def handle_syn_ack(syn_ack):
uncertain_ip = socket.inet_ntoa(syn_ack.src)
if uncertain_ip in pending_syn:
del pending_syn[uncertain_ip]
expected_ttl = syn_ack_ttl.get((uncertain_ip, syn_ack.tcp.sport)) or 0
if expected_ttl and abs(syn_ack.ttl - expected_ttl) > 2:
record_jamming_event(uncertain_ip, 'tcp syn ack spoofing')
LOGGER.error(
'received spoofed SYN ACK: expected ttl is %s, actually is %s, the packet %s' %
(expected_ttl, syn_ack.ttl, format_ip_packet(syn_ack)))
syn_ack_ttl[(uncertain_ip, syn_ack.tcp.sport)] = syn_ack.ttl # later one should be the correct one as GFW is closer to us
if uncertain_ip in international_zone:
inject_poison_ack_to_fill_gfw_buffer_with_garbage(syn_ack, international_zone[uncertain_ip])
return True
elif uncertain_ip in domestic_zone:
return True
elif pending_connection.is_ip_pending(uncertain_ip):
pending_connection.record_syn_ack(syn_ack)
timeouted = pending_connection.is_ip_timeouted(uncertain_ip)
if timeouted:
international_ip = uncertain_ip
LOGGER.info('treat ip as international due to timeout: %s' % international_ip)
add_international_ip(international_ip, DEFAULT_TTL_TO_GFW)
return False
elif china_ip.is_china_ip(uncertain_ip):
domestic_ip = uncertain_ip
LOGGER.info('found domestic ip: %s' % domestic_ip)
domestic_zone.add(domestic_ip)
return True
else:
pending_connection.record_syn_ack(syn_ack)
inject_ping_requests_to_find_right_ttl(uncertain_ip)
return False
def handle_syn(syn):
dst = socket.inet_ntoa(syn.dst)
if dst not in pending_syn and dst not in domestic_zone and dst not in international_zone \
and not pending_connection.is_ip_pending(dst):
pending_syn[dst] = time.time()
for ip, sent_at in pending_syn.items():
elapsed_seconds = time.time() - sent_at
if elapsed_seconds > 5:
record_jamming_event(ip, 'syn packet drop')
del pending_syn[ip]
return True
def handle_syn(syn):
dst = socket.inet_ntoa(syn.dst)
if '127.0.0.1' == dst:
return
if dst not in pending_syn and dst not in domestic_zone and dst not in international_zone \
and not pending_connection.is_ip_pending(dst):
pending_syn[dst] = time.time()
for ip, sent_at in pending_syn.items():
elapsed_seconds = time.time() - sent_at
if elapsed_seconds > 3:
log_jamming_event(ip, 'syn packet drop')
del pending_syn[ip]
full_proxy_service.add_to_black_list(ip, syn=syn)
return False
return True
def handle_syn(syn):
dst = socket.inet_ntoa(syn.dst)
if '127.0.0.1' == dst:
return
if dst not in pending_syn and dst not in domestic_zone and dst not in international_zone \
and not pending_connection.is_ip_pending(dst):
pending_syn[dst] = time.time()
for ip, sent_at in pending_syn.items():
elapsed_seconds = time.time() - sent_at
if elapsed_seconds > 2:
log_jamming_event(ip, 'syn packet drop')
del pending_syn[ip]
full_proxy_service.add_to_black_list(ip, syn=syn)
return False
return True
def handle_syn_ack(syn_ack):
uncertain_ip = socket.inet_ntoa(syn_ack.src)
full_proxy_service.add_to_white_list(uncertain_ip)
if uncertain_ip in pending_syn:
del pending_syn[uncertain_ip]
expected_ttl = syn_ack_ttl.get((uncertain_ip, syn_ack.tcp.sport)) or 0
if expected_ttl and abs(syn_ack.ttl - expected_ttl) > 2:
log_jamming_event(uncertain_ip, 'tcp syn ack spoofing')
LOGGER.error(
'received spoofed SYN ACK: expected ttl is %s, actually is %s, the packet %s'
% (expected_ttl, syn_ack.ttl, format_ip_packet(syn_ack)))
syn_ack_ttl[(
uncertain_ip, syn_ack.tcp.sport
)] = syn_ack.ttl # later one should be the correct one as GFW is closer to us
if uncertain_ip in international_zone:
inject_poison_ack_to_fill_gfw_buffer_with_garbage(
syn_ack, international_zone[uncertain_ip])
return True
elif uncertain_ip in domestic_zone:
return True
elif pending_connection.is_ip_pending(uncertain_ip):
pending_connection.record_syn_ack(syn_ack)
timeouted = pending_connection.is_ip_timeouted(uncertain_ip)
if timeouted:
international_ip = uncertain_ip
LOGGER.info(
'treat ip as international due to timeout: %s, %s' %
(international_ip,
pending_connection.get_detected_routers(international_ip)))
ttl_to_gfw = pending_connection.get_ttl_to_gfw(
international_ip, exact_match_only=False)
add_international_ip(international_ip,
(ttl_to_gfw or DEFAULT_TTL_TO_GFW) -
SAFETY_DELTA)
return False
elif china_ip.is_china_ip(uncertain_ip):
domestic_ip = uncertain_ip
LOGGER.info('found domestic ip: %s' % domestic_ip)
domestic_zone.add(domestic_ip)
return True
else:
pending_connection.record_syn_ack(syn_ack)
inject_ping_requests_to_find_right_ttl(uncertain_ip)
return False
