IMBENJI.NET/waylume_server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix scan count condition for debugging networking

Browse Source
This commit is contained in:
ImBenji
2025-08-29 15:33:31 +01:00
parent 84263c0f63
commit d532491c7c
1 changed files with 71 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

101
lib/services/protocol_blocking_service.dart
View File

@@ -1,4 +1,5 @@
import 'dart:async'; import 'dart:async';
import 'dart:convert';
import 'dart:io'; import 'dart:io';
import 'package:waylume_server/services/vpn_session_service.dart'; import 'package:waylume_server/services/vpn_session_service.dart';
@@ -91,44 +92,84 @@ class ProtocolBlockingService {
} }
} }
static Process? _continuousMonitor;
static StreamSubscription? _monitorSubscription;
static Future<void> _monitorPeerTraffic() async { static Future<void> _monitorPeerTraffic() async {
// Monitor FORWARDED traffic (after VPN decryption, before internet) // Start continuous monitoring if not already running
if (_continuousMonitor == null) {
await _startContinuousMonitoring();
}
}
static Future<void> _startContinuousMonitoring() async {
try { try {
final process = await Process.start('timeout', [ print('🔄 Starting continuous packet monitoring...');
'0.1', // Very short timeout _continuousMonitor = await Process.start('tcpdump', [
'tcpdump',
'-i', 'any', '-i', 'any',
'-c', '1', '-l', // Line buffered for real-time output
'-v', // Verbose '-v', // Verbose
// Only capture forwarded packets from VPN peers to internet // Only capture forwarded packets from VPN peers to internet
'src net 10.0.0.0/24 and not dst net 10.0.0.0/24', 'src net 10.0.0.0/24 and not dst net 10.0.0.0/24',
]); ]);
final output = <String>[]; _monitorSubscription = _continuousMonitor!.stdout
await for (final data in process.stdout) { .transform(utf8.decoder)
output.add(String.fromCharCodes(data)); .transform(LineSplitter())
} .listen((line) async {
if (line.trim().isNotEmpty) {
final exitCode = await process.exitCode; await _processCapturedPacket(line.trim());
process.kill(); }
});
if (exitCode == 0 && output.isNotEmpty) {
final packetData = output.join().trim(); // Handle process errors
print('📦 DECRYPTED VPN TRAFFIC TO INTERNET: $packetData'); _continuousMonitor!.stderr
.transform(utf8.decoder)
// Check if it's from our monitored peers .listen((error) {
for (final peerIP in _activePeerIPs) { if (!error.contains('listening on')) {
if (packetData.contains(peerIP)) { print('❌ tcpdump error: $error');
print('🎯 PEER TRAFFIC FROM $peerIP: $packetData'); }
await _analyzeNewPacket(packetData, peerIP); });
break;
}
}
}
} catch (e) { } catch (e) {
// Ignore timeout errors - normal when no packets print('❌ Failed to start continuous monitoring: $e');
if (!e.toString().contains('timeout') && !e.toString().contains('No such device')) { }
print('❌ Error monitoring traffic: $e'); }
static Future<void> _processCapturedPacket(String packetLine) async {
print('📦 DECRYPTED VPN TRAFFIC: $packetLine');
// Check if it's from our monitored peers and analyze
for (final peerIP in _activePeerIPs) {
if (packetLine.contains(peerIP)) {
print('🎯 PEER TRAFFIC FROM $peerIP: $packetLine');
await _analyzePacketLine(packetLine, peerIP);
break;
}
}
}
static Future<void> _analyzePacketLine(String packetLine, String peerIP) async {
// Simple protocol detection from packet line
String? protocol;
if (packetLine.toLowerCase().contains('bittorrent') ||
packetLine.contains(':6881') || packetLine.contains(':6882')) {
protocol = 'BitTorrent';
} else if (packetLine.contains('.https:') || packetLine.contains(':443')) {
protocol = 'HTTPS';
} else if (packetLine.contains('.http:') || packetLine.contains(':80')) {
protocol = 'HTTP';
} else if (packetLine.contains('.ssh:') || packetLine.contains(':22')) {
protocol = 'SSH';
}
if (protocol != null) {
print('🎯 PROTOCOL DETECTED: $protocol');
if (['BitTorrent', 'P2P'].contains(protocol)) {
print('🚫 BLOCKING PROTOCOL: $protocol');
} else {
print('✅ ALLOWING PROTOCOL: $protocol');
} }
} }
} }