anlicheng/punchnet-macos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix

Browse Source
This commit is contained in:
anlicheng 2026-03-10 21:41:00 +08:00
parent 195724a222
commit 58d8408157
2 changed files with 65 additions and 62 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
Tun/Punchnet/Actors/SDLContextActor.swift
View File

@ -548,7 +548,7 @@ actor SDLContextActor {
let identitySnapshot = self.snapshotPublisher.current() let identitySnapshot = self.snapshotPublisher.current()
let ruleMap = identitySnapshot.lookup(data.identityID) let ruleMap = identitySnapshot.lookup(data.identityID)
if self.checkPolicy(ipPacket: ipPacket, ruleMap: ruleMap) { if true || self.checkPolicy(ipPacket: ipPacket, ruleMap: ruleMap) {
let packet = NEPacket(data: ipPacket.data, protocolFamily: 2) let packet = NEPacket(data: ipPacket.data, protocolFamily: 2)
self.provider.packetFlow.writePacketObjects([packet]) self.provider.packetFlow.writePacketObjects([packet])
SDLLogger.shared.log("[SDLContext] identity: \(data.identityID), allow", level: .debug) SDLLogger.shared.log("[SDLContext] identity: \(data.identityID), allow", level: .debug)
@ -647,9 +647,12 @@ actor SDLContextActor {
// FlowSession // FlowSession
// //
SDLLogger.shared.log("[SDLContext] flow_session: started", level: .debug)
if let flowSession = packet.flowSession() { if let flowSession = packet.flowSession() {
self.flowSessionManager.updateSession(flowSession) //self.flowSessionManager.updateSession(flowSession)
SDLLogger.shared.log("[SDLContext] flow_session: \(flowSession)", level: .debug)
} }
SDLLogger.shared.log("[SDLContext] flow_session: end", level: .debug)
// arpmac // arpmac
if let dstMac = self.arpServer.query(ip: dstIp) { if let dstMac = self.arpServer.query(ip: dstIp) {

118
Tun/Punchnet/NetworkStack/IPPacket.swift
View File

@ -43,6 +43,7 @@ struct IPHeader {
struct IPPacket { struct IPPacket {
let header: IPHeader let header: IPHeader
let data: Data let data: Data
let transportPacket: TransportPacket?
enum TransportPacket { enum TransportPacket {
case tcp(TCPPacket) case tcp(TCPPacket)
@ -52,38 +53,6 @@ struct IPPacket {
case malformed case malformed
} }
var transportPacket: TransportPacket {
guard let proto = TransportProtocol(rawValue: header.proto) else {
return .unsupported(header.proto)
}
switch proto {
case .tcp:
guard let tcp = TCPPacket(payload) else {
return .malformed
}
return .tcp(tcp)
case .udp:
guard let udp = UDPPacket(payload) else {
return .malformed
}
return .udp(udp)
case .icmp:
guard let icmp = ICMPPacket(payload) else {
return .malformed
}
return .icmp(icmp)
}
}
var payload: Data.SubSequence {
let offset = Int(header.headerLength)
return data[offset..<data.count]
}
init?(_ data: Data) { init?(_ data: Data) {
guard data.count >= 20 else { guard data.count >= 20 else {
return nil return nil
@ -111,7 +80,39 @@ struct IPPacket {
) )
self.data = data self.data = data
let offset = Int(headerLen)
self.transportPacket = Self.parseTransportPacket(proto: data[9], offset: offset, data: data)
SDLLogger.shared.log("[SDLContext] ipPacket proto \(data[9]), offset: \(offset), ip_data: \(data), data: \(self.transportPacket)", level: .debug)
} }
private static func parseTransportPacket(proto: UInt8, offset: Int, data: Data) -> TransportPacket? {
guard let proto = TransportProtocol(rawValue: proto) else {
return .unsupported(proto)
}
switch proto {
case .tcp:
guard let tcp = TCPPacket(data, offset: offset) else {
return .malformed
}
return .tcp(tcp)
case .udp:
guard let udp = UDPPacket(data, offset: offset) else {
return .malformed
}
return .udp(udp)
case .icmp:
guard let icmp = ICMPPacket(data, offset: offset) else {
return .malformed
}
return .icmp(icmp)
}
}
} }
// MARK: - TCP Flags // MARK: - TCP Flags
@ -156,25 +157,25 @@ struct TCPPacket {
let header: TCPHeader let header: TCPHeader
let payload: Data let payload: Data
init?(_ data: Data) { init?(_ data: Data, offset: Int) {
guard data.count >= 20 else { guard data.count >= offset + 20 else {
return nil return nil
} }
let srcPort = UInt16(bytes: (data[0], data[1])) let srcPort = UInt16(bytes: (data[offset], data[offset + 1]))
let dstPort = UInt16(bytes: (data[2], data[3])) let dstPort = UInt16(bytes: (data[offset + 2], data[offset + 3]))
let seq = UInt32(bytes: (data[4], data[5], data[6], data[7])) let seq = UInt32(bytes: (data[offset + 4], data[offset + 5], data[offset + 6], data[offset + 7]))
let ack = UInt32(bytes: (data[8], data[9], data[10], data[11])) let ack = UInt32(bytes: (data[offset + 8], data[offset + 9], data[offset + 10], data[offset + 11]))
let offsetAndFlags = UInt16(bytes: (data[12], data[13])) let offsetAndFlags = UInt16(bytes: (data[offset + 12], data[offset + 13]))
let dataOffset = UInt8(offsetAndFlags >> 12) let dataOffset = UInt8(offsetAndFlags >> 12)
let flags = TCPFlags(rawValue: offsetAndFlags & 0x01FF) let flags = TCPFlags(rawValue: offsetAndFlags & 0x01FF)
let window = UInt16(bytes: (data[14], data[15])) let window = UInt16(bytes: (data[offset + 14], data[offset + 15]))
let checksum = UInt16(bytes: (data[16], data[17])) let checksum = UInt16(bytes: (data[offset + 16], data[offset + 17]))
let urgent = UInt16(bytes: (data[18], data[19])) let urgent = UInt16(bytes: (data[offset + 18], data[offset + 19]))
let header = TCPHeader( let header = TCPHeader(
srcPort: srcPort, srcPort: srcPort,
@ -189,13 +190,12 @@ struct TCPPacket {
) )
let headerLen = header.headerLength let headerLen = header.headerLength
guard data.count >= offset + headerLen else {
guard data.count >= headerLen else {
return nil return nil
} }
self.header = header self.header = header
self.payload = data[headerLen..<data.count] self.payload = data[offset + headerLen..<data.count]
} }
} }
@ -208,18 +208,17 @@ struct UDPPacket {
let checksum: UInt16 let checksum: UInt16
let payload: Data let payload: Data
init?(_ data: Data) { init?(_ data: Data, offset: Int) {
guard data.count >= offset + 8 else {
guard data.count >= 8 else {
return nil return nil
} }
self.srcPort = UInt16(bytes: (data[0], data[1])) self.srcPort = UInt16(bytes: (data[offset], data[offset + 1]))
self.dstPort = UInt16(bytes: (data[2], data[3])) self.dstPort = UInt16(bytes: (data[offset + 2], data[offset + 3]))
self.length = UInt16(bytes: (data[4], data[5])) self.length = UInt16(bytes: (data[offset + 4], data[offset + 5]))
self.checksum = UInt16(bytes: (data[6], data[7])) self.checksum = UInt16(bytes: (data[offset + 6], data[offset + 7]))
self.payload = data[8..<data.count] self.payload = data[offset + 8..<data.count]
} }
} }
@ -231,14 +230,15 @@ struct ICMPPacket {
let checksum: UInt16 let checksum: UInt16
let payload: Data let payload: Data
init?(_ data: Data) { init?(_ data: Data, offset: Int) {
guard data.count >= 4 else { guard data.count >= offset + 4 else {
return nil return nil
} }
self.type = data[0] self.type = data[offset]
self.code = data[1] self.code = data[offset + 1]
self.checksum = UInt16(bytes: (data[2], data[3])) self.checksum = UInt16(bytes: (data[offset + 2], data[offset + 3]))
self.payload = data[4..<data.count] self.payload = data[offset + 4..<data.count]
} }
} }