mirror of
https://github.com/xvzc/SpoofDPI.git
synced 2025-01-16 11:44:58 +00:00
154 lines
3.4 KiB
Go
154 lines
3.4 KiB
Go
package proxy
|
|
|
|
import (
|
|
"fmt"
|
|
"net"
|
|
"os"
|
|
"regexp"
|
|
"strconv"
|
|
|
|
log "github.com/sirupsen/logrus"
|
|
"github.com/xvzc/SpoofDPI/dns"
|
|
"github.com/xvzc/SpoofDPI/packet"
|
|
"github.com/xvzc/SpoofDPI/util"
|
|
)
|
|
|
|
type Proxy struct {
|
|
addr string
|
|
port int
|
|
timeout int
|
|
resolver *dns.DnsResolver
|
|
windowSize int
|
|
allowedPattern []*regexp.Regexp
|
|
bufferSize int
|
|
}
|
|
|
|
func New(config *util.Config) *Proxy {
|
|
return &Proxy{
|
|
addr: *config.Addr,
|
|
port: *config.Port,
|
|
timeout: *config.Timeout,
|
|
windowSize: *config.WindowSize,
|
|
allowedPattern: config.AllowedPattern,
|
|
resolver: dns.NewResolver(config),
|
|
bufferSize: *config.BufferSize,
|
|
}
|
|
}
|
|
|
|
func (pxy *Proxy) Start() {
|
|
l, err := net.ListenTCP("tcp4", &net.TCPAddr{IP: net.ParseIP(pxy.addr), Port: pxy.port})
|
|
if err != nil {
|
|
log.Fatal("[PROXY] Error creating listener: ", err)
|
|
os.Exit(1)
|
|
}
|
|
|
|
if pxy.timeout > 0 {
|
|
log.Println(fmt.Sprintf("[PROXY] Connection timeout is set to %dms", pxy.timeout))
|
|
}
|
|
|
|
log.Println("[PROXY] Created a listener on port", pxy.port)
|
|
if len(pxy.allowedPattern) > 0 {
|
|
log.Println("[PROXY] Number of white-listed pattern:", len(pxy.allowedPattern))
|
|
}
|
|
|
|
for {
|
|
conn, err := l.Accept()
|
|
if err != nil {
|
|
log.Fatal("[PROXY] Error accepting connection: ", err)
|
|
continue
|
|
}
|
|
|
|
go func() {
|
|
tmpBuf := make([]byte, pxy.bufferSize)
|
|
b, err := ReadBytes(conn.(*net.TCPConn), tmpBuf)
|
|
if err != nil {
|
|
return
|
|
}
|
|
|
|
log.Debug("[PROXY] Request from ", conn.RemoteAddr(), "\n\n", string(b))
|
|
|
|
pkt, err := packet.NewHttpPacket(b)
|
|
if err != nil {
|
|
log.Debug("[PROXY] Error while parsing request: ", string(b))
|
|
conn.Close()
|
|
return
|
|
}
|
|
|
|
if !pkt.IsValidMethod() {
|
|
log.Debug("[PROXY] Unsupported method: ", pkt.Method())
|
|
conn.Close()
|
|
return
|
|
}
|
|
|
|
matched := pxy.patternMatches([]byte(pkt.Domain()))
|
|
useSystemDns := !matched
|
|
|
|
ip, err := pxy.resolver.Lookup(pkt.Domain(), useSystemDns)
|
|
if err != nil {
|
|
log.Debug("[PROXY] Error while dns lookup: ", pkt.Domain(), " ", err)
|
|
conn.Write([]byte(pkt.Version() + " 502 Bad Gateway\r\n\r\n"))
|
|
conn.Close()
|
|
return
|
|
}
|
|
|
|
// Avoid recursively querying self
|
|
if pkt.Port() == strconv.Itoa(pxy.port) && isLoopedRequest(net.ParseIP(ip)) {
|
|
log.Error("[PROXY] Looped request has been detected. aborting.")
|
|
conn.Close()
|
|
return
|
|
}
|
|
|
|
if pkt.IsConnectMethod() {
|
|
log.Debug("[PROXY] Start HTTPS")
|
|
pxy.handleHttps(conn.(*net.TCPConn), matched, pkt, ip)
|
|
} else {
|
|
log.Debug("[PROXY] Start HTTP")
|
|
pxy.handleHttp(conn.(*net.TCPConn), pkt, ip)
|
|
}
|
|
}()
|
|
}
|
|
}
|
|
|
|
func (pxy *Proxy) patternMatches(bytes []byte) bool {
|
|
if pxy.allowedPattern == nil {
|
|
return true
|
|
}
|
|
|
|
for _, pattern := range pxy.allowedPattern {
|
|
if pattern.Match(bytes) {
|
|
return true
|
|
}
|
|
}
|
|
|
|
return false
|
|
}
|
|
|
|
func isLoopedRequest(ip net.IP) bool {
|
|
// we don't handle IPv6 at all it seems
|
|
if ip.To4() == nil {
|
|
return false
|
|
}
|
|
|
|
if ip.IsLoopback() {
|
|
return true
|
|
}
|
|
|
|
// Get list of available addresses
|
|
// See `ip -4 addr show`
|
|
addr, err := net.InterfaceAddrs() // needs AF_NETLINK on linux
|
|
if err != nil {
|
|
log.Error("[PROXY] Error while getting addresses of our network interfaces: ", err)
|
|
return false
|
|
}
|
|
|
|
for _, addr := range addr {
|
|
if ipnet, ok := addr.(*net.IPNet); ok {
|
|
if ipnet.IP.To4() != nil && ipnet.IP.To4().Equal(ip) {
|
|
return true
|
|
}
|
|
}
|
|
}
|
|
|
|
return false
|
|
}
|