Adding a new option to captool to exclude subnets traffic from being …

…captured (#264) adding -except option to exclude subnets traffic from being captured
refraction-networking · Nov 30, 2023 · 621c606 · 621c606
1 parent 5383308
commit 621c606
Show file tree

Hide file tree

Showing 2 changed files with 27 additions and 3 deletions.
diff --git a/util/captool/src/main.rs b/util/captool/src/main.rs
@@ -71,6 +71,10 @@ struct Args {
     #[arg(short, long)]
     t: String,
 
+    /// Excluded Subnet -- subnet to exclude from capturing
+    #[arg(long)]
+    except: Option<String>,
+
     /// Limits the total number of packets collected to N.
     #[arg(long)]
     lp: Option<u64>,
@@ -211,16 +215,25 @@ fn main() -> Result<(), Box<dyn Error>> {
     let limit_state = limits.into_limiter(key_list, Arc::clone(&flag));
 
     let limiter = if unlimited { None } else { Some(limit_state) };
-    let target_subnets = parse_targets(args.t);
+    let target_subnets = parse_subnets(args.t);
     if target_subnets.is_empty() {
         error!("no valid target subnets provided{HELP}");
         Err("no valid target subnets provided")?;
     }
 
+    let mut excepted_subnets = vec![];
+    match args.except{
+	Some(subnets) => {
+    	    excepted_subnets = parse_subnets(subnets);
+	}
+	None => {}
+    }
+
     let handler = Arc::new(Mutex::new(PacketHandler::create(
         &args.asn_db,
         &args.cc_db,
         target_subnets,
+        excepted_subnets,
         limiter,
         cc_list,
         asn_list,
@@ -520,7 +533,7 @@ fn read_packets<T, W>(
     debug!("thread {id} shutting down")
 }
 
-fn parse_targets(input: String) -> Vec<IpNet> {
+fn parse_subnets(input: String) -> Vec<IpNet> {
     // vec!["192.122.190.0/24".parse()?]
     if input.is_empty() {
         return vec![];
@@ -530,7 +543,7 @@ fn parse_targets(input: String) -> Vec<IpNet> {
     for s in input.split(',') {
         if let Ok(subnet) = s.trim().parse() {
             out.push(subnet);
-            debug!("adding target: {subnet}");
+            debug!("adding subnet: {subnet}");
         } else {
             warn!("failed to parse subnet: \"{s}\" continuing");
         }

diff --git a/util/captool/src/packet_handler.rs b/util/captool/src/packet_handler.rs
@@ -21,6 +21,9 @@ pub struct PacketHandler {
     // to anonymize.
     pub target_subnets: Vec<IpNet>,
 
+    // excepted_subnets is used to exclude subnets within target_subnets from capturing their traffic
+    pub excepted_subnets: Vec<IpNet>,
+
     // cc_filter allows us to rule out packets we are not interested in capturing before processing them
     pub cc_filter: Vec<String>,
     // asn_filter allows us to rule out packets we are not interested in capturing before processing them
@@ -117,6 +120,7 @@ impl PacketHandler {
         asn_path: &str,
         ccdb_path: &str,
         target_subnets: Vec<IpNet>,
+        excepted_subnets: Vec<IpNet>,
         limiter: Option<LimiterState>,
         cc_filter: Vec<String>,
         asn_filter: Vec<u32>,
@@ -127,6 +131,7 @@ impl PacketHandler {
             asn_reader: maxminddb::Reader::open_readfile(String::from(asn_path))?,
             cc_reader: maxminddb::Reader::open_readfile(String::from(ccdb_path))?,
             target_subnets,
+            excepted_subnets,
             cc_filter,
             asn_filter,
             limiter,
@@ -171,6 +176,12 @@ impl PacketHandler {
             return AnonymizeTypes::None;
         }
 
+	for excepted_subnet in &self.excepted_subnets {
+	    if excepted_subnet.contains(&src)  ||  excepted_subnet.contains(&dst) {
+		return AnonymizeTypes::None;
+	    }
+	}
+
         for target_subnet in &self.target_subnets {
             if target_subnet.contains(&src) {
                 return AnonymizeTypes::Download;