import org.pcap4j.core.PacketListener;
import org.pcap4j.core.PcapPacket;
+import org.pcap4j.packet.IpV4Packet;
import org.pcap4j.packet.TcpPacket;
import java.util.*;
/**
* Holds <em>terminated</em> {@link Conversation}s.
- * TODO: Should turn this into a list to avoid unintentional overwrite of a Conversation in case ephemeral port number is reused at a later stage...?
*/
- private final Map<Conversation, Conversation> mTerminatedConversations = new HashMap<>();
+ private final List<Conversation> mTerminatedConversations = new ArrayList<>();
@Override
public void gotPacket(PcapPacket pcapPacket) {
*/
public List<Conversation> getTcpConversations() {
ArrayList<Conversation> combined = new ArrayList<>();
- combined.addAll(mTerminatedConversations.values());
+ combined.addAll(mTerminatedConversations);
combined.addAll(mOpenConversations.values());
return combined;
}
// to establish a new conversation with the same four tuple as ongoingConv.
// Mark existing connection as terminated.
// TODO: is this 100% theoretically correct, e.g., if many connection attempts are made back to back? And RST packets?
- mTerminatedConversations.put(ongoingConv, ongoingConv);
+ mTerminatedConversations.add(ongoingConv);
mOpenConversations.remove(ongoingConv);
}
}
if (!conv.isRetransmission(srvSynPacket) && !conv.addSynPacket(srvSynPacket)) {
// For safety/debugging: if NOT a retransmission and add fails,
// something has gone terribly wrong/invariant is broken.
- throw new IllegalStateException("Attempt to add SYN ACK packet that was NOT a retransmission failed." +
+ throw new AssertionError("Attempt to add SYN ACK packet that was NOT a retransmission failed." +
Conversation.class.getSimpleName() + " invariant broken.");
}
}
private void processRstPacket(PcapPacket rstPacket) {
Conversation conv = getOngoingConversationOrCreateNew(rstPacket);
+ // Add RST packet to conversation.
+ conv.addRstPacket(rstPacket);
// Move conversation to set of terminated conversations.
- mTerminatedConversations.put(conv, conv);
+ mTerminatedConversations.add(conv);
mOpenConversations.remove(conv, conv);
}
conv.attemptAcknowledgementOfFin(ackPacket);
if (conv.isGracefullyShutdown()) {
// Move conversation to set of terminated conversations.
- mTerminatedConversations.put(conv, conv);
+ mTerminatedConversations.add(conv);
mOpenConversations.remove(conv);
}
}
conv = Conversation.fromPcapPacket(pcapPacket, false);
} else {
// TODO: can we do anything else but arbitrarily select who is designated as the server in this case?
- conv = Conversation.fromPcapPacket(pcapPacket, false);
+ // We can check if the IP prefix matches a local IP when handling traffic observed inside the local
+ // network, but that obviously won't be a useful strategy for an observer at the WAN port.
+ String srcIp = pcapPacket.get(IpV4Packet.class).getHeader().getSrcAddr().getHostAddress();
+ boolean clientIsSrc = srcIp.startsWith("10.0.1.") || srcIp.startsWith("192.168.1.");
+ conv = Conversation.fromPcapPacket(pcapPacket, clientIsSrc);
}
mOpenConversations.put(conv, conv);
}
projects / pingpong.git / blobdiff