diff --git a/README.md b/README.md index 075e7a0..41574c3 100644 --- a/README.md +++ b/README.md @@ -290,12 +290,27 @@ tcpdump: pcap_loop: The interface disappeared 0 packets dropped by kernel ``` -### Logging Policy +## Logging -* `ERR`: any error - will always be displayed. -* `WARN`, `-v`: responses sent by `masscanned`. -* `INFO`, `-vv`: packets not handled, packets ignored. -* `DEBUG`, `-vvv`: all packets received and sent by `masscanned`. +### Console Logger + +**Verbs**: +* `init` +* `recv` +* `send` +* `drop` + +#### ARP + +``` +$ts arp $verb $operation $client_mac $client_ip $masscanned_mac $masscanned_ip +``` + +#### Ethernet + +``` +$ts eth $verb $ethertype $client_mac $masscanned_mac +``` ## To Do diff --git a/src/layer_2/arp.rs b/src/layer_2/arp.rs index edea343..2df1b10 100644 --- a/src/layer_2/arp.rs +++ b/src/layer_2/arp.rs @@ -35,7 +35,7 @@ pub fn repl<'a, 'b>( /* Build ARP answer depending of the type of request */ match arp_req.get_operation() { ArpOperations::Request => { - masscanned.log.arp_recv_whohas(arp_req); + masscanned.log.arp_recv(arp_req); let ip = IpAddr::V4(arp_req.get_target_proto_addr()); /* Ignore ARP requests for IP addresses not handled by masscanned */ if let Some(ip_addr_list) = masscanned.ip_addresses { @@ -51,7 +51,7 @@ pub fn repl<'a, 'b>( arp_repl.set_target_hw_addr(arp_req.get_sender_hw_addr().to_owned()); arp_repl.set_target_proto_addr(arp_req.get_sender_proto_addr().to_owned()); arp_repl.set_sender_proto_addr(arp_req.get_target_proto_addr().to_owned()); - masscanned.log.arp_send_isat(&arp_repl); + masscanned.log.arp_send(&arp_repl); } _ => { info!("ARP Operation not handled: {:?}", arp_repl.get_operation()); diff --git a/src/utils/loggers.rs b/src/utils/loggers.rs index a194368..e1a03f4 100644 --- a/src/utils/loggers.rs +++ b/src/utils/loggers.rs @@ -14,6 +14,8 @@ // You should have received a copy of the GNU General Public License // along with Masscanned. If not, see . +use std::time::SystemTime; + use pnet::packet::{ arp::{ArpPacket, MutableArpPacket}, ethernet::{EthernetPacket, MutableEthernetPacket}, @@ -29,10 +31,8 @@ pub trait Logger { true } fn arp_recv(&self, _p: &ArpPacket) {} - fn arp_recv_whohas(&self, _p: &ArpPacket) {} fn arp_drop(&self, _p: &ArpPacket) {} fn arp_send(&self, _p: &MutableArpPacket) {} - fn arp_send_isat(&self, _p: &MutableArpPacket) {} /* Ethernet */ fn eth_enabled(&self) -> bool { true @@ -54,12 +54,22 @@ impl ConsoleLogger { eth: true, } } + fn prolog(&self, proto: &str, verb: &str, crlf: bool) { + let now = SystemTime::now().duration_since(SystemTime::UNIX_EPOCH).unwrap(); + print!("{}.{}\t{}\t{}{}", + now.as_secs(), + now.subsec_millis(), + proto, + verb, + if crlf { "\n" } else { "\t" }, + ); + } } impl Logger for ConsoleLogger { fn init(&self) { - println!("arp::init"); - println!("eth::init"); + self.prolog("arp", "init", true); + self.prolog("eth", "init", true); } fn arp_enabled(&self) -> bool { self.arp @@ -67,42 +77,61 @@ impl Logger for ConsoleLogger { fn eth_enabled(&self) -> bool { self.eth } - fn arp_recv_whohas(&self, p: &ArpPacket) { + fn arp_recv(&self, p: &ArpPacket) { + self.prolog("arp", "recv", false); println!( - "arp::recv\twho-has\t{:}\t{:}\t{:}", - p.get_sender_hw_addr(), - p.get_target_hw_addr(), - p.get_target_proto_addr() - ); - } - fn arp_send_isat(&self, p: &MutableArpPacket) { - println!( - "arp::send\tis-at\t{:}\t{:}\t{:}\t{:}", + "{:?}\t{:}\t{:}\t{:}\t{:}", + p.get_operation(), p.get_sender_hw_addr(), p.get_sender_proto_addr(), p.get_target_hw_addr(), - p.get_target_proto_addr() + p.get_target_proto_addr(), + ); + } + fn arp_send(&self, p: &MutableArpPacket) { + self.prolog("arp", "send", false); + println!( + "{:?}\t{:}\t{:}\t{:}\t{:}", + p.get_operation(), + p.get_target_hw_addr(), + p.get_target_proto_addr(), + p.get_sender_hw_addr(), + p.get_sender_proto_addr(), + ); + } + fn arp_drop(&self, p: &ArpPacket) { + self.prolog("arp", "drop", false); + println!( + "{:?}\t{:}\t{:}\t{:}\t{:}", + p.get_operation(), + p.get_target_hw_addr(), + p.get_target_proto_addr(), + p.get_sender_hw_addr(), + p.get_sender_proto_addr(), ); } fn eth_recv(&self, p: &EthernetPacket, _c: &ClientInfo) { + self.prolog("eth", "recv", false); println!( - "eth::recv\t{:}\t{:}\t{:}", + "{:}\t{:}\t{:}", p.get_ethertype(), p.get_source(), p.get_destination(), ); } fn eth_drop(&self, p: &EthernetPacket, _c: &ClientInfo) { + self.prolog("eth", "drop", false); println!( - "eth::drop\t{:}\t{:}\t{:}", + "{:}\t{:}\t{:}", p.get_ethertype(), p.get_source(), p.get_destination(), ); } fn eth_send(&self, p: &MutableEthernetPacket, _c: &ClientInfo) { + self.prolog("eth", "send", false); println!( - "eth::send\t{:}\t{:}\t{:}", + "{:}\t{:}\t{:}", p.get_ethertype(), p.get_destination(), p.get_source(), @@ -135,13 +164,6 @@ impl MetaLogger { } } } - pub fn arp_recv_whohas(&self, p: &ArpPacket) { - for l in &self.loggers { - if l.arp_enabled() { - l.arp_recv_whohas(p); - } - } - } pub fn arp_drop(&self, p: &ArpPacket) { for l in &self.loggers { if l.arp_enabled() { @@ -156,13 +178,6 @@ impl MetaLogger { } } } - pub fn arp_send_isat(&self, p: &MutableArpPacket) { - for l in &self.loggers { - if l.arp_enabled() { - l.arp_send_isat(p); - } - } - } pub fn eth_recv(&self, p: &EthernetPacket, c: &ClientInfo) { for l in &self.loggers { if l.eth_enabled() {