sad/blackwall
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix issue with port ident

Browse Source
This commit is contained in:
sad 2024-10-06 17:26:00 +00:00
parent be335a4346
commit 1d7aef0846
1 changed files with 29 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
src/main.rs
View File

@ -129,13 +129,13 @@ fn parse_connections(
let address_parts: Vec<&str> = local_address.split(':').collect(); let address_parts: Vec<&str> = local_address.split(':').collect();
if address_parts.len() == 2 { if address_parts.len() == 2 {
let ip = if is_ipv6 { let ip = if is_ipv6 {
IpAddr::V6(parse_ipv6(address_parts[0])?) IpAddr::V6(parse_ipv6(&address_parts[0])?)
} else { } else {
IpAddr::V4(parse_ipv4(address_parts[0])?) IpAddr::V4(parse_ipv4(&address_parts[0])?)
}; };
let port = u16::from_str_radix(address_parts[1], 16)?; let port = u16::from_str_radix(address_parts[1], 16)?;
let process_name = get_process_name(inode_to_pid.get(inode))?; let process_name = get_process_name(inode_to_pid.get(inode))?;
let (connection_type, state) = determine_connection_type(&port_type, state_hex, remote_address); let (connection_type, state) = determine_connection_type(&port_type, state_hex, local_address, remote_address);
let port_info = PortInfo { let port_info = PortInfo {
number: port, number: port,
port_type: port_type.clone(), port_type: port_type.clone(),
@ -150,22 +150,33 @@ fn parse_connections(
Ok(()) Ok(())
} }
fn determine_connection_type(port_type: &PortType, state_hex: &str, remote_address: &str) -> (ConnectionType, String) { fn determine_connection_type(port_type: &PortType, state_hex: &str, local_address: &str, remote_address: &str) -> (ConnectionType, String) {
let state = u8::from_str_radix(state_hex, 16).unwrap_or(0); let state = u8::from_str_radix(state_hex, 16).unwrap_or(0);
match port_type { match port_type {
PortType::TCP => match state { PortType::TCP => {
1 => (ConnectionType::Client, "ESTABLISHED".to_string()), match state {
2 => (ConnectionType::Client, "SYN_SENT".to_string()), 1 => {
3 => (ConnectionType::Server, "SYN_RECV".to_string()), // ESTABLISHED: Check if the remote port is 0 (unlikely for a client)
4 => (ConnectionType::Server, "FIN_WAIT1".to_string()), let remote_port = u16::from_str_radix(remote_address.split(':').last().unwrap_or("0"), 16).unwrap_or(0);
5 => (ConnectionType::Server, "FIN_WAIT2".to_string()), if remote_port == 0 {
6 => (ConnectionType::Client, "TIME_WAIT".to_string()), (ConnectionType::Server, "ESTABLISHED".to_string())
7 => (ConnectionType::Server, "CLOSE".to_string()), } else {
8 => (ConnectionType::Server, "CLOSE_WAIT".to_string()), (ConnectionType::Client, "ESTABLISHED".to_string())
9 => (ConnectionType::Client, "LAST_ACK".to_string()), }
10 => (ConnectionType::Server, "LISTEN".to_string()), },
11 => (ConnectionType::Server, "CLOSING".to_string()), 2 => (ConnectionType::Client, "SYN_SENT".to_string()),
_ => (ConnectionType::Unknown, format!("UNKNOWN ({})", state)), 3 => (ConnectionType::Server, "SYN_RECV".to_string()),
4 => (ConnectionType::Unknown, "FIN_WAIT1".to_string()),
5 => (ConnectionType::Unknown, "FIN_WAIT2".to_string()),
6 => (ConnectionType::Client, "TIME_WAIT".to_string()),
7 => (ConnectionType::Unknown, "CLOSE".to_string()),
8 => (ConnectionType::Client, "CLOSE_WAIT".to_string()),
9 => (ConnectionType::Client, "LAST_ACK".to_string()),
10 => (ConnectionType::Server, "LISTEN".to_string()),
11 => (ConnectionType::Unknown, "CLOSING".to_string()),
_ => (ConnectionType::Unknown, format!("UNKNOWN ({})", state)),
}
}, },
PortType::UDP => { PortType::UDP => {
if remote_address == "00000000:0000" { if remote_address == "00000000:0000" {
@ -177,6 +188,7 @@ fn determine_connection_type(port_type: &PortType, state_hex: &str, remote_addre
} }
} }
fn get_process_name(pid: Option<&u32>) -> Result<String, Box<dyn std::error::Error>> { fn get_process_name(pid: Option<&u32>) -> Result<String, Box<dyn std::error::Error>> {
match pid { match pid {
Some(&pid) => { Some(&pid) => {