SpoofDPI/proxy/proxy.go

157 lines
3.5 KiB
Go
Raw Normal View History

2021-12-29 17:08:30 +00:00
package proxy
import (
2023-09-08 08:35:41 +00:00
"fmt"
2024-07-22 10:59:11 +00:00
"net"
2021-12-29 17:08:30 +00:00
"os"
2024-07-22 04:49:18 +00:00
"regexp"
2024-07-22 10:59:11 +00:00
"strconv"
2022-01-03 07:24:39 +00:00
2022-01-11 15:05:16 +00:00
log "github.com/sirupsen/logrus"
2024-07-21 07:57:47 +00:00
"github.com/xvzc/SpoofDPI/dns"
2022-01-08 06:35:32 +00:00
"github.com/xvzc/SpoofDPI/packet"
2023-09-08 08:35:41 +00:00
"github.com/xvzc/SpoofDPI/util"
2021-12-29 17:08:30 +00:00
)
2022-01-08 15:48:19 +00:00
type Proxy struct {
2024-08-16 14:53:31 +00:00
addr string
port int
timeout int
resolver *dns.DnsResolver
windowSize int
allowedPattern []*regexp.Regexp
disallowedPattern []*regexp.Regexp
2022-01-08 15:48:19 +00:00
}
2023-09-08 08:35:41 +00:00
func New(config *util.Config) *Proxy {
2022-01-08 15:48:19 +00:00
return &Proxy{
2024-08-16 14:53:31 +00:00
addr: *config.Addr,
port: *config.Port,
timeout: *config.Timeout,
windowSize: *config.WindowSize,
allowedPattern: config.AllowedPatterns,
disallowedPattern: config.DisallowedPatterns,
resolver: dns.NewResolver(config),
2022-01-08 15:48:19 +00:00
}
}
2024-07-22 04:49:18 +00:00
func (pxy *Proxy) Start() {
2024-07-22 10:59:11 +00:00
l, err := net.ListenTCP("tcp4", &net.TCPAddr{IP: net.ParseIP(pxy.addr), Port: pxy.port})
2021-12-29 17:08:30 +00:00
if err != nil {
log.Fatal("[PROXY] error creating listener: ", err)
2022-01-04 16:47:18 +00:00
os.Exit(1)
2021-12-29 17:08:30 +00:00
}
if pxy.timeout > 0 {
log.Println(fmt.Sprintf("[PROXY] connection timeout is set to %dms", pxy.timeout))
}
2023-09-08 08:35:41 +00:00
log.Println("[PROXY] created a listener on port", pxy.port)
if len(pxy.allowedPattern) > 0 {
log.Println("[PROXY] number of white-listed pattern:", len(pxy.allowedPattern))
}
2024-08-16 14:53:31 +00:00
if len(pxy.disallowedPattern) > 0 {
log.Println("[PROXY] number of black-listed pattern:", len(pxy.disallowedPattern))
}
2021-12-29 17:08:30 +00:00
2022-01-04 16:47:18 +00:00
for {
2022-01-10 19:27:12 +00:00
conn, err := l.Accept()
2021-12-29 17:08:30 +00:00
if err != nil {
log.Fatal("[PROXY] error accepting connection: ", err)
2021-12-29 17:08:30 +00:00
continue
}
2022-01-04 16:47:18 +00:00
go func() {
2024-08-14 08:01:14 +00:00
pkt, err := packet.ReadHttpPacket(conn)
2022-11-29 07:54:28 +00:00
if err != nil {
log.Debug("[PROXY] error while parsing request: ", err)
2024-07-22 10:59:11 +00:00
conn.Close()
2022-11-29 07:54:28 +00:00
return
}
2022-01-07 15:39:58 +00:00
log.Debug("[PROXY] request from ", conn.RemoteAddr(), "\n\n", string(pkt.Raw()))
2024-08-14 08:01:14 +00:00
2022-01-11 17:15:45 +00:00
if !pkt.IsValidMethod() {
log.Debug("[PROXY] unsupported method: ", pkt.Method())
2024-07-22 10:59:11 +00:00
conn.Close()
2024-07-22 04:49:18 +00:00
return
}
matched := pxy.patternMatches([]byte(pkt.Domain()))
useSystemDns := !matched
ip, err := pxy.resolver.Lookup(pkt.Domain(), useSystemDns)
2024-07-22 04:49:18 +00:00
if err != nil {
log.Debug("[PROXY] error while dns lookup: ", pkt.Domain(), " ", err)
2024-07-22 04:49:18 +00:00
conn.Write([]byte(pkt.Version() + " 502 Bad Gateway\r\n\r\n"))
2024-07-22 10:59:11 +00:00
conn.Close()
return
}
// Avoid recursively querying self
if pkt.Port() == strconv.Itoa(pxy.port) && isLoopedRequest(net.ParseIP(ip)) {
log.Error("[PROXY] looped request has been detected. aborting.")
2024-07-22 10:59:11 +00:00
conn.Close()
2022-01-07 14:04:09 +00:00
return
}
2022-01-11 17:15:45 +00:00
if pkt.IsConnectMethod() {
pxy.handleHttps(conn.(*net.TCPConn), matched, pkt, ip)
2022-01-04 16:47:18 +00:00
} else {
2024-07-22 11:58:30 +00:00
pxy.handleHttp(conn.(*net.TCPConn), pkt, ip)
2022-01-04 16:47:18 +00:00
}
}()
}
2021-12-29 17:08:30 +00:00
}
2024-07-22 10:59:11 +00:00
func (pxy *Proxy) patternMatches(bytes []byte) bool {
2024-08-16 14:53:31 +00:00
if pxy.disallowedPattern != nil {
for _, pattern := range pxy.disallowedPattern {
if pattern.Match(bytes) {
return false
}
}
}
if pxy.allowedPattern == nil {
return true
}
for _, pattern := range pxy.allowedPattern {
if pattern.Match(bytes) {
return true
}
}
return false
}
2024-07-22 10:59:11 +00:00
func isLoopedRequest(ip net.IP) bool {
// we don't handle IPv6 at all it seems
if ip.To4() == nil {
return false
}
if ip.IsLoopback() {
return true
}
// Get list of available addresses
// See `ip -4 addr show`
addr, err := net.InterfaceAddrs() // needs AF_NETLINK on linux
if err != nil {
log.Error("[PROXY] error while getting addresses of our network interfaces: ", err)
2024-07-22 10:59:11 +00:00
return false
}
for _, addr := range addr {
if ipnet, ok := addr.(*net.IPNet); ok {
if ipnet.IP.To4() != nil && ipnet.IP.To4().Equal(ip) {
return true
}
}
}
return false
}