mirror/sniffnet
1
0
Fork 0
mirror of https://github.com/GyulyVGC/sniffnet.git synced 2025-12-23 14:21:28 -05:00
Code Issues Packages Projects Releases Wiki Activity

remove PacketFiltersFields, don't start captures from unsupported link types

Browse Source
This commit is contained in:
GyulyVGC
2025-12-19 22:45:36 +01:00
parent 3059ede43a
commit 04e82c063b
11 changed files with 84 additions and 126 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
src/gui/pages/connection_details_page.rs
View File

@@ -99,7 +99,7 @@ fn page_content<'a>(sniffer: &Sniffer, key: &AddressPortPair) -> Container<'a, M
let host_info = host_info_option.unwrap_or_default();
let flag = get_flag_tooltip(host.country, &host_info, language, font, false);
let computer = get_local_tooltip(sniffer, &address_to_lookup, key);
if address_to_lookup.eq(&key.address1) {
if address_to_lookup.eq(&key.source) {
source_caption = source_caption.push(flag);
dest_caption = dest_caption.push(computer);
} else {
@@ -110,8 +110,8 @@ fn page_content<'a>(sniffer: &Sniffer, key: &AddressPortPair) -> Container<'a, M
let mut source_col = get_src_or_dest_col(
source_caption,
&key.address1,
key.port1,
&key.source,
key.sport,
val.mac_address1.as_ref(),
font,
language,
@@ -119,15 +119,15 @@ fn page_content<'a>(sniffer: &Sniffer, key: &AddressPortPair) -> Container<'a, M
);
let mut dest_col = get_src_or_dest_col(
dest_caption,
&key.address2,
key.port2,
&key.dest,
key.dport,
val.mac_address2.as_ref(),
font,
language,
&sniffer.timing_events,
);
if address_to_lookup.eq(&key.address1) {
if address_to_lookup.eq(&key.source) {
source_col = source_col.push(host_info_col);
} else {
dest_col = dest_col.push(host_info_col);
@@ -304,10 +304,10 @@ fn get_local_tooltip<'a>(
style, language, ..
} = sniffer.conf.settings;
let local_address = if address_to_lookup.eq(&key.address1) {
&key.address2
let local_address = if address_to_lookup.eq(&key.source) {
&key.dest
} else {
&key.address1
&key.source
};
let my_interface_addresses = sniffer.capture_source.get_addresses();
get_computer_tooltip(
@@ -315,10 +315,10 @@ fn get_local_tooltip<'a>(
is_local_connection(local_address, my_interface_addresses),
is_bogon(local_address),
get_traffic_type(
if address_to_lookup.eq(&key.address1) {
&key.address2
if address_to_lookup.eq(&key.source) {
&key.dest
} else {
&key.address1
&key.source
},
my_interface_addresses,
TrafficDirection::Outgoing,

1
src/main.rs
View File

@@ -17,7 +17,6 @@
use gui::styles::types::style_type::StyleType;
use networking::types::data_representation::ByteMultiple;
use networking::types::info_traffic::InfoTraffic;
use networking::types::ip_version::IpVersion;
use networking::types::protocol::Protocol;
use networking::types::service::Service;
use translations::types::language::Language;

48
src/networking/manage_packets.rs
View File

@@ -6,6 +6,7 @@
};
use pcap::Address;
use crate::Protocol;
use crate::networking::types::address_port_pair::AddressPortPair;
use crate::networking::types::arp_type::ArpType;
use crate::networking::types::bogon::is_bogon;
@@ -13,12 +14,10 @@
use crate::networking::types::icmp_type::{IcmpType, IcmpTypeV4, IcmpTypeV6};
use crate::networking::types::info_address_port_pair::InfoAddressPortPair;
use crate::networking::types::info_traffic::InfoTraffic;
use crate::networking::types::packet_filters_fields::PacketFiltersFields;
use crate::networking::types::service::Service;
use crate::networking::types::service_query::ServiceQuery;
use crate::networking::types::traffic_direction::TrafficDirection;
use crate::networking::types::traffic_type::TrafficType;
use crate::{IpVersion, Protocol};
use std::fmt::Write;
include!(concat!(env!("OUT_DIR"), "/services.rs"));
@@ -31,8 +30,9 @@ pub fn analyze_headers(
exchanged_bytes: &mut u128,
icmp_type: &mut IcmpType,
arp_type: &mut ArpType,
packet_filters_fields: &mut PacketFiltersFields,
) -> Option<AddressPortPair> {
let mut retval = AddressPortPair::default();
analyze_link_header(
headers.link,
&mut mac_addresses.0,
@@ -45,9 +45,8 @@ pub fn analyze_headers(
if !analyze_network_header(
headers.net,
exchanged_bytes,
&mut packet_filters_fields.ip_version,
&mut packet_filters_fields.source,
&mut packet_filters_fields.dest,
&mut retval.source,
&mut retval.dest,
arp_type,
) {
return None;
@@ -56,22 +55,16 @@ pub fn analyze_headers(
if !is_arp
&& !analyze_transport_header(
headers.transport,
&mut packet_filters_fields.sport,
&mut packet_filters_fields.dport,
&mut packet_filters_fields.protocol,
&mut retval.sport,
&mut retval.dport,
&mut retval.protocol,
icmp_type,
)
{
return None;
}
Some(AddressPortPair::new(
packet_filters_fields.source,
packet_filters_fields.sport,
packet_filters_fields.dest,
packet_filters_fields.dport,
packet_filters_fields.protocol,
))
Some(retval)
}
/// This function analyzes the data link layer header passed as parameter and updates variables
@@ -114,21 +107,18 @@ fn analyze_link_header(
fn analyze_network_header(
network_header: Option<NetHeaders>,
exchanged_bytes: &mut u128,
network_protocol: &mut IpVersion,
address1: &mut IpAddr,
address2: &mut IpAddr,
arp_type: &mut ArpType,
) -> bool {
match network_header {
Some(NetHeaders::Ipv4(ipv4header, _)) => {
*network_protocol = IpVersion::IPv4;
*address1 = IpAddr::from(ipv4header.source);
*address2 = IpAddr::from(ipv4header.destination);
*exchanged_bytes += u128::from(ipv4header.total_len);
true
}
Some(NetHeaders::Ipv6(ipv6header, _)) => {
*network_protocol = IpVersion::IPv6;
*address1 = IpAddr::from(ipv6header.source);
*address2 = IpAddr::from(ipv6header.destination);
*exchanged_bytes += u128::from(40 + ipv6header.payload_length);
@@ -137,7 +127,6 @@ fn analyze_network_header(
Some(NetHeaders::Arp(arp_packet)) => {
match arp_packet.proto_addr_type {
EtherType::IPV4 => {
*network_protocol = IpVersion::IPv4;
*address1 =
match TryInto::<[u8; 4]>::try_into(arp_packet.sender_protocol_addr()) {
Ok(source) => IpAddr::from(source),
@@ -150,7 +139,6 @@ fn analyze_network_header(
};
}
EtherType::IPV6 => {
*network_protocol = IpVersion::IPv6;
*address1 =
match TryInto::<[u8; 16]>::try_into(arp_packet.sender_protocol_addr()) {
Ok(source) => IpAddr::from(source),
@@ -222,10 +210,10 @@ pub fn get_service(
return Service::NotApplicable;
}
let Some(port1) = key.port1 else {
let Some(port1) = key.sport else {
return Service::NotApplicable;
};
let Some(port2) = key.port2 else {
let Some(port2) = key.dport else {
return Service::NotApplicable;
};
@@ -249,7 +237,7 @@ pub fn get_service(
.get(&ServiceQuery(port2, key.protocol))
.unwrap_or(&unknown);
let dest_ip = key.address2;
let dest_ip = key.dest;
let bonus_dest = traffic_direction.eq(&TrafficDirection::Outgoing)
|| dest_ip.is_multicast()
|| is_broadcast_address(&dest_ip, my_interface_addresses);
@@ -282,13 +270,13 @@ pub fn modify_or_insert_in_map(
let my_interface_addresses = cs.get_addresses();
// determine traffic direction
let source_ip = &key.address1;
let destination_ip = &key.address2;
let source_ip = &key.source;
let destination_ip = &key.dest;
traffic_direction = get_traffic_direction(
source_ip,
destination_ip,
key.port1,
key.port2,
key.sport,
key.dport,
my_interface_addresses,
);
// determine upper layer service
@@ -517,8 +505,8 @@ pub fn is_my_address(local_address: &IpAddr, my_interface_addresses: &Vec<Addres
pub fn get_address_to_lookup(key: &AddressPortPair, traffic_direction: TrafficDirection) -> IpAddr {
match traffic_direction {
TrafficDirection::Outgoing => key.address2,
TrafficDirection::Incoming => key.address1,
TrafficDirection::Outgoing => key.dest,
TrafficDirection::Incoming => key.source,
}
}

7
src/networking/parse_packets.rs
View File

@@ -19,7 +19,6 @@
use crate::networking::types::icmp_type::IcmpType;
use crate::networking::types::info_traffic::InfoTraffic;
use crate::networking::types::my_link_type::MyLinkType;
use crate::networking::types::packet_filters_fields::PacketFiltersFields;
use crate::networking::types::traffic_direction::TrafficDirection;
use crate::utils::error_logger::{ErrorLogger, Location};
use crate::utils::formatted_strings::get_domain_from_r_dns;
@@ -49,6 +48,10 @@ pub fn parse_packets(
let (mut freeze_rx, mut freeze_rx_2) = freeze_rxs;
let my_link_type = capture_context.my_link_type();
if !my_link_type.is_supported() {
return;
}
let (Some(cap), mut savefile) = capture_context.consume() else {
return;
};
@@ -143,7 +146,6 @@ pub fn parse_packets(
let mut mac_addresses = (None, None);
let mut icmp_type = IcmpType::default();
let mut arp_type = ArpType::default();
let mut packet_filters_fields = PacketFiltersFields::default();
let key_option = analyze_headers(
headers,
@@ -151,7 +153,6 @@ pub fn parse_packets(
&mut exchanged_bytes,
&mut icmp_type,
&mut arp_type,
&mut packet_filters_fields,
);
let Some(key) = key_option else {

17
src/networking/traffic_preview.rs
View File

@@ -1,7 +1,10 @@
use crate::gui::types::filters::Filters;
use crate::location;
use crate::networking::manage_packets::analyze_headers;
use crate::networking::parse_packets::get_sniffable_headers;
use crate::networking::types::arp_type::ArpType;
use crate::networking::types::capture_context::{CaptureContext, CaptureSource, CaptureType};
use crate::networking::types::icmp_type::IcmpType;
use crate::networking::types::my_device::MyDevice;
use crate::networking::types::my_link_type::MyLinkType;
use crate::utils::error_logger::{ErrorLogger, Location};
@@ -42,7 +45,16 @@ pub fn traffic_preview(tx: &Sender<TrafficPreview>) {
if let Ok(packet) = packet_res {
let dev_info = packet.dev_info;
let my_link_type = dev_info.my_link_type;
if get_sniffable_headers(&packet.data, my_link_type).is_some() {
if let Some(headers) = get_sniffable_headers(&packet.data, my_link_type)
&& analyze_headers(
headers,
&mut (None, None),
&mut 0,
&mut IcmpType::default(),
&mut ArpType::default(),
)
.is_some()
{
data.entry(dev_info.name)
.and_modify(|p| *p += 1)
.or_insert(1);
@@ -96,6 +108,9 @@ fn packet_stream(
tx: &std::sync::mpsc::SyncSender<(Result<PacketOwned, pcap::Error>, Option<pcap::Stat>)>,
dev_info: &DevInfo,
) {
if !dev_info.my_link_type.is_supported() {
return;
}
loop {
let packet_res = cap.next_packet();
let packet_owned = packet_res.map(|p| PacketOwned {

46
src/networking/types/address_port_pair.rs
View File

@@ -1,44 +1,50 @@
//! Module defining the `AddressPortPair` struct, which represents a network address:port pair.
use crate::Protocol;
use std::net::IpAddr;
use std::net::{IpAddr, Ipv4Addr};
/// Struct representing a network address:port pair.
#[derive(PartialEq, Eq, Hash, Clone, Copy, Debug)]
pub struct AddressPortPair {
/// Network layer IPv4 or IPv6 source address.
pub address1: IpAddr,
pub source: IpAddr,
/// Transport layer source port number (in the range 0..=65535).
pub port1: Option<u16>,
pub sport: Option<u16>,
/// Network layer IPv4 or IPv6 destination address.
pub address2: IpAddr,
pub dest: IpAddr,
/// Transport layer destination port number (in the range 0..=65535).
pub port2: Option<u16>,
pub dport: Option<u16>,
/// Transport layer protocol carried through the associate address:port pair (TCP or UPD).
pub protocol: Protocol,
}
#[cfg(test)]
impl AddressPortPair {
/// Returns a new `AddressPort` element.
///
/// # Arguments
///
/// * `address` - A string representing the network layer IPv4 or IPv6 address.
///
/// * `port` - An integer representing the transport layer port number (in the range 0..=65535).
pub fn new(
address1: IpAddr,
port1: Option<u16>,
address2: IpAddr,
port2: Option<u16>,
source: IpAddr,
sport: Option<u16>,
dest: IpAddr,
dport: Option<u16>,
protocol: Protocol,
) -> Self {
AddressPortPair {
address1,
port1,
address2,
port2,
source,
sport,
dest,
dport,
protocol,
}
}
}
impl Default for AddressPortPair {
fn default() -> Self {
AddressPortPair {
source: IpAddr::V4(Ipv4Addr::UNSPECIFIED),
dest: IpAddr::V4(Ipv4Addr::UNSPECIFIED),
sport: None,
dport: None,
protocol: Protocol::ARP,
}
}
}

16
src/networking/types/ip_version.rs
View File

@@ -1,16 +0,0 @@
use std::fmt;
/// Enum representing the possible observed values of IP protocol version.
#[derive(Debug, Clone, Copy, PartialEq, Eq, Hash)]
pub enum IpVersion {
/// Internet Protocol version 4
IPv4,
/// Internet Protocol version 6
IPv6,
}
impl fmt::Display for IpVersion {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
write!(f, "{self:?}")
}
}

2
src/networking/types/mod.rs
View File

@@ -13,10 +13,8 @@
pub mod info_address_port_pair;
pub mod info_traffic;
pub mod ip_collection;
pub mod ip_version;
pub mod my_device;
pub mod my_link_type;
pub mod packet_filters_fields;
pub mod protocol;
pub mod service;
pub mod service_query;

33
src/networking/types/packet_filters_fields.rs
View File

@@ -1,33 +0,0 @@
use std::net::{IpAddr, Ipv6Addr};
use crate::{IpVersion, Protocol};
/// Fields extracted from a packet to determine if this packet matches the defined filters
#[derive(Clone)]
pub struct PacketFiltersFields {
/// Internet Protocol version
pub ip_version: IpVersion,
/// Protocol
pub protocol: Protocol,
/// Source IP address
pub source: IpAddr,
/// Destination IP address
pub dest: IpAddr,
/// Source port
pub sport: Option<u16>,
/// Destination port
pub dport: Option<u16>,
}
impl Default for PacketFiltersFields {
fn default() -> Self {
Self {
ip_version: IpVersion::IPv4,
protocol: Protocol::ARP,
source: IpAddr::V6(Ipv6Addr::UNSPECIFIED),
dest: IpAddr::V6(Ipv6Addr::UNSPECIFIED),
sport: None,
dport: None,
}
}
}

8
src/report/types/report_col.rs
View File

@@ -71,17 +71,17 @@ pub(crate) fn get_value(
data_repr: DataRepr,
) -> String {
match self {
ReportCol::SrcIp => key.address1.to_string(),
ReportCol::SrcIp => key.source.to_string(),
ReportCol::SrcPort => {
if let Some(port) = key.port1 {
if let Some(port) = key.sport {
port.to_string()
} else {
"-".to_string()
}
}
ReportCol::DstIp => key.address2.to_string(),
ReportCol::DstIp => key.dest.to_string(),
ReportCol::DstPort => {
if let Some(port) = key.port2 {
if let Some(port) = key.dport {
port.to_string()
} else {
"-".to_string()

8
src/report/types/search_parameters.rs
View File

@@ -164,17 +164,17 @@ pub fn entry_value(
r_dns_host: Option<&(String, Host)>,
) -> String {
match self {
FilterInputType::AddressSrc => key.address1.to_string(),
FilterInputType::AddressSrc => key.source.to_string(),
FilterInputType::PortSrc => {
if let Some(port) = key.port1 {
if let Some(port) = key.sport {
port.to_string()
} else {
"-".to_string()
}
}
FilterInputType::AddressDst => key.address2.to_string(),
FilterInputType::AddressDst => key.dest.to_string(),
FilterInputType::PortDst => {
if let Some(port) = key.port2 {
if let Some(port) = key.dport {
port.to_string()
} else {
"-".to_string()