2022-04-09 22:30:36 +08:00
|
|
|
package sniffer
|
|
|
|
|
|
|
|
import (
|
|
|
|
"errors"
|
2022-10-11 21:35:26 +08:00
|
|
|
"fmt"
|
2022-04-09 22:30:36 +08:00
|
|
|
"net"
|
2022-05-02 22:24:14 +08:00
|
|
|
"net/netip"
|
2022-04-21 07:06:08 -07:00
|
|
|
"strconv"
|
2022-10-11 21:35:26 +08:00
|
|
|
"sync"
|
2022-04-21 08:08:37 -07:00
|
|
|
"time"
|
2022-04-21 07:06:08 -07:00
|
|
|
|
2022-10-14 07:46:33 +08:00
|
|
|
"github.com/Dreamacro/clash/common/cache"
|
|
|
|
N "github.com/Dreamacro/clash/common/net"
|
|
|
|
"github.com/Dreamacro/clash/component/trie"
|
2022-04-09 22:30:36 +08:00
|
|
|
C "github.com/Dreamacro/clash/constant"
|
2022-10-14 07:46:33 +08:00
|
|
|
"github.com/Dreamacro/clash/constant/sniffer"
|
2022-04-09 22:30:36 +08:00
|
|
|
"github.com/Dreamacro/clash/log"
|
|
|
|
)
|
|
|
|
|
|
|
|
var (
|
|
|
|
ErrorUnsupportedSniffer = errors.New("unsupported sniffer")
|
2022-04-16 08:21:31 +08:00
|
|
|
ErrorSniffFailed = errors.New("all sniffer failed")
|
2022-05-02 05:17:13 +08:00
|
|
|
ErrNoClue = errors.New("not enough information for making a decision")
|
2022-04-09 22:30:36 +08:00
|
|
|
)
|
|
|
|
|
2022-10-14 07:46:33 +08:00
|
|
|
var Dispatcher *SnifferDispatcher
|
2022-04-09 22:30:36 +08:00
|
|
|
|
2022-10-14 07:46:33 +08:00
|
|
|
type SnifferDispatcher struct {
|
2023-01-23 14:08:11 +08:00
|
|
|
enable bool
|
|
|
|
sniffers map[sniffer.Sniffer]SnifferConfig
|
|
|
|
forceDomain *trie.DomainTrie[struct{}]
|
|
|
|
skipSNI *trie.DomainTrie[struct{}]
|
|
|
|
skipList *cache.LruCache[string, uint8]
|
|
|
|
rwMux sync.RWMutex
|
2022-10-14 07:46:33 +08:00
|
|
|
forceDnsMapping bool
|
2022-10-14 08:42:28 +08:00
|
|
|
parsePureIp bool
|
2022-10-14 07:46:33 +08:00
|
|
|
}
|
2022-04-16 08:21:31 +08:00
|
|
|
|
2023-02-24 09:54:54 +08:00
|
|
|
func (sd *SnifferDispatcher) TCPSniff(conn *N.BufferedConn, metadata *C.Metadata) {
|
2022-10-14 08:42:28 +08:00
|
|
|
if (metadata.Host == "" && sd.parsePureIp) || sd.forceDomain.Search(metadata.Host) != nil || (metadata.DNSMode == C.DNSMapping && sd.forceDnsMapping) {
|
2022-04-21 07:06:08 -07:00
|
|
|
port, err := strconv.ParseUint(metadata.DstPort, 10, 16)
|
|
|
|
if err != nil {
|
|
|
|
log.Debugln("[Sniffer] Dst port is error")
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2022-04-23 09:52:23 +08:00
|
|
|
inWhitelist := false
|
2023-01-23 14:08:11 +08:00
|
|
|
overrideDest := false
|
|
|
|
for sniffer, config := range sd.sniffers {
|
2023-01-23 13:16:25 +08:00
|
|
|
if sniffer.SupportNetwork() == C.TCP || sniffer.SupportNetwork() == C.ALLNet {
|
|
|
|
inWhitelist = sniffer.SupportPort(uint16(port))
|
|
|
|
if inWhitelist {
|
2023-01-23 14:08:11 +08:00
|
|
|
overrideDest = config.OverrideDest
|
2023-01-23 13:16:25 +08:00
|
|
|
break
|
|
|
|
}
|
2022-04-21 07:06:08 -07:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2022-04-23 09:52:23 +08:00
|
|
|
if !inWhitelist {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2022-10-11 21:35:26 +08:00
|
|
|
sd.rwMux.RLock()
|
|
|
|
dst := fmt.Sprintf("%s:%s", metadata.DstIP, metadata.DstPort)
|
|
|
|
if count, ok := sd.skipList.Get(dst); ok && count > 5 {
|
|
|
|
log.Debugln("[Sniffer] Skip sniffing[%s] due to multiple failures", dst)
|
|
|
|
defer sd.rwMux.RUnlock()
|
|
|
|
return
|
|
|
|
}
|
|
|
|
sd.rwMux.RUnlock()
|
|
|
|
|
2023-02-24 09:54:54 +08:00
|
|
|
if host, err := sd.sniffDomain(conn, metadata); err != nil {
|
2022-10-11 21:35:26 +08:00
|
|
|
sd.cacheSniffFailed(metadata)
|
2022-04-17 20:02:13 +08:00
|
|
|
log.Debugln("[Sniffer] All sniffing sniff failed with from [%s:%s] to [%s:%s]", metadata.SrcIP, metadata.SrcPort, metadata.String(), metadata.DstPort)
|
|
|
|
return
|
|
|
|
} else {
|
|
|
|
if sd.skipSNI.Search(host) != nil {
|
|
|
|
log.Debugln("[Sniffer] Skip sni[%s]", host)
|
|
|
|
return
|
|
|
|
}
|
2022-04-16 08:21:31 +08:00
|
|
|
|
2022-10-11 21:35:26 +08:00
|
|
|
sd.rwMux.RLock()
|
|
|
|
sd.skipList.Delete(dst)
|
|
|
|
sd.rwMux.RUnlock()
|
|
|
|
|
2023-01-23 14:08:11 +08:00
|
|
|
sd.replaceDomain(metadata, host, overrideDest)
|
2022-04-17 20:02:13 +08:00
|
|
|
}
|
|
|
|
}
|
2022-04-16 08:21:31 +08:00
|
|
|
}
|
|
|
|
|
2023-01-23 14:08:11 +08:00
|
|
|
func (sd *SnifferDispatcher) replaceDomain(metadata *C.Metadata, host string, overrideDest bool) {
|
2023-02-10 13:01:53 +08:00
|
|
|
metadata.SniffHost = host
|
|
|
|
if overrideDest {
|
|
|
|
metadata.Host = host
|
2023-01-23 14:08:11 +08:00
|
|
|
}
|
2023-02-10 13:01:53 +08:00
|
|
|
metadata.DNSMode = C.DNSNormal
|
2023-02-07 21:29:40 +08:00
|
|
|
log.Debugln("[Sniffer] Sniff TCP [%s]-->[%s] success, replace domain [%s]-->[%s]",
|
|
|
|
metadata.SourceDetail(),
|
|
|
|
metadata.RemoteAddress(),
|
|
|
|
metadata.Host, host)
|
2022-04-09 22:30:36 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
func (sd *SnifferDispatcher) Enable() bool {
|
|
|
|
return sd.enable
|
|
|
|
}
|
|
|
|
|
2022-10-14 07:46:33 +08:00
|
|
|
func (sd *SnifferDispatcher) sniffDomain(conn *N.BufferedConn, metadata *C.Metadata) (string, error) {
|
2023-01-23 14:08:11 +08:00
|
|
|
for s := range sd.sniffers {
|
2022-10-11 21:35:26 +08:00
|
|
|
if s.SupportNetwork() == C.TCP {
|
|
|
|
_ = conn.SetReadDeadline(time.Now().Add(1 * time.Second))
|
2022-04-10 20:01:35 +08:00
|
|
|
_, err := conn.Peek(1)
|
2022-05-02 22:24:14 +08:00
|
|
|
_ = conn.SetReadDeadline(time.Time{})
|
2022-04-10 20:01:35 +08:00
|
|
|
if err != nil {
|
2022-04-21 08:08:37 -07:00
|
|
|
_, ok := err.(*net.OpError)
|
2022-05-08 09:09:39 +08:00
|
|
|
if ok {
|
2022-10-11 21:35:26 +08:00
|
|
|
sd.cacheSniffFailed(metadata)
|
2022-05-07 12:44:28 +08:00
|
|
|
log.Errorln("[Sniffer] [%s] may not have any sent data, Consider adding skip", metadata.DstIP.String())
|
2022-05-02 22:24:14 +08:00
|
|
|
_ = conn.Close()
|
2022-04-21 08:08:37 -07:00
|
|
|
}
|
2022-05-07 12:44:28 +08:00
|
|
|
|
2022-05-08 09:09:39 +08:00
|
|
|
return "", err
|
2022-04-10 20:01:35 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
bufferedLen := conn.Buffered()
|
|
|
|
bytes, err := conn.Peek(bufferedLen)
|
2022-04-09 22:30:36 +08:00
|
|
|
if err != nil {
|
2022-04-27 18:04:02 +08:00
|
|
|
log.Debugln("[Sniffer] the data length not enough")
|
2022-04-09 22:30:36 +08:00
|
|
|
continue
|
|
|
|
}
|
|
|
|
|
2022-10-11 21:35:26 +08:00
|
|
|
host, err := s.SniffTCP(bytes)
|
2022-04-09 22:30:36 +08:00
|
|
|
if err != nil {
|
2022-10-11 21:35:26 +08:00
|
|
|
//log.Debugln("[Sniffer] [%s] Sniff data failed %s", s.Protocol(), metadata.DstIP)
|
2022-04-09 22:30:36 +08:00
|
|
|
continue
|
|
|
|
}
|
2022-04-10 20:01:35 +08:00
|
|
|
|
2022-05-02 22:24:14 +08:00
|
|
|
_, err = netip.ParseAddr(host)
|
|
|
|
if err == nil {
|
2022-10-11 21:35:26 +08:00
|
|
|
//log.Debugln("[Sniffer] [%s] Sniff data failed %s", s.Protocol(), metadata.DstIP)
|
2022-05-02 22:24:14 +08:00
|
|
|
continue
|
|
|
|
}
|
|
|
|
|
2022-04-16 08:21:31 +08:00
|
|
|
return host, nil
|
2022-04-09 22:30:36 +08:00
|
|
|
}
|
|
|
|
}
|
2022-04-16 08:21:31 +08:00
|
|
|
|
|
|
|
return "", ErrorSniffFailed
|
2022-04-09 22:30:36 +08:00
|
|
|
}
|
|
|
|
|
2022-10-11 21:35:26 +08:00
|
|
|
func (sd *SnifferDispatcher) cacheSniffFailed(metadata *C.Metadata) {
|
|
|
|
sd.rwMux.Lock()
|
|
|
|
dst := fmt.Sprintf("%s:%s", metadata.DstIP, metadata.DstPort)
|
|
|
|
count, _ := sd.skipList.Get(dst)
|
|
|
|
if count <= 5 {
|
|
|
|
count++
|
|
|
|
}
|
|
|
|
sd.skipList.Set(dst, count)
|
|
|
|
sd.rwMux.Unlock()
|
|
|
|
}
|
|
|
|
|
2022-04-16 08:21:31 +08:00
|
|
|
func NewCloseSnifferDispatcher() (*SnifferDispatcher, error) {
|
2022-04-09 22:30:36 +08:00
|
|
|
dispatcher := SnifferDispatcher{
|
2022-04-16 08:21:31 +08:00
|
|
|
enable: false,
|
|
|
|
}
|
|
|
|
|
|
|
|
return &dispatcher, nil
|
|
|
|
}
|
|
|
|
|
2023-01-23 13:16:25 +08:00
|
|
|
func NewSnifferDispatcher(snifferConfig map[sniffer.Type]SnifferConfig, forceDomain *trie.DomainTrie[struct{}],
|
|
|
|
skipSNI *trie.DomainTrie[struct{}],
|
2022-10-14 08:42:28 +08:00
|
|
|
forceDnsMapping bool, parsePureIp bool) (*SnifferDispatcher, error) {
|
2022-04-16 08:21:31 +08:00
|
|
|
dispatcher := SnifferDispatcher{
|
2022-10-14 07:46:33 +08:00
|
|
|
enable: true,
|
|
|
|
forceDomain: forceDomain,
|
|
|
|
skipSNI: skipSNI,
|
2023-01-23 14:08:11 +08:00
|
|
|
skipList: cache.New(cache.WithSize[string, uint8](128), cache.WithAge[string, uint8](600)),
|
2022-10-14 07:46:33 +08:00
|
|
|
forceDnsMapping: forceDnsMapping,
|
2022-10-14 08:42:28 +08:00
|
|
|
parsePureIp: parsePureIp,
|
2023-01-23 14:08:11 +08:00
|
|
|
sniffers: make(map[sniffer.Sniffer]SnifferConfig, 0),
|
2022-04-09 22:30:36 +08:00
|
|
|
}
|
|
|
|
|
2023-01-23 13:16:25 +08:00
|
|
|
for snifferName, config := range snifferConfig {
|
|
|
|
s, err := NewSniffer(snifferName, config)
|
2022-04-09 22:30:36 +08:00
|
|
|
if err != nil {
|
2022-04-27 18:04:02 +08:00
|
|
|
log.Errorln("Sniffer name[%s] is error", snifferName)
|
2022-04-16 08:21:31 +08:00
|
|
|
return &SnifferDispatcher{enable: false}, err
|
2022-04-09 22:30:36 +08:00
|
|
|
}
|
2023-01-23 14:08:11 +08:00
|
|
|
dispatcher.sniffers[s] = config
|
2022-04-09 22:30:36 +08:00
|
|
|
}
|
|
|
|
|
2022-04-16 08:21:31 +08:00
|
|
|
return &dispatcher, nil
|
2022-04-09 22:30:36 +08:00
|
|
|
}
|
|
|
|
|
2023-01-23 13:16:25 +08:00
|
|
|
func NewSniffer(name sniffer.Type, snifferConfig SnifferConfig) (sniffer.Sniffer, error) {
|
2022-04-09 22:30:36 +08:00
|
|
|
switch name {
|
2022-05-02 08:46:24 +08:00
|
|
|
case sniffer.TLS:
|
2023-01-23 13:16:25 +08:00
|
|
|
return NewTLSSniffer(snifferConfig)
|
2022-05-02 08:46:24 +08:00
|
|
|
case sniffer.HTTP:
|
2023-01-23 13:16:25 +08:00
|
|
|
return NewHTTPSniffer(snifferConfig)
|
2022-04-09 22:30:36 +08:00
|
|
|
default:
|
|
|
|
return nil, ErrorUnsupportedSniffer
|
|
|
|
}
|
|
|
|
}
|