add sniffer utility

This commit is contained in:
ginuerzh
2024-10-02 22:51:23 +08:00
parent 3c8add4b82
commit c42a44abb6
46 changed files with 1369 additions and 2723 deletions
+30 -8
View File
@@ -3,6 +3,7 @@ package unix
import (
"bufio"
"context"
"crypto/tls"
"errors"
"io"
"net"
@@ -18,6 +19,7 @@ import (
xio "github.com/go-gost/x/internal/io"
xnet "github.com/go-gost/x/internal/net"
"github.com/go-gost/x/internal/util/sniffing"
tls_util "github.com/go-gost/x/internal/util/tls"
xrecorder "github.com/go-gost/x/recorder"
"github.com/go-gost/x/registry"
)
@@ -31,6 +33,7 @@ type unixHandler struct {
md metadata
options handler.Options
recorder recorder.RecorderObject
certPool tls_util.CertPool
}
func NewHandler(opts ...handler.Option) handler.Handler {
@@ -56,6 +59,10 @@ func (h *unixHandler) Init(md md.Metadata) (err error) {
}
}
if h.md.certificate != nil && h.md.privateKey != nil {
h.certPool = tls_util.NewMemoryCertPool()
}
return
}
@@ -121,7 +128,6 @@ func (h *unixHandler) Handle(ctx context.Context, conn net.Conn, opts ...handler
}
defer cc.Close()
var rw io.ReadWriter = conn
if h.md.sniffing {
if h.md.sniffingTimeout > 0 {
conn.SetReadDeadline(time.Now().Add(h.md.sniffingTimeout))
@@ -135,21 +141,37 @@ func (h *unixHandler) Handle(ctx context.Context, conn net.Conn, opts ...handler
conn.SetReadDeadline(time.Time{})
}
rw = xio.NewReadWriter(br, conn)
sniffer := &sniffing.Sniffer{
Recorder: h.recorder.Recorder,
RecorderOptions: h.recorder.Options,
RecorderObject: ro,
Certificate: h.md.certificate,
PrivateKey: h.md.privateKey,
NegotiatedProtocol: h.md.alpn,
CertPool: h.certPool,
MitmBypass: h.md.mitmBypass,
ReadTimeout: h.md.readTimeout,
Log: log,
Dial: func(ctx context.Context, network, address string) (net.Conn, error) {
return cc, nil
},
DialTLS: func(ctx context.Context, network, address string, cfg *tls.Config) (net.Conn, error) {
return cc, nil
},
}
conn = xnet.NewReadWriteConn(br, conn, conn)
switch proto {
case sniffing.ProtoHTTP:
ro2 := &xrecorder.HandlerRecorderObject{}
*ro2 = *ro
ro.Time = time.Time{}
return h.handleHTTP(ctx, rw, cc, ro2, log)
return sniffer.HandleHTTP(ctx, conn)
case sniffing.ProtoTLS:
return h.handleTLS(ctx, rw, cc, ro, log)
return sniffer.HandleTLS(ctx, conn)
}
}
t := time.Now()
log.Infof("%s <-> %s", conn.LocalAddr(), "@")
xnet.Transport(rw, cc)
xnet.Transport(conn, cc)
log.WithFields(map[string]any{
"duration": time.Since(t),
}).Infof("%s >-< %s", conn.LocalAddr(), "@")
+27 -1
View File
@@ -1,16 +1,27 @@
package unix
import (
"crypto"
"crypto/tls"
"crypto/x509"
"time"
"github.com/go-gost/core/bypass"
mdata "github.com/go-gost/core/metadata"
mdutil "github.com/go-gost/core/metadata/util"
"github.com/go-gost/x/registry"
)
type metadata struct {
readTimeout time.Duration
readTimeout time.Duration
sniffing bool
sniffingTimeout time.Duration
certificate *x509.Certificate
privateKey crypto.PrivateKey
alpn string
mitmBypass bypass.Bypass
}
func (h *unixHandler) parseMetadata(md mdata.Metadata) (err error) {
@@ -22,5 +33,20 @@ func (h *unixHandler) parseMetadata(md mdata.Metadata) (err error) {
h.md.sniffing = mdutil.GetBool(md, "sniffing")
h.md.sniffingTimeout = mdutil.GetDuration(md, "sniffing.timeout")
certFile := mdutil.GetString(md, "mitm.certFile", "mitm.caCertFile")
keyFile := mdutil.GetString(md, "mitm.keyFile", "mitm.caKeyFile")
if certFile != "" && keyFile != "" {
tlsCert, err := tls.LoadX509KeyPair(certFile, keyFile)
if err != nil {
return err
}
h.md.certificate, err = x509.ParseCertificate(tlsCert.Certificate[0])
if err != nil {
return err
}
h.md.privateKey = tlsCert.PrivateKey
}
h.md.alpn = mdutil.GetString(md, "mitm.alpn")
h.md.mitmBypass = registry.BypassRegistry().Get(mdutil.GetString(md, "mitm.bypass"))
return
}