Add logging functions to be used with splitting logic

src/firewall/logging.cpp

@@ -0,0 +1,333 @@
+#include "logging.h"
+#include "../util.h"
+
+#include "../trace.h"
+#include "logging.tmh"
+
+namespace firewall
+{
+
+void
+LogBindRedirect
+(
+	HANDLE ProcessId,
+	const SOCKADDR_IN *Target,
+	const IN_ADDR *Override
+)
+{
+	char targetString[32];
+	char overrideString[32];
+
+	RtlIpv4AddressToStringA(&Target->sin_addr, targetString);
+	RtlIpv4AddressToStringA(Override, overrideString);
+
+	const auto port = ntohs(Target->sin_port);
+
+	DbgPrint
+	(
+		"[BIND][%p] Rewriting Non-TCP bind request %s:%d into %s:%d\n",
+		ProcessId,
+		targetString,
+		port,
+		overrideString,
+		port
+	);
+}
+
+void
+LogBindRedirect
+(
+	HANDLE ProcessId,
+	const SOCKADDR_IN6 *Target,
+	const IN6_ADDR *Override
+)
+{
+	char targetString[64];
+	char overrideString[64];
+
+	RtlIpv6AddressToStringA(&Target->sin6_addr, targetString);
+	RtlIpv6AddressToStringA(Override, overrideString);
+
+	const auto port = ntohs(Target->sin6_port);
+
+	DbgPrint
+	(
+		"[BIND][%p] Rewriting Non-TCP bind request [%s]:%d into [%s]:%d\n",
+		ProcessId,
+		targetString,
+		port,
+		overrideString,
+		port
+	);
+}
+
+void
+LogConnectRedirectPass
+(
+	HANDLE ProcessId,
+	const IN_ADDR *LocalAddress,
+	USHORT LocalPort,
+	const IN_ADDR *RemoteAddress,
+	USHORT RemotePort
+)
+{
+	char localAddrString[32];
+	char remoteAddrString[32];
+
+	RtlIpv4AddressToStringA(LocalAddress, localAddrString);
+	RtlIpv4AddressToStringA(RemoteAddress, remoteAddrString);
+
+	DbgPrint
+	(
+		"[CONN][%p] Passing on opportunity to redirect %s:%d -> %s:%d\n",
+		ProcessId,
+		localAddrString,
+		LocalPort,
+		remoteAddrString,
+		RemotePort
+	);
+}
+
+void
+LogConnectRedirectPass
+(
+	HANDLE ProcessId,
+	const IN6_ADDR *LocalAddress,
+	USHORT LocalPort,
+	const IN6_ADDR *RemoteAddress,
+	USHORT RemotePort
+)
+{
+	char localAddrString[64];
+	char remoteAddrString[64];
+
+	RtlIpv6AddressToStringA(LocalAddress, localAddrString);
+	RtlIpv6AddressToStringA(RemoteAddress, remoteAddrString);
+
+	DbgPrint
+	(
+		"[CONN][%p] Passing on opportunity to redirect [%s]:%d -> [%s]:%d\n",
+		ProcessId,
+		localAddrString,
+		LocalPort,
+		remoteAddrString,
+		RemotePort
+	);
+}
+
+void
+LogConnectRedirect
+(
+	HANDLE ProcessId,
+	const IN_ADDR *LocalAddress,
+	USHORT LocalPort,
+	const IN_ADDR *LocalAddressOverride,
+	const IN_ADDR *RemoteAddress,
+	USHORT RemotePort
+)
+{
+	char localAddrString[32];
+	char localAddrOverrideString[32];
+	char remoteAddrString[32];
+
+	RtlIpv4AddressToStringA(LocalAddress, localAddrString);
+	RtlIpv4AddressToStringA(LocalAddressOverride, localAddrOverrideString);
+	RtlIpv4AddressToStringA(RemoteAddress, remoteAddrString);
+
+	DbgPrint
+	(
+		"[CONN][%p] Rewriting connection on %s:%d as %s:%d -> %s:%d\n",
+		ProcessId,
+		localAddrString,
+		LocalPort,
+		localAddrOverrideString,
+		LocalPort,
+		remoteAddrString,
+		RemotePort
+	);
+}
+
+void
+LogConnectRedirect
+(
+	HANDLE ProcessId,
+	const IN6_ADDR *LocalAddress,
+	USHORT LocalPort,
+	const IN6_ADDR *LocalAddressOverride,
+	const IN6_ADDR *RemoteAddress,
+	USHORT RemotePort
+)
+{
+	char localAddrString[64];
+	char localAddrOverrideString[64];
+	char remoteAddrString[64];
+
+	RtlIpv6AddressToStringA(LocalAddress, localAddrString);
+	RtlIpv6AddressToStringA(LocalAddressOverride, localAddrOverrideString);
+	RtlIpv6AddressToStringA(RemoteAddress, remoteAddrString);
+
+	DbgPrint
+	(
+		"[CONN][%p] Rewriting connection on [%s]:%d as [%s]:%d -> [%s]:%d\n",
+		ProcessId,
+		localAddrString,
+		LocalPort,
+		localAddrOverrideString,
+		LocalPort,
+		remoteAddrString,
+		RemotePort
+	);
+}
+
+void
+LogPermitConnection
+(
+	HANDLE ProcessId,
+	const IN_ADDR *LocalAddress,
+	USHORT LocalPort,
+	const IN_ADDR *RemoteAddress,
+	USHORT RemotePort,
+	bool outgoing
+)
+{
+	char localAddrString[32];
+	char remoteAddrString[32];
+
+	RtlIpv4AddressToStringA(LocalAddress, localAddrString);
+	RtlIpv4AddressToStringA(RemoteAddress, remoteAddrString);
+
+	const auto direction = outgoing
+		? "->"
+		: "<-";
+
+	DbgPrint
+	(
+		"[PRMT][%p] %s:%d %s %s:%d\n",
+		ProcessId,
+		localAddrString,
+		LocalPort,
+		direction,
+		remoteAddrString,
+		RemotePort
+	);
+}
+
+void
+LogPermitConnection
+(
+	HANDLE ProcessId,
+	const IN6_ADDR *LocalAddress,
+	USHORT LocalPort,
+	const IN6_ADDR *RemoteAddress,
+	USHORT RemotePort,
+	bool outgoing
+)
+{
+	char localAddrString[64];
+	char remoteAddrString[64];
+
+	RtlIpv6AddressToStringA(LocalAddress, localAddrString);
+	RtlIpv6AddressToStringA(RemoteAddress, remoteAddrString);
+
+	const auto direction = outgoing
+		? "->"
+		: "<-";
+
+	DbgPrint
+	(
+		"[PRMT][%p] [%s]:%d %s [%s]:%d\n",
+		ProcessId,
+		localAddrString,
+		LocalPort,
+		direction,
+		remoteAddrString,
+		RemotePort
+	);
+}
+
+void
+LogBlockConnection
+(
+	HANDLE ProcessId,
+	const IN_ADDR *LocalAddress,
+	USHORT LocalPort,
+	const IN_ADDR *RemoteAddress,
+	USHORT RemotePort,
+	bool outgoing
+)
+{
+	char localAddrString[32];
+	char remoteAddrString[32];
+
+	RtlIpv4AddressToStringA(LocalAddress, localAddrString);
+	RtlIpv4AddressToStringA(RemoteAddress, remoteAddrString);
+
+	const auto direction = outgoing
+		? "->"
+		: "<-";
+
+	DbgPrint
+	(
+		"[BLCK][%p] %s:%d %s %s:%d\n",
+		ProcessId,
+		localAddrString,
+		LocalPort,
+		direction,
+		remoteAddrString,
+		RemotePort
+	);
+}
+
+void
+LogBlockConnection
+(
+	HANDLE ProcessId,
+	const IN6_ADDR *LocalAddress,
+	USHORT LocalPort,
+	const IN6_ADDR *RemoteAddress,
+	USHORT RemotePort,
+	bool outgoing
+)
+{
+	char localAddrString[64];
+	char remoteAddrString[64];
+
+	RtlIpv6AddressToStringA(LocalAddress, localAddrString);
+	RtlIpv6AddressToStringA(RemoteAddress, remoteAddrString);
+
+	const auto direction = outgoing
+		? "->"
+		: "<-";
+
+	DbgPrint
+	(
+		"[BLCK][%p] [%s]:%d %s [%s]:%d\n",
+		ProcessId,
+		localAddrString,
+		LocalPort,
+		direction,
+		remoteAddrString,
+		RemotePort
+	);
+}
+
+void
+LogActivatedSplittingMode
+(
+	SPLITTING_MODE Mode
+)
+{
+	//
+	// This only works because SPLITTING_MODE::MODE_1 is defined as 1, etc.
+	//
+
+	NT_ASSERT
+	(
+		static_cast<SIZE_T>(SPLITTING_MODE::MODE_1) == 1
+		&& static_cast<SIZE_T>(SPLITTING_MODE::MODE_9) == 9
+	);
+
+	DbgPrint("Activated splitting mode: %d\n", Mode);
+}
+
+}; // namespace firewall

src/firewall/logging.h

@@ -0,0 +1,117 @@
+#pragma once
+
+#include "wfp.h"
+#include "mode.h"
+
+namespace firewall
+{
+
+void
+LogBindRedirect
+(
+	HANDLE ProcessId,
+	const SOCKADDR_IN *Target,
+	const IN_ADDR *Override
+);
+
+void
+LogBindRedirect
+(
+	HANDLE ProcessId,
+	const SOCKADDR_IN6 *Target,
+	const IN6_ADDR *Override
+);
+
+void
+LogConnectRedirectPass
+(
+	HANDLE ProcessId,
+	const IN_ADDR *LocalAddress,
+	USHORT LocalPort,
+	const IN_ADDR *RemoteAddress,
+	USHORT RemotePort
+);
+
+void
+LogConnectRedirectPass
+(
+	HANDLE ProcessId,
+	const IN6_ADDR *LocalAddress,
+	USHORT LocalPort,
+	const IN6_ADDR *RemoteAddress,
+	USHORT RemotePort
+);
+
+void
+LogConnectRedirect
+(
+	HANDLE ProcessId,
+	const IN_ADDR *LocalAddress,
+	USHORT LocalPort,
+	const IN_ADDR *LocalAddressOverride,
+	const IN_ADDR *RemoteAddress,
+	USHORT RemotePort
+);
+
+void
+LogConnectRedirect
+(
+	HANDLE ProcessId,
+	const IN6_ADDR *LocalAddress,
+	USHORT LocalPort,
+	const IN6_ADDR *LocalAddressOverride,
+	const IN6_ADDR *RemoteAddress,
+	USHORT RemotePort
+);
+
+void
+LogPermitConnection
+(
+	HANDLE ProcessId,
+	const IN_ADDR *LocalAddress,
+	USHORT LocalPort,
+	const IN_ADDR *RemoteAddress,
+	USHORT RemotePort,
+	bool outgoing
+);
+
+void
+LogPermitConnection
+(
+	HANDLE ProcessId,
+	const IN6_ADDR *LocalAddress,
+	USHORT LocalPort,
+	const IN6_ADDR *RemoteAddress,
+	USHORT RemotePort,
+	bool outgoing
+);
+
+void
+LogBlockConnection
+(
+	HANDLE ProcessId,
+	const IN_ADDR *LocalAddress,
+	USHORT LocalPort,
+	const IN_ADDR *RemoteAddress,
+	USHORT RemotePort,
+	bool outgoing
+);
+
+void
+LogBlockConnection
+(
+	HANDLE ProcessId,
+	const IN6_ADDR *LocalAddress,
+	USHORT LocalPort,
+	const IN6_ADDR *RemoteAddress,
+	USHORT RemotePort,
+	bool outgoing
+);
+
+void
+LogActivatedSplittingMode
+(
+	SPLITTING_MODE Mode
+);
+
+}; // namespace firewall

src/mullvad-split-tunnel.vcxproj

@@ -208,6 +208,7 @@
     <ClCompile Include="firewall\callouts.cpp" />
     <ClCompile Include="firewall\filters.cpp" />
     <ClCompile Include="firewall\firewall.cpp" />
+    <ClCompile Include="firewall\logging.cpp" />
     <ClCompile Include="firewall\mode.cpp" />
     <ClCompile Include="ioctl.cpp" />
     <ClCompile Include="ipaddr.cpp" />
@@ -242,6 +243,7 @@
     <ClInclude Include="firewall\filters.h" />
     <ClInclude Include="firewall\firewall.h" />
     <ClInclude Include="firewall\identifiers.h" />
+    <ClInclude Include="firewall\logging.h" />
     <ClInclude Include="firewall\mode.h" />
     <ClInclude Include="firewall\wfp.h" />
     <ClInclude Include="ioctl.h" />

src/mullvad-split-tunnel.vcxproj.filters

@@ -45,6 +45,9 @@
     <ClCompile Include="firewall\appfilters.cpp">
       <Filter>firewall</Filter>
     </ClCompile>
+    <ClCompile Include="firewall\logging.cpp">
+      <Filter>firewall</Filter>
+    </ClCompile>
   </ItemGroup>
   <ItemGroup>
     <Inf Include="mullvad-split-tunnel.inf" />
@@ -147,6 +150,9 @@
       <Filter>firewall</Filter>
     </ClInclude>
     <ClInclude Include="trace.h" />
+    <ClInclude Include="firewall\logging.h">
+      <Filter>firewall</Filter>
+    </ClInclude>
   </ItemGroup>
   <ItemGroup>
     <Filter Include="firewall">