public void forwardFrame(IPFrame frame)
{
var id = RandomString(10);
var udpFrame = (UDPFrame)frame.EncapsulatedFrame;
var e = new System.Net.IPEndPoint(System.Net.IPAddress.Parse("192.168.1.220"), udpFrame.DestinationPort);
logger.Debug("{0} Source Port: {1}", id, udpFrame.SourcePort);
logger.Debug("{0} Dest Port: {1}", id, udpFrame.DestinationPort);
ProxySocket socket;
var cacheKey = string.Format("{0}:{1}->{2}", udpFrame.SourcePort, udpFrame.DestinationPort, e.ToString());
if (!natTable.TryGetValue(cacheKey, out socket))
{
socket = new ProxySocket(AddressFamily.InterNetwork, SocketType.Dgram, ProtocolType.Udp);
socket.ProxyEndPoint = new System.Net.IPEndPoint(System.Net.IPAddress.Parse("192.168.1.150"), 1080);
socket.ProxyType = ProxyTypes.Socks5;
socket.Connect(e);
Task.Run(() =>
{
try
{
logger.Debug("{0} Create a new UDP Receive Task", id);
var buffer = new byte[8192];
ProxySocket tmp;
while (natTable.TryGetValue(cacheKey, out tmp))
{
logger.Debug("start receive");
var bytesReceived = socket.Receive(buffer);
logger.Debug("{0} Received packet", id);
natTable.Add(cacheKey, socket);
var receivedIPFrame = new IPv4Frame();
receivedIPFrame.SourceAddress = frame.DestinationAddress;
receivedIPFrame.DestinationAddress = frame.SourceAddress;
receivedIPFrame.Protocol = IPProtocol.UDP;
var receivedUDPFrame = new UDPFrame();
receivedUDPFrame.SourcePort = udpFrame.DestinationPort;
receivedUDPFrame.DestinationPort = udpFrame.SourcePort;
logger.Debug("{0} RSource Port: {1}", id, receivedUDPFrame.SourcePort);
logger.Debug("{0} RDest Port: {1}", id, receivedUDPFrame.DestinationPort);
receivedUDPFrame.EncapsulatedFrame = new RawDataFrame(buffer, 0, bytesReceived);
receivedIPFrame.EncapsulatedFrame = receivedUDPFrame;
receivedUDPFrame.Checksum = receivedUDPFrame.CalculateChecksum(receivedIPFrame.GetPseudoHeader());
tap.Write(receivedIPFrame.FrameBytes, 0, receivedIPFrame.Length);
tap.Flush();
logger.Debug("{0} wrote", id);
}
}
catch (SocketException err)
{
logger.Error(err);
}
});
}
natTable.Add(cacheKey, socket);
socket.BeginSend(udpFrame.EncapsulatedFrame.FrameBytes, 0, udpFrame.EncapsulatedFrame.FrameBytes.Length, 0, ar =>
{
socket.EndSend(ar);
logger.Debug("{0} Sent to Dest", id);
}, null);
}
/// <summary>
/// Decapsulates the given UDP frame if the binding of this socket matches the frame and invokes the FrameDecapsulated event when finished.
/// </summary>
/// <param name="fFrame">The frame to process</param>
/// <param name="bPush">A bool indicating whether the frame is delivered with a push flag</param>
/// <returns>A bool indicating whether the given frame matched the binding of this socket</returns>
public override bool PushUp(Frame fFrame, bool bPush)
{
if (fFrame.FrameType != FrameTypes.UDP)
{
try
{
fFrame = new UDPFrame(fFrame.FrameBytes);
}
catch
{
return(false);
}
}
UDPFrame fUDPFrame = (UDPFrame)fFrame;
if (fUDPFrame.SourcePort != this.RemoteBinding || fUDPFrame.DestinationPort != this.LocalBinding)
{
return(false);
}
InvokeFrameDecapsulated(fUDPFrame.EncapsulatedFrame, bPush);
return(true);
}
/// <summary>
/// Checks for DNS frames in this frame and spoofes the response, if a response entry does match
/// </summary>
/// <param name="fInputFrame">The frame to handle</param>
/// <returns>The modified frame</returns>
protected override Frame ModifyTraffic(Frame fInputFrame)
{
if (!bPause)
{
IPFrame ipFrame = GetIPFrame(fInputFrame);
UDPFrame udpFrame = GetUDPFrame(fInputFrame);
DNSFrame dnsFrame = (DNSFrame)GetFrameByType(fInputFrame, FrameTypes.DNS);
if (dnsFrame != null && ipFrame != null)
{
if (dnsFrame.QRFlag)
{
foreach (DNSResourceRecord r in dnsFrame.GetAnswers())
{
ProcessDNSRecord(r, ipFrame.DestinationAddress);
}
foreach (DNSResourceRecord r in dnsFrame.GetAuthorotives())
{
ProcessDNSRecord(r, ipFrame.DestinationAddress);
}
foreach (DNSResourceRecord r in dnsFrame.GetAdditionals())
{
ProcessDNSRecord(r, ipFrame.DestinationAddress);
}
}
if (udpFrame != null)
{
udpFrame.Checksum = new byte[2]; //Empty checksum
}
}
}
return(fInputFrame);
}
/// <summary>
/// Encapsulates the given UDP frame according to the binding of this socket and invokes the FrameEncapsulated event when finished.
/// </summary>
/// <param name="fFrame">The frame to process</param>
/// <param name="bPush">A bool indicating whether the frame is delivered with a push flag</param>
public override void PushDown(Frame fFrame, bool bPush)
{
UDPFrame fUDPFrame = new UDPFrame();
fUDPFrame.DestinationPort = RemoteBinding;
fUDPFrame.SourcePort = LocalBinding;
fUDPFrame.EncapsulatedFrame = fFrame;
InvokeFrameEncapsulated(fUDPFrame, bPush);
}
static bool PacketFilter(IPv4Header ipv4Header, UDPFrame udpFrame)
{
if (ipv4Header.ChecksumOK == false ||
!ipv4Header.SourceAddress.Equals(FilterSourceAddr) ||
!ipv4Header.DestinationAddress.Equals(FilterDestAddr) ||
udpFrame.Header.DestinationPort != FilterDestPort)
{
return(false);
}
return(UDPFns.UDPChecksum(ipv4Header.SourceAddress, ipv4Header.DestinationAddress, udpFrame) == udpFrame.Header.Checksum);
}
/// <summary>
/// Checks whether the input frame contains a DNS component.
/// If it contains a DNS frame, the DNS frame will be parsed and logged
/// </summary>
/// <param name="fInputFrame">The frame to analyze</param>
protected override void HandleTraffic(Frame fInputFrame)
{
UDPFrame fUDP = GetUDPFrame(fInputFrame);
IPFrame ipFrame = GetIPFrame(fInputFrame);
DNSFrame dFrame = (DNSFrame)GetFrameByType(fInputFrame, FrameTypes.DNS);
if (fUDP != null && ipFrame != null && dFrame != null)
{
bool bFound = false;
foreach (DNSItem di in lLog)
{
foreach (DNSQuestion qs in dFrame.GetQuestions())
{
if ((di.QueryingHost.Equals(ipFrame.SourceAddress) || di.QueryingHost.Equals(ipFrame.DestinationAddress)) && di.TransactionID == dFrame.Identifier && di.QueryName == qs.Query && !di.TransactionComplete)
{
bFound = true;
}
}
}
if (!bFound)
{
foreach (DNSQuestion qs in dFrame.GetQuestions())
{
DNSItem dsItem;
if (dFrame.QRFlag)
{
dsItem = new DNSItem(qs.Query, ipFrame.DestinationAddress, ipFrame.SourceAddress, TimeSpan.Zero, dFrame.Identifier);
}
else
{
dsItem = new DNSItem(qs.Query, ipFrame.SourceAddress, ipFrame.DestinationAddress, TimeSpan.Zero, dFrame.Identifier);
}
AddLogItem(dsItem);
}
}
if (dFrame.QRFlag)
{
foreach (DNSItem dsItem in lLog)
{
if (dFrame.Identifier == dsItem.TransactionID && !dsItem.TransactionComplete)
{
foreach (DNSResourceRecord rr in dFrame.GetAnswers())
{
if (rr.Type == DNSResourceType.CNAME)
{
if (rr.Name == dsItem.QueryName)
{
string strTMPName = ASCIIEncoding.ASCII.GetString(rr.ResourceData);
foreach (DNSResourceRecord rr2 in dFrame.GetAnswers())
{
if (rr2.Type == DNSResourceType.A && rr2.Name == strTMPName)
{
IPAddress ipa = new IPAddress(rr2.ResourceData);
if (!dsItem.ContainsAnswer(ipa))
{
dsItem.AddAnswer(ipa);
}
dsItem.ChacheTime = new TimeSpan(0, 0, rr2.TTL);
dsItem.TransactionComplete = true;
dsItem.AnsweringServer = ipFrame.SourceAddress;
InvokeUpdated(dsItem);
}
}
}
}
if (rr.Type == DNSResourceType.A && rr.Name == dsItem.QueryName)
{
IPAddress ipa = new IPAddress(rr.ResourceData);
if (!dsItem.ContainsAnswer(ipa))
{
dsItem.AddAnswer(ipa);
}
dsItem.ChacheTime = new TimeSpan(0, 0, rr.TTL);
dsItem.AnsweringServer = ipFrame.SourceAddress;
dsItem.TransactionComplete = true;
InvokeUpdated(dsItem);
}
}
}
}
}
}
}
