log challenge requests

This commit is contained in:
onyx-and-iris 2024-09-28 15:36:04 +01:00
parent 6cd90ae1dd
commit 2fc0f7a74f
3 changed files with 41 additions and 28 deletions

View File

@ -2,6 +2,7 @@ package udpproxy
import ( import (
"errors" "errors"
"fmt"
"net" "net"
"strings" "strings"
"time" "time"
@ -68,7 +69,7 @@ func (s *session) proxyFrom(buf []byte) error {
if s.isBadRconResponse(buf) { if s.isBadRconResponse(buf) {
log.Infof("Response: Bad rcon from %s", s.caddr.IP) log.Infof("Response: Bad rcon from %s", s.caddr.IP)
} else { } else {
log.Debugf("Response: %s", string(buf[10:])) log.Debugf("Response: %s", string(buf[len(s.rconResponseHeader):]))
} }
} }
@ -77,7 +78,13 @@ func (s *session) proxyFrom(buf []byte) error {
func (s *session) proxyTo(buf []byte) error { func (s *session) proxyTo(buf []byte) error {
if !s.isValidRequestPacket(buf) { if !s.isValidRequestPacket(buf) {
err := errors.New("not a rcon or query request packet") var err error
if s.isChallengeRequestPacket(buf) {
parts := strings.SplitN(string(buf), " ", 3)
err = fmt.Errorf("invalid challenge from %s with GUID: %s", s.caddr.IP, parts[len(parts)-1])
} else {
err = errors.New("not a rcon or query request packet")
}
log.Error(err.Error()) log.Error(err.Error())
return err return err
} }

View File

@ -53,8 +53,8 @@ func (c *Client) ListenAndServe() error {
log.Error(err) log.Error(err)
} }
session, found := c.sessions[caddr.String()] session, ok := c.sessions[caddr.String()]
if !found { if !ok {
session, err = newSession(caddr, c.raddr, c.proxyConn) session, err = newSession(caddr, c.raddr, c.proxyConn)
if err != nil { if err != nil {
log.Error(err) log.Error(err)

View File

@ -3,57 +3,63 @@ package udpproxy
import "bytes" import "bytes"
type validator struct { type validator struct {
rconRequestHeader []byte rconRequestHeader []byte
getstatusRequestHeader []byte getstatusRequestHeader []byte
getinfoRequestHeader []byte getinfoRequestHeader []byte
rconResponseHeader []byte getchallengeRequestHeader []byte
getstatusResponseHeader []byte rconResponseHeader []byte
getinfoResponseHeader []byte getstatusResponseHeader []byte
badRconIdentifier []byte getinfoResponseHeader []byte
badRconIdentifier []byte
} }
func newValidator() validator { func newValidator() validator {
v := validator{} return validator{
v.rconRequestHeader = []byte("\xff\xff\xff\xffrcon") rconRequestHeader: []byte("\xff\xff\xff\xffrcon"),
v.getstatusRequestHeader = []byte("\xff\xff\xff\xffgetstatus") getstatusRequestHeader: []byte("\xff\xff\xff\xffgetstatus"),
v.getinfoRequestHeader = []byte("\xff\xff\xff\xffgetinfo") getinfoRequestHeader: []byte("\xff\xff\xff\xffgetinfo"),
v.rconResponseHeader = []byte("\xff\xff\xff\xffprint\n") getchallengeRequestHeader: []byte("\xff\xff\xff\xffgetchallenge"),
v.getstatusResponseHeader = []byte("\xff\xff\xff\xffstatusResponse\n") rconResponseHeader: []byte("\xff\xff\xff\xffprint\n"),
v.getinfoResponseHeader = []byte("\xff\xff\xff\xffinfoResponse\n") getstatusResponseHeader: []byte("\xff\xff\xff\xffstatusResponse\n"),
v.badRconIdentifier = []byte("Bad rcon") getinfoResponseHeader: []byte("\xff\xff\xff\xffinfoResponse\n"),
return v badRconIdentifier: []byte("Bad rcon"),
}
} }
func (v *validator) compare(buf, c []byte) bool { func (v validator) compare(buf, c []byte) bool {
return bytes.Equal(buf[:len(c)], c) return bytes.Equal(buf[:len(c)], c)
} }
func (v *validator) isRconRequestPacket(buf []byte) bool { func (v validator) isRconRequestPacket(buf []byte) bool {
return v.compare(buf, v.rconRequestHeader) return v.compare(buf, v.rconRequestHeader)
} }
func (v *validator) isQueryRequestPacket(buf []byte) bool { func (v validator) isQueryRequestPacket(buf []byte) bool {
return v.compare(buf, v.getstatusRequestHeader) || return v.compare(buf, v.getstatusRequestHeader) ||
v.compare(buf, v.getinfoRequestHeader) v.compare(buf, v.getinfoRequestHeader)
} }
func (v *validator) isValidRequestPacket(buf []byte) bool { func (v validator) isValidRequestPacket(buf []byte) bool {
return v.isRconRequestPacket(buf) || v.isQueryRequestPacket(buf) return v.isRconRequestPacket(buf) || v.isQueryRequestPacket(buf)
} }
func (v *validator) isRconResponsePacket(buf []byte) bool { func (v validator) isChallengeRequestPacket(buf []byte) bool {
return v.compare(buf, v.getchallengeRequestHeader)
}
func (v validator) isRconResponsePacket(buf []byte) bool {
return v.compare(buf, v.rconResponseHeader) return v.compare(buf, v.rconResponseHeader)
} }
func (v *validator) isQueryResponsePacket(buf []byte) bool { func (v validator) isQueryResponsePacket(buf []byte) bool {
return v.compare(buf, v.getstatusResponseHeader) || return v.compare(buf, v.getstatusResponseHeader) ||
v.compare(buf, v.getinfoResponseHeader) v.compare(buf, v.getinfoResponseHeader)
} }
func (v *validator) isValidResponsePacket(buf []byte) bool { func (v validator) isValidResponsePacket(buf []byte) bool {
return v.isRconResponsePacket(buf) || v.isQueryResponsePacket(buf) return v.isRconResponsePacket(buf) || v.isQueryResponsePacket(buf)
} }
func (v *validator) isBadRconResponse(buf []byte) bool { func (v validator) isBadRconResponse(buf []byte) bool {
return v.compare(buf[len(v.rconResponseHeader):], v.badRconIdentifier) return v.compare(buf[len(v.rconResponseHeader):], v.badRconIdentifier)
} }