16#include <sys/socket.h>
20#include <sys/resource.h>
24#include <netinet/in.h>
25#include <netinet/in6.h>
26#include <netinet/ip.h>
27#include <netinet/ip6.h>
28#include <netinet/udp.h>
29#include <netinet/tcp.h>
30#include <netinet/ip_icmp.h>
31#include <netinet/icmp6.h>
33#include <android/log.h>
34#include <sys/system_properties.h>
36#define TAG "TrackerControl.JNI"
41#define EPOLL_TIMEOUT 3600
42#define EPOLL_EVENTS 20
43#define EPOLL_MIN_CHECK 100
47#define ICMP4_MAXMSG (IP_MAXPACKET - 20 - 8)
48#define ICMP6_MAXMSG (IPV6_MAXPACKET - 40 - 8)
49#define UDP4_MAXMSG (IP_MAXPACKET - 20 - 8)
50#define UDP6_MAXMSG (IPV6_MAXPACKET - 40 - 8)
54#define UDP_TIMEOUT_53 15
55#define UDP_TIMEOUT_ANY 300
56#define UDP_KEEP_TIMEOUT 60
59#define TCP_INIT_TIMEOUT 20
60#define TCP_IDLE_TIMEOUT 3600
61#define TCP_CLOSE_TIMEOUT 20
62#define TCP_KEEP_TIMEOUT 300
65#define SESSION_LIMIT 40
66#define SESSION_MAX (1024 * SESSION_LIMIT / 100)
68#define SEND_BUF_DEFAULT 163840
70#define UID_MAX_AGE 30000
75#define SOCKS5_CONNECT 4
76#define SOCKS5_CONNECTED 5
96 char raddr[INET6_ADDRSTRLEN + 1];
130#define UDP_FINISHING 1
165 uint32_t recv_window;
166 uint32_t send_window;
167 uint16_t unconfirmed;
171 uint32_t remote_start;
172 uint32_t local_start;
175 long long last_keep_alive;
207 struct epoll_event ev;
225 struct in6_addr ip6ph_src;
226 struct in6_addr ip6ph_dst;
228 u_int8_t ip6ph_zero[3];
235typedef uint16_t guint16_t;
236typedef uint32_t guint32_t;
237typedef int32_t gint32_t;
240 guint32_t magic_number;
241 guint16_t version_major;
242 guint16_t version_minor;
256#define LINKTYPE_RAW 101
260#define DNS_QCLASS_IN 1
262#define DNS_QTYPE_AAAA 28
267#define DNS_QNAME_MAX 255
268#define DNS_TTL (10 * 60)
272# if __BYTE_ORDER == __LITTLE_ENDIAN
283#elif __BYTE_ORDER == __BIG_ENDIAN
295# error "Adjust your <bits/endian.h> defines"
313#define DHCP_OPTION_MAGIC_NUMBER (0x63825363)
330 uint32_t option_format;
340void handle_signal(
int sig, siginfo_t *info,
void *
context);
342void *handle_events(
void *a);
344void report_exit(
const struct arguments *args,
const char *fmt, ...);
346void report_error(
const struct arguments *args, jint error,
const char *fmt, ...);
348void check_allowed(
const struct arguments *args);
350void clear(
struct context *ctx);
352int check_icmp_session(
const struct arguments *args,
354 int sessions,
int maxsessions);
356int check_udp_session(
const struct arguments *args,
358 int sessions,
int maxsessions);
360int check_tcp_session(
const struct arguments *args,
362 int sessions,
int maxsessions);
366int get_icmp_timeout(
const struct icmp_session *u,
int sessions,
int maxsessions);
368int get_udp_timeout(
const struct udp_session *u,
int sessions,
int maxsessions);
370int get_tcp_timeout(
const struct tcp_session *t,
int sessions,
int maxsessions);
374uint16_t get_default_mss(
int version);
376int check_tun(
const struct arguments *args,
377 const struct epoll_event *ev,
379 int sessions,
int maxsessions);
381void check_icmp_socket(
const struct arguments *args,
const struct epoll_event *ev);
383void check_udp_socket(
const struct arguments *args,
const struct epoll_event *ev);
385int32_t get_qname(
const uint8_t *data,
const size_t datalen, uint16_t off,
char *qname);
388 const uint8_t *data,
size_t *datalen);
390uint32_t get_send_window(
const struct tcp_session *cur);
392uint32_t get_receive_buffer(
const struct ng_session *cur);
394uint32_t get_receive_window(
const struct ng_session *cur);
396void check_tcp_socket(
const struct arguments *args,
397 const struct epoll_event *ev,
400int is_lower_layer(
int protocol);
402int is_upper_layer(
int protocol);
404void handle_ip(
const struct arguments *args,
405 const uint8_t *buffer,
size_t length,
407 int sessions,
int maxsessions);
409jboolean handle_icmp(
const struct arguments *args,
410 const uint8_t *pkt,
size_t length,
411 const uint8_t *payload,
415int has_udp_session(
const struct arguments *args,
const uint8_t *pkt,
const uint8_t *payload);
417void block_udp(
const struct arguments *args,
418 const uint8_t *pkt,
size_t length,
419 const uint8_t *payload,
422jboolean handle_udp(
const struct arguments *args,
423 const uint8_t *pkt,
size_t length,
424 const uint8_t *payload,
425 int uid,
struct allowed *redirect,
429 const uint8_t *data,
const size_t datalen);
433jboolean handle_tcp(
const struct arguments *args,
434 const uint8_t *pkt,
size_t length,
435 const uint8_t *payload,
439void queue_tcp(
const struct arguments *args,
440 const struct tcphdr *tcphdr,
442 const uint8_t *data, uint16_t datalen);
446int open_udp_socket(
const struct arguments *args,
449int open_tcp_socket(
const struct arguments *args,
452int32_t get_local_port(
const int sock);
459 const uint8_t *buffer,
size_t length);
468 uint8_t *data,
size_t datalen);
471 uint8_t *data,
size_t datalen);
474 const uint8_t *data,
size_t datalen,
475 int syn,
int ack,
int fin,
int rst);
477uint8_t char2nible(
const char c);
479void hex2bytes(
const char *hex, uint8_t *buffer);
481jint get_uid(
const int version,
const int protocol,
482 const void *saddr,
const uint16_t sport,
483 const void *daddr,
const uint16_t dport);
485jint get_uid_sub(
const int version,
const int protocol,
486 const void *saddr,
const uint16_t sport,
487 const void *daddr,
const uint16_t dport,
488 const char *source,
const char *dest,
491int protect_socket(
const struct arguments *args,
int socket);
493uint16_t calc_checksum(uint16_t start,
const uint8_t *buffer,
size_t length);
495jobject jniGlobalRef(JNIEnv *env, jobject cls);
497jclass jniFindClass(JNIEnv *env,
const char *name);
499jmethodID jniGetMethodID(JNIEnv *env, jclass cls,
const char *name,
const char *signature);
501jfieldID jniGetFieldID(JNIEnv *env, jclass cls,
const char *name,
const char *type);
503jobject jniNewObject(JNIEnv *env, jclass cls, jmethodID constructor,
const char *name);
505int jniCheckException(JNIEnv *env);
507int sdk_int(JNIEnv *env);
509void log_android(
int prio,
const char *fmt, ...);
511void log_packet(
const struct arguments *args, jobject jpacket);
513void dns_resolved(
const struct arguments *args,
514 const char *qname,
const char *aname,
const char *resource,
int ttl);
516jboolean is_domain_blocked(
const struct arguments *args,
const char *name);
518jint get_uid_q(
const struct arguments *args,
526struct allowed *is_address_allowed(
const struct arguments *args, jobject objPacket);
528jobject create_packet(
const struct arguments *args,
540void account_usage(
const struct arguments *args, jint version, jint protocol,
541 const char *daddr, jint dport, jint uid, jlong sent, jlong received);
543void write_pcap_hdr();
545void write_pcap_rec(
const uint8_t *buffer,
size_t len);
547void write_pcap(
const void *ptr,
size_t len);
549int compare_u32(uint32_t seq1, uint32_t seq2);
551const char *strstate(
const int state);
553char *hex(
const u_int8_t *data,
const size_t len);
555int is_readable(
int fd);
557int is_writable(
int fd);
561void ng_add_alloc(
void *ptr,
const char *tag);
563void ng_delete_alloc(
void *ptr,
const char *file,
int line);
565void *ng_malloc(
size_t __byte_count,
const char *tag);
567void *ng_calloc(
size_t __item_count,
size_t __item_size,
const char *tag);
569void *ng_realloc(
void *__ptr,
size_t __byte_count,
const char *tag);
571void ng_free(
void *__ptr,
const char *file,
int line);
Definition: netguard.h:95
Definition: netguard.h:86
Definition: netguard.h:78
Definition: netguard.h:333
Definition: netguard.h:315
Definition: netguard.h:303
Definition: netguard.h:109
Definition: netguard.h:224
Definition: netguard.h:199
Definition: netguard.h:239
Definition: netguard.h:249
Definition: netguard.h:100
Definition: netguard.h:158
Definition: netguard.h:134
Definition: netguard.h:211