def arp_worker(destination, source, interface, timeout, count):
""" Worker that is run for each host. Concurrency is handled by gevent. """
if destination[0] != source[0]:
# source and destination must be both ipv4 or ipv6
# should raise an Exception?
return
source_ip = socket.inet_pton(source[0], source[4][0])
destination_ip = socket.inet_pton(destination[0], destination[4][0])
try:
my_socket = socket.socket(socket.AF_PACKET, socket.SOCK_RAW, socket.SOCK_RAW)
except PermissionError:
msg = "ARP requests can only be sent from processes running as root."
raise PermissionError(msg)
my_socket.bind((interface, socket.SOCK_RAW))
for i in range(count):
send_request(my_socket, destination_ip, source_ip, interface)
mac_address = receive_reply(my_socket, source_ip, destination_ip, timeout)
if not isinstance(mac_address, Exception):
return mac_address
return mac_address
def pack_addr(addrtype, addr):
if addrtype == IP_V4:
s = socket.inet_pton(socket.AF_INET, addr)
elif addrtype == IP_V6:
s = socket.inet_pton(socket.AF_INET6, addr)
elif addrtype == DOMAIN_NAME:
s = struct.pack('B', len(addr))
s += addr
else:
raise dpkt.PackError("Unknown address type %s" % addrtype.encode('hex'))
return s
def pack_addr(addrtype, addr):
if addrtype == IP_V4:
s = socket.inet_pton(socket.AF_INET, addr) # @UndefinedVariable
elif addrtype == IP_V6:
s = socket.inet_pton(socket.AF_INET6, addr) # @UndefinedVariable
elif addrtype == DOMAIN_NAME:
s = struct.pack('B', len(addr))
s += addr
else:
raise dpkt.PackError("Unknown address type %s" %
addrtype.encode('hex'))
return s
def addr_type(addr):
try:
socket.inet_pton(socket.AF_INET, addr) # @UndefinedVariable
return msg.IP_V4
except:
pass
try:
socket.inet_pton(socket.AF_INET6, addr) # @UndefinedVariable
return msg.IP_V6
except:
pass
return msg.DOMAIN_NAME
def addr_type(addr):
try:
socket.inet_pton(socket.AF_INET, addr)
return IP_V4
except:
pass
try:
socket.inet_pton(socket.AF_INET6, addr)
return IP_V6
except:
pass
return DOMAIN_NAME
def get_ip_version(ip):
# CR: http://stackoverflow.com/questions/11827961/checking-for-ip-addresses
try:
socket.inet_aton(ip)
return 4
except socket.error:
pass
try:
socket.inet_pton(socket.AF_INET6, ip)
return 6
except socket.error:
pass
raise ValueError(ip)
def _try_inet(self, host):
host = host.strip("[]")
try:
socket.inet_pton(socket.AF_INET6, host)
return None, host
except OSError:
pass
try:
socket.inet_pton(socket.AF_INET, host)
return host, None
except OSError:
pass
return None, None
def __get_pp_ip(self, addr_family, ip_string, which):
try:
packed = socket.inet_pton(addr_family, ip_string.decode('ascii'))
return socket.inet_ntop(addr_family, packed)
except (UnicodeDecodeError, socket.error):
msg = 'Invalid proxy protocol {0} IP format'.format(which)
raise AssertionError(msg)
def __get_pp_ip(self, addr_family, ip_string, which):
try:
packed = socket.inet_pton(addr_family, ip_string.decode("ascii"))
return socket.inet_ntop(addr_family, packed)
except (UnicodeDecodeError, socket.error):
msg = "Invalid proxy protocol {0} IP format".format(which)
raise AssertionError(msg)
def _is_valid_ipv6(address):
log.debug("checking ipv6 address: %s", address)
address = str(address)
try:
addr = socket.inet_pton(socket.AF_INET6, address)
except socket.error: # not a valid address
return False
return True
def __init__(self, interface=None):
self.sock = socket.socket(socket.AF_INET6, socket.SOCK_DGRAM)
self.sock.setsockopt(
socket.IPPROTO_IPV6,
socket.IP_MULTICAST_TTL,
struct.pack('i', 30))
if interface is not None:
self.sock.setsockopt(
socket.IPPROTO_IPV6,
socket.IPV6_MULTICAST_IF,
if_nametoindex(interface))
self.sock.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_JOIN_GROUP, (
socket.inet_pton(socket.AF_INET6, 'ff02::fb') +
socket.inet_pton(socket.AF_INET6, '::')))
self.sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
self.sock.bind(('::', 5353))
self.listeners = []
self._greenlet = gevent.Greenlet.spawn(self._greenlet_runnable)
def __init__(self, enable, data, meta, disabled):
self.enable = enable
self.data = defaultdict(list)
self.meta = meta
self.disabled = set(disabled)
self.has_ipv6 = None
for entry in data:
try:
parts = entry.split()
parts = [s.strip() for s in parts]
parts = [s for s in parts if not s.startswith("#")]
addr, name = parts
if "." in addr:
socket.inet_pton(socket.AF_INET, addr) # @UndefinedVariable
else:
socket.inet_pton(socket.AF_INET6, addr) # @UndefinedVariable
self.data[name.encode("idna")].append(addr)
except Exception, e:
pass
def __init__(self, enable, data, meta, disabled):
self.enable = enable
self.data = defaultdict(list)
self.meta = meta
self.disabled = set(disabled)
self.has_ipv6 = None
for entry in data:
try:
parts = entry.split()
parts = [s.strip() for s in parts]
parts = [s for s in parts if not s.startswith("#")]
addr, name = parts
if "." in addr:
socket.inet_pton(socket.AF_INET,
addr) # @UndefinedVariable
elif socket.has_ipv6: # @UndefinedVariable
socket.inet_pton(socket.AF_INET6,
addr) # @UndefinedVariable
self.data[name.encode("idna")].append(addr)
except Exception, e:
print "[Hosts]: ", entry, str(e)
def arp_worker(destination, source, interface, timeout, count):
""" Worker that is run for each host. Concurrency is handled by gevent. """
if destination[0] != source[0]:
# source and destination must be both ipv4 or ipv6
# should raise an Exception?
return
source_ip = socket.inet_pton(source[0], source[4][0])
destination_ip = socket.inet_pton(destination[0], destination[4][0])
try:
my_socket = socket.socket(socket.AF_PACKET, socket.SOCK_RAW, socket.SOCK_RAW)
except socket.error, (errno, msg):
if errno == 1:
# Operation not permitted
msg = msg + (
" - Note that ARP requests can only be sent from processes"
" running as root."
)
raise socket.error(msg)
# raise the original error
raise
def make_handshake(self):
self.auth_no = struct.unpack("=H", self._readn(2))[0] # RECEIVE AUTH_NO
auth = auth_pool.alloc(self.auth_no)
try:
auth.client_side(self.sock) # make auth
except:
raise VPNException("Authentication failed (auth=%s)" % auth._index)
ip = socket.inet_pton(socket.AF_INET, self.app.config.ip)
# send ip, crypto
self._write(ip)
self._write(struct.pack("=H", self.app.config.crypto_no))
self.app.config["ip"] = inet_ntoa(self._readn(4)) # recv real ip
def resolve_netloc(netloc):
# no IPv6 for now, FIXME
netloc_split = netloc.split(':', 1)
hostname = netloc_split[0]
if len(netloc_split) > 1:
port = int(netloc_split[1])
ipv4_results = list()
try:
ipv4_results.append(socket.inet_pton(socket.AF_INET, hostname))
except socket.error:
pass
try:
_, resolv_results = resolve_ipv4(hostname)
ipv4_results.extend(resolv_results)
except socket.error:
pass
def create_tuple(af, packed):
address_host = socket.inet_ntop(af, packed)
return address_tuple(af, (address_host, port))
return hostname,\
[create_tuple(socket.AF_INET, addr) for addr in ipv4_results]
def parse(self, log, line):
'''
Called for each line in a log, parse the rackspace specific format
into a sane tuple and return it.
'''
line_parts = self.log_re.match(line.strip()).groups()
ip_version = AF_INET6 if line_parts[0].find(':') > 0 else AF_INET
uri_parts = line_parts[3].split('/')[1:]
return {
'container': log.name.split('/')[0],
'host': uri_parts[0],
'ip': inet_pton(ip_version, line_parts[0]),
'ip_version': 4 if ip_version == AF_INET else 6,
'datetime': parse(line_parts[1].replace(':', ' ', 1)),
'method': line_parts[2],
'uri': '/' + '/'.join(uri_parts[1:]),
'version': line_parts[4],
'status': int(line_parts[5]),
'bytes': int(line_parts[6]),
'referrer': '' if line_parts[7] == '-' else line_parts[7],
'useragent': line_parts[8],
}
def create_connection(self, address, timeout=5):
startTime = int(time.time() * 1000)
hostname = address[0]
port = address[1]
try:
_sock = self.upstream.create_connection(
(self.socks5_hostname, self.socks5_port),
timeout,
)
except:
info = traceback.format_exc()
tcpping = int(time.time() * 1000) - startTime
logging.warn(
u'[socks5] 远程代理服务器连接失败! socks5_hostname:%s ,socks5_port:%s ,timeout:%s,time:%s'
% (self.socks5_hostname, self.socks5_port, timeout, tcpping))
logging.warn('%s\r\n\r\n' % info)
raise
raise
_sock.setsockopt(_socket.IPPROTO_TCP, _socket.TCP_NODELAY, 1)
_sock.settimeout(timeout * 2)
tcpping = int(time.time() * 1000) - startTime
logging.debug(
u'[socks5] 远程代理服务器已连接 socks5_hostname:%s ,socks5_port:%s ,timeout:%s,time:%s'
% (self.socks5_hostname, self.socks5_port, timeout, tcpping))
# 登录
_sock.pack('BBB', 0x05, 0x01, 0x00)
# 登录回应
ver, method = _sock.unpack('BB')
tcpping = int(time.time() * 1000) - startTime
if ver != 0x05 or method != 0x00:
_sock.close(safe=False)
ms = u'[socks5] 远程代理服务器登录失败! host:%s ,port:%s, time:%s' % (
self.socks5_hostname, self.socks5_port, tcpping)
raise UpstreamLoginError(ms)
logging.debug(u'[socks5] 远程代理服务器登陆成功。 host:%s ,port:%s ,time:%s' %
(self.socks5_hostname, self.socks5_port, tcpping))
# 请求连接
atyp = dnslib.get_addr_type(hostname)
if atyp == 0x01:
# ipv4
_sock.pack('!BBBBIH', 0x05, 0x01, 0x00, atyp,
struct.unpack('!I', _socket.inet_aton(hostname))[0],
port)
elif atyp == 0x03:
# 域名
_sock.pack('!BBBBB%ssH' % len(hostname), 0x05, 0x01, 0x00, atyp,
len(hostname), hostname, port)
elif atyp == 0x04:
# ipv6
_str = _socket.inet_pton(_socket.AF_INET6, hostname)
a, b = struct.unpack('!2Q', _str)
_sock.pack('!BBBB2QH', 0x05, 0x01, 0x00, atyp, a, b, port)
else:
tcpping = int(time.time() * 1000) - startTime
ms = u'[socks5] 地址类型未知! atyp:%s ,time:%s' % (atyp, tcpping)
_sock.close(safe=False)
assert False, ms
# 请求回应
ver, rep, rsv, atyp = _sock.unpack('BBBB')
if ver != 0x05:
_sock.close(safe=False)
raise UpstreamProtocolError(u'未知的服务器协议版本!')
if rep != 0x00:
tcpping = int(time.time() * 1000) - startTime
ms = u'[socks5] 远程代理服务器无法连接目标网站! ver:%s ,rep:%s, time=%s' % (
ver, rep, tcpping)
_sock.close(safe=False)
raise _socket.error(
10060, (u'[Socks5] 代理服务器无法连接到目的主机。socks5_host = %s, '
u'socks5_port = %s ,host = %s ,port = %s ,rep = %s') %
(self.socks5_hostname, self.socks5_port, hostname, port, rep))
if atyp == 0x01:
_sock.unpack('!IH')
elif atyp == 0x03:
length = _sock.unpack('B')
_sock.unpack('%ssH' % length)
elif atyp == 0x04:
_sock.unpack('!2QH')
tcpping = int(time.time() * 1000) - startTime
# TODO: 这里需要记录下本sock连接远程的耗时。
return self.socket(_sock=_sock)
def create_connection(self, address, timeout=5):
startTime = int(time.time() * 1000)
hostname = address[0]
port = address[1]
try:
_sock = self.upstream.create_connection((self.socks5_hostname, self.socks5_port), timeout,)
except:
info = traceback.format_exc()
tcpping = int(time.time() * 1000) - startTime
logging.warn(u'[socks5] 远程代理服务器连接失败! socks5_hostname:%s ,socks5_port:%s ,timeout:%s,time:%s' % (
self.socks5_hostname, self.socks5_port, timeout, tcpping))
logging.warn('%s\r\n\r\n' % info)
raise
raise
_sock.setsockopt(_socket.IPPROTO_TCP, _socket.TCP_NODELAY, 1)
_sock.settimeout(timeout * 2)
tcpping = int(time.time() * 1000) - startTime
logging.debug(u'[socks5] 远程代理服务器已连接 socks5_hostname:%s ,socks5_port:%s ,timeout:%s,time:%s' % (
self.socks5_hostname, self.socks5_port, timeout, tcpping))
# 登录
_sock.pack('BBB', 0x05, 0x01, 0x00)
# 登录回应
ver, method = _sock.unpack( 'BB')
tcpping = int(time.time() * 1000) - startTime
if ver != 0x05 or method != 0x00:
_sock.close(safe=False)
ms = u'[socks5] 远程代理服务器登录失败! host:%s ,port:%s, time:%s' % (self.socks5_hostname, self.socks5_port, tcpping)
raise UpstreamLoginError(ms)
logging.debug(
u'[socks5] 远程代理服务器登陆成功。 host:%s ,port:%s ,time:%s' % (self.socks5_hostname, self.socks5_port, tcpping))
# 请求连接
atyp = dnslib.get_addr_type(hostname)
if atyp == 0x01:
# ipv4
_sock.pack('!BBBBIH', 0x05, 0x01, 0x00, atyp, struct.unpack('!I', _socket.inet_aton(hostname))[0], port)
elif atyp == 0x03:
# 域名
_sock.pack('!BBBBB%ssH' % len(hostname), 0x05, 0x01, 0x00, atyp, len(hostname), hostname, port)
elif atyp == 0x04:
# ipv6
_str = _socket.inet_pton(_socket.AF_INET6, hostname)
a, b = struct.unpack('!2Q', _str)
_sock.pack('!BBBB2QH', 0x05, 0x01, 0x00, atyp, a, b, port)
else:
tcpping = int(time.time() * 1000) - startTime
ms = u'[socks5] 地址类型未知! atyp:%s ,time:%s' % (atyp, tcpping)
_sock.close(safe=False)
assert False, ms
# 请求回应
ver, rep, rsv, atyp = _sock.unpack('BBBB')
if ver != 0x05:
_sock.close(safe=False)
raise UpstreamProtocolError(u'未知的服务器协议版本!')
if rep != 0x00:
tcpping = int(time.time() * 1000) - startTime
ms = u'[socks5] 远程代理服务器无法连接目标网站! ver:%s ,rep:%s, time=%s' % (ver, rep, tcpping)
_sock.close(safe=False)
raise _socket.error(10060,
(u'[Socks5] 代理服务器无法连接到目的主机。socks5_host = %s, '
u'socks5_port = %s ,host = %s ,port = %s ,rep = %s') %
(self.socks5_hostname, self.socks5_port, hostname, port, rep))
if atyp == 0x01:
_sock.unpack('!IH')
elif atyp == 0x03:
length = _sock.unpack('B')
_sock.unpack('%ssH' % length)
elif atyp == 0x04:
_sock.unpack('!2QH')
tcpping = int(time.time() * 1000) - startTime
# TODO: 这里需要记录下本sock连接远程的耗时。
return self.socket(_sock=_sock)
connection_server = StreamServer((settings.IPV6_BIND_INTERFACE, settings.TCP_PORT), handle_connection)
connection_server.family = socket.AF_INET6
connection_server.init_socket()
connection_server.start()
# Set up the v4 UDP server
ipv4_datagram_server = datagram.TrummaDatagramServer(
settings.IPV4_MULTICAST_GROUP, (settings.IPV4_BIND_INTERFACE, settings.UDP_PORT)
)
# Modify some private (?) members to make it join the multicast group
ipv4_datagram_server.init_socket()
ipv4_datagram_server.socket.setsockopt(
socket.IPPROTO_IP,
socket.IP_ADD_MEMBERSHIP,
socket.inet_pton(socket.AF_INET, settings.IPV4_MULTICAST_GROUP) + struct.pack("=I", socket.INADDR_ANY),
)
ipv4_datagram_server.start()
# Set up the v6 UDP server
ipv6_datagram_server = datagram.TrummaDatagramServer(
settings.IPV6_MULTICAST_GROUP, (settings.IPV6_BIND_INTERFACE, settings.UDP_PORT)
)
ipv6_datagram_server.family = socket.AF_INET6
ipv6_datagram_server.init_socket()
ipv6_datagram_server.socket.setsockopt(
socket.IPPROTO_IPV6,
socket.IPV6_JOIN_GROUP,
socket.inet_pton(socket.AF_INET6, settings.IPV6_MULTICAST_GROUP) + struct.pack("=I", 0),
)
ipv6_datagram_server.start()
