cloudflared-mirror/ingress/origin_icmp_proxy.go

package ingress

import (
	"context"
	"fmt"
	"net/netip"
	"time"

	"github.com/rs/zerolog"
	"golang.org/x/net/icmp"

	"github.com/cloudflare/cloudflared/packet"
)

const (
	defaultCloseAfterIdle = time.Second * 15
	mtu                   = 1500
	icmpTimeoutMs         = 1000
)

var (
	errFlowInactive = fmt.Errorf("flow is inactive")
	errPacketNil    = fmt.Errorf("packet is nil")
)

// ICMPProxy sends ICMP messages and listens for their responses
type ICMPProxy interface {
	// Serve starts listening for responses to the requests until context is done
	Serve(ctx context.Context) error
	// Request sends an ICMP message
	Request(pk *packet.ICMP, responder packet.FlowResponder) error
}

func NewICMPProxy(listenIP netip.Addr, logger *zerolog.Logger) (ICMPProxy, error) {
	return newICMPProxy(listenIP, logger)
}

// Opens a non-privileged ICMP socket on Linux and Darwin
func newICMPConn(listenIP netip.Addr) (*icmp.PacketConn, error) {
	network := "udp6"
	if listenIP.Is4() {
		network = "udp4"
	}
	return icmp.ListenPacket(network, listenIP.String())
}

func getICMPEcho(pk *packet.ICMP) (*icmp.Echo, error) {
	echo, ok := pk.Message.Body.(*icmp.Echo)
	if !ok {
		return nil, fmt.Errorf("expect ICMP echo, got %s", pk.Type)
	}
	return echo, nil
}
TUN-6530: Implement ICMPv4 proxy This proxy uses unprivileged datagram-oriented endpoint and is shared by all quic connections 2022-08-18 15:03:47 +00:00			`package ingress`

			`import (`
			`"context"`
TUN-6695: Implement ICMP proxy for linux 2022-08-25 11:34:19 +00:00			`"fmt"`
			`"net/netip"`
			`"time"`
TUN-6530: Implement ICMPv4 proxy This proxy uses unprivileged datagram-oriented endpoint and is shared by all quic connections 2022-08-18 15:03:47 +00:00
			`"github.com/rs/zerolog"`
TUN-6695: Implement ICMP proxy for linux 2022-08-25 11:34:19 +00:00			`"golang.org/x/net/icmp"`
TUN-6530: Implement ICMPv4 proxy This proxy uses unprivileged datagram-oriented endpoint and is shared by all quic connections 2022-08-18 15:03:47 +00:00
			`"github.com/cloudflare/cloudflared/packet"`
			`)`

TUN-6695: Implement ICMP proxy for linux 2022-08-25 11:34:19 +00:00			`const (`
			`defaultCloseAfterIdle = time.Second * 15`
			`mtu = 1500`
TUN-6531: Implement ICMP proxy for Windows using IcmpSendEcho 2022-08-29 17:49:07 +00:00			`icmpTimeoutMs = 1000`
TUN-6695: Implement ICMP proxy for linux 2022-08-25 11:34:19 +00:00			`)`

			`var (`
			`errFlowInactive = fmt.Errorf("flow is inactive")`
			`errPacketNil = fmt.Errorf("packet is nil")`
			`)`

TUN-6530: Implement ICMPv4 proxy This proxy uses unprivileged datagram-oriented endpoint and is shared by all quic connections 2022-08-18 15:03:47 +00:00			`// ICMPProxy sends ICMP messages and listens for their responses`
			`type ICMPProxy interface {`
TUN-6695: Implement ICMP proxy for linux 2022-08-25 11:34:19 +00:00			`// Serve starts listening for responses to the requests until context is done`
			`Serve(ctx context.Context) error`
TUN-6530: Implement ICMPv4 proxy This proxy uses unprivileged datagram-oriented endpoint and is shared by all quic connections 2022-08-18 15:03:47 +00:00			`// Request sends an ICMP message`
			`Request(pk *packet.ICMP, responder packet.FlowResponder) error`
			`}`

TUN-6695: Implement ICMP proxy for linux 2022-08-25 11:34:19 +00:00			`func NewICMPProxy(listenIP netip.Addr, logger *zerolog.Logger) (ICMPProxy, error) {`
TUN-6586: Change ICMP proxy to only build for Darwin and use echo ID to track flows 2022-08-22 16:41:51 +00:00			`return newICMPProxy(listenIP, logger)`
TUN-6530: Implement ICMPv4 proxy This proxy uses unprivileged datagram-oriented endpoint and is shared by all quic connections 2022-08-18 15:03:47 +00:00			`}`
TUN-6695: Implement ICMP proxy for linux 2022-08-25 11:34:19 +00:00
			`// Opens a non-privileged ICMP socket on Linux and Darwin`
			`func newICMPConn(listenIP netip.Addr) (*icmp.PacketConn, error) {`
			`network := "udp6"`
			`if listenIP.Is4() {`
			`network = "udp4"`
			`}`
			`return icmp.ListenPacket(network, listenIP.String())`
			`}`
TUN-6531: Implement ICMP proxy for Windows using IcmpSendEcho 2022-08-29 17:49:07 +00:00
			`func getICMPEcho(pk packet.ICMP) (icmp.Echo, error) {`
			`echo, ok := pk.Message.Body.(*icmp.Echo)`
			`if !ok {`
			`return nil, fmt.Errorf("expect ICMP echo, got %s", pk.Type)`
			`}`
			`return echo, nil`
			`}`