new interface (#33)

* rebuild interface * update README * update log level * error to find intreface
biandratti · Dec 14, 2024 · e06053b · e06053b
1 parent 0d84dbc
commit e06053b
Show file tree

Hide file tree

Showing 7 changed files with 186 additions and 141 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "passivetcp-rs"
-version = "0.1.0-alpha.0"
+version = "0.1.0-alpha.1"
 edition = "2021"
 description = "Passive traffic fingerprinting [p0f]"
 license = "MIT"
@@ -18,6 +18,7 @@ failure = "0.1.8"
 log = "0.4.22"
 lazy_static = "1.5.0"
 ttl_cache = "0.5.1"
+env_logger = "0.11.5"
 
 [[example]]
 name = "p0f"

diff --git a/README.md b/README.md
@@ -65,38 +65,27 @@ Here’s a basic example of how to use passivetcp-rs:
 use passivetcp_rs::db::Database;
 use passivetcp_rs::P0f;
 
+env_logger::init();
 let args = Args::parse();
-let interface_name = args.interface;
-let db = Database::default();
-let mut p0f = P0f::new(&db, 100);
+let db = Box::leak(Box::new(Database::default()));
+let (sender, receiver) = mpsc::channel();
 
-let interfaces: Vec<NetworkInterface> = datalink::interfaces();
-let interface = interfaces
-    .into_iter()
-    .find(|iface| iface.name == interface_name)
-    .expect("Could not find the interface");
+thread::spawn(move || {
+    P0f::new(db, 100).analyze_network(&args.interface, sender);
+});
 
-let config = Config {
-    promiscuous: true,
-    ..Config::default()
-};
-
-let (_tx, mut rx) = match datalink::channel(&interface, config) {
-    Ok(datalink::Channel::Ethernet(tx, rx)) => (tx, rx),
-    Ok(_) => panic!("Unhandled channel type"),
-    Err(e) => panic!("Unable to create channel: {}", e),
-};
-
-loop {
-    match rx.next() {
-        Ok(packet) => {
-            let p0f_output = p0f.analyze_tcp(packet);
-            p0f_output.syn.map(|syn| println!("{}", syn));
-            p0f_output.syn_ack.map(|syn_ack| println!("{}", syn_ack));
-            p0f_output.mtu.map(|mtu| println!("{}", mtu));
-            p0f_output.uptime.map(|uptime| println!("{}", uptime));
-        }
-    Err(e) => eprintln!("Failed to read packet: {}", e),
+for output in receiver {
+    if let Some(syn) = output.syn {
+        info!("{}", syn);
+    }
+    if let Some(syn_ack) = output.syn_ack {
+        info!("{}", syn_ack);
+    }
+    if let Some(mtu) = output.mtu {
+        info!("{}", mtu);
+    }
+    if let Some(uptime) = output.uptime {
+        info!("{}", uptime);
     }
 }
 ```

diff --git a/examples/README.md b/examples/README.md
@@ -6,5 +6,5 @@ ip link show
 ### Process packages
 ```
 cargo build --release --examples
-sudo RUST_BACKTRACE=1 ./target/release/examples/p0f --interface <INTERFACE>
+sudo RUST_LOG=info RUST_BACKTRACE=1 ./target/release/examples/p0f --interface <INTERFACE>
 ```
diff --git a/examples/p0f.rs b/examples/p0f.rs
@@ -1,8 +1,9 @@
 use clap::Parser;
-use log::debug;
+use log::{debug, info};
 use passivetcp_rs::db::Database;
 use passivetcp_rs::P0f;
-use pnet::datalink::{self, Config, NetworkInterface};
+use std::sync::mpsc;
+use std::thread;
 
 #[derive(Parser, Debug)]
 #[command(version, about, long_about = None)]
@@ -11,45 +12,31 @@ struct Args {
     interface: String,
 }
 
-fn start_capture(interface_name: &str, p0f: &mut P0f) {
-    let interfaces: Vec<NetworkInterface> = datalink::interfaces();
-    let interface = interfaces
-        .into_iter()
-        .find(|iface| iface.name == interface_name)
-        .expect("Could not find the interface");
-
-    let config = Config {
-        promiscuous: true,
-        ..Config::default()
-    };
-
-    let (_tx, mut rx) = match datalink::channel(&interface, config) {
-        Ok(datalink::Channel::Ethernet(tx, rx)) => (tx, rx),
-        Ok(_) => panic!("Unhandled channel type"),
-        Err(e) => panic!("Unable to create channel: {}", e),
-    };
-
-    loop {
-        match rx.next() {
-            Ok(packet) => {
-                let p0f_output = p0f.analyze_tcp(packet);
-                p0f_output.syn.map(|syn| println!("{}", syn));
-                p0f_output.syn_ack.map(|syn_ack| println!("{}", syn_ack));
-                p0f_output.mtu.map(|mtu| println!("{}", mtu));
-                p0f_output.uptime.map(|uptime| println!("{}", uptime));
-            }
-            Err(e) => eprintln!("Failed to read packet: {}", e),
-        }
-    }
-}
-
 fn main() {
+    env_logger::init();
     let args = Args::parse();
-    let interface_name = args.interface;
 
-    let db = Database::default();
+    let db = Box::leak(Box::new(Database::default()));
     debug!("Loaded database: {:?}", db);
 
-    let mut p0f = P0f::new(&db, 100);
-    start_capture(&interface_name, &mut p0f);
+    let (sender, receiver) = mpsc::channel();
+
+    thread::spawn(move || {
+        P0f::new(db, 100).analyze_network(&args.interface, sender);
+    });
+
+    for output in receiver {
+        if let Some(syn) = output.syn {
+            info!("{}", syn);
+        }
+        if let Some(syn_ack) = output.syn_ack {
+            info!("{}", syn_ack);
+        }
+        if let Some(mtu) = output.mtu {
+            info!("{}", mtu);
+        }
+        if let Some(uptime) = output.uptime {
+            info!("{}", uptime);
+        }
+    }
 }
diff --git a/src/db.rs b/src/db.rs
@@ -1,4 +1,5 @@
 use crate::{http, tcp};
+use log::error;
 use std::fmt;
 
 /// Represents the database used by `P0f` to store signatures and associated metadata.
@@ -56,7 +57,7 @@ impl Database {
                 .ok()
                 .and_then(|content| content.parse().ok())
                 .unwrap_or_else(|| {
-                    eprintln!(
+                    error!(
                         "Failed to load configuration from {}. Falling back to default.",
                         path
                     );