3 个版本 (破坏性更新)
| 0.3.0 | 2022 年 8 月 4 日 |
|---|---|
| 0.2.0 | 2022 年 8 月 1 日 |
| 0.1.0 | 2022 年 7 月 31 日 |
21 in #replay
6.5MB
897 行
网络回放
捕获并回放 TCP 连接。
此库旨在使网络回放攻击或仅回放一些捕获的网络流量尽可能简单。目前,仅支持 TCP/IP 流量。
使用此库可能需要在运行最终编译的二进制文件时具有 root 权限或特定的网络功能,具体取决于使用了哪些功能。
安装
只需将其
net-replay = "0.1"
添加到您的 Cargo.toml。
用法
捕获网络流量
注意:此库模块仅在 Linux 上受支持。
捕获目标 IP 地址 8.8.8.8 的所有流量的示例
use std::net::Ipv4Addr;
use std::thread::sleep;
use std::time::Duration;
use std::fs::File;
use std::io::BufWriter;
use net_replay::capture::{Filter, Capture};
use net_replay::ip::{IpPacket, write_pcap_file};
const TARGET_IP: Ipv4Addr = Ipv4Addr::new(8, 8, 8, 8);
struct CustomFilter;
impl Filter for CustomFilter {
fn filter(&mut self, packet: &IpPacket) -> bool {
if packet.dest == TARGET_IP {
true
} else {
false
}
}
}
fn main() {
// Initialize a new capture on interface 'eno1' with our custom filter that will only keep packets destined for
// ip address 8.8.8.8
let cap = Capture::new(Box::new(CustomFilter), Some("eno1".into()));
let cap_handle = cap.start().unwrap();
// Let capture run for 5 seconds
sleep(Duration::from_secs(5));
let packets = cap_handle.end().unwrap();
// Write the packets to a pcap file
let pcap_file = File::create("capture.pcap").unwrap();
let mut writer = BufWriter::new(pcap_file);
write_pcap_file(&packets, &mut writer).unwrap();
}
回放一些捕获的包的示例
use std::net::Ipv4Addr;
use std::fs::File;
use std::io::BufReader;
use std::net::TcpStream;
use net_replay::replay::{Arbiter, Action, Replayer};
use net_replay::ip::{IpPacket, read_pcap_file, TcpFlags};
// Will be used to decide what to do for each packet in the replay
// Can cause the replayer to send or read
//
// This arbiter will replay a connection between a host ip address of 8.8.8.8
// and a client address of 192.168.0.1
struct CustomArbiter;
impl Arbiter for CustomArbiter {
fn decide(&mut self, packet: &IpPacket) -> Action {
const CLIENT: Ipv4Addr = Ipv4Addr::new(192, 168, 0, 1);
const HOST: Ipv4Addr = Ipv4Addr::new(8, 8, 8, 8);
if packet.source == CLIENT && packet.dest == HOST && packet.payload.flags.contains(TcpFlags::PSH) {
return Action::Send(None);
}
if packet.source == HOST && packet.dest == CLIENT && packet.payload.flags.contains(TcpFlags::PSH) {
return Action::Recv(None);
}
// If packet is not from the replay we want just pass
Action::Pass
}
// No internal state so don't need to udpate
fn update(&mut self, _data: &[u8], _original: &[u8]) {}
}
fn main() {
let capture = File::open("capture.pcap").unwrap();
let mut reader = BufReader::new(capture);
let packets = read_pcap_file(&mut reader).unwrap();
// Replay capture to a different address
let socket = TcpStream::connect("9.9.9.9:80").unwrap();
let replayer = Replayer::new(socket, packets, Box::new(CustomArbiter));
let _orignal_socket = replayer.replay().unwrap();
}