty.util.internal.logging.InternalLogger;
import io.netty.util.internal.logging.InternalLoggerFactory;

import java.io.Closeable;
import java.io.IOException;
import java.io.OutputStream;
import java.net.Inet4Address;
import java.net.Inet6Address;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.UnknownHostException;
import java.util.concurrent.atomic.AtomicReference;

import static io.netty.util.internal.ObjectUtil.checkNotNull;

/**
 * 

{@link PcapWriteHandler} captures {@link ByteBuf} from {@link SocketChannel} / {@link ServerChannel} * or {@link DatagramPacket} and writes it into Pcap {@link OutputStream}.

* *

* Things to keep in mind when using {@link PcapWriteHandler} with TCP: * *

    *
  • Whenever {@link ChannelInboundHandlerAdapter#channelActive(ChannelHandlerContext)} is called, * a fake TCP 3-way handshake (SYN, SYN+ACK, ACK) is simulated as new connection in Pcap.
  • * *
  • Whenever {@link ChannelInboundHandlerAdapter#handlerRemoved(ChannelHandlerContext)} is called, * a fake TCP 3-way handshake (FIN+ACK, FIN+ACK, ACK) is simulated as connection shutdown in Pcap.
  • * *
  • Whenever {@link ChannelInboundHandlerAdapter#exceptionCaught(ChannelHandlerContext, Throwable)} * is called, a fake TCP RST is sent to simulate connection Reset in Pcap.
  • * *
  • ACK is sent each time data is send / received.
  • * *
  • Zero Length Data Packets can cause TCP Double ACK error in Wireshark. To tackle this, * set {@code captureZeroByte} to {@code false}.
  • *
*

*/ public final class PcapWriteHandler extends ChannelDuplexHandler implements Closeable { /** * Logger for logging events */ private final InternalLogger logger = InternalLoggerFactory.getInstance(PcapWriteHandler.class); /** * {@link PcapWriter} Instance */ private PcapWriter pCapWriter; /** * {@link OutputStream} where we'll write Pcap data. */ private final OutputStream outputStream; /** * {@code true} if we want to capture packets with zero bytes else {@code false}. */ private final boolean captureZeroByte; /** * {@code true} if we want to write Pcap Global Header on initialization of * {@link PcapWriter} else {@code false}. */ private final boolean writePcapGlobalHeader; /** * {@code true} if we want to synchronize on the {@link OutputStream} while writing * else {@code false}. */ private final boolean sharedOutputStream; /** * TCP Sender Segment Number. * It'll start with 1 and keep incrementing with number of bytes read/sent and wrap at the uint32 max. */ private long sendSegmentNumber = 1; /** * TCP Receiver Segment Number. * It'll start with 1 and keep incrementing with number of bytes read/sent and wrap at the uint32 max */ private long receiveSegmentNumber = 1; /** * Type of the channel this handler is registered on */ private ChannelType channelType; /** * Address of the initiator of the connection */ private InetSocketAddress initiatorAddr; /** * Address of the receiver of the connection */ private InetSocketAddress handlerAddr; /** * Set to {@code true} if this handler is registered on a server pipeline */ private boolean isServerPipeline; /** * Current of this {@link PcapWriteHandler} */ private final AtomicReference state = new AtomicReference(State.INIT); /** * Create new {@link PcapWriteHandler} Instance. * {@code captureZeroByte} is set to {@code false} and * {@code writePcapGlobalHeader} is set to {@code true}. * * @param outputStream OutputStream where Pcap data will be written. Call {@link #close()} to close this * OutputStream. * @throws NullPointerException If {@link OutputStream} is {@code null} then we'll throw an * {@link NullPointerException} * @deprecated Use {@link Builder} instead. */ @Deprecated public PcapWriteHandler(OutputStream outputStream) { this(outputStream, false, true); } /** * Create new {@link PcapWriteHandler} Instance * * @param outputStream OutputStream where Pcap data will be written. Call {@link #close()} to close this * OutputStream. * @param captureZeroByte Set to {@code true} to enable capturing packets with empty (0 bytes) payload. * Otherwise, if set to {@code false}, empty packets will be filtered out. * @param writePcapGlobalHeader Set to {@code true} to write Pcap Global Header on initialization. * Otherwise, if set to {@code false}, Pcap Global Header will not be written * on initialization. This could when writing Pcap data on a existing file where * Pcap Global Header is already present. * @throws NullPointerException If {@link OutputStream} is {@code null} then we'll throw an * {@link NullPointerException} * @deprecated Use {@link Builder} instead. */ @Deprecated public PcapWriteHandler(OutputStream outputStream, boolean captureZeroByte, boolean writePcapGlobalHeader) { this.outputStream = checkNotNull(outputStream, "OutputStream"); this.captureZeroByte = captureZeroByte; this.writePcapGlobalHeader = writePcapGlobalHeader; sharedOutputStream = false; } private PcapWriteHandler(Builder builder, OutputStream outputStream) { this.outputStream = outputStream; captureZeroByte = builder.captureZeroByte; sharedOutputStream = builder.sharedOutputStream; writePcapGlobalHeader = builder.writePcapGlobalHeader; channelType = builder.channelType; handlerAddr = builder.handlerAddr; initiatorAddr = builder.initiatorAddr; isServerPipeline = builder.isServerPipeline; } /** * Writes the Pcap Global Header to the provided {@code OutputStream} * * @param outputStream OutputStream where Pcap data will be written. * @throws IOException if there is an error writing to the {@code OutputStream} */ public static void writeGlobalHeader(OutputStream outputStream) throws IOException { PcapHeaders.writeGlobalHeader(outputStream); } private void initializeIfNecessary(ChannelHandlerContext ctx) throws Exception { // If State is not 'INIT' then it means we're already initialized so then no need to initiaize again. if (state.get() != State.INIT) { return; } pCapWriter = new PcapWriter(this); if (channelType == null) { // infer channel type if (ctx.channel() instanceof SocketChannel) { channelType = ChannelType.TCP; // If Channel belongs to `SocketChannel` then we're handling TCP. // Capture correct `localAddress` and `remoteAddress` if (ctx.channel().parent() instanceof ServerSocketChannel) { isServerPipeline = true; initiatorAddr = (InetSocketAddress) ctx.channel().remoteAddress(); handlerAddr = getLocalAddress(ctx.channel(), initiatorAddr); } else { isServerPipeline = false; handlerAddr = (InetSocketAddress) ctx.channel().remoteAddress(); initiatorAddr = getLocalAddress(ctx.channel(), handlerAddr); } } else if (ctx.channel() instanceof DatagramChannel) { channelType = ChannelType.UDP; DatagramChannel datagramChannel = (DatagramChannel) ctx.channel(); // If `DatagramChannel` is connected then we can get // `localAddress` and `remoteAddress` from Channel. if (datagramChannel.isConnected()) { handlerAddr = (InetSocketAddress) ctx.channel().remoteAddress(); initiatorAddr = getLocalAddress(ctx.channel(), handlerAddr); } } } if (channelType == ChannelType.TCP) { logger.debug("Initiating Fake TCP 3-Way Handshake"); ByteBuf tcpBuf = ctx.alloc().buffer(); try { // Write SYN with Normal Source and Destination Address TCPPacket.writePacket(tcpBuf, null, 0, 0, initiatorAddr.getPort(), handlerAddr.getPort(), TCPPacket.TCPFlag.SYN); completeTCPWrite(initiatorAddr, handlerAddr, tcpBuf, ctx.alloc(), ctx); // Write SYN+ACK with Reversed Source and Destination Address TCPPacket.writePacket(tcpBuf, null, 0, 1, handlerAddr.getPort(), initiatorAddr.getPort(), TCPPacket.TCPFlag.SYN, TCPPacket.TCPFlag.ACK); completeTCPWrite(handlerAddr, initiatorAddr, tcpBuf, ctx.alloc(), ctx); // Write ACK with Normal Source and Destination Address TCPPacket.writePacket(tcpBuf, null, 1, 1, initiatorAddr.getPort(), handlerAddr.getPort(), TCPPacket.TCPFlag.ACK); completeTCPWrite(initiatorAddr, handlerAddr, tcpBuf, ctx.alloc(), ctx); } finally { tcpBuf.release(); } logger.debug("Finished Fake TCP 3-Way Handshake"); } state.set(State.WRITING); } @Override public void channelActive(ChannelHandlerContext ctx) throws Exception { initializeIfNecessary(ctx); super.channelActive(ctx); } @Override public void channelRead(ChannelHandlerContext ctx, Object msg) throws Exception { // Initialize if needed if (state.get() == State.INIT) { initializeIfNecessary(ctx); } // Only write if State is STARTED if (state.get() == State.WRITING) { if (channelType == ChannelType.TCP) { handleTCP(ctx, msg, false); } else if (channelType == ChannelType.UDP) { handleUDP(ctx, msg, false); } else { logDiscard(); } } super.channelRead(ctx, msg); } @Override public void write(ChannelHandlerContext ctx, Object msg, ChannelPromise promise) throws Exception { // Initialize if needed if (state.get() == State.INIT) { initializeIfNecessary(ctx); } // Only write if State is STARTED if (state.get() == State.WRITING) { if (channelType == ChannelType.TCP) { handleTCP(ctx, msg, true); } else if (channelType == ChannelType.UDP) { handleUDP(ctx, msg, true); } else { logDiscard(); } } super.write(ctx, msg, promise); } /** * Handle TCP L4 * * @param ctx {@link ChannelHandlerContext} for {@link ByteBuf} allocation and * {@code fireExceptionCaught} * @param msg {@link Object} must be {@link ByteBuf} else it'll be discarded * @param isWriteOperation Set {@code true} if we have to process packet when packets are being sent out * else set {@code false} */ private void handleTCP(ChannelHandlerContext ctx, Object msg, boolean isWriteOperation) { if (msg instanceof ByteBuf) { // If bytes are 0 and `captureZeroByte` is false, we won't capture this. int totalBytes = ((ByteBuf) msg).readableBytes(); if (totalBytes == 0 && !captureZeroByte) { logger.debug("Discarding Zero Byte TCP Packet. isWriteOperation {}", isWriteOperation); return; } ByteBufAllocator byteBufAllocator = ctx.alloc(); if (totalBytes == 0) { handleTcpPacket(ctx, (ByteBuf) msg, isWriteOperation, byteBufAllocator); return; } // If the payload exceeds the max size of that can fit in a single TCP IPv4 packet, fragment the payload int maxTcpPayload = 65495; for (int i = 0; i < totalBytes; i += maxTcpPayload) { ByteBuf packet = ((ByteBuf) msg).slice(i, Math.min(maxTcpPayload, totalBytes - i)); handleTcpPacket(ctx, packet, isWriteOperation, byteBufAllocator); } } else { logger.debug("Discarding Pcap Write for TCP Object: {}", msg); } } private void handleTcpPacket(ChannelHandlerContext ctx, ByteBuf packet, boolean isWriteOperation, ByteBufAllocator byteBufAllocator) { ByteBuf tcpBuf = byteBufAllocator.buffer(); int bytes = packet.readableBytes(); try { if (isWriteOperation) { final InetSocketAddress srcAddr; final InetSocketAddress dstAddr; if (isServerPipeline) { srcAddr = handlerAddr; dstAddr = initiatorAddr; } else { srcAddr = initiatorAddr; dstAddr = handlerAddr; } TCPPacket.writePacket(tcpBuf, packet, sendSegmentNumber, receiveSegmentNumber, srcAddr.getPort(), dstAddr.getPort(), TCPPacket.TCPFlag.ACK); completeTCPWrite(srcAddr, dstAddr, tcpBuf, byteBufAllocator, ctx); logTCP(true, bytes, sendSegmentNumber, receiveSegmentNumber, srcAddr, dstAddr, false); sendSegmentNumber = incrementUintSegmentNumber(sendSegmentNumber, bytes); TCPPacket.writePacket(tcpBuf, null, receiveSegmentNumber, sendSegmentNumber, dstAddr.getPort(), srcAddr.getPort(), TCPPacket.TCPFlag.ACK); completeTCPWrite(dstAddr, srcAddr, tcpBuf, byteBufAllocator, ctx); logTCP(true, bytes, sendSegmentNumber, receiveSegmentNumber, dstAddr, srcAddr, true); } else { final InetSocketAddress srcAddr; final InetSocketAddress dstAddr; if (isServerPipeline) { srcAddr = initiatorAddr; dstAddr = handlerAddr; } else { srcAddr = handlerAddr; dstAddr = initiatorAddr; } TCPPacket.writePacket(tcpBuf, packet, receiveSegmentNumber, sendSegmentNumber, srcAddr.getPort(), dstAddr.getPort(), TCPPacket.TCPFlag.ACK); completeTCPWrite(srcAddr, dstAddr, tcpBuf, byteBufAllocator, ctx); logTCP(false, bytes, receiveSegmentNumber, sendSegmentNumber, srcAddr, dstAddr, false); receiveSegmentNumber = incrementUintSegmentNumber(receiveSegmentNumber, bytes); TCPPacket.writePacket(tcpBuf, null, sendSegmentNumber, receiveSegmentNumber, dstAddr.getPort(), srcAddr.getPort(), TCPPacket.TCPFlag.ACK); completeTCPWrite(dstAddr, srcAddr, tcpBuf, byteBufAllocator, ctx); logTCP(false, bytes, sendSegmentNumber, receiveSegmentNumber, dstAddr, srcAddr, true); } } finally { tcpBuf.release(); } } /** * Write TCP/IP L3 and L2 here. * * @param srcAddr {@link InetSocketAddress} Source Address of this Packet * @param dstAddr {@link InetSocketAddress} Destination Address of this Packet * @param tcpBuf {@link ByteBuf} containing TCP L4 Data * @param byteBufAllocator {@link ByteBufAllocator} for allocating bytes for TCP/IP L3 and L2 data. * @param ctx {@link ChannelHandlerContext} for {@code fireExceptionCaught} */ private void completeTCPWrite(InetSocketAddress srcAddr, InetSocketAddress dstAddr, ByteBuf tcpBuf, ByteBufAllocator byteBufAllocator, ChannelHandlerContext ctx) { ByteBuf ipBuf = byteBufAllocator.buffer(); ByteBuf ethernetBuf = byteBufAllocator.buffer(); ByteBuf pcap = byteBufAllocator.buffer(); try { if (srcAddr.getAddress() instanceof Inet4Address && dstAddr.getAddress() instanceof Inet4Address) { IPPacket.writeTCPv4(ipBuf, tcpBuf, NetUtil.ipv4AddressToInt((Inet4Address) srcAddr.getAddress()), NetUtil.ipv4AddressToInt((Inet4Address) dstAddr.getAddress())); EthernetPacket.writeIPv4(ethernetBuf, ipBuf); } else if (srcAddr.getAddress() instanceof Inet6Address && dstAddr.getAddress() instanceof Inet6Address) { IPPacket.writeTCPv6(ipBuf, tcpBuf, srcAddr.getAddress().getAddress(), dstAddr.getAddress().getAddress()); EthernetPacket.writeIPv6(ethernetBuf, ipBuf); } else { logger.error("Source and Destination IP Address versions are not same. Source Address: {}, " + "Destination Address: {}", srcAddr.getAddress(), dstAddr.getAddress()); return; } // Write Packet into Pcap pCapWriter.writePacket(pcap, ethernetBuf); } catch (IOException ex) { logger.error("Caught Exception While Writing Packet into Pcap", ex); ctx.fireExceptionCaught(ex); } finally { ipBuf.release(); ethernetBuf.release(); pcap.release(); } } private static long incrementUintSegmentNumber(long sequenceNumber, int value) { // If the sequence number would go above the max for uint32, wrap around return (sequenceNumber + value) % (0xFFFFFFFFL + 1); } /** * Handle UDP l4 * * @param ctx {@link ChannelHandlerContext} for {@code localAddress} / {@code remoteAddress}, * {@link ByteBuf} allocation and {@code fireExceptionCaught} * @param msg {@link DatagramPacket} or {@link ByteBuf} */ private void handleUDP(ChannelHandlerContext ctx, Object msg, boolean isWriteOperation) { ByteBuf udpBuf = ctx.alloc().buffer(); try { if (msg instanceof DatagramPacket) { // If bytes are 0 and `captureZeroByte` is false, we won't capture this. if (((DatagramPacket) msg).content().readableBytes() == 0 && !captureZeroByte) { logger.debug("Discarding Zero Byte UDP Packet"); return; } if (((DatagramPacket) msg).content().readableBytes() > 65507) { logger.warn("Unable to write UDP packet to PCAP. Payload of size {} exceeds max size of 65507"); return; } DatagramPacket datagramPacket = ((DatagramPacket) msg).duplicate(); InetSocketAddress srcAddr = datagramPacket.sender(); InetSocketAddress dstAddr = datagramPacket.recipient(); // If `datagramPacket.sender()` is `null` then DatagramPacket is initialized // `sender` (local) address. In this case, we'll get source address from Channel. if (srcAddr == null) { srcAddr = getLocalAddress(ctx.channel(), dstAddr); } logger.debug("Writing UDP Data of {} Bytes, isWriteOperation {}, Src Addr {}, Dst Addr {}", datagramPacket.content().readableBytes(), isWriteOperation, srcAddr, dstAddr); UDPPacket.writePacket(udpBuf, datagramPacket.content(), srcAddr.getPort(), dstAddr.getPort()); completeUDPWrite(srcAddr, dstAddr, udpBuf, ctx.alloc(), ctx); } else if (msg instanceof ByteBuf && (!(ctx.channel() instanceof DatagramChannel) || ((DatagramChannel) ctx.channel()).isConnected())) { // If bytes are 0 and `captureZeroByte` is false, we won't capture this. if (((ByteBuf) msg).readableBytes() == 0 && !captureZeroByte) { logger.debug("Discarding Zero Byte UDP Packet"); return; } if (((ByteBuf) msg).readableBytes() > 65507) { logger.warn("Unable to write UDP packet to PCAP. Payload of size {} exceeds max size of 65507"); return; } ByteBuf byteBuf = ((ByteBuf) msg).duplicate(); InetSocketAddress sourceAddr = isWriteOperation? initiatorAddr : handlerAddr; InetSocketAddress destinationAddr = isWriteOperation? handlerAddr : initiatorAddr; logger.debug("Writing UDP Data of {} Bytes, Src Addr {}, Dst Addr {}", byteBuf.readableBytes(), sourceAddr, destinationAddr); UDPPacket.writePacket(udpBuf, byteBuf, sourceAddr.getPort(), destinationAddr.getPort()); completeUDPWrite(sourceAddr, destinationAddr, udpBuf, ctx.alloc(), ctx); } else { logger.debug("Discarding Pcap Write for UDP Object: {}", msg); } } finally { udpBuf.release(); } } /** * Write UDP/IP L3 and L2 here. * * @param srcAddr {@link InetSocketAddress} Source Address of this Packet * @param dstAddr {@link InetSocketAddress} Destination Address of this Packet * @param udpBuf {@link ByteBuf} containing UDP L4 Data * @param byteBufAllocator {@link ByteBufAllocator} for allocating bytes for UDP/IP L3 and L2 data. * @param ctx {@link ChannelHandlerContext} for {@code fireExceptionCaught} */ private void completeUDPWrite(InetSocketAddress srcAddr, InetSocketAddress dstAddr, ByteBuf udpBuf, ByteBufAllocator byteBufAllocator, ChannelHandlerContext ctx) { ByteBuf ipBuf = byteBufAllocator.buffer(); ByteBuf ethernetBuf = byteBufAllocator.buffer(); ByteBuf pcap = byteBufAllocator.buffer(); try { if (srcAddr.getAddress() instanceof Inet4Address && dstAddr.getAddress() instanceof Inet4Address) { IPPacket.writeUDPv4(ipBuf, udpBuf, NetUtil.ipv4AddressToInt((Inet4Address) srcAddr.getAddress()), NetUtil.ipv4AddressToInt((Inet4Address) dstAddr.getAddress())); EthernetPacket.writeIPv4(ethernetBuf, ipBuf); } else if (srcAddr.getAddress() instanceof Inet6Address && dstAddr.getAddress() instanceof Inet6Address) { IPPacket.writeUDPv6(ipBuf, udpBuf, srcAddr.getAddress().getAddress(), dstAddr.getAddress().getAddress()); EthernetPacket.writeIPv6(ethernetBuf, ipBuf); } else { logger.error("Source and Destination IP Address versions are not same. Source Address: {}, " + "Destination Address: {}", srcAddr.getAddress(), dstAddr.getAddress()); return; } // Write Packet into Pcap pCapWriter.writePacket(pcap, ethernetBuf); } catch (IOException ex) { logger.error("Caught Exception While Writing Packet into Pcap", ex); ctx.fireExceptionCaught(ex); } finally { ipBuf.release(); ethernetBuf.release(); pcap.release(); } } /** * Get the local address of a channel. If the address is a wildcard address ({@code 0.0.0.0} or {@code ::}), and * the address family does not match that of the {@code remote}, return the wildcard address of the {@code remote}'s * family instead. * * @param ch The channel to get the local address from * @param remote The remote address * @return The fixed local address */ private static InetSocketAddress getLocalAddress(Channel ch, InetSocketAddress remote) { InetSocketAddress local = (InetSocketAddress) ch.localAddress(); if (remote != null && local.getAddress().isAnyLocalAddress()) { if (local.getAddress() instanceof Inet4Address && remote.getAddress() instanceof Inet6Address) { return new InetSocketAddress(WildcardAddressHolder.wildcard6, local.getPort()); } if (local.getAddress() instanceof Inet6Address && remote.getAddress() instanceof Inet4Address) { return new InetSocketAddress(WildcardAddressHolder.wildcard4, local.getPort()); } } return local; } @Override public void handlerRemoved(ChannelHandlerContext ctx) throws Exception { // If `isTCP` is true and state is WRITING, then we'll simulate a `FIN` flow. if (channelType == ChannelType.TCP && state.get() == State.WRITING) { logger.debug("Starting Fake TCP FIN+ACK Flow to close connection"); ByteBufAllocator byteBufAllocator = ctx.alloc(); ByteBuf tcpBuf = byteBufAllocator.buffer(); try { long initiatorSegmentNumber = isServerPipeline? receiveSegmentNumber : sendSegmentNumber; long initiatorAckNumber = isServerPipeline? sendSegmentNumber : receiveSegmentNumber; // Write FIN+ACK with Normal Source and Destination Address TCPPacket.writePacket(tcpBuf, null, initiatorSegmentNumber, initiatorAckNumber, initiatorAddr.getPort(), handlerAddr.getPort(), TCPPacket.TCPFlag.FIN, TCPPacket.TCPFlag.ACK); completeTCPWrite(initiatorAddr, handlerAddr, tcpBuf, byteBufAllocator, ctx); // Write FIN+ACK with Reversed Source and Destination Address TCPPacket.writePacket(tcpBuf, null, initiatorAckNumber, initiatorSegmentNumber, handlerAddr.getPort(), initiatorAddr.getPort(), TCPPacket.TCPFlag.FIN, TCPPacket.TCPFlag.ACK); completeTCPWrite(handlerAddr, initiatorAddr, tcpBuf, byteBufAllocator, ctx); // Increment by 1 when responding to FIN sendSegmentNumber = incrementUintSegmentNumber(sendSegmentNumber, 1); receiveSegmentNumber = incrementUintSegmentNumber(receiveSegmentNumber, 1); initiatorSegmentNumber = isServerPipeline? receiveSegmentNumber : sendSegmentNumber; initiatorAckNumber = isServerPipeline? sendSegmentNumber : receiveSegmentNumber; // Write ACK with Normal Source and Destination Address TCPPacket.writePacket(tcpBuf, null, initiatorSegmentNumber, initiatorAckNumber, initiatorAddr.getPort(), handlerAddr.getPort(), TCPPacket.TCPFlag.ACK); completeTCPWrite(initiatorAddr, handlerAddr, tcpBuf, byteBufAllocator, ctx); } finally { tcpBuf.release(); } logger.debug("Finished Fake TCP FIN+ACK Flow to close connection"); } close(); super.handlerRemoved(ctx); } @Override public void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) throws Exception { // Only write RST if this is an initialized TCP stream if (channelType == ChannelType.TCP && state.get() == State.WRITING) { ByteBuf tcpBuf = ctx.alloc().buffer(); try { // Write RST with Normal Source and Destination Address TCPPacket.writePacket(tcpBuf, null, sendSegmentNumber, receiveSegmentNumber, initiatorAddr.getPort(), handlerAddr.getPort(), TCPPacket.TCPFlag.RST, TCPPacket.TCPFlag.ACK); completeTCPWrite(initiatorAddr, handlerAddr, tcpBuf, ctx.alloc(), ctx); } finally { tcpBuf.release(); } logger.debug("Sent Fake TCP RST to close connection"); } close(); ctx.fireExceptionCaught(cause); } /** * Logger for TCP */ private void logTCP(boolean isWriteOperation, int bytes, long sendSegmentNumber, long receiveSegmentNumber, InetSocketAddress srcAddr, InetSocketAddress dstAddr, boolean ackOnly) { // If `ackOnly` is `true` when we don't need to write any data so we'll not // log number of bytes being written and mark the operation as "TCP ACK". if (logger.isDebugEnabled()) { if (ackOnly) { logger.debug("Writing TCP ACK, isWriteOperation {}, Segment Number {}, Ack Number {}, Src Addr {}, " + "Dst Addr {}", isWriteOperation, sendSegmentNumber, receiveSegmentNumber, dstAddr, srcAddr); } else { logger.debug("Writing TCP Data of {} Bytes, isWriteOperation {}, Segment Number {}, Ack Number {}, " + "Src Addr {}, Dst Addr {}", bytes, isWriteOperation, sendSegmentNumber, receiveSegmentNumber, srcAddr, dstAddr); } } } OutputStream outputStream() { return outputStream; } boolean sharedOutputStream() { return sharedOutputStream; } boolean writePcapGlobalHeader() { return writePcapGlobalHeader; } /** * Returns {@code true} if the {@link PcapWriteHandler} is currently * writing packets to the {@link OutputStream} else returns {@code false}. */ public boolean isWriting() { return state.get() == State.WRITING; } State state() { return state.get(); } /** * Pause the {@link PcapWriteHandler} from writing packets to the {@link OutputStream}. */ public void pause() { if (!state.compareAndSet(State.WRITING, State.PAUSED)) { throw new IllegalStateException("State must be 'STARTED' to pause but current state is: " + state); } } /** * Resume the {@link PcapWriteHandler} to writing packets to the {@link OutputStream}. */ public void resume() { if (!state.compareAndSet(State.PAUSED, State.WRITING)) { throw new IllegalStateException("State must be 'PAUSED' to resume but current state is: " + state); } } void markClosed() { if (state.get() != State.CLOSED) { state.set(State.CLOSED); } } // Visible for testing only. PcapWriter pCapWriter() { return pCapWriter; } private void logDiscard() { logger.warn("Discarding pcap write because channel type is unknown. The channel this handler is registered " + "on is not a SocketChannel or DatagramChannel, so the inference does not work. Please call " + "forceTcpChannel or forceUdpChannel before registering the handler."); } @Override public String toString() { return "PcapWriteHandler{" + "captureZeroByte=" + captureZeroByte + ", writePcapGlobalHeader=" + writePcapGlobalHeader + ", sharedOutputStream=" + sharedOutputStream + ", sendSegmentNumber=" + sendSegmentNumber + ", receiveSegmentNumber=" + receiveSegmentNumber + ", channelType=" + channelType + ", initiatorAddr=" + initiatorAddr + ", handlerAddr=" + handlerAddr + ", isServerPipeline=" + isServerPipeline + ", state=" + state + '}'; } /** *

Close {@code PcapWriter} and {@link OutputStream}.

*

Note: Calling this method does not close {@link PcapWriteHandler}. * Only Pcap Writes are closed.

* * @throws IOException If {@link OutputStream#close()} throws an exception */ @Override public void close() throws IOException { if (state.get() == State.CLOSED) { logger.debug("PcapWriterHandler is already closed"); } else { // If close is called prematurely, create writer to close output stream if (pCapWriter == null) { pCapWriter = new PcapWriter(this); } pCapWriter.close(); markClosed(); logger.debug("PcapWriterHandler is now closed"); } } private enum ChannelType { TCP, UDP } public static Builder builder() { return new Builder(); } /** * Builder for {@link PcapWriteHandler} */ public static final class Builder { private boolean captureZeroByte; private boolean sharedOutputStream; private boolean writePcapGlobalHeader = true; private ChannelType channelType; private InetSocketAddress initiatorAddr; private InetSocketAddress handlerAddr; private boolean isServerPipeline; private Builder() { } /** * Set to {@code true} to enable capturing packets with empty (0 bytes) payload. Otherwise, if set to * {@code false}, empty packets will be filtered out. * * @param captureZeroByte Whether to filter out empty packets. * @return this builder */ public Builder captureZeroByte(boolean captureZeroByte) { this.captureZeroByte = captureZeroByte; return this; } /** * Set to {@code true} if multiple {@link PcapWriteHandler} instances will be * writing to the same {@link OutputStream} concurrently, and write locking is * required. Otherwise, if set to {@code false}, no locking will be done. * Additionally, {@link #close} will not close the underlying {@code OutputStream}. * Note: it is probably an error to have both {@code writePcapGlobalHeader} and * {@code sharedOutputStream} set to {@code true} at the same time. * * @param sharedOutputStream Whether {@link OutputStream} is shared or not * @return this builder */ public Builder sharedOutputStream(boolean sharedOutputStream) { this.sharedOutputStream = sharedOutputStream; return this; } /** * Set to {@code true} to write Pcap Global Header on initialization. Otherwise, if set to {@code false}, Pcap * Global Header will not be written on initialization. This could when writing Pcap data on a existing file * where Pcap Global Header is already present. * * @param writePcapGlobalHeader Whether to write the pcap global header. * @return this builder */ public Builder writePcapGlobalHeader(boolean writePcapGlobalHeader) { this.writePcapGlobalHeader = writePcapGlobalHeader; return this; } /** * Force this handler to write data as if they were TCP packets, with the given connection metadata. If this * method isn't called, we determine the metadata from the channel. * * @param serverAddress The address of the TCP server (handler) * @param clientAddress The address of the TCP client (initiator) * @param isServerPipeline Whether the handler is part of the server channel * @return this builder */ public Builder forceTcpChannel(InetSocketAddress serverAddress, InetSocketAddress clientAddress, boolean isServerPipeline) { channelType = ChannelType.TCP; handlerAddr = checkNotNull(serverAddress, "serverAddress"); initiatorAddr = checkNotNull(clientAddress, "clientAddress"); this.isServerPipeline = isServerPipeline; return this; } /** * Force this handler to write data as if they were UDP packets, with the given connection metadata. If this * method isn't called, we determine the metadata from the channel. *
* Note that even if this method is called, the address information on {@link DatagramPacket} takes precedence * if it is present. * * @param localAddress The address of the UDP local * @param remoteAddress The address of the UDP remote * @return this builder */ public Builder forceUdpChannel(InetSocketAddress localAddress, InetSocketAddress remoteAddress) { channelType = ChannelType.UDP; handlerAddr = checkNotNull(remoteAddress, "remoteAddress"); initiatorAddr = checkNotNull(localAddress, "localAddress"); return this; } /** * Build the {@link PcapWriteHandler}. * * @param outputStream The output stream to write the pcap data to. * @return The handler. */ public PcapWriteHandler build(OutputStream outputStream) { checkNotNull(outputStream, "outputStream"); return new PcapWriteHandler(this, outputStream); } } private static final class WildcardAddressHolder { static final InetAddress wildcard4; // 0.0.0.0 static final InetAddress wildcard6; // :: static { try { wildcard4 = InetAddress.getByAddress(new byte[4]); wildcard6 = InetAddress.getByAddress(new byte[16]); } catch (UnknownHostException e) { // would only happen if the byte array was of incorrect size throw new AssertionError(e); } } } }




© 2015 - 2025 Weber Informatics LLC | Privacy Policy