pythops · adgaultier · Oct 14, 2024
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/maps.py b/maps.py
@@ -4,7 +4,7 @@
 from functools import partial
 
 def hex2int(hex):
-    return int(hex.replace("0x", ""), 16)
+    return int(hex, 16)
 
 
 def parse_ipv4(rule):
@@ -33,8 +33,6 @@ def parse_ipv6(rule):
     return {k: v}
 
 
-
-
 filter_idx_map = dict(
     transport={0: "tcp", 1: "udp"},
     network={0: "ipv4", 1: "ipv6", 2: "icmp"},

diff --git a/oryx-tui/src/app.rs b/oryx-tui/src/app.rs
@@ -12,7 +12,7 @@ use std::{
 
 use crate::{filter::Filter, help::Help};
 use crate::{filter::IoChannels, notification::Notification};
-use crate::{packet::AppPacket, section::Section};
+use crate::{packet::NetworkPacket, section::Section};
 
 pub type AppResult<T> = std::result::Result<T, Box<dyn error::Error>>;
 
@@ -31,14 +31,25 @@ pub struct DataEventHandler {
     pub sender: kanal::Sender<[u8; RawPacket::LEN]>,
     pub handler: thread::JoinHandle<()>,
 }
+#[derive(Debug, Clone)]
+pub struct Channels<T> {
+    pub sender: kanal::Sender<T>,
+    pub receiver: kanal::Receiver<T>,
+}
+impl<T> Channels<T> {
+    pub fn new() -> Self {
+        let (sender, receiver) = kanal::unbounded();
+        Self { sender, receiver }
+    }
+}
 
 #[derive(Debug)]
 pub struct App {
     pub running: bool,
     pub help: Help,
     pub filter: Filter,
     pub start_sniffing: bool,
-    pub packets: Arc<Mutex<Vec<AppPacket>>>,
+    pub packets: Arc<Mutex<Vec<NetworkPacket>>>,
     pub notifications: Vec<Notification>,
     pub section: Section,
     pub data_channel_sender: kanal::Sender<[u8; RawPacket::LEN]>,
@@ -54,34 +65,37 @@ impl Default for App {
 
 impl App {
     pub fn new() -> Self {
-        let packets = Arc::new(Mutex::new(Vec::with_capacity(AppPacket::LEN * 1024 * 1024)));
+        let net_packets: Arc<Mutex<Vec<NetworkPacket>>> = Arc::new(Mutex::new(Vec::with_capacity(
+            NetworkPacket::LEN * 1024 * 1024,
+        )));
+        let data_channels = Channels::new();
 
-        let (sender, receiver) = kanal::unbounded();
-
-        let firewall_channels = IoChannels::new();
         thread::spawn({
-            let packets = packets.clone();
+            let net_packets = net_packets.clone();
             move || loop {
-                if let Ok(raw_packet) = receiver.recv() {
-                    let app_packet = AppPacket::from(raw_packet);
-                    let mut packets = packets.lock().unwrap();
-                    if packets.len() == packets.capacity() {
-                        packets.reserve(1024 * 1024);
+                if let Ok(raw_packet) = data_channels.receiver.recv() {
+                    let network_packet = NetworkPacket::from(raw_packet);
+                    let mut net_packets = net_packets.lock().unwrap();
+                    if net_packets.len() == net_packets.capacity() {
+                        net_packets.reserve(1024 * 1024);
                     }
-                    packets.push(app_packet);
+
+                    net_packets.push(network_packet);
                 }
             }
         });
 
+        let firewall_channels = IoChannels::new();
+
         Self {
             running: true,
             help: Help::new(),
             filter: Filter::new(firewall_channels.clone()),
             start_sniffing: false,
-            packets: packets.clone(),
+            packets: net_packets.clone(),
             notifications: Vec::new(),
-            section: Section::new(packets.clone(), firewall_channels.clone()),
-            data_channel_sender: sender,
+            section: Section::new(net_packets.clone(), firewall_channels.clone()),
+            data_channel_sender: data_channels.sender,
             is_editing: false,
             active_popup: None,
         }

diff --git a/oryx-tui/src/export.rs b/oryx-tui/src/export.rs
@@ -8,11 +8,11 @@ use crate::{
     app::AppResult,
     packet::{
         network::{IpPacket, IpProto},
-        AppPacket,
+        NetworkPacket,
     },
 };
 
-pub fn export(packets: &[AppPacket]) -> AppResult<()> {
+pub fn export(packets: &[NetworkPacket]) -> AppResult<()> {
     let uid = unsafe { libc::geteuid() };
 
     let oryx_export_dir = dirs::home_dir().unwrap().join("oryx");
@@ -40,7 +40,7 @@ pub fn export(packets: &[AppPacket]) -> AppResult<()> {
     )?;
     for packet in packets {
         match packet {
-            AppPacket::Arp(p) => {
+            NetworkPacket::Arp(p) => {
                 writeln!(
                     file,
                     "{:39}  {:^11}  {:39}  {:^11}  ARP",
@@ -50,7 +50,7 @@ pub fn export(packets: &[AppPacket]) -> AppResult<()> {
                     "-"
                 )?;
             }
-            AppPacket::Ip(packet) => match packet {
+            NetworkPacket::Ip(packet) => match packet {
                 IpPacket::V4(ipv4_packet) => match ipv4_packet.proto {
                     IpProto::Tcp(p) => {
                         writeln!(

diff --git a/oryx-tui/src/filter.rs b/oryx-tui/src/filter.rs
@@ -26,7 +26,7 @@ use transport::TransportFilter;
 use tui_big_text::{BigText, PixelSize};
 
 use crate::{
-    app::AppResult,
+    app::{AppResult, Channels},
     ebpf::{egress::load_egress, ingress::load_ingress},
     event::Event,
     interface::Interface,
@@ -40,25 +40,12 @@ pub enum FilterChannelSignal {
     Kill,
 }
 
-#[derive(Debug, Clone)]
-pub struct Channels<T> {
-    pub sender: kanal::Sender<T>,
-    pub receiver: kanal::Receiver<T>,
-}
-
 #[derive(Debug, Clone)]
 pub struct IoChannels<T> {
     pub ingress: Channels<T>,
     pub egress: Channels<T>,
 }
 
-impl<T> Channels<T> {
-    pub fn new() -> Self {
-        let (sender, receiver) = kanal::unbounded();
-        Self { sender, receiver }
-    }
-}
-
 impl<T> IoChannels<T> {
     pub fn new() -> Self {
         Self {
@@ -68,12 +55,6 @@ impl<T> IoChannels<T> {
     }
 }
 
-impl<T> Default for Channels<T> {
-    fn default() -> Self {
-        Self::new()
-    }
-}
-
 impl<T> Default for IoChannels<T> {
     fn default() -> Self {
         Self::new()

diff --git a/oryx-tui/src/filter/fuzzy.rs b/oryx-tui/src/filter/fuzzy.rs
@@ -11,20 +11,20 @@ use ratatui::{
 };
 use tui_input::Input;
 
-use crate::{app::TICK_RATE, packet::AppPacket};
+use crate::{app::TICK_RATE, packet::NetworkPacket};
 
 #[derive(Debug, Clone, Default)]
 pub struct Fuzzy {
     enabled: bool,
     paused: bool,
     pub filter: Input,
-    pub packets: Vec<AppPacket>,
+    pub packets: Vec<NetworkPacket>,
     pub scroll_state: TableState,
     pub packet_end_index: usize,
 }
 
 impl Fuzzy {
-    pub fn new(packets: Arc<Mutex<Vec<AppPacket>>>) -> Arc<Mutex<Self>> {
+    pub fn new(packets: Arc<Mutex<Vec<NetworkPacket>>>) -> Arc<Mutex<Self>> {
         let fuzzy = Arc::new(Mutex::new(Self::default()));
 
         thread::spawn({
@@ -94,21 +94,21 @@ impl Fuzzy {
         self.scroll_state.select(Some(i));
     }
 
-    pub fn find(&mut self, packets: &[AppPacket]) {
+    pub fn find(&mut self, packets: &[NetworkPacket]) {
         self.packets = packets
             .iter()
             .copied()
             .filter(|p| p.to_string().contains(self.filter.value()))
-            .collect::<Vec<AppPacket>>();
+            .collect::<Vec<NetworkPacket>>();
     }
 
-    pub fn append(&mut self, packets: &[AppPacket]) {
+    pub fn append(&mut self, packets: &[NetworkPacket]) {
         self.packets.append(
             &mut packets
                 .iter()
                 .copied()
                 .filter(|p| p.to_string().contains(self.filter.value()))
-                .collect::<Vec<AppPacket>>(),
+                .collect::<Vec<NetworkPacket>>(),
         );
     }
 

diff --git a/oryx-tui/src/lib.rs b/oryx-tui/src/lib.rs
@@ -27,3 +27,5 @@ pub mod packet;
 pub mod section;
 
 pub mod dns;
+
+pub mod pid;
diff --git a/oryx-tui/src/packet.rs b/oryx-tui/src/packet.rs
@@ -10,17 +10,78 @@ use network_types::ip::IpHdr;
 use oryx_common::{ProtoHdr, RawPacket};
 use transport::{TcpPacket, UdpPacket};
 
+use crate::pid::IpMap;
+
 #[derive(Debug, Copy, Clone)]
-pub enum AppPacket {
+pub enum NetworkPacket {
     Ip(IpPacket),
     Arp(ArpPacket),
 }
 
-impl AppPacket {
+impl NetworkPacket {
     pub const LEN: usize = mem::size_of::<Self>();
 }
 
-impl Display for AppPacket {
+#[derive(Debug, Copy, Clone)]
+pub struct AppPacket {
+    pub packet: NetworkPacket,
+    pub pid: Option<u32>,
+}
+
+impl AppPacket {
+    pub fn from_network_packet(
+        netpacket: &NetworkPacket,
+        tcp_map: &IpMap,
+        udp_map: &IpMap,
+    ) -> Self {
+        let pid = match netpacket {
+            NetworkPacket::Ip(IpPacket::V4(ipv4packet)) => match ipv4packet.proto {
+                IpProto::Tcp(_) => netpacket.try_get_pid(tcp_map),
+                IpProto::Udp(_) => netpacket.try_get_pid(udp_map),
+                _ => None,
+            },
+            _ => None,
+        };
+        Self {
+            packet: *netpacket,
+            pid,
+        }
+    }
+}
+
+impl NetworkPacket {
+    fn get_possible_keys(&self) -> Option<[String; 2]> {
+        match self {
+            NetworkPacket::Ip(IpPacket::V4(ipv4packet)) => {
+                let src_ip = ipv4packet.src_ip;
+                let dst_ip = ipv4packet.dst_ip;
+                match ipv4packet.proto {
+                    IpProto::Tcp(tcp) => Some([
+                        format!("{}:{}_{}:{}", src_ip, tcp.src_port, dst_ip, tcp.dst_port),
+                        format!("{}:{}_{}:{}", dst_ip, tcp.dst_port, src_ip, tcp.src_port),
+                    ]),
+                    IpProto::Udp(udp) => Some([
+                        format!("{}:{}_{}:{}", src_ip, udp.src_port, dst_ip, udp.dst_port),
+                        format!("{}:{}_{}:{}", dst_ip, udp.dst_port, src_ip, udp.src_port),
+                    ]),
+                    _ => None,
+                }
+            }
+            _ => None,
+        }
+    }
+    pub fn try_get_pid(&self, ipmap: &IpMap) -> Option<u32> {
+        if let Some(keys) = self.get_possible_keys() {
+            for k in keys {
+                if let Some(conn) = ipmap.map.get(&k) {
+                    return conn.pid;
+                }
+            }
+        }
+        None
+    }
+}
+impl Display for NetworkPacket {
     fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
         match self {
             Self::Arp(packet) => write!(f, "{}", packet),
@@ -29,7 +90,7 @@ impl Display for AppPacket {
     }
 }
 
-impl From<[u8; RawPacket::LEN]> for AppPacket {
+impl From<[u8; RawPacket::LEN]> for NetworkPacket {
     fn from(value: [u8; RawPacket::LEN]) -> Self {
         let raw_packet = value.as_ptr() as *const RawPacket;
         match unsafe { &*raw_packet } {
@@ -87,7 +148,7 @@ impl From<[u8; RawPacket::LEN]> for AppPacket {
                         }
                     };
 
-                    AppPacket::Ip(IpPacket::V4(Ipv4Packet {
+                    NetworkPacket::Ip(IpPacket::V4(Ipv4Packet {
                         src_ip,
                         dst_ip,
                         ihl: u8::from_be(ipv4_packet.ihl()),
@@ -153,7 +214,7 @@ impl From<[u8; RawPacket::LEN]> for AppPacket {
                         }
                     };
 
-                    AppPacket::Ip(IpPacket::V6(Ipv6Packet {
+                    NetworkPacket::Ip(IpPacket::V6(Ipv6Packet {
                         traffic_class: ipv6_packet.priority(),
                         flow_label: ipv6_packet.flow_label,
                         payload_length: u16::from_be(ipv6_packet.payload_len),
Original file line number	Diff line number	Diff line change
Expand Up		@@ -27,3 +27,5 @@ pub mod packet;
		pub mod section;

		pub mod dns;

		pub mod pid;