Implement promiscuous option for open_link.

haesbaert · haesbaert · commit b7284a9aecf3 · 2022-04-02T21:07:28.000+02:00
This was prompted by issue #1 from @gabrik. This allows one to put the device in promiscuous mode when opening the link. On linux (af_packet) we can use PACKET_MR_PROMISC which is nicer than SIOCSIFFLAGS, that is because the kernel keeps state of the process that joined the membership and clears it when the process dies, that's also what libpcap(3) does. I struggled a bit in the beginning since I was doing SIOCIFFLAGS and had to keep the state in userland which is almost impossible to do it right if we get a SIGKILL. BPF always did this, so it's also straightforward.
diff --git a/bin/dune b/bin/dune
@@ -0,0 +1,4 @@
+(executable
+ (name rawcap)
+ (public_name rawcap)
+ (libraries rawlink))
diff --git a/bin/rawcap.ml b/bin/rawcap.ml
@@ -0,0 +1,28 @@
+(*
+ * Copyright (c) 2015-2022 Christiano F. Haesbaert <haesbaert@haesbaert.org>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *)
+
+(* Useful for livetesting *)
+
+let () =
+  if Array.length Sys.argv <> 2 then invalid_arg "usage: rawcap ifname";
+  let ifname = Sys.argv.(1) in
+  let link = Rawlink.open_link ~promisc:true ifname in
+  let rec loop () =
+    let pkt = Rawlink.read_packet link in
+    Printf.printf "got packet with %d bytes\n%!" (Cstruct.length pkt);
+    loop ()
+  in
+  loop ()
diff --git a/lib/lwt_rawlink.ml b/lib/lwt_rawlink.ml
@@ -1,5 +1,5 @@
 (*
- * Copyright (c) 2015 Christiano F. Haesbaert <haesbaert@haesbaert.org>
+ * Copyright (c) 2015-2022 Christiano F. Haesbaert <haesbaert@haesbaert.org>
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
@@ -28,14 +28,14 @@ type driver =
   | AF_PACKET
   | BPF
 
-external opensock: ?filter:string -> string -> Unix.file_descr = "caml_rawlink_open"
+external opensock: ?filter:string -> ?promisc:bool -> string -> Unix.file_descr = "caml_rawlink_open"
 external dhcp_server_filter: unit -> string = "caml_dhcp_server_filter"
 external dhcp_client_filter: unit -> string = "caml_dhcp_client_filter"
 external driver: unit -> driver = "caml_driver"
 external bpf_align: int -> int -> int = "caml_bpf_align"
 
-let open_link ?filter ifname =
-  let fd = Lwt_unix.of_unix_file_descr (opensock ?filter:filter ifname) in
+let open_link ?filter ?(promisc=false) ifname =
+  let fd = Lwt_unix.of_unix_file_descr (opensock ?filter:filter ~promisc ifname) in
   let () = Lwt_unix.set_blocking fd false in
   { fd; packets = ref []; buffer = (Cstruct.create 65536) }
 
diff --git a/lib/lwt_rawlink.mli b/lib/lwt_rawlink.mli
@@ -1,5 +1,5 @@
 (*
- * Copyright (c) 2015 Christiano F. Haesbaert <haesbaert@haesbaert.org>
+ * Copyright (c) 2015-2022 Christiano F. Haesbaert <haesbaert@haesbaert.org>
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
@@ -25,10 +25,11 @@
 
 type t
 
-val open_link : ?filter:string -> string -> t
-(** [open_link ~filter interface]. Creates a rawlink on the specified
-    [interface], a BPF program [filter] can be passed to filter out incoming
-    packets. *)
+val open_link : ?filter:string -> ?promisc:bool -> string -> t
+(** [open_link ~filter ~promisc interface]. Creates a rawlink on the
+    specified [interface], a BPF program [filter] can be passed to
+    filter out incoming packets. If [promisc] is true, sets [interface]
+    to promiscuous mode, defaults to false. *)
 
 val close_link : t -> unit Lwt.t
 (** [close_link]. Closes a rawlink. *)
diff --git a/lib/rawlink.ml b/lib/rawlink.ml
@@ -1,5 +1,5 @@
 (*
- * Copyright (c) 2015 Christiano F. Haesbaert <haesbaert@haesbaert.org>
+ * Copyright (c) 2015-2022 Christiano F. Haesbaert <haesbaert@haesbaert.org>
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
@@ -35,16 +35,16 @@ type driver =
   | AF_PACKET
   | BPF
 
-external opensock: ?filter:string -> string -> Unix.file_descr = "caml_rawlink_open"
+external opensock: ?filter:string -> ?promisc:bool -> string -> Unix.file_descr = "caml_rawlink_open"
 external dhcp_server_filter: unit -> string = "caml_dhcp_server_filter"
 external dhcp_client_filter: unit -> string = "caml_dhcp_client_filter"
 external driver: unit -> driver = "caml_driver"
 external unix_bytes_read: Unix.file_descr -> Cstruct.buffer -> int -> int -> int =
   "lwt_unix_bytes_read"
 external bpf_align: int -> int -> int = "caml_bpf_align"
 
-let open_link ?filter ifname =
-  { fd = opensock ?filter:filter ifname;
+let open_link ?filter ?(promisc=false) ifname =
+  { fd = opensock ?filter ~promisc ifname;
     packets = ref [];
     buffer = Cstruct.create 65536 }
 
diff --git a/lib/rawlink.mli b/lib/rawlink.mli
@@ -1,5 +1,5 @@
 (*
- * Copyright (c) 2015 Christiano F. Haesbaert <haesbaert@haesbaert.org>
+ * Copyright (c) 2015-2022 Christiano F. Haesbaert <haesbaert@haesbaert.org>
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
@@ -26,10 +26,11 @@
 type t
 (** Type of a rawlink. *)
 
-val open_link : ?filter:string -> string -> t
-(** [open_link ~filter interface]. Creates a rawlink on the specified
-    [interface], a BPF program [filter] can be passed to filter out incoming
-    packets. *)
+val open_link : ?filter:string -> ?promisc:bool -> string -> t
+(** [open_link ~filter ~promisc interface]. Creates a rawlink on the
+   specified [interface], a BPF program [filter] can be passed to
+   filter out incoming packets. If [promisc] is true, sets [interface]
+   to promiscuous mode, defaults to false.*)
 
 val close_link : t -> unit
 (** [close_link]. Closes a rawlink. *)
diff --git a/lib/rawlink_stubs.c b/lib/rawlink_stubs.c
@@ -163,10 +163,27 @@ bpf_setfilter(int fd, value vfilter)
 	return (r);
 }
 
+int
+bpf_setpromisc(int fd, int promisc)
+{
+	int r = 0;
+
+	if (promisc) {
+		caml_enter_blocking_section();
+		r = ioctl(fd, BIOCPROMISC, NULL);
+		caml_leave_blocking_section();
+	}
+
+	if (r == -1)
+		uerror("bpf_setpromisc", Nothing);
+
+	return (0);
+}
+
 CAMLprim value
-caml_rawlink_open(value vfilter, value vifname)
+caml_rawlink_open(value vfilter, value vpromisc, value vifname)
 {
-	CAMLparam2(vfilter, vifname);
+	CAMLparam3(vfilter, vpromisc, vifname);
 	int fd;
 
 	if ((fd = bpf_open()) == -1)
@@ -181,6 +198,8 @@ caml_rawlink_open(value vfilter, value vifname)
 		CAMLreturn(Val_unit);
 	if (bpf_setimmediate(fd, 1) == -1)
 		CAMLreturn(Val_unit);
+	if (bpf_setpromisc(fd, Bool_val(vpromisc)) == -1)
+		CAMLreturn(Val_unit);
 
 	CAMLreturn (Val_int(fd));
 }
@@ -204,6 +223,34 @@ caml_bpf_align(value va, value vb)
 
 #ifdef USE_AF_PACKET
 
+/*
+ * Welcome to linux where glibc insists in not providing strlcpy.
+ */
+size_t
+strlcpy(char *dst, const char *src, size_t dsize)
+{
+	const char *osrc = src;
+	size_t nleft = dsize;
+
+	/* Copy as many bytes as will fit. */
+	if (nleft != 0) {
+		while (--nleft != 0) {
+			if ((*dst++ = *src++) == '\0')
+				break;
+		}
+	}
+
+	/* Not enough room in dst, add NUL and traverse rest of src. */
+	if (nleft == 0) {
+		if (dsize != 0)
+			*dst = '\0';		/* NUL-terminate dst */
+		while (*src++)
+			;
+	}
+
+	return(src - osrc - 1);	/* count does not include NUL */
+}
+
 #define FILTER sock_filter
 
 int
@@ -271,18 +318,48 @@ af_packet_setfilter(int fd, value vfilter)
 	return (r);
 }
 
+int
+af_packet_setpromisc(int fd, int promisc, const char *ifname)
+{
+	int r = 0;
+	struct packet_mreq mr;
+	int ifidx;
+
+	ifidx = if_nametoindex(ifname);
+	if (ifidx == 0)
+		uerror("af_set_promisc: if_nametoindex", Nothing);
+
+	if (promisc) {
+		bzero(&mr, sizeof(mr));
+		mr.mr_ifindex = ifidx;
+		mr.mr_type = PACKET_MR_PROMISC;
+		caml_enter_blocking_section();
+		r = setsockopt(fd, SOL_PACKET, PACKET_ADD_MEMBERSHIP,
+		    &mr, sizeof(mr));
+		caml_leave_blocking_section();
+		if (r == -1)
+			uerror("af_set_promisc: PACKET_ADD_MEMBERSHIP",
+			    Nothing);
+	}
+
+	return (r);
+}
+
 CAMLprim value
-caml_rawlink_open(value vfilter, value vifname)
+caml_rawlink_open(value vfilter, value vpromisc, value vifname)
 {
-	CAMLparam2(vfilter, vifname);
+	CAMLparam3(vfilter, vpromisc, vifname);
 	int fd;
 
 	if ((fd = af_packet_open()) == -1)
 		CAMLreturn (Val_unit);
 	if (af_packet_setfilter(fd, vfilter) == -1)
-		CAMLreturn(Val_unit);
+		CAMLreturn (Val_unit);
 	if (af_packet_setif(fd, String_val(vifname)) == -1)
 		CAMLreturn (Val_unit);
+	if (af_packet_setpromisc(fd, Bool_val(vpromisc),
+	    String_val(vifname)) == -1)
+		CAMLreturn (Val_unit);
 
 	CAMLreturn (Val_int(fd));
 }
@@ -307,6 +384,7 @@ caml_driver(value vunit)
 	CAMLreturn (Val_int(1));
 #endif
 }
+
 /* Filters */
 CAMLprim value
 caml_dhcp_server_filter(value vunit)
@@ -345,6 +423,7 @@ caml_dhcp_server_filter(value vunit)
 
 	CAMLreturn (vfilter);
 }
+
 CAMLprim value
 caml_dhcp_client_filter(value vunit)
 {
