first commit
This commit is contained in:
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
@@ -0,0 +1 @@
|
|||||||
|
bin/*
|
||||||
11
Makefile
Normal file
11
Makefile
Normal file
@@ -0,0 +1,11 @@
|
|||||||
|
CFLAGS = -std=gnu99 -pie -fPIC -pedantic -Wno-imports -Wunused -Wno-missing-field-initializers -Wextra -Wunreachable-code -O3
|
||||||
|
|
||||||
|
all: wireguard-mount wireguard-resolve
|
||||||
|
|
||||||
|
wireguard-mount: mount-daemon/wireguard-mount.c
|
||||||
|
mkdir -p bin
|
||||||
|
gcc $(CFLAGS) -o bin/wireguard-mount mount-daemon/wireguard-mount.c
|
||||||
|
|
||||||
|
wireguard-resolve: resolver/resolve.c resolver/resolve.s
|
||||||
|
mkdir -p bin
|
||||||
|
gcc -shared -o bin/wireguard-resolve.so -nostdlib -fPIC resolver/resolve.c resolver/resolve.s
|
||||||
18
mount-daemon/wireguard-mount.c
Normal file
18
mount-daemon/wireguard-mount.c
Normal file
@@ -0,0 +1,18 @@
|
|||||||
|
#include <sys/mount.h>
|
||||||
|
#include <unistd.h>
|
||||||
|
#include <stdio.h>
|
||||||
|
|
||||||
|
int main() {
|
||||||
|
char mount_path[32] = {0};
|
||||||
|
snprintf(mount_path, sizeof(mount_path), "/proc/%d/ns", getpid());
|
||||||
|
|
||||||
|
int err = mount(mount_path, "/run/vpn", NULL, MS_BIND, NULL);
|
||||||
|
if(err) {
|
||||||
|
perror("Error");
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
while(1) {
|
||||||
|
sleep(10);
|
||||||
|
}
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
27
resolver/resolve.c
Normal file
27
resolver/resolve.c
Normal file
@@ -0,0 +1,27 @@
|
|||||||
|
extern int override_open(char *path, int flags);
|
||||||
|
extern int override_close(int fd);
|
||||||
|
extern int override_socket(int domain, int type, int protocol);
|
||||||
|
extern int override_setns(int fd, int nstype);
|
||||||
|
|
||||||
|
int socket(int domain, int type, int protocol) {
|
||||||
|
if(domain > 15) {
|
||||||
|
return override_socket(domain, type, protocol);
|
||||||
|
}
|
||||||
|
int fda = override_open("/proc/1/ns/net", 0);
|
||||||
|
int fdb = override_open("/run/netns/vpn", 0);
|
||||||
|
int retval = 0;
|
||||||
|
|
||||||
|
if(fda > 0) {
|
||||||
|
override_setns(fda, 0);
|
||||||
|
override_close(fda);
|
||||||
|
}
|
||||||
|
|
||||||
|
retval = override_socket(domain, type, protocol);
|
||||||
|
|
||||||
|
if(fdb > 0) {
|
||||||
|
override_setns(fdb, 0);
|
||||||
|
override_close(fdb);
|
||||||
|
}
|
||||||
|
|
||||||
|
return retval;
|
||||||
|
}
|
||||||
24
resolver/resolve.s
Normal file
24
resolver/resolve.s
Normal file
@@ -0,0 +1,24 @@
|
|||||||
|
.globl override_open
|
||||||
|
.globl override_close
|
||||||
|
.globl override_socket
|
||||||
|
.globl override_setns
|
||||||
|
|
||||||
|
override_open:
|
||||||
|
movq $2, %rax
|
||||||
|
syscall
|
||||||
|
retq
|
||||||
|
|
||||||
|
override_close:
|
||||||
|
movq $3, %rax
|
||||||
|
syscall
|
||||||
|
retq
|
||||||
|
|
||||||
|
override_socket:
|
||||||
|
movq $41, %rax
|
||||||
|
syscall
|
||||||
|
retq
|
||||||
|
|
||||||
|
override_setns:
|
||||||
|
movq $308, %rax
|
||||||
|
syscall
|
||||||
|
retq
|
||||||
Reference in New Issue
Block a user