mirror of
https://github.com/M66B/NetGuard.git
synced 2025-02-23 06:41:05 +00:00
top master
parent
8877e06f04
commit
fa624ce279
4 changed files with 8 additions and 24 deletions
|
|
@ -35,7 +35,7 @@ int check_icmp_session(const struct arguments *args, struct ng_session *s,
|
|||
time_t now = time(NULL);
|
||||
|
||||
int timeout = get_icmp_timeout(&s->icmp, sessions, maxsessions);
|
||||
if (s->icmp.stop > 0 || s->icmp.time + timeout < now) {
|
||||
if (s->icmp.stop || s->icmp.time + timeout < now) {
|
||||
char source[INET6_ADDRSTRLEN + 1];
|
||||
char dest[INET6_ADDRSTRLEN + 1];
|
||||
if (s->icmp.version == 4) {
|
||||
|
|
@ -108,12 +108,8 @@ void check_icmp_socket(const struct arguments *args, const struct epoll_event *e
|
|||
// but for some unexplained reason this is not the case
|
||||
// some bits seems to be set extra
|
||||
struct icmp *icmp = (struct icmp *) buffer;
|
||||
const uint8_t isValid = s->icmp.id == icmp->icmp_id;
|
||||
if(isValid) {
|
||||
s->icmp.stop = -1; //mark as answered
|
||||
}
|
||||
log_android(
|
||||
isValid ? ANDROID_LOG_INFO : ANDROID_LOG_WARN,
|
||||
s->icmp.id == icmp->icmp_id ? ANDROID_LOG_INFO : ANDROID_LOG_WARN,
|
||||
"ICMP recv bytes %d from %s for tun type %d code %d id %x/%x seq %d",
|
||||
bytes, dest,
|
||||
icmp->icmp_type, icmp->icmp_code,
|
||||
|
|
@ -177,7 +173,7 @@ jboolean handle_icmp(const struct arguments *args,
|
|||
struct ng_session *cur = args->ctx->ng_session;
|
||||
while (cur != NULL &&
|
||||
!((cur->protocol == IPPROTO_ICMP || cur->protocol == IPPROTO_ICMPV6) &&
|
||||
cur->icmp.stop <= 0 && cur->icmp.version == version &&
|
||||
!cur->icmp.stop && cur->icmp.version == version &&
|
||||
(version == 4 ? cur->icmp.saddr.ip4 == ip4->saddr &&
|
||||
cur->icmp.daddr.ip4 == ip4->daddr
|
||||
: memcmp(&cur->icmp.saddr.ip6, &ip6->ip6_src, 16) == 0 &&
|
||||
|
|
@ -186,7 +182,6 @@ jboolean handle_icmp(const struct arguments *args,
|
|||
|
||||
// Create new session if needed
|
||||
if (cur == NULL) {
|
||||
posNewSession:
|
||||
log_android(ANDROID_LOG_INFO, "ICMP new session from %s to %s", source, dest);
|
||||
|
||||
// Register session
|
||||
|
|
@ -213,8 +208,6 @@ posNewSession:
|
|||
// Open UDP socket
|
||||
s->socket = open_icmp_socket(args, &s->icmp);
|
||||
if (s->socket < 0) {
|
||||
log_android(ANDROID_LOG_WARN, "ICMP open fail: id[%x] socket %d error %d: %s"
|
||||
, s->icmp.id, s->socket, errno, strerror(errno));
|
||||
free(s);
|
||||
return 0;
|
||||
}
|
||||
|
|
@ -232,10 +225,6 @@ posNewSession:
|
|||
args->ctx->ng_session = s;
|
||||
|
||||
cur = s;
|
||||
} else if(cur->icmp.stop == -1) { //if session is answered reuse that
|
||||
cur->icmp.id = icmp->icmp_id;
|
||||
} else { //else force new session
|
||||
goto posNewSession;
|
||||
}
|
||||
|
||||
// Modify ID
|
||||
|
|
@ -284,9 +273,6 @@ posNewSession:
|
|||
cur->icmp.stop = 1;
|
||||
return 0;
|
||||
}
|
||||
} else {
|
||||
log_android(ANDROID_LOG_VERBOSE, "ICMP sendto id[%x/%x]"
|
||||
, cur->icmp.id, icmp->icmp_id);
|
||||
}
|
||||
|
||||
return 1;
|
||||
|
|
|
|||
|
|
@ -199,7 +199,7 @@ Java_eu_faircode_netguard_ServiceSinkhole_jni_1get_1stats(
|
|||
struct ng_session *s = ctx->ng_session;
|
||||
while (s != NULL) {
|
||||
if (s->protocol == IPPROTO_ICMP || s->protocol == IPPROTO_ICMPV6) {
|
||||
if (s->icmp.stop <= 0)
|
||||
if (!s->icmp.stop)
|
||||
jcount[0]++;
|
||||
} else if (s->protocol == IPPROTO_UDP) {
|
||||
if (s->udp.state == UDP_ACTIVE)
|
||||
|
|
|
|||
|
|
@ -119,7 +119,7 @@ struct icmp_session {
|
|||
|
||||
uint16_t id;
|
||||
|
||||
int8_t stop; //three state: 0:false, 1:true, -1:answered
|
||||
uint8_t stop;
|
||||
};
|
||||
|
||||
#define UDP_ACTIVE 0
|
||||
|
|
@ -265,7 +265,6 @@ struct dns_header {
|
|||
uint16_t aa :1; // authoritive answer
|
||||
uint16_t opcode :4; // purpose of message
|
||||
uint16_t qr :1; // query/response flag
|
||||
//next byte (8 bit)
|
||||
uint16_t rcode :4; // response code
|
||||
uint16_t cd :1; // checking disabled
|
||||
uint16_t ad :1; // authenticated data
|
||||
|
|
@ -277,7 +276,6 @@ struct dns_header {
|
|||
uint16_t aa :1; // authoritive answer
|
||||
uint16_t tc :1; // truncated message
|
||||
uint16_t rd :1; // recursion desired
|
||||
//next byte (8 bit)
|
||||
uint16_t ra :1; // recursion available
|
||||
uint16_t z :1; // its z! reserved
|
||||
uint16_t ad :1; // authenticated data
|
||||
|
|
|
|||
|
|
@ -99,7 +99,7 @@ void *handle_events(void *a) {
|
|||
struct ng_session *s = args->ctx->ng_session;
|
||||
while (s != NULL) {
|
||||
if (s->protocol == IPPROTO_ICMP || s->protocol == IPPROTO_ICMPV6) {
|
||||
if (s->icmp.stop <= 0)
|
||||
if (!s->icmp.stop)
|
||||
isessions++;
|
||||
} else if (s->protocol == IPPROTO_UDP) {
|
||||
if (s->udp.state == UDP_ACTIVE)
|
||||
|
|
@ -126,7 +126,7 @@ void *handle_events(void *a) {
|
|||
int del = 0;
|
||||
if (s->protocol == IPPROTO_ICMP || s->protocol == IPPROTO_ICMPV6) {
|
||||
del = check_icmp_session(args, s, sessions, maxsessions);
|
||||
if (s->icmp.stop == 0 && !del) {
|
||||
if (!s->icmp.stop && !del) {
|
||||
int stimeout = s->icmp.time +
|
||||
get_icmp_timeout(&s->icmp, sessions, maxsessions) - now + 1;
|
||||
if (stimeout > 0 && stimeout < timeout)
|
||||
|
|
@ -282,7 +282,7 @@ void check_allowed(const struct arguments *args) {
|
|||
struct ng_session *s = args->ctx->ng_session;
|
||||
while (s != NULL) {
|
||||
if (s->protocol == IPPROTO_ICMP || s->protocol == IPPROTO_ICMPV6) {
|
||||
if (s->icmp.stop <= 0) {
|
||||
if (!s->icmp.stop) {
|
||||
if (s->icmp.version == 4) {
|
||||
inet_ntop(AF_INET, &s->icmp.saddr.ip4, source, sizeof(source));
|
||||
inet_ntop(AF_INET, &s->icmp.daddr.ip4, dest, sizeof(dest));
|
||||
|
|
|
|||
Loading…
Reference in a new issue