mirror of
https://github.com/bol-van/zapret.git
synced 2025-01-19 12:42:21 +03:00
tpws: support 'n' prefix in tamper-start and tamper-cutoff
This commit is contained in:
parent
3f9f1c36b8
commit
cffcfe71da
@ -61,6 +61,7 @@ struct params_s
|
|||||||
int hostlist_auto_fail_threshold, hostlist_auto_fail_time;
|
int hostlist_auto_fail_threshold, hostlist_auto_fail_time;
|
||||||
hostfail_pool *hostlist_auto_fail_counters;
|
hostfail_pool *hostlist_auto_fail_counters;
|
||||||
|
|
||||||
|
bool tamper_start_n,tamper_cutoff_n;
|
||||||
unsigned int tamper_start,tamper_cutoff;
|
unsigned int tamper_start,tamper_cutoff;
|
||||||
|
|
||||||
int debug;
|
int debug;
|
||||||
|
28
tpws/tpws.c
28
tpws/tpws.c
@ -189,8 +189,8 @@ static void exithelp(void)
|
|||||||
" --unixeol\t\t\t\t; replace 0D0A to 0A\n"
|
" --unixeol\t\t\t\t; replace 0D0A to 0A\n"
|
||||||
" --tlsrec=sni\t\t\t\t; make 2 TLS records. split at SNI. don't split if SNI is not present\n"
|
" --tlsrec=sni\t\t\t\t; make 2 TLS records. split at SNI. don't split if SNI is not present\n"
|
||||||
" --tlsrec-pos=<pos>\t\t\t; make 2 TLS records. split at specified pos\n"
|
" --tlsrec-pos=<pos>\t\t\t; make 2 TLS records. split at specified pos\n"
|
||||||
" --tamper-start=<pos>\t\t\t; start tampering only from specified outbound stream position. default is 0.\n"
|
" --tamper-start=[n]<pos>\t\t; start tampering only from specified outbound stream position. default is 0. 'n' means data block number.\n"
|
||||||
" --tamper-cutoff=<pos>\t\t\t; do not tamper anymore after specified outbound stream position. default is unlimited.\n",
|
" --tamper-cutoff=[n]<pos>\t\t; do not tamper anymore after specified outbound stream position. default is unlimited.\n",
|
||||||
HOSTLIST_AUTO_FAIL_THRESHOLD_DEFAULT, HOSTLIST_AUTO_FAIL_TIME_DEFAULT
|
HOSTLIST_AUTO_FAIL_THRESHOLD_DEFAULT, HOSTLIST_AUTO_FAIL_TIME_DEFAULT
|
||||||
);
|
);
|
||||||
exit(1);
|
exit(1);
|
||||||
@ -670,10 +670,30 @@ void parse_params(int argc, char *argv[])
|
|||||||
params.skip_nodelay = true;
|
params.skip_nodelay = true;
|
||||||
break;
|
break;
|
||||||
case 49: /* tamper-start */
|
case 49: /* tamper-start */
|
||||||
params.tamper_start = atoi(optarg);
|
{
|
||||||
|
const char *p=optarg;
|
||||||
|
if (*p=='n')
|
||||||
|
{
|
||||||
|
params.tamper_start_n=true;
|
||||||
|
p++;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
params.tamper_start_n=false;
|
||||||
|
params.tamper_start = atoi(p);
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
case 50: /* tamper-cutoff */
|
case 50: /* tamper-cutoff */
|
||||||
params.tamper_cutoff = atoi(optarg);
|
{
|
||||||
|
const char *p=optarg;
|
||||||
|
if (*p=='n')
|
||||||
|
{
|
||||||
|
params.tamper_cutoff_n=true;
|
||||||
|
p++;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
params.tamper_cutoff_n=false;
|
||||||
|
params.tamper_cutoff = atoi(p);
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
#if defined(BSD) && !defined(__OpenBSD__) && !defined(__APPLE__)
|
#if defined(BSD) && !defined(__OpenBSD__) && !defined(__APPLE__)
|
||||||
case 51: /* enable-pf */
|
case 51: /* enable-pf */
|
||||||
|
@ -893,6 +893,12 @@ static bool handle_proxy_mode(tproxy_conn_t *conn, struct tailhead *conn_list)
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static bool in_tamper_out_range(tproxy_conn_t *conn)
|
||||||
|
{
|
||||||
|
return (params.tamper_start_n ? (conn->tnrd+1) : conn->trd) >= params.tamper_start &&
|
||||||
|
(!params.tamper_cutoff || (params.tamper_cutoff_n ? (conn->tnrd+1) : conn->trd) < params.tamper_cutoff);
|
||||||
|
}
|
||||||
|
|
||||||
static void tamper(tproxy_conn_t *conn, uint8_t *segment, size_t segment_buffer_size, size_t *segment_size, size_t *split_pos)
|
static void tamper(tproxy_conn_t *conn, uint8_t *segment, size_t segment_buffer_size, size_t *segment_size, size_t *split_pos)
|
||||||
{
|
{
|
||||||
*split_pos=0;
|
*split_pos=0;
|
||||||
@ -905,13 +911,16 @@ static void tamper(tproxy_conn_t *conn, uint8_t *segment, size_t segment_buffer_
|
|||||||
tamper_in(&conn->partner->track,segment,segment_buffer_size,segment_size);
|
tamper_in(&conn->partner->track,segment,segment_buffer_size,segment_size);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else if (conn->trd >= params.tamper_start && (!params.tamper_cutoff || conn->trd < params.tamper_cutoff))
|
|
||||||
{
|
|
||||||
DBGPRINT("tamper_out stream pos %zu. tamper range %u-%u", conn->trd, params.tamper_start, params.tamper_cutoff)
|
|
||||||
tamper_out(&conn->track,segment,segment_buffer_size,segment_size,split_pos);
|
|
||||||
}
|
|
||||||
else
|
else
|
||||||
DBGPRINT("stream pos %zu is out of tamper range %u-%u", conn->trd, params.tamper_start, params.tamper_cutoff)
|
{
|
||||||
|
bool in_range = in_tamper_out_range(conn);
|
||||||
|
DBGPRINT("tamper_out stream pos %" PRIu64 "(n%" PRIu64 "). tamper range %s%u-%s%u (%s)",
|
||||||
|
conn->trd, conn->tnrd+1,
|
||||||
|
params.tamper_start_n ? "n" : "" , params.tamper_start,
|
||||||
|
params.tamper_cutoff_n ? "n" : "" , params.tamper_cutoff,
|
||||||
|
in_range ? "IN RANGE" : "OUT OF RANGE")
|
||||||
|
if (in_range) tamper_out(&conn->track,segment,segment_buffer_size,segment_size,split_pos);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -945,14 +954,14 @@ static bool handle_epoll(tproxy_conn_t *conn, struct tailhead *conn_list, uint32
|
|||||||
{
|
{
|
||||||
// throw it to a black hole
|
// throw it to a black hole
|
||||||
uint8_t waste[65070];
|
uint8_t waste[65070];
|
||||||
ssize_t trd=0;
|
uint64_t trd=0;
|
||||||
|
|
||||||
while((rd=recv(conn->fd, waste, sizeof(waste), MSG_DONTWAIT))>0 && trd<MAX_WASTE)
|
while((rd=recv(conn->fd, waste, sizeof(waste), MSG_DONTWAIT))>0 && trd<MAX_WASTE)
|
||||||
{
|
{
|
||||||
trd+=rd;
|
trd+=rd;
|
||||||
conn->trd+=rd;
|
conn->trd+=rd;
|
||||||
}
|
}
|
||||||
DBGPRINT("wasted recv=%zd all_rd=%zd err=%d",rd,trd,errno)
|
DBGPRINT("wasted recv=%zd all_rd=%" PRIu64 " err=%d",rd,trd,errno)
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -966,13 +975,9 @@ static bool handle_epoll(tproxy_conn_t *conn, struct tailhead *conn_list, uint32
|
|||||||
DBGPRINT("numbytes=%d",numbytes)
|
DBGPRINT("numbytes=%d",numbytes)
|
||||||
if (numbytes>0)
|
if (numbytes>0)
|
||||||
{
|
{
|
||||||
if (conn->remote)
|
VPRINT("%s leg stream pos : %" PRIu64 "(n%" PRIu64 ")/%" PRIu64, conn->remote ? "remote" : "local", conn->trd,conn->tnrd+1,conn->twr)
|
||||||
VPRINT("remote leg stream pos R/W : %zu/%zu",conn->trd,conn->twr)
|
|
||||||
else
|
|
||||||
VPRINT("local leg stream pos : %zu/%zu",conn->trd,conn->twr)
|
|
||||||
#ifdef SPLICE_PRESENT
|
#ifdef SPLICE_PRESENT
|
||||||
if (!params.tamper || conn->remote && conn->partner->track.bTamperInCutoff ||
|
if (!params.tamper || conn->remote && conn->partner->track.bTamperInCutoff || !conn->remote && !in_tamper_out_range(conn))
|
||||||
!conn->remote && (conn->trd < params.tamper_start || params.tamper_cutoff && conn->trd >= params.tamper_cutoff))
|
|
||||||
{
|
{
|
||||||
// incoming data from remote leg we splice without touching
|
// incoming data from remote leg we splice without touching
|
||||||
// pipe is in the local leg, so its in conn->partner->splice_pipe
|
// pipe is in the local leg, so its in conn->partner->splice_pipe
|
||||||
@ -983,6 +988,7 @@ static bool handle_epoll(tproxy_conn_t *conn, struct tailhead *conn_list, uint32
|
|||||||
if (rd<0 && errno==EAGAIN) rd=0;
|
if (rd<0 && errno==EAGAIN) rd=0;
|
||||||
if (rd>0)
|
if (rd>0)
|
||||||
{
|
{
|
||||||
|
conn->tnrd++;
|
||||||
conn->trd += rd;
|
conn->trd += rd;
|
||||||
conn->partner->wr_unsent += rd;
|
conn->partner->wr_unsent += rd;
|
||||||
wr = splice(conn->partner->splice_pipe[0], NULL, conn->partner->fd, NULL, conn->partner->wr_unsent, SPLICE_F_MOVE | SPLICE_F_NONBLOCK);
|
wr = splice(conn->partner->splice_pipe[0], NULL, conn->partner->fd, NULL, conn->partner->wr_unsent, SPLICE_F_MOVE | SPLICE_F_NONBLOCK);
|
||||||
@ -1013,6 +1019,7 @@ static bool handle_epoll(tproxy_conn_t *conn, struct tailhead *conn_list, uint32
|
|||||||
// tamper needs to know stream position of the block start
|
// tamper needs to know stream position of the block start
|
||||||
tamper(conn, buf, sizeof(buf), &bs, &split_pos);
|
tamper(conn, buf, sizeof(buf), &bs, &split_pos);
|
||||||
// increase after tamper
|
// increase after tamper
|
||||||
|
conn->tnrd++;
|
||||||
conn->trd+=rd;
|
conn->trd+=rd;
|
||||||
|
|
||||||
if (split_pos)
|
if (split_pos)
|
||||||
@ -1070,7 +1077,7 @@ static bool remove_closed_connections(int efd, struct tailhead *close_list)
|
|||||||
|
|
||||||
shutdown(conn->fd,SHUT_RDWR);
|
shutdown(conn->fd,SHUT_RDWR);
|
||||||
epoll_del(conn);
|
epoll_del(conn);
|
||||||
VPRINT("Socket fd=%d (partner_fd=%d, remote=%d) closed, connection removed. total_read=%zu total_write=%zu event_count=%u",
|
VPRINT("Socket fd=%d (partner_fd=%d, remote=%d) closed, connection removed. total_read=%" PRIu64 " total_write=%" PRIu64 " event_count=%u",
|
||||||
conn->fd, conn->partner ? conn->partner->fd : 0, conn->remote, conn->trd, conn->twr, conn->event_count)
|
conn->fd, conn->partner ? conn->partner->fd : 0, conn->remote, conn->trd, conn->twr, conn->event_count)
|
||||||
if (conn->remote) legs_remote--; else legs_local--;
|
if (conn->remote) legs_remote--; else legs_local--;
|
||||||
free_conn(conn);
|
free_conn(conn);
|
||||||
|
@ -1,6 +1,7 @@
|
|||||||
#pragma once
|
#pragma once
|
||||||
|
|
||||||
#include <stdbool.h>
|
#include <stdbool.h>
|
||||||
|
#include <inttypes.h>
|
||||||
#include <sys/queue.h>
|
#include <sys/queue.h>
|
||||||
#include <time.h>
|
#include <time.h>
|
||||||
#include "tamper.h"
|
#include "tamper.h"
|
||||||
@ -67,7 +68,7 @@ struct tproxy_conn
|
|||||||
bool bFlowIn,bFlowOut, bFlowInPrev,bFlowOutPrev, bPrevRdhup;
|
bool bFlowIn,bFlowOut, bFlowInPrev,bFlowOutPrev, bPrevRdhup;
|
||||||
|
|
||||||
// total read,write
|
// total read,write
|
||||||
size_t trd,twr;
|
uint64_t trd,twr, tnrd;
|
||||||
// number of epoll_wait events
|
// number of epoll_wait events
|
||||||
unsigned int event_count;
|
unsigned int event_count;
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user