diff --git a/README.md b/README.md index 6e659d5..1b4bcfc 100644 --- a/README.md +++ b/README.md @@ -241,10 +241,13 @@ Available flags: - `--threads=` Specifies the amount of threads you want to be running for your program. This defaults to **1** and shouldn't be edited for normal use. But if you really want multiple queue instances of youtubeUnblock, note that you should change --queue-num to --queue balance. For example, with 4 threads, use `--queue-balance 537:540` on iptables and `queue num 537-540` on nftables. -- `--daemonize` Daemonizes the youtubeUnblock (forks and detaches it from the shell). Terminate the program with `killall youtubeUnblock`. +- `--daemonize` Daemonizes the youtubeUnblock (forks and detaches it from the shell). Terminate the program with `killall youtubeUnblock`. If you want to track the logs of youtubeUnblock in logread or journalctl, use **--syslog** flag. + +- `--syslog` Redirects logs to the system log. - `--noclose` Usable only with `--daemonize`. Will not redirect io streams to /dev/null. + - `--packet-mark=` Use this option if youtubeUnblock conflicts with other systems rely on packet mark. Note that you may want to change accept rule for iptables to follow the mark. - `--fbegin` and `--fend` flags: youtubeUnblock supports multiple sets of strategies for specific filters. You may want to initiate a new set after the default one, like: `--sni-domains=googlevideo.com --faking-strategy=md5sum --fbegin --sni-domains=youtube.com --faking-strategy=tcp_check --fend --fbegin --sni-domains=l.google.com --faking-strategy=pastseq --fend`. Note, that the priority of these sets goes backwards: last is first, default (one that does not start with --fbegin) is last. If you start the new section, the default settings are implemented just like youtubeUnblock without any parameters. Note that the config above is just an example and won't work for you. diff --git a/args.c b/args.c index 17a73d9..237d83f 100644 --- a/args.c +++ b/args.c @@ -8,6 +8,7 @@ #include #include "types.h" #include "args.h" +#include "logging.h" static char custom_fake_buf[MAX_FAKE_SIZE]; @@ -24,7 +25,8 @@ struct config_t config = { .custom_configs_len = 0, .daemonize = 0, - .noclose = 0 + .noclose = 0, + .syslog = 0, }; #define OPT_SNI_DOMAINS 1 @@ -39,6 +41,7 @@ struct config_t config = { #define OPT_END_SECTION 30 #define OPT_DAEMONIZE 31 #define OPT_NOCLOSE 32 +#define OPT_SYSLOG 33 #define OPT_FRAG 4 #define OPT_FRAG_SNI_REVERSE 12 #define OPT_FRAG_SNI_FAKED 13 @@ -59,7 +62,7 @@ struct config_t config = { #define OPT_NO_GSO 8 #define OPT_QUEUE_NUM 9 -#define OPT_MAX OPT_NOCLOSE +#define OPT_MAX OPT_SYSLOG static struct option long_opt[] = { {"help", 0, 0, 'h'}, @@ -91,6 +94,7 @@ static struct option long_opt[] = { {"no-ipv6", 0, 0, OPT_NO_IPV6}, {"daemonize", 0, 0, OPT_DAEMONIZE}, {"noclose", 0, 0, OPT_NOCLOSE}, + {"syslog", 0, 0, OPT_SYSLOG}, {"queue-num", 1, 0, OPT_QUEUE_NUM}, {"packet-mark", 1, 0, OPT_PACKET_MARK}, {"fbegin", 0, 0, OPT_START_SECTION}, @@ -161,6 +165,7 @@ void print_usage(const char *argv0) { printf("\t--no-ipv6\n"); printf("\t--daemonize\n"); printf("\t--noclose\n"); + printf("\t--syslog\n"); printf("\t--fbegin\n"); printf("\t--fend\n"); printf("\n"); @@ -217,6 +222,9 @@ int parse_args(int argc, char *argv[]) { case OPT_NOCLOSE: config.noclose = 1; break; + case OPT_SYSLOG: + config.syslog = 1; + break; case OPT_THREADS: if (section_iter != SECT_ITER_DEFAULT) goto invalid_opt; @@ -486,96 +494,99 @@ int parse_args(int argc, char *argv[]) { } void print_welcome() { + if (config.syslog) { + printf("Logging to system log\n"); + } if (config.use_gso) { - printf("GSO is enabled\n"); + lginfo("GSO is enabled\n"); } if (config.use_ipv6) { - printf("IPv6 is enabled\n"); + lginfo("IPv6 is enabled\n"); } else { - printf("IPv6 is disabled\n"); + lginfo("IPv6 is disabled\n"); } - printf("Detected %d config sections\n", config.custom_configs_len + 1); - printf("The sections will be processed in order they goes in this output\n"); + lginfo("Detected %d config sections\n", config.custom_configs_len + 1); + lginfo("The sections will be processed in order they goes in this output\n"); ITER_CONFIG_SECTIONS(section) { int section_number = CONFIG_SECTION_NUMBER(section); - printf("Section #%d\n", section_number); + lginfo("Section #%d\n", section_number); switch (section->fragmentation_strategy) { case FRAG_STRAT_TCP: - printf("Using TCP segmentation\n"); + lginfo("Using TCP segmentation\n"); break; case FRAG_STRAT_IP: - printf("Using IP fragmentation\n"); + lginfo("Using IP fragmentation\n"); break; default: - printf("SNI fragmentation is disabled\n"); + lginfo("SNI fragmentation is disabled\n"); break; } if (section->seg2_delay) { - printf("Some outgoing googlevideo request segments will be delayed for %d ms as of seg2_delay define\n", section->seg2_delay); + lginfo("Some outgoing googlevideo request segments will be delayed for %d ms as of seg2_delay define\n", section->seg2_delay); } if (section->fake_sni) { - printf("Fake SNI will be sent before each target client hello\n"); + lginfo("Fake SNI will be sent before each target client hello\n"); } else { - printf("Fake SNI is disabled\n"); + lginfo("Fake SNI is disabled\n"); } if (section->frag_sni_reverse) { - printf("Fragmentation Client Hello will be reversed\n"); + lginfo("Fragmentation Client Hello will be reversed\n"); } if (section->frag_sni_faked) { - printf("Fooling packets will be sent near the original Client Hello\n"); + lginfo("Fooling packets will be sent near the original Client Hello\n"); } if (section->fake_sni_seq_len > 1) { - printf("Faking sequence of length %d will be built as fake sni\n", section->fake_sni_seq_len); + lginfo("Faking sequence of length %d will be built as fake sni\n", section->fake_sni_seq_len); } switch (section->faking_strategy) { case FAKE_STRAT_TTL: - printf("TTL faking strategy will be used with TTL %d\n", section->faking_ttl); + lginfo("TTL faking strategy will be used with TTL %d\n", section->faking_ttl); break; case FAKE_STRAT_RAND_SEQ: - printf("Random seq faking strategy will be used\n"); - printf("Fake seq offset set to %u\n", section->fakeseq_offset); + lginfo("Random seq faking strategy will be used\n"); + lginfo("Fake seq offset set to %u\n", section->fakeseq_offset); break; case FAKE_STRAT_TCP_CHECK: - printf("TCP checksum faking strategy will be used\n"); + lginfo("TCP checksum faking strategy will be used\n"); break; case FAKE_STRAT_PAST_SEQ: - printf("Past seq faking strategy will be used\n"); + lginfo("Past seq faking strategy will be used\n"); break; case FAKE_STRAT_TCP_MD5SUM: - printf("md5sum faking strategy will be used\n"); + lginfo("md5sum faking strategy will be used\n"); break; } if (section->fk_winsize) { - printf("Response TCP window will be set to %d with the appropriate scale\n", section->fk_winsize); + lginfo("Response TCP window will be set to %d with the appropriate scale\n", section->fk_winsize); } if (section->synfake) { - printf("Fake SYN payload will be sent with each TCP request SYN packet\n"); + lginfo("Fake SYN payload will be sent with each TCP request SYN packet\n"); } if (section->quic_drop) { - printf("All QUIC packets will be dropped\n"); + lginfo("All QUIC packets will be dropped\n"); } if (section->sni_detection == SNI_DETECTION_BRUTE) { - printf("Server Name Extension will be parsed in the bruteforce mode\n"); + lginfo("Server Name Extension will be parsed in the bruteforce mode\n"); } if (section->all_domains) { - printf("All Client Hello will be targeted by youtubeUnblock!\n"); + lginfo("All Client Hello will be targeted by youtubeUnblock!\n"); } else { - printf("Target sni domains: %s\n", section->domains_str); + lginfo("Target sni domains: %s\n", section->domains_str); } } } diff --git a/config.h b/config.h index b209f93..02c4969 100644 --- a/config.h +++ b/config.h @@ -77,6 +77,7 @@ struct config_t { int daemonize; // Same as daemon() noclose int noclose; + int syslog; #define VERBOSE_INFO 0 #define VERBOSE_DEBUG 1 diff --git a/kytunblock.c b/kytunblock.c index c5c3591..0deeb6e 100644 --- a/kytunblock.c +++ b/kytunblock.c @@ -162,12 +162,12 @@ static int send_raw_socket(const uint8_t *pkt, uint32_t pktlen) { NETBUF_ALLOC(buff1, MAX_PACKET_SIZE); if (!NETBUF_CHECK(buff1)) { - lgerror("Allocation error", -ENOMEM); + lgerror(-ENOMEM, "Allocation error"); return -ENOMEM; } NETBUF_ALLOC(buff2, MAX_PACKET_SIZE); if (!NETBUF_CHECK(buff2)) { - lgerror("Allocation error", -ENOMEM); + lgerror(-ENOMEM, "Allocation error"); NETBUF_FREE(buff2); return -ENOMEM; } @@ -309,7 +309,7 @@ static NF_CALLBACK(ykb_nf_hook, skb) { ret = skb_linearize(skb); if (ret < 0) { - lgerror("Cannot linearize", ret); + lgerror(ret, "Cannot linearize"); goto accept; } @@ -360,7 +360,7 @@ static int __init ykb_init(void) { for_each_net(n) { ret = nf_register_net_hook(n, &ykb6_nf_reg); if (ret < 0) - lgerror("bad rat",ret); + lgerror(ret, "bad rat"); } #else nf_register_hook(&ykb6_nf_reg); @@ -374,7 +374,7 @@ static int __init ykb_init(void) { for_each_net(n) { ret = nf_register_net_hook(n, &ykb_nf_reg); if (ret < 0) - lgerror("bad rat",ret); + lgerror(ret, "bad rat"); } #else nf_register_hook(&ykb_nf_reg); diff --git a/logging.h b/logging.h index bf6676d..f278725 100644 --- a/logging.h +++ b/logging.h @@ -3,42 +3,65 @@ #include "config.h" #define LOG_LEVEL (config.verbose) +#define USE_SYSLOG (config.syslog) #ifdef KERNEL_SPACE #include #include #define printf pr_info #define perror pr_err -#define lgerror(msg, ret, ...) __extension__ ({ \ + +#define log_message(level, msg, ...) \ +(printf(msg, ##__VA_ARGS__)) + +#define lgerror(ret, msg, ...) __extension__ ({ \ pr_err(msg ": %d\n", ##__VA_ARGS__, ret); \ }) #else #include // IWYU pragma: export #include -#define lgerror(msg, ret, ...) __extension__ ({ \ +#include + +#define log_message(level, msg, ...) \ +(config.syslog ? (void)(syslog((level), msg, ##__VA_ARGS__)) : (void)(printf(msg, ##__VA_ARGS__))) + +#define lgerror(ret, msg, ...) __extension__ ({ \ errno = -(ret); \ - printf(msg ": %s\n", ##__VA_ARGS__, strerror(errno)); \ + log_message(LOG_ERR, msg ": %s\n", ##__VA_ARGS__, strerror(errno)); \ }) #endif /* PROGRAM_SPACE */ +#define lgerr(msg, ...) \ +(log_message(LOG_ERR, msg, ##__VA_ARGS__)) + +#define lgwarning(msg, ...) \ +(log_message(LOG_WARN, msg, ##__VA_ARGS__)) + + +#define lginfo(msg, ...) \ +(log_message(LOG_INFO, msg, ##__VA_ARGS__)) + +#define print_message(...) \ +(lginfo(__VA_ARGS__)) + #define lgdebug(msg, ...) \ -(LOG_LEVEL >= VERBOSE_DEBUG ? printf(msg, ##__VA_ARGS__) : 0) +(LOG_LEVEL >= VERBOSE_DEBUG ? log_message(LOG_INFO, msg, ##__VA_ARGS__) : (void)0) #define lgdebugmsg(msg, ...) lgdebug(msg "\n", ##__VA_ARGS__) #define lgtrace(msg, ...) \ -(LOG_LEVEL >= VERBOSE_TRACE ? printf(msg, ##__VA_ARGS__) : 0) +(LOG_LEVEL >= VERBOSE_TRACE ? log_message(LOG_INFO, msg, ##__VA_ARGS__) : (void)0) #define lgtracemsg(msg, ...) lgtrace(msg "\n", __VA_ARGS__) #define lgtrace_start(msg, ...) \ -(LOG_LEVEL >= VERBOSE_TRACE ? printf("[TRACE] " msg " ( ", ##__VA_ARGS__) : 0) +(LOG_LEVEL >= VERBOSE_TRACE ? log_message(LOG_INFO, "[TRACE] " msg " ( ", ##__VA_ARGS__) : (void)0) #define lgtrace_addp(msg, ...) \ -(LOG_LEVEL >= VERBOSE_TRACE ? printf(msg", ", ##__VA_ARGS__) : 0) +(LOG_LEVEL >= VERBOSE_TRACE ? log_message(LOG_INFO, msg", ", ##__VA_ARGS__) : (void)0) #define lgtrace_end() \ -(LOG_LEVEL >= VERBOSE_TRACE ? printf(") \n") : 0) +(LOG_LEVEL >= VERBOSE_TRACE ? log_message(LOG_INFO, ") \n") : (void)0) #endif /* LOGGING_H */ diff --git a/mangle.c b/mangle.c index ca3b65b..7c36b9f 100644 --- a/mangle.c +++ b/mangle.c @@ -112,7 +112,7 @@ int process_tcp_packet(const struct section_config_t *section, const uint8_t *ra NETBUF_ALLOC(payload, MAX_PACKET_SIZE); if (!NETBUF_CHECK(payload)) { - lgerror("Allocation error", -ENOMEM); + lgerror(-ENOMEM, "Allocation error"); goto accept; } @@ -142,7 +142,7 @@ int process_tcp_packet(const struct section_config_t *section, const uint8_t *ra ret = instance_config.send_raw_packet(payload, iph_len + tcph_len + fake_len); if (ret < 0) { - lgerror("send_syn_altered", ret); + lgerror(ret, "send_syn_altered"); NETBUF_FREE(payload); goto accept; @@ -167,7 +167,7 @@ int process_tcp_packet(const struct section_config_t *section, const uint8_t *ra uint32_t payload_len = raw_payload_len; NETBUF_ALLOC(payload, MAX_PACKET_SIZE); if (!NETBUF_CHECK(payload)) { - lgerror("Allocation error", -ENOMEM); + lgerror(-ENOMEM, "Allocation error"); goto accept; } @@ -185,7 +185,7 @@ int process_tcp_packet(const struct section_config_t *section, const uint8_t *ra &data, &dlen); if (ret < 0) { - lgerror("tcp_payload_split in targ_sni", ret); + lgerror(ret, "tcp_payload_split in targ_sni"); goto accept_lc; } @@ -201,7 +201,7 @@ int process_tcp_packet(const struct section_config_t *section, const uint8_t *ra &iph, &iph_len, &tcph, &tcph_len, &data, &dlen); if (ret < 0) { - lgerror("seqovl_packet delta %d", ret, delta); + lgerror(ret, "seqovl_packet delta %d", delta); } } @@ -241,7 +241,7 @@ int process_tcp_packet(const struct section_config_t *section, const uint8_t *ra ret = send_tcp_frags(section, payload, payload_len, poses, cnt, 0); if (ret < 0) { - lgerror("tcp4 send frags", ret); + lgerror(ret, "tcp4 send frags"); goto accept_lc; } @@ -275,20 +275,20 @@ int process_tcp_packet(const struct section_config_t *section, const uint8_t *ra ret = send_ip4_frags(section, payload, payload_len, poses, cnt, 0); if (ret < 0) { - lgerror("ip4 send frags", ret); + lgerror(ret, "ip4 send frags"); goto accept_lc; } goto drop_lc; } else { - printf("WARNING: IP fragmentation is supported only for IPv4\n"); + lginfo("WARNING: IP fragmentation is supported only for IPv4\n"); goto default_send; } default: default_send: ret = instance_config.send_raw_packet(payload, payload_len); if (ret < 0) { - lgerror("raw pack send", ret); + lgerror(ret, "raw pack send"); goto accept_lc; } @@ -339,11 +339,11 @@ int process_udp_packet(const struct section_config_t *section, const uint8_t *pk } if (dlen > 10 && config.verbose >= VERBOSE_TRACE) { - printf("UDP payload start: [ "); + lginfo("UDP payload start: [ "); for (int i = 0; i < 10; i++) { - printf("%02x ", data[i]); + lginfo("%02x ", data[i]); } - printf("], "); + lginfo("], "); } @@ -405,7 +405,7 @@ int process_udp_packet(const struct section_config_t *section, const uint8_t *pk goto drop; } else { - printf("WARNING: IP fragmentation is supported only for IPv4\n"); + lginfo("WARNING: IP fragmentation is supported only for IPv4\n"); goto accept; } } @@ -442,20 +442,20 @@ int send_ip4_frags(const struct section_config_t *section, const uint8_t *packet } else { NETBUF_ALLOC(frag1, MAX_PACKET_SIZE); if (!NETBUF_CHECK(frag1)) { - lgerror("Allocation error", -ENOMEM); + lgerror(-ENOMEM, "Allocation error"); return -ENOMEM; } NETBUF_ALLOC(frag2, MAX_PACKET_SIZE); if (!NETBUF_CHECK(frag2)) { - lgerror("Allocation error", -ENOMEM); + lgerror(-ENOMEM, "Allocation error"); NETBUF_FREE(frag1); return -ENOMEM; } NETBUF_ALLOC(fake_pad, MAX_PACKET_SIZE); if (!NETBUF_CHECK(fake_pad)) { - lgerror("Allocation error", -ENOMEM); + lgerror(-ENOMEM, "Allocation error"); NETBUF_FREE(frag1); NETBUF_FREE(frag2); return -ENOMEM; @@ -468,7 +468,7 @@ int send_ip4_frags(const struct section_config_t *section, const uint8_t *packet int ret; if (dvs > poses[0]) { - lgerror("send_frags: Recursive dvs(%d) is more than poses0(%d)", -EINVAL, dvs, poses[0]); + lgerror(-EINVAL, "send_frags: Recursive dvs(%d) is more than poses0(%d)", dvs, poses[0]); ret = -EINVAL; goto erret_lc; } @@ -480,7 +480,7 @@ int send_ip4_frags(const struct section_config_t *section, const uint8_t *packet frag1, &f1len, frag2, &f2len); if (ret < 0) { - lgerror("send_frags: frag: with context packet with size %d, position: %d, recursive dvs: %d", ret, pktlen, poses[0], dvs); + lgerror(ret, "send_frags: frag: with context packet with size %d, position: %d, recursive dvs: %d", pktlen, poses[0], dvs); goto erret_lc; } @@ -571,13 +571,13 @@ int send_tcp_frags(const struct section_config_t *section, const uint8_t *packet } else { NETBUF_ALLOC(frag1, MAX_PACKET_SIZE); if (!NETBUF_CHECK(frag1)) { - lgerror("Allocation error", -ENOMEM); + lgerror(-ENOMEM, "Allocation error"); return -ENOMEM; } NETBUF_ALLOC(frag2, MAX_PACKET_SIZE); if (!NETBUF_CHECK(frag2)) { - lgerror("Allocation error", -ENOMEM); + lgerror(-ENOMEM, "Allocation error"); NETBUF_FREE(frag1); return -ENOMEM; } @@ -588,7 +588,7 @@ int send_tcp_frags(const struct section_config_t *section, const uint8_t *packet int ret; if (dvs > poses[0]) { - lgerror("send_frags: Recursive dvs(%d) is more than poses0(%d)", -EINVAL, dvs, poses[0]); + lgerror(-EINVAL, "send_frags: Recursive dvs(%d) is more than poses0(%d)", dvs, poses[0]); ret = -EINVAL; goto erret_lc; } @@ -601,7 +601,7 @@ int send_tcp_frags(const struct section_config_t *section, const uint8_t *packet lgtrace_addp("Packet split in %d bytes position of payload start, dvs: %d to two packets of %d and %d lengths", poses[0], dvs, f1len, f2len); if (ret < 0) { - lgerror("send_frags: tcp_frag: with context packet with size %d, position: %d, recursive dvs: %d", ret, pktlen, poses[0], dvs); + lgerror(ret, "send_frags: tcp_frag: with context packet with size %d, position: %d, recursive dvs: %d", pktlen, poses[0], dvs); goto erret_lc; } @@ -690,7 +690,7 @@ int post_fake_sni(struct fake_type f_type, for (int i = 0; i < fake_seq_type.sequence_len; i++) { NETBUF_ALLOC(fake_sni, MAX_PACKET_SIZE); if (!NETBUF_CHECK(fake_sni)) { - lgerror("Allocation error", -ENOMEM); + lgerror(-ENOMEM, "Allocation error"); return -ENOMEM; } uint32_t fsn_len = MAX_PACKET_SIZE; @@ -700,7 +700,7 @@ int post_fake_sni(struct fake_type f_type, fsiph, iph_len, fstcph, tcph_len, fake_sni, &fsn_len); if (ret < 0) { - lgerror("gen_fake_sni", ret); + lgerror(ret, "gen_fake_sni"); goto erret_lc; } @@ -712,7 +712,7 @@ int post_fake_sni(struct fake_type f_type, ret = instance_config.send_raw_packet(fake_sni, fsn_len); } if (ret < 0) { - lgerror("send fake sni", ret); + lgerror(ret, "send fake sni"); goto erret_lc; } uint32_t iph_len; diff --git a/quic.c b/quic.c index 05ab089..66bdb4e 100644 --- a/quic.c +++ b/quic.c @@ -135,6 +135,6 @@ int quic_parse_initial_message(uint8_t *inpayload, uint32_t inplen, return 0; invalid_packet: - lgerror("QUIC invalid Initial packet", -EINVAL); + lgerror(-EINVAL, "QUIC invalid Initial packet"); return -EINVAL; } diff --git a/tls.c b/tls.c index e67c18c..b3f0e4f 100644 --- a/tls.c +++ b/tls.c @@ -228,12 +228,12 @@ struct tls_verdict analyze_tls_data( NETBUF_ALLOC(buf, MAX_PACKET_SIZE); if (!NETBUF_CHECK(buf)) { - lgerror("Allocation error", -ENOMEM); + lgerror(-ENOMEM, "Allocation error"); goto out; } NETBUF_ALLOC(nzbuf, MAX_PACKET_SIZE * sizeof(int)); if (!NETBUF_CHECK(nzbuf)) { - lgerror("Allocation error", -ENOMEM); + lgerror(-ENOMEM, "Allocation error"); NETBUF_FREE(buf); goto out; } @@ -324,7 +324,7 @@ int gen_fake_sni(struct fake_type type, #if _NO_GETRANDOM ret = open("/dev/urandom", O_RDONLY); if (ret < 0) { - lgerror("Unable to open /dev/urandom", ret); + lgerror(ret, "Unable to open /dev/urandom"); return ret; } diff --git a/utils.c b/utils.c index 0659bb5..eb3f168 100644 --- a/utils.c +++ b/utils.c @@ -81,20 +81,20 @@ int ip4_payload_split(uint8_t *pkt, uint32_t buflen, struct iphdr **iph, uint32_t *iph_len, uint8_t **payload, uint32_t *plen) { if (pkt == NULL || buflen < sizeof(struct iphdr)) { - lgerror("ip4_payload_split: pkt|buflen", -EINVAL); + lgerror(-EINVAL, "ip4_payload_split: pkt|buflen"); return -EINVAL; } struct iphdr *hdr = (struct iphdr *)pkt; if (netproto_version(pkt, buflen) != IP4VERSION) { - lgerror("ip4_payload_split: ipversion", -EINVAL); + lgerror(-EINVAL, "ip4_payload_split: ipversion"); return -EINVAL; } uint32_t hdr_len = hdr->ihl * 4; uint32_t pktlen = ntohs(hdr->tot_len); if (buflen < pktlen || hdr_len > pktlen) { - lgerror("ip4_payload_split: buflen cmp pktlen", -EINVAL); + lgerror(-EINVAL, "ip4_payload_split: buflen cmp pktlen"); return -EINVAL; } @@ -156,20 +156,20 @@ int ip6_payload_split(uint8_t *pkt, uint32_t buflen, struct ip6_hdr **iph, uint32_t *iph_len, uint8_t **payload, uint32_t *plen) { if (pkt == NULL || buflen < sizeof(struct ip6_hdr)) { - lgerror("ip6_payload_split: pkt|buflen", -EINVAL); + lgerror(-EINVAL, "ip6_payload_split: pkt|buflen"); return -EINVAL; } struct ip6_hdr *hdr = (struct ip6_hdr *)pkt; if (netproto_version(pkt, buflen) != 6) { - lgerror("ip6_payload_split: ip6version", -EINVAL); + lgerror(-EINVAL, "ip6_payload_split: ip6version"); return -EINVAL; } uint32_t hdr_len = sizeof(struct ip6_hdr); uint32_t pktlen = ntohs(hdr->ip6_plen); if (buflen < pktlen) { - lgerror("ip6_payload_split: buflen cmp pktlen: %d %d", -EINVAL, buflen, pktlen); + lgerror(-EINVAL, "ip6_payload_split: buflen cmp pktlen: %d %d", buflen, pktlen); return -EINVAL; } @@ -237,7 +237,7 @@ int tcp_payload_split(uint8_t *pkt, uint32_t buflen, } else if (netvers == IP6VERSION) { return tcp6_payload_split(pkt, buflen, (struct ip6_hdr **)iph, iph_len, tcph, tcph_len, payload, plen); } else { - lgerror("Internet Protocol version is unsupported", -EINVAL); + lgerror(-EINVAL, "Internet Protocol version is unsupported"); return -EINVAL; } } @@ -329,7 +329,7 @@ int udp_payload_split(uint8_t *pkt, uint32_t buflen, } else if (netvers == IP6VERSION) { return udp6_payload_split(pkt, buflen, (struct ip6_hdr **)iph, iph_len, udph, payload, plen); } else { - lgerror("Internet Protocol version is unsupported", -EINVAL); + lgerror(-EINVAL, "Internet Protocol version is unsupported"); return -EINVAL; } } @@ -351,7 +351,7 @@ int ip4_frag(const uint8_t *pkt, uint32_t buflen, uint32_t payload_offset, if ((ret = ip4_payload_split( (uint8_t *)pkt, buflen, &hdr, &hdr_len, (uint8_t **)&payload, &plen)) < 0) { - lgerror("ipv4_frag: TCP Header extract error", ret); + lgerror(ret, "ipv4_frag: TCP Header extract error"); return -EINVAL; } @@ -360,7 +360,7 @@ int ip4_frag(const uint8_t *pkt, uint32_t buflen, uint32_t payload_offset, } if (payload_offset & ((1 << 3) - 1)) { - lgerror("ipv4_frag: Payload offset MUST be a multiply of 8!", -EINVAL); + lgerror(-EINVAL, "ipv4_frag: Payload offset MUST be a multiply of 8!"); return -EINVAL; } @@ -433,7 +433,7 @@ int tcp_frag(const uint8_t *pkt, uint32_t buflen, uint32_t payload_offset, &hdr, &hdr_len, &tcph, &tcph_len, (uint8_t **)&payload, &plen)) < 0) { - lgerror("tcp_frag: tcp_payload_split", ret); + lgerror(ret, "tcp_frag: tcp_payload_split"); return -EINVAL; } @@ -448,7 +448,7 @@ int tcp_frag(const uint8_t *pkt, uint32_t buflen, uint32_t payload_offset, ntohs(iphdr->frag_off) & IP_OFFMASK) { lgdebugmsg("tcp_frag: ip4: frag value: %d", ntohs(iphdr->frag_off)); - lgerror("tcp_frag: ip4: ip fragmentation is set", -EINVAL); + lgerror(-EINVAL, "tcp_frag: ip4: ip fragmentation is set"); return -EINVAL; } } @@ -590,7 +590,7 @@ int fail_packet(struct failing_strategy strategy, uint8_t *payload, uint32_t *pl } else if (ipxv == IP6VERSION) { ((struct ip6_hdr *)iph)->ip6_hops = strategy.faking_ttl; } else { - lgerror("fail_packet: IP version is unsupported", -EINVAL); + lgerror(-EINVAL, "fail_packet: IP version is unsupported"); return -EINVAL; } } else if (strategy.strategy == FAKE_STRAT_TCP_MD5SUM) { @@ -612,7 +612,7 @@ int fail_packet(struct failing_strategy strategy, uint8_t *payload, uint32_t *pl } else if (ipxv == IP6VERSION) { ((struct ip6_hdr *)iph)->ip6_plen = htons(ntohs(((struct ip6_hdr *)iph)->ip6_plen) + delta); } else { - lgerror("fail_packet: IP version is unsupported", -EINVAL); + lgerror(-EINVAL, "fail_packet: IP version is unsupported"); return -EINVAL; } optp_len += delta; diff --git a/youtubeUnblock.c b/youtubeUnblock.c index 67de5cf..1c7692e 100644 --- a/youtubeUnblock.c +++ b/youtubeUnblock.c @@ -45,12 +45,12 @@ static int open_socket(struct mnl_socket **_nl) { nl = mnl_socket_open(NETLINK_NETFILTER); if (nl == NULL) { - perror("mnl_socket_open"); + lgerror(errno, "mnl_socket_open"); return -1; } if (mnl_socket_bind(nl, 0, MNL_SOCKET_AUTOPID) < 0) { - perror("mnl_socket_bind"); + lgerror(errno, "mnl_socket_bind"); mnl_socket_close(nl); return -1; } @@ -65,7 +65,7 @@ static int close_socket(struct mnl_socket **_nl) { struct mnl_socket *nl = *_nl; if (nl == NULL) return 1; if (mnl_socket_close(nl) < 0) { - perror("mnl_socket_close"); + lgerror(errno, "mnl_socket_close"); return -1; } @@ -77,26 +77,26 @@ static int close_socket(struct mnl_socket **_nl) { static int open_raw_socket(void) { if (rawsocket != -2) { errno = EALREADY; - perror("Raw socket is already opened"); + lgerror(errno, "Raw socket is already opened"); return -1; } rawsocket = socket(AF_INET, SOCK_RAW, IPPROTO_RAW); if (rawsocket == -1) { - perror("Unable to create raw socket"); + lgerror(errno, "Unable to create raw socket"); return -1; } int mark = config.mark; if (setsockopt(rawsocket, SOL_SOCKET, SO_MARK, &mark, sizeof(mark)) < 0) { - fprintf(stderr, "setsockopt(SO_MARK, %d) failed\n", mark); + lgerror(errno, "setsockopt(SO_MARK, %d) failed\n", mark); return -1; } int mst = pthread_mutex_init(&rawsocket_lock, NULL); if (mst) { - fprintf(stderr, "Mutex err: %d\n", mst); + lgerror(errno, "Mutex err: %d\n", mst); close(rawsocket); errno = mst; @@ -110,12 +110,12 @@ static int open_raw_socket(void) { static int close_raw_socket(void) { if (rawsocket < 0) { errno = EALREADY; - perror("Raw socket is not set"); + lgerror(errno, "Raw socket is not set"); return -1; } if (close(rawsocket)) { - perror("Unable to close raw socket"); + lgerror(errno, "Unable to close raw socket"); pthread_mutex_destroy(&rawsocket_lock); return -1; } @@ -129,26 +129,26 @@ static int close_raw_socket(void) { static int open_raw6_socket(void) { if (raw6socket != -2) { errno = EALREADY; - perror("Raw socket is already opened"); + lgerror(errno, "Raw socket is already opened"); return -1; } raw6socket = socket(AF_INET6, SOCK_RAW, IPPROTO_RAW); if (rawsocket == -1) { - perror("Unable to create raw socket"); + lgerror(errno, "Unable to create raw socket"); return -1; } int mark = config.mark; if (setsockopt(raw6socket, SOL_SOCKET, SO_MARK, &mark, sizeof(mark)) < 0) { - fprintf(stderr, "setsockopt(SO_MARK, %d) failed\n", mark); + lgerror(errno, "setsockopt(SO_MARK, %d) failed\n", mark); return -1; } int mst = pthread_mutex_init(&raw6socket_lock, NULL); if (mst) { - fprintf(stderr, "Mutex err: %d\n", mst); + lgerror(mst, "Mutex err: %d\n", mst); close(raw6socket); errno = mst; @@ -162,12 +162,12 @@ static int open_raw6_socket(void) { static int close_raw6_socket(void) { if (raw6socket < 0) { errno = EALREADY; - perror("Raw socket is not set"); + lgerror(errno, "Raw socket is not set"); return -1; } if (close(raw6socket)) { - perror("Unable to close raw socket"); + lgerror(errno, "Unable to close raw socket"); pthread_mutex_destroy(&rawsocket_lock); return -1; } @@ -256,18 +256,17 @@ static int send_raw_socket(const uint8_t *pkt, uint32_t pktlen) { int ret; if (pktlen > AVAILABLE_MTU) { - if (config.verbose) - printf("Split packet!\n"); + lgtrace("Split packet!\n"); NETBUF_ALLOC(buff1, MNL_SOCKET_BUFFER_SIZE); if (!NETBUF_CHECK(buff1)) { - lgerror("Allocation error", -ENOMEM); + lgerror(-ENOMEM, "Allocation error"); return -ENOMEM; } NETBUF_ALLOC(buff2, MNL_SOCKET_BUFFER_SIZE); if (!NETBUF_CHECK(buff2)) { - lgerror("Allocation error", -ENOMEM); + lgerror(-ENOMEM, "Allocation error"); NETBUF_FREE(buff1); return -ENOMEM; } @@ -313,7 +312,7 @@ static int send_raw_socket(const uint8_t *pkt, uint32_t pktlen) { } else if (ipvx == IP6VERSION) { ret = send_raw_ipv6(pkt, pktlen); } else { - printf("proto version %d is unsupported\n", ipvx); + lginfo("proto version %d is unsupported\n", ipvx); return -EINVAL; } @@ -346,7 +345,7 @@ static int fallback_accept_packet(uint32_t id, struct queue_data qdata) { nfq_nlmsg_verdict_put(verdnlh, id, NF_ACCEPT); if (mnl_socket_sendto(*qdata._nl, verdnlh, verdnlh->nlmsg_len) < 0) { - perror("mnl_socket_send"); + lgerror(errno, "mnl_socket_send"); return MNL_CB_ERROR; } @@ -371,7 +370,7 @@ void *delay_packet_send_fn(void *data) { int ret = send_raw_socket(pkt, pktlen); if (ret < 0) { errno = -ret; - perror("send delayed raw packet"); + lgerror(errno, "send delayed raw packet"); } free(pkt); @@ -403,13 +402,13 @@ static int queue_cb(const struct nlmsghdr *nlh, void *data) { struct packet_data packet = {0}; if (nfq_nlmsg_parse(nlh, attr) < 0) { - perror("Attr parse"); + lgerror(errno, "Attr parse"); return MNL_CB_ERROR; } if (attr[NFQA_PACKET_HDR] == NULL) { errno = ENODATA; - perror("Metaheader not set"); + lgerror(errno, "Metaheader not set"); return MNL_CB_ERROR; } @@ -422,7 +421,7 @@ static int queue_cb(const struct nlmsghdr *nlh, void *data) { packet.payload = mnl_attr_get_payload(attr[NFQA_PAYLOAD]); if (attr[NFQA_CAP_LEN] != NULL && ntohl(mnl_attr_get_u32(attr[NFQA_CAP_LEN])) != packet.payload_len) { - fprintf(stderr, "The packet was truncated! Skip!\n"); + lgerr("The packet was truncated! Skip!\n"); return fallback_accept_packet(packet.id, *qdata); } @@ -450,7 +449,7 @@ static int queue_cb(const struct nlmsghdr *nlh, void *data) { } if (mnl_socket_sendto(*qdata->_nl, verdnlh, verdnlh->nlmsg_len) < 0) { - perror("mnl_socket_send"); + lgerror(errno, "mnl_socket_send"); return MNL_CB_ERROR; } @@ -463,7 +462,7 @@ int init_queue(int queue_num) { struct mnl_socket *nl; if (open_socket(&nl)) { - perror("Unable to open socket"); + lgerror(errno, "Unable to open socket"); return -1; } @@ -472,7 +471,7 @@ int init_queue(int queue_num) { struct nlmsghdr *nlh; NETBUF_ALLOC(bbuf, BUF_SIZE); if (!NETBUF_CHECK(bbuf)) { - lgerror("Allocation error", -ENOMEM); + lgerror(-ENOMEM, "Allocation error"); goto die_alloc; } char *buf = (char *)bbuf; @@ -485,7 +484,7 @@ int init_queue(int queue_num) { nfq_nlmsg_cfg_put_cmd(nlh, PF_INET, NFQNL_CFG_CMD_PF_UNBIND); if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) { - perror("mnl_socket_send"); + lgerror(errno, "mnl_socket_send"); goto die; } @@ -493,7 +492,7 @@ int init_queue(int queue_num) { nfq_nlmsg_cfg_put_cmd(nlh, PF_INET, NFQNL_CFG_CMD_PF_BIND); if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) { - perror("mnl_socket_send"); + lgerror(errno, "mnl_socket_send"); goto die; } @@ -502,7 +501,7 @@ int init_queue(int queue_num) { nfq_nlmsg_cfg_put_cmd(nlh, PF_INET6, NFQNL_CFG_CMD_PF_UNBIND); if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) { - perror("mnl_socket_send"); + lgerror(errno, "mnl_socket_send"); goto die; } @@ -510,7 +509,7 @@ int init_queue(int queue_num) { nfq_nlmsg_cfg_put_cmd(nlh, PF_INET6, NFQNL_CFG_CMD_PF_BIND); if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) { - perror("mnl_socket_send"); + lgerror("mnl_socket_send"); goto die; } } @@ -520,7 +519,7 @@ int init_queue(int queue_num) { nfq_nlmsg_cfg_put_cmd(nlh, AF_INET, NFQNL_CFG_CMD_BIND); if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) { - perror("mnl_socket_send"); + lgerror(errno, "mnl_socket_send"); goto die; } @@ -533,7 +532,7 @@ int init_queue(int queue_num) { } if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) { - perror("mnl_socket_send"); + lgerror(errno, "mnl_socket_send"); goto die; } @@ -550,22 +549,22 @@ int init_queue(int queue_num) { .queue_num = queue_num }; - printf("Queue %d started\n", qdata.queue_num); + lginfo("Queue %d started\n", qdata.queue_num); while (1) { ret = mnl_socket_recvfrom(nl, buf, BUF_SIZE); if (ret == -1) { - perror("mnl_socket_recvfrom"); + lgerror(errno, "mnl_socket_recvfrom"); goto die; } ret = mnl_cb_run(buf, ret, 0, portid, queue_cb, &qdata); if (ret < 0) { - lgerror("mnl_cb_run", -EPERM); + lgerror(-EPERM, "mnl_cb_run"); if (errno == EPERM) { - printf("Probably another instance of youtubeUnblock with the same queue number is running\n"); + lgerror(errno, "Probably another instance of youtubeUnblock with the same queue number is running\n"); } else { - printf("Make sure the nfnetlink_queue kernel module is loaded\n"); + lgerror(errno, "Make sure the nfnetlink_queue kernel module is loaded\n"); } goto die; } @@ -602,7 +601,7 @@ void *init_queue_wrapper(void *qdconf) { thres->status = init_queue(qconf->queue_num); - fprintf(stderr, "Thread %d exited with status %d\n", qconf->i, thres->status); + lgerror(thres->status, "Thread %d exited with status %d\n", qconf->i, thres->status); return thres; } @@ -616,7 +615,7 @@ int main(int argc, char *argv[]) { int ret; if ((ret = parse_args(argc, argv)) != 0) { if (ret < 0) { - perror("Unable to parse args"); + lgerror(errno, "Unable to parse args"); exit(EXIT_FAILURE); } exit(EXIT_SUCCESS); @@ -627,13 +626,13 @@ int main(int argc, char *argv[]) { if (open_raw_socket() < 0) { - perror("Unable to open raw socket"); + lgerror(errno, "Unable to open raw socket"); exit(EXIT_FAILURE); } if (config.use_ipv6) { if (open_raw6_socket() < 0) { - perror("Unable to open raw socket for ipv6"); + lgerror(errno, "Unable to open raw socket for ipv6"); close_raw_socket(); exit(EXIT_FAILURE); } @@ -653,7 +652,7 @@ int main(int argc, char *argv[]) { qres = init_queue_wrapper(&tconf); } else { - printf("%d threads wil be used\n", config.threads); + lginfo("%d threads wil be used\n", config.threads); struct queue_conf thread_confs[MAX_THREADS]; pthread_t threads[MAX_THREADS];