This repository has been archived by the owner on Feb 24, 2020. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 34
/
Copy pathwindivert.go
221 lines (183 loc) · 5.96 KB
/
windivert.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
package godivert
import (
"errors"
"runtime"
"syscall"
"unsafe"
)
var (
winDivertDLL *syscall.LazyDLL
winDivertOpen *syscall.LazyProc
winDivertClose *syscall.LazyProc
winDivertRecv *syscall.LazyProc
winDivertSend *syscall.LazyProc
winDivertHelperCalcChecksums *syscall.LazyProc
winDivertHelperEvalFilter *syscall.LazyProc
winDivertHelperCheckFilter *syscall.LazyProc
)
func init() {
LoadDLL("WinDivert.dll", "WinDivert.dll")
}
// Used to call WinDivert's functions
type WinDivertHandle struct {
handle uintptr
open bool
}
// LoadDLL loads the WinDivert DLL depending the OS (x64 or x86) and the given DLL path.
// The path can be a relative path (from the .exe folder) or absolute path.
func LoadDLL(path64, path32 string) {
var dllPath string
if runtime.GOARCH == "amd64" {
dllPath = path64
} else {
dllPath = path32
}
winDivertDLL = syscall.NewLazyDLL(dllPath)
winDivertOpen = winDivertDLL.NewProc("WinDivertOpen")
winDivertClose = winDivertDLL.NewProc("WinDivertClose")
winDivertRecv = winDivertDLL.NewProc("WinDivertRecv")
winDivertSend = winDivertDLL.NewProc("WinDivertSend")
winDivertHelperCalcChecksums = winDivertDLL.NewProc("WinDivertHelperCalcChecksums")
winDivertHelperEvalFilter = winDivertDLL.NewProc("WinDivertHelperEvalFilter")
winDivertHelperCheckFilter = winDivertDLL.NewProc("WinDivertHelperCheckFilter")
}
// Create a new WinDivertHandle by calling WinDivertOpen and returns it
// The string parameter is the fiter that packets have to match
// https://reqrypt.org/windivert-doc.html#divert_open
func NewWinDivertHandle(filter string) (*WinDivertHandle, error) {
return NewWinDivertHandleWithFlags(filter, 0)
}
// Create a new WinDivertHandle by calling WinDivertOpen and returns it
// The string parameter is the fiter that packets have to match
// and flags are the used flags used
// https://reqrypt.org/windivert-doc.html#divert_open
func NewWinDivertHandleWithFlags(filter string, flags uint8) (*WinDivertHandle, error) {
filterBytePtr, err := syscall.BytePtrFromString(filter)
if err != nil {
return nil, err
}
handle, _, err := winDivertOpen.Call(uintptr(unsafe.Pointer(filterBytePtr)),
uintptr(0),
uintptr(0),
uintptr(flags))
if handle == uintptr(syscall.InvalidHandle) {
return nil, err
}
winDivertHandle := &WinDivertHandle{
handle: handle,
open: true,
}
return winDivertHandle, nil
}
// Close the Handle
// See https://reqrypt.org/windivert-doc.html#divert_close
func (wd *WinDivertHandle) Close() error {
_, _, err := winDivertClose.Call(wd.handle)
wd.open = false
return err
}
// Divert a packet from the Network Stack
// https://reqrypt.org/windivert-doc.html#divert_recv
func (wd *WinDivertHandle) Recv() (*Packet, error) {
if !wd.open {
return nil, errors.New("can't receive, the handle isn't open")
}
packetBuffer := make([]byte, PacketBufferSize)
var packetLen uint
var addr WinDivertAddress
success, _, err := winDivertRecv.Call(wd.handle,
uintptr(unsafe.Pointer(&packetBuffer[0])),
uintptr(PacketBufferSize),
uintptr(unsafe.Pointer(&addr)),
uintptr(unsafe.Pointer(&packetLen)))
if success == 0 {
return nil, err
}
packet := &Packet{
Raw: packetBuffer[:packetLen],
Addr: &addr,
PacketLen: packetLen,
}
return packet, nil
}
// Inject the packet on the Network Stack
// https://reqrypt.org/windivert-doc.html#divert_send
func (wd *WinDivertHandle) Send(packet *Packet) (uint, error) {
var sendLen uint
if !wd.open {
return 0, errors.New("can't Send, the handle isn't open")
}
success, _, err := winDivertSend.Call(wd.handle,
uintptr(unsafe.Pointer(&(packet.Raw[0]))),
uintptr(packet.PacketLen),
uintptr(unsafe.Pointer(packet.Addr)),
uintptr(unsafe.Pointer(&sendLen)))
if success == 0 {
return 0, err
}
return sendLen, nil
}
// Calls WinDivertHelperCalcChecksum to calculate the packet's chacksum
// https://reqrypt.org/windivert-doc.html#divert_helper_calc_checksums
func (wd *WinDivertHandle) HelperCalcChecksum(packet *Packet) {
winDivertHelperCalcChecksums.Call(
uintptr(unsafe.Pointer(&packet.Raw[0])),
uintptr(packet.PacketLen),
uintptr(unsafe.Pointer(&packet.Addr)),
uintptr(0))
}
// Take the given filter and check if it contains any error
// https://reqrypt.org/windivert-doc.html#divert_helper_check_filter
func HelperCheckFilter(filter string) (bool, int) {
var errorPos uint
filterBytePtr, _ := syscall.BytePtrFromString(filter)
success, _, _ := winDivertHelperCheckFilter.Call(
uintptr(unsafe.Pointer(filterBytePtr)),
uintptr(0),
uintptr(0), // Not implemented yet
uintptr(unsafe.Pointer(&errorPos)))
if success == 1 {
return true, -1
}
return false, int(errorPos)
}
// Take a packet and compare it with the given filter
// Returns true if the packet matches the filter
// https://reqrypt.org/windivert-doc.html#divert_helper_eval_filter
func HelperEvalFilter(packet *Packet, filter string) (bool, error) {
filterBytePtr, err := syscall.BytePtrFromString(filter)
if err != nil {
return false, err
}
success, _, err := winDivertHelperEvalFilter.Call(
uintptr(unsafe.Pointer(filterBytePtr)),
uintptr(0),
uintptr(unsafe.Pointer(&packet.Raw[0])),
uintptr(packet.PacketLen),
uintptr(unsafe.Pointer(&packet.Addr)))
if success == 0 {
return false, err
}
return true, nil
}
// A loop that capture packets by calling Recv and sends them on a channel as long as the handle is open
// If Recv() returns an error, the loop is stopped and the channel is closed
func (wd *WinDivertHandle) recvLoop(packetChan chan<- *Packet) {
for wd.open {
packet, err := wd.Recv()
if err != nil {
//close(packetChan)
break
}
packetChan <- packet
}
}
// Create a new channel that will be used to pass captured packets and returns it calls recvLoop to maintain a loop
func (wd *WinDivertHandle) Packets() (chan *Packet, error) {
if !wd.open {
return nil, errors.New("the handle isn't open")
}
packetChan := make(chan *Packet, PacketChanCapacity)
go wd.recvLoop(packetChan)
return packetChan, nil
}