Add support for IGMP

Cargo.toml

@@ -13,7 +13,7 @@ repository = "https://github.com/pythops/oryx"
 homepage = "https://github.com/pythops/oryx"
 
 [workspace.dependencies]
-network-types = { git = "https://github.com/vadorovsky/network-types", rev = "b78424c" }
+network-types = { git = "https://github.com/vadorovsky/network-types", rev = "c6f9c28" }
 
 [profile.release]
 opt-level = 3

oryx-common/src/lib.rs

@@ -4,7 +4,14 @@
 use core::mem;
 
 use network_types::{
-    arp::ArpHdr, eth::EthHdr, icmp::Icmp, ip::IpHdr, sctp::SctpHdr, tcp::TcpHdr, udp::UdpHdr,
+    arp::ArpHdr,
+    eth::EthHdr,
+    icmp::Icmp,
+    igmp::{IGMPv1Hdr, IGMPv2Hdr, IGMPv3MembershipQueryHdr, IGMPv3MembershipReportHdr},
+    ip::IpHdr,
+    sctp::SctpHdr,
+    tcp::TcpHdr,
+    udp::UdpHdr,
 };
 
 pub mod protocols;
@@ -65,4 +72,20 @@ pub enum ProtoHdr {
     Udp(UdpHdr),
     Sctp(SctpHdr),
     Icmp(Icmp),
+    Igmp(IgmpHdr),
+}
+
+#[derive(Copy, Clone)]
+#[repr(C)]
+pub enum IgmpHdr {
+    V1(IGMPv1Hdr),
+    V2(IGMPv2Hdr),
+    V3(IGMPv3Hdr),
+}
+
+#[derive(Copy, Clone)]
+#[repr(C)]
+pub enum IGMPv3Hdr {
+    Query(IGMPv3MembershipQueryHdr),
+    Report(IGMPv3MembershipReportHdr),
 }

oryx-common/src/protocols.rs

@@ -40,7 +40,7 @@ impl TransportProtocol {
 
 // Network Protocols
 
-pub const NB_NETWORK_PROTOCOL: u16 = 4;
+pub const NB_NETWORK_PROTOCOL: u16 = 5;
 
 #[derive(Debug, Copy, Clone, PartialEq, AsRefStr, Display, EnumString)]
 #[repr(C)]
@@ -56,15 +56,19 @@ pub enum NetworkProtocol {
 
     #[strum(ascii_case_insensitive)]
     Icmpv6 = 3,
+
+    #[strum(ascii_case_insensitive)]
+    Igmp = 4,
 }
 
 impl NetworkProtocol {
-    pub fn all() -> [NetworkProtocol; 4] {
+    pub fn all() -> [NetworkProtocol; 5] {
         [
             NetworkProtocol::Ipv4,
             NetworkProtocol::Ipv6,
             NetworkProtocol::Icmpv4,
             NetworkProtocol::Icmpv6,
+            NetworkProtocol::Igmp,
         ]
     }
 }

oryx-ebpf/Cargo.toml

@@ -10,8 +10,8 @@ homepage = "https://github.com/pythops/oryx"
 [dependencies]
 aya-ebpf = "0.1.1"
 oryx-common = { path = "../oryx-common" }
-network-types = { git = "https://github.com/vadorovsky/network-types", rev = "b78424c" }
-branches = { version = "0.3", default-features = false }
+network-types = { git = "https://github.com/vadorovsky/network-types", rev = "c6f9c28" }
+branches = { version = "0.4", default-features = false }
 
 [[bin]]
 name = "oryx"

oryx-ebpf/src/main.rs

@@ -14,13 +14,14 @@ use network_types::{
     arp::ArpHdr,
     eth::{EthHdr, EtherType},
     icmp::{Icmp, IcmpHdr, IcmpV6Hdr},
+    igmp::{IGMPv1Hdr, IGMPv2Hdr, IGMPv3MembershipQueryHdr, IGMPv3MembershipReportHdr},
     ip::{IpHdr, IpProto, Ipv4Hdr, Ipv6Hdr},
     sctp::SctpHdr,
     tcp::TcpHdr,
     udp::UdpHdr,
 };
 use oryx_common::{
-    MAX_FIREWALL_RULES, MAX_RULES_PORT, ProtoHdr, RawData, RawFrame, RawPacket,
+    IGMPv3Hdr, IgmpHdr, MAX_FIREWALL_RULES, MAX_RULES_PORT, ProtoHdr, RawData, RawFrame, RawPacket,
     protocols::{LinkProtocol, NetworkProtocol, Protocol, TransportProtocol},
 };
 
@@ -304,6 +305,140 @@ fn process(ctx: TcContext) -> Result<i32, ()> {
                         });
                     }
                 }
+
+                IpProto::Igmp => {
+                    if filter_packet(Protocol::Network(NetworkProtocol::Igmp)) {
+                        return Ok(TC_ACT_PIPE);
+                    }
+
+                    let payload_length = unsafe {
+                        u16::from_be_bytes((*ipv4_header).tot_len) - (*ipv4_header).ihl() as u16
+                    };
+
+                    let ihl: u8 = ctx.load(EthHdr::LEN).map_err(|_| ())?;
+                    let ihl = (ihl & 0x0F) * 4;
+
+                    let igmp_type: u8 = ctx.load(EthHdr::LEN + ihl as usize).map_err(|_| ())?;
+
+                    match igmp_type {
+                        0x11 => {
+                            if payload_length == 8 {
+                                // v1 or v2
+                                let max_response_time: u8 =
+                                    ctx.load(EthHdr::LEN + ihl as usize + 1).map_err(|_| ())?;
+
+                                if max_response_time == 0 {
+                                    //v1
+                                    let igmp_header: *const IGMPv1Hdr =
+                                        ptr_at(&ctx, EthHdr::LEN + ihl as usize)?;
+
+                                    unsafe {
+                                        submit(RawData {
+                                            frame: RawFrame {
+                                                header: *eth_header,
+                                                payload: RawPacket::Ip(
+                                                    IpHdr::V4(*ipv4_header),
+                                                    ProtoHdr::Igmp(IgmpHdr::V1(*igmp_header)),
+                                                ),
+                                            },
+                                            pid,
+                                        });
+                                    }
+                                } else {
+                                    // v2
+                                    let igmp_header: *const IGMPv2Hdr =
+                                        ptr_at(&ctx, EthHdr::LEN + ihl as usize)?;
+
+                                    unsafe {
+                                        submit(RawData {
+                                            frame: RawFrame {
+                                                header: *eth_header,
+                                                payload: RawPacket::Ip(
+                                                    IpHdr::V4(*ipv4_header),
+                                                    ProtoHdr::Igmp(IgmpHdr::V2(*igmp_header)),
+                                                ),
+                                            },
+                                            pid,
+                                        });
+                                    }
+                                }
+                            } else {
+                                // v3
+                                let igmp_header: *const IGMPv3MembershipQueryHdr =
+                                    ptr_at(&ctx, EthHdr::LEN + ihl as usize)?;
+
+                                unsafe {
+                                    submit(RawData {
+                                        frame: RawFrame {
+                                            header: *eth_header,
+                                            payload: RawPacket::Ip(
+                                                IpHdr::V4(*ipv4_header),
+                                                ProtoHdr::Igmp(IgmpHdr::V3(IGMPv3Hdr::Query(
+                                                    *igmp_header,
+                                                ))),
+                                            ),
+                                        },
+                                        pid,
+                                    });
+                                }
+                            }
+                        }
+                        0x12 => {
+                            let igmp_header: *const IGMPv1Hdr =
+                                ptr_at(&ctx, EthHdr::LEN + ihl as usize)?;
+
+                            unsafe {
+                                submit(RawData {
+                                    frame: RawFrame {
+                                        header: *eth_header,
+                                        payload: RawPacket::Ip(
+                                            IpHdr::V4(*ipv4_header),
+                                            ProtoHdr::Igmp(IgmpHdr::V1(*igmp_header)),
+                                        ),
+                                    },
+                                    pid,
+                                });
+                            }
+                        }
+                        0x16 | 0x17 => {
+                            let igmp_header: *const IGMPv2Hdr =
+                                ptr_at(&ctx, EthHdr::LEN + ihl as usize)?;
+
+                            unsafe {
+                                submit(RawData {
+                                    frame: RawFrame {
+                                        header: *eth_header,
+                                        payload: RawPacket::Ip(
+                                            IpHdr::V4(*ipv4_header),
+                                            ProtoHdr::Igmp(IgmpHdr::V2(*igmp_header)),
+                                        ),
+                                    },
+                                    pid,
+                                });
+                            }
+                        }
+                        0x22 => {
+                            let igmp_header: *const IGMPv3MembershipReportHdr =
+                                ptr_at(&ctx, EthHdr::LEN + ihl as usize)?;
+
+                            unsafe {
+                                submit(RawData {
+                                    frame: RawFrame {
+                                        header: *eth_header,
+                                        payload: RawPacket::Ip(
+                                            IpHdr::V4(*ipv4_header),
+                                            ProtoHdr::Igmp(IgmpHdr::V3(IGMPv3Hdr::Report(
+                                                *igmp_header,
+                                            ))),
+                                        ),
+                                    },
+                                    pid,
+                                });
+                            }
+                        }
+                        _ => {}
+                    }
+                }
                 _ => {}
             }
         }

oryx-tui/src/cli.rs

@@ -54,7 +54,7 @@ pub fn cli() -> Command {
                 .value_delimiter(',')
                 .num_args(1..)
                 .default_value("all")
-                .value_parser(["ipv4", "ipv6", "icmp", "all"]),
+                .value_parser(["ipv4", "ipv6", "icmpv4", "icmpv6", "igmp", "all"]),
         )
         .arg(
             arg!(--link <link>)

oryx-tui/src/export.rs

@@ -136,6 +136,13 @@ pub fn export(packets: &PacketStore) -> Result<()> {
                             ipv4_packet.src_ip, "-", ipv4_packet.dst_ip, "-", "ICMPv4", pid, date
                         )?;
                     }
+                    IpProto::Igmp(_) => {
+                        writeln!(
+                            file,
+                            "{:39}  {:^11}  {:39}  {:^11}  {:10}  {:10}  {:10}",
+                            ipv4_packet.src_ip, "-", ipv4_packet.dst_ip, "-", "IGMP", pid, date
+                        )?;
+                    }
                 },
                 IpPacket::V6(ipv6_packet) => match ipv6_packet.proto {
                     IpProto::Tcp(p) => {
@@ -184,6 +191,10 @@ pub fn export(packets: &PacketStore) -> Result<()> {
                             ipv6_packet.src_ip, "-", ipv6_packet.dst_ip, "-", "ICMPv6", pid, date
                         )?;
                     }
+                    IpProto::Igmp(_) => {
+                        //IGMP is for IPv4 only
+                        unreachable!()
+                    }
                 },
             },
         }

oryx-tui/src/filter/network.rs

@@ -150,6 +150,16 @@ impl NetworkFilter {
                 },
                 "ICMPv6",
             ]),
+            Row::new(vec![
+                {
+                    if self.selected_protocols.contains(&NetworkProtocol::Igmp) {
+                        " "
+                    } else {
+                        ""
+                    }
+                },
+                "IGMP",
+            ]),
         ];
 
         let network_filters_table = Table::new(network_filters, widths)