This collector reports all listening TCP and UDP sockets/ports.
static const char imc_name[] = "Android";
static pen_type_t msg_types[] = {
- { PEN_IETF, PA_SUBTYPE_IETF_OPERATING_SYSTEM }
+ { PEN_IETF, PA_SUBTYPE_IETF_OPERATING_SYSTEM },
+ { PEN_IETF, PA_SUBTYPE_IETF_VPN },
};
static imc_agent_t *imc_android;
import org.strongswan.android.logic.imc.attributes.AttributeType;
import org.strongswan.android.logic.imc.collectors.Collector;
import org.strongswan.android.logic.imc.collectors.InstalledPackagesCollector;
+import org.strongswan.android.logic.imc.collectors.PortFilterCollector;
import org.strongswan.android.logic.imc.collectors.ProductInformationCollector;
import org.strongswan.android.logic.imc.collectors.StringVersionCollector;
case IETF_STRING_VERSION:
collector = new StringVersionCollector();
break;
+ case IETF_PORT_FILTER:
+ collector = new PortFilterCollector();
+ break;
case IETF_INSTALLED_PACKAGES:
collector = new InstalledPackagesCollector(mContext);
break;
--- /dev/null
+/*
+ * Copyright (C) 2013 Tobias Brunner
+ * Copyright (C) 2012 Christoph Buehler
+ * Copyright (C) 2012 Patrick Loetscher
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+package org.strongswan.android.logic.imc.attributes;
+
+import java.util.LinkedList;
+
+import org.strongswan.android.logic.imc.collectors.Protocol;
+import org.strongswan.android.utils.BufferedByteWriter;
+
+import android.util.Pair;
+
+/**
+ * PA-TNC Port Filter attribute (see section 4.2.6 of RFC 5792)
+ *
+ * 1 2 3
+ * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * | Reserved |B| Protocol | Port Number |
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * | Reserved |B| Protocol | Port Number |
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ */
+public class PortFilterAttribute implements Attribute
+{
+ private final LinkedList<Pair<Protocol, Short>> mPorts = new LinkedList<Pair<Protocol, Short>>();
+
+ /**
+ * Add an open port with the given protocol and port number
+ * @param protocol transport protocol
+ * @param port port number
+ */
+ public void addPort(Protocol protocol, short port)
+ {
+ mPorts.add(new Pair<Protocol, Short>(protocol, port));
+ }
+
+ @Override
+ public byte[] getEncoding()
+ {
+ BufferedByteWriter writer = new BufferedByteWriter();
+ for (Pair<Protocol, Short> port : mPorts)
+ {
+ /* we report open ports, so the BLOCKED flag is not set */
+ writer.put((byte)0);
+ writer.put(port.first.getValue());
+ writer.put16(port.second);
+ }
+ return writer.toByteArray();
+ }
+}
--- /dev/null
+/*
+ * Copyright (C) 2013 Tobias Brunner
+ * Copyright (C) 2012 Christoph Buehler
+ * Copyright (C) 2012 Patrick Loetscher
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+package org.strongswan.android.logic.imc.collectors;
+
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.InputStreamReader;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+import org.strongswan.android.logic.imc.attributes.Attribute;
+import org.strongswan.android.logic.imc.attributes.PortFilterAttribute;
+
+public class PortFilterCollector implements Collector
+{
+ private static Pattern LISTEN = Pattern.compile("\\bLISTEN\\b");
+ private static Pattern PROTOCOL = Pattern.compile("\\b(tcp|udp)6?\\b");
+ private static Pattern PORT = Pattern.compile("[:]{1,3}(\\d{1,5})\\b");
+
+ @Override
+ public Attribute getMeasurement()
+ {
+ PortFilterAttribute attribute = null;
+ try
+ {
+ Process netstat = Runtime.getRuntime().exec("netstat -n");
+ try
+ {
+ BufferedReader reader = new BufferedReader(new InputStreamReader(netstat.getInputStream()));
+ String line;
+ attribute = new PortFilterAttribute();
+ while ((line = reader.readLine()) != null)
+ {
+ if (!LISTEN.matcher(line).find())
+ {
+ continue;
+ }
+ Matcher protocolMatcher = PROTOCOL.matcher(line);
+ Matcher portMatcher = PORT.matcher(line);
+ if (protocolMatcher.find() && portMatcher.find())
+ {
+ Protocol protocol = Protocol.fromName(protocolMatcher.group());
+ if (protocol == null)
+ {
+ continue;
+ }
+ int port = Integer.parseInt(portMatcher.group(1));
+ attribute.addPort(protocol, (short)port);
+ }
+ }
+ }
+ finally
+ {
+ netstat.destroy();
+ }
+ }
+ catch (IOException e)
+ {
+ e.printStackTrace();
+ }
+ return attribute;
+ }
+
+}
projects / thirdparty / strongswan.git / commitdiff
