feat: Add support for all interfaces

Author: MikeWang000000

README.md

@@ -32,6 +32,7 @@ General Options:
   -w <file>          write log to <file> instead of stderr
 
 Advanced Options:
+  -a                 work on all network interfaces (ignores -i)
   -b <file>          use TCP payload from binary file (ignores -h)
   -f                 skip firewall rules
   -g                 disable hop count estimation

include/globvar.h

@@ -30,6 +30,7 @@ struct fh_context {
     /* -1 */ int outbound;
     /* -4 */ int use_ipv4;
     /* -6 */ int use_ipv6;
+    /* -a */ int alliface;
     /* -b */ const char *payloadpath;
     /* -d */ int daemon;
     /* -f */ int skipfw;

src/globvar.c

@@ -30,6 +30,7 @@ struct fh_context g_ctx = {.exit = 0,
                            /* -1 */ .outbound = 0,
                            /* -4 */ .use_ipv4 = 0,
                            /* -6 */ .use_ipv6 = 0,
+                           /* -a */ .alliface = 0,
                            /* -b */ .payloadpath = NULL,
                            /* -d */ .daemon = 0,
                            /* -f */ .skipfw = 0,

src/ipv4ipt.c

@@ -33,10 +33,22 @@ static int ipt4_iface_setup(void)
     char iface_str[IFNAMSIZ];
     size_t i, cnt;
     int res;
+    char *ipt_alliface_cmd[] = {"iptables", "-w", "-t",         "mangle", "-A",
+                                "FAKEHTTP", "-j", "FAKEHTTP_R", NULL};
+
     char *ipt_iface_cmd[] = {"iptables", "-w",         "-t", "mangle",
                              "-A",       "FAKEHTTP",   "-i", iface_str,
                              "-j",       "FAKEHTTP_R", NULL};
 
+    if (g_ctx.alliface) {
+        res = fh_execute_command(ipt_alliface_cmd, 0, NULL);
+        if (res < 0) {
+            E(T(fh_execute_command));
+            return -1;
+        }
+        return 0;
+    }
+
     cnt = sizeof(g_ctx.iface) / sizeof(*g_ctx.iface);
 
     for (i = 0; i < cnt && g_ctx.iface[i]; i++) {

src/ipv4nft.c

@@ -34,6 +34,22 @@ static int nft4_iface_setup(void)
     int res;
     char *nft_iface_cmd[] = {"nft", nftstr, NULL};
 
+    if (g_ctx.alliface) {
+        res = snprintf(nftstr, sizeof(nftstr),
+                       "add rule ip fakehttp fh_prerouting jump fh_rules");
+        if (res < 0 || (size_t) res >= sizeof(nftstr)) {
+            E("ERROR: snprintf(): %s", "failure");
+            return -1;
+        }
+
+        res = fh_execute_command(nft_iface_cmd, 0, NULL);
+        if (res < 0) {
+            E(T(fh_execute_command));
+            return -1;
+        }
+        return 0;
+    }
+
     cnt = sizeof(g_ctx.iface) / sizeof(*g_ctx.iface);
 
     for (i = 0; i < cnt && g_ctx.iface[i]; i++) {

src/ipv6ipt.c

@@ -33,10 +33,23 @@ static int ipt6_iface_setup(void)
     char iface_str[IFNAMSIZ];
     size_t i, cnt;
     int res;
+    char *ipt_alliface_cmd[] = {"ip6tables", "-w",         "-t",
+                                "mangle",    "-A",         "FAKEHTTP",
+                                "-j",        "FAKEHTTP_R", NULL};
+
     char *ipt_iface_cmd[] = {"ip6tables", "-w",         "-t", "mangle",
                              "-A",        "FAKEHTTP",   "-i", iface_str,
                              "-j",        "FAKEHTTP_R", NULL};
 
+    if (g_ctx.alliface) {
+        res = fh_execute_command(ipt_alliface_cmd, 0, NULL);
+        if (res < 0) {
+            E(T(fh_execute_command));
+            return -1;
+        }
+        return 0;
+    }
+
     cnt = sizeof(g_ctx.iface) / sizeof(*g_ctx.iface);
 
     for (i = 0; i < cnt && g_ctx.iface[i]; i++) {

src/ipv6nft.c

@@ -34,6 +34,22 @@ static int nft6_iface_setup(void)
     int res;
     char *nft_iface_cmd[] = {"nft", nftstr, NULL};
 
+    if (g_ctx.alliface) {
+        res = snprintf(nftstr, sizeof(nftstr),
+                       "add rule ip6 fakehttp fh_prerouting jump fh_rules");
+        if (res < 0 || (size_t) res >= sizeof(nftstr)) {
+            E("ERROR: snprintf(): %s", "failure");
+            return -1;
+        }
+
+        res = fh_execute_command(nft_iface_cmd, 0, NULL);
+        if (res < 0) {
+            E(T(fh_execute_command));
+            return -1;
+        }
+        return 0;
+    }
+
     cnt = sizeof(g_ctx.iface) / sizeof(*g_ctx.iface);
 
     for (i = 0; i < cnt && g_ctx.iface[i]; i++) {

src/mainfun.c

@@ -68,6 +68,7 @@ static void print_usage(const char *name)
         "  -w <file>          write log to <file> instead of stderr\n"
         "\n"
         "Advanced Options:\n"
+        "  -a                 work on all network interfaces (ignores -i)\n"
         "  -b <file>          use TCP payload from binary file (ignores -h)\n"
         "  -f                 skip firewall rules\n"
         "  -g                 disable hop count estimation\n"
@@ -103,7 +104,7 @@ int main(int argc, char *argv[])
     memset(g_ctx.iface, 0, sizeof(g_ctx.iface));
     exitcode = EXIT_FAILURE;
 
-    while ((opt = getopt(argc, argv, "0146b:dfh:i:km:n:r:st:w:x:z")) != -1) {
+    while ((opt = getopt(argc, argv, "0146ab:dfh:i:km:n:r:st:w:x:z")) != -1) {
         switch (opt) {
             case '0':
                 g_ctx.inbound = 1;
@@ -121,6 +122,10 @@ int main(int argc, char *argv[])
                 g_ctx.use_ipv6 = 1;
                 break;
 
+            case 'a':
+                g_ctx.alliface = 1;
+                break;
+
             case 'b':
                 g_ctx.payloadpath = optarg;
                 if (strlen(g_ctx.payloadpath) > PATH_MAX - 1) {
@@ -286,7 +291,7 @@ int main(int argc, char *argv[])
         return EXIT_FAILURE;
     }
 
-    if (!iface_cnt) {
+    if (!g_ctx.alliface && !iface_cnt) {
         fprintf(stderr, "%s: option -i is required.\n", argv[0]);
         print_usage(argv[0]);
         return EXIT_FAILURE;
@@ -350,7 +355,9 @@ int main(int argc, char *argv[])
         EE("WARNING: setpriority(): %s", strerror(errno));
     }
 
-    if (iface_cnt > 1) {
+    if (g_ctx.alliface) {
+        iface_info = "all interfaces";
+    } else if (iface_cnt > 1) {
         iface_info = "multiple interfaces";
     } else {
         iface_info = g_ctx.iface[0];