Home Explore Help
Sign In
cbocovic
/
slitheen
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

wrote code to simply forward traffic from internally networked VM

cbocovic 8 years ago
parent
7b75e0a781
commit
af0f9ce177
1 changed files with 102 additions and 0 deletions
Split View Show Diff Stats
  1. 102 0
      slitheen-proxy.c

+ 102 - 0
slitheen-proxy.c
View File 

@@ -0,0 +1,102 @@
 
+#include <pcap.h>
 
+#include <stdio.h>
 
+
 
+#define macaddr "08:00:27:e8:9d:d4"
 
+
 
+void got_packet(u_char *args, const struct pcap_pkthdr *header, const u_char *packet);
 
+
 
+void got_packet(u_char *args, const struct pcap_pkthdr *header, const u_char *packet){
 
+	pcap_t *handle;
 
+	char errbuf[BUFSIZ];
 
+	char *writedev = args;
 
+	int i;
 
+
 
+	handle = pcap_open_live(writedev, BUFSIZ, 1, 1000, errbuf);
 
+	if (handle == NULL){
 
+		fprintf(stderr, "Couldn't open device %s: %s\n", writedev, errbuf);
 
+	}
 
+
 
+	if((pcap_inject(handle, packet, header->len)) < 0 ){
 
+		fprintf(stderr, "Error: %s\n", pcap_geterr(handle));
 
+	}
 
+	//printf("Wrote %d bytes.\n", bytes_written);
 
+
 
+	pcap_close(handle);
 
+
 
+}
 
+
 
+int usage(void){
 
+	printf("Usage: slitheen-proxy [internal network interface] [NAT interface]\n");
 
+}
 
+
 
+int main(int argc, char *argv[]){
 
+	pid_t pid;
 
+	char filter1[33] = "ether src host 08:00:27:e8:9d:d4";
 
+	char filter2[33] = "ether src host 08:00:27:e8:9d:d4";
 
+
 
+	char *dev1 = NULL; /* Device that leads to the internal network */
 
+	char *dev2 = NULL; /* Device that leads out to the world */
 
+
 
+	if (argc != 3) { 
+		usage();
 
+		return(2);
 
+	}
 
+	dev1 = argv[1];
 
+	dev2 = argv[2];
 
+
 
+	snprintf(filter1, 33, "ether src host %s", macaddr);
 
+	snprintf(filter2, 33, "ether dst host %s", macaddr);
 
+
 
+	pid = fork();
 
+	if (pid < 0) {
 
+		fprintf(stderr, "Fork call failed.\n");
 
+		return(2);
 
+	}
 
+	if (pid == 0) {
 
+		sniff_packets(dev1, dev2, filter1);		
+	} else {
 
+		sniff_packets(dev2, dev1, filter2);
 
+	}
 
+	
+	return(0);
 
+}
 
+
 
+int sniff_packets(char *readdev, char *writedev, char *filter){
 
+	pcap_t *handle;
 
+	char errbuf[BUFSIZ];
 
+	struct bpf_program fp;
 
+	bpf_u_int32 mask;
 
+	bpf_u_int32 net;
 
+
 
+	if (pcap_lookupnet(readdev, &net, &mask, errbuf) == -1){
 
+		fprintf(stderr, "Can't get netmask for device %s\n", readdev);
 
+		return(2);
 
+	}
 
+
 
+	handle = pcap_open_live(readdev, BUFSIZ, 1, 1000, errbuf);
 
+	if (handle == NULL){
 
+		fprintf(stderr, "Couldn't open device %s: %s\n", readdev, errbuf);
 
+	}
 
+
 
+	if(pcap_datalink(handle) != DLT_EN10MB) {
 
+		fprintf(stderr, "Device %s does not provide Ethernet headers - not supported\n", readdev);
 
+		return(2);
 
+	}
 
+
 
+	if(pcap_compile(handle, &fp, filter, 0 , net) == -1){
 
+		fprintf(stderr, "Couldn't parse filter %s: %s\n", filter, pcap_geterr(handle));
 
+		return(2);
 
+	}
 
+
 
+	if (pcap_setfilter(handle, &fp) == -1) {
 
+		fprintf(stderr, "Couldn't install filter %s: %s\n", filter, pcap_geterr(handle));
 
+		return(2);
 
+	}
 
+
 
+	/*callback function*/
 
+	pcap_loop(handle, -1, got_packet, writedev);
 
+
 
+	/*Sniff a packet*/
 
+	pcap_close(handle);
 
+	return(0);
 
+}