From: Tobias Brunner <tobias@strongswan.org>
Date: Fri, 26 Apr 2013 15:11:15 +0000 (+0200)
Subject: android: Add measurement collector for Port Filter
X-Git-Tag: 5.1.0dr2~2^2~36
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=ba59486fc877d3ca462737351bdb42d482ce0ef7;p=thirdparty%2Fstrongswan.git

android: Add measurement collector for Port Filter

This collector reports all listening TCP and UDP sockets/ports.
---

diff --git a/src/frontends/android/jni/libandroidbridge/byod/imc_android.c b/src/frontends/android/jni/libandroidbridge/byod/imc_android.c
index ee216cec06..be2bc42760 100644
--- a/src/frontends/android/jni/libandroidbridge/byod/imc_android.c
+++ b/src/frontends/android/jni/libandroidbridge/byod/imc_android.c
@@ -44,7 +44,8 @@
 static const char imc_name[] = "Android";
 
 static pen_type_t msg_types[] = {
-	{ PEN_IETF, PA_SUBTYPE_IETF_OPERATING_SYSTEM }
+	{ PEN_IETF, PA_SUBTYPE_IETF_OPERATING_SYSTEM },
+	{ PEN_IETF, PA_SUBTYPE_IETF_VPN },
 };
 
 static imc_agent_t *imc_android;
diff --git a/src/frontends/android/src/org/strongswan/android/logic/imc/AndroidImc.java b/src/frontends/android/src/org/strongswan/android/logic/imc/AndroidImc.java
index 27f21cd019..ca1f746981 100644
--- a/src/frontends/android/src/org/strongswan/android/logic/imc/AndroidImc.java
+++ b/src/frontends/android/src/org/strongswan/android/logic/imc/AndroidImc.java
@@ -19,6 +19,7 @@ import org.strongswan.android.logic.imc.attributes.Attribute;
 import org.strongswan.android.logic.imc.attributes.AttributeType;
 import org.strongswan.android.logic.imc.collectors.Collector;
 import org.strongswan.android.logic.imc.collectors.InstalledPackagesCollector;
+import org.strongswan.android.logic.imc.collectors.PortFilterCollector;
 import org.strongswan.android.logic.imc.collectors.ProductInformationCollector;
 import org.strongswan.android.logic.imc.collectors.StringVersionCollector;
 
@@ -54,6 +55,9 @@ public class AndroidImc
 			case IETF_STRING_VERSION:
 				collector = new StringVersionCollector();
 				break;
+			case IETF_PORT_FILTER:
+				collector = new PortFilterCollector();
+				break;
 			case IETF_INSTALLED_PACKAGES:
 				collector = new InstalledPackagesCollector(mContext);
 				break;
diff --git a/src/frontends/android/src/org/strongswan/android/logic/imc/attributes/PortFilterAttribute.java b/src/frontends/android/src/org/strongswan/android/logic/imc/attributes/PortFilterAttribute.java
new file mode 100644
index 0000000000..191690b941
--- /dev/null
+++ b/src/frontends/android/src/org/strongswan/android/logic/imc/attributes/PortFilterAttribute.java
@@ -0,0 +1,65 @@
+/*
+ * Copyright (C) 2013 Tobias Brunner
+ * Copyright (C) 2012 Christoph Buehler
+ * Copyright (C) 2012 Patrick Loetscher
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+package org.strongswan.android.logic.imc.attributes;
+
+import java.util.LinkedList;
+
+import org.strongswan.android.logic.imc.collectors.Protocol;
+import org.strongswan.android.utils.BufferedByteWriter;
+
+import android.util.Pair;
+
+/**
+ * PA-TNC Port Filter attribute (see section 4.2.6 of RFC 5792)
+ *
+ *                       1                   2                   3
+ *   0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *  |   Reserved  |B|    Protocol   |         Port Number           |
+ *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *  |   Reserved  |B|    Protocol   |         Port Number           |
+ *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ */
+public class PortFilterAttribute implements Attribute
+{
+	private final LinkedList<Pair<Protocol, Short>> mPorts = new LinkedList<Pair<Protocol, Short>>();
+
+	/**
+	 * Add an open port with the given protocol and port number
+	 * @param protocol transport protocol
+	 * @param port port number
+	 */
+	public void addPort(Protocol protocol, short port)
+	{
+		mPorts.add(new Pair<Protocol, Short>(protocol, port));
+	}
+
+	@Override
+	public byte[] getEncoding()
+	{
+		BufferedByteWriter writer = new BufferedByteWriter();
+		for (Pair<Protocol, Short> port : mPorts)
+		{
+			/* we report open ports, so the BLOCKED flag is not set */
+			writer.put((byte)0);
+			writer.put(port.first.getValue());
+			writer.put16(port.second);
+		}
+		return writer.toByteArray();
+	}
+}
diff --git a/src/frontends/android/src/org/strongswan/android/logic/imc/collectors/PortFilterCollector.java b/src/frontends/android/src/org/strongswan/android/logic/imc/collectors/PortFilterCollector.java
new file mode 100644
index 0000000000..b6e740cad1
--- /dev/null
+++ b/src/frontends/android/src/org/strongswan/android/logic/imc/collectors/PortFilterCollector.java
@@ -0,0 +1,79 @@
+/*
+ * Copyright (C) 2013 Tobias Brunner
+ * Copyright (C) 2012 Christoph Buehler
+ * Copyright (C) 2012 Patrick Loetscher
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+package org.strongswan.android.logic.imc.collectors;
+
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.InputStreamReader;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+import org.strongswan.android.logic.imc.attributes.Attribute;
+import org.strongswan.android.logic.imc.attributes.PortFilterAttribute;
+
+public class PortFilterCollector implements Collector
+{
+	private static Pattern LISTEN = Pattern.compile("\\bLISTEN\\b");
+	private static Pattern PROTOCOL = Pattern.compile("\\b(tcp|udp)6?\\b");
+	private static Pattern PORT = Pattern.compile("[:]{1,3}(\\d{1,5})\\b");
+
+	@Override
+	public Attribute getMeasurement()
+	{
+		PortFilterAttribute attribute = null;
+		try
+		{
+			Process netstat = Runtime.getRuntime().exec("netstat -n");
+			try
+			{
+				BufferedReader reader = new BufferedReader(new InputStreamReader(netstat.getInputStream()));
+				String line;
+				attribute = new PortFilterAttribute();
+				while ((line = reader.readLine()) != null)
+				{
+					if (!LISTEN.matcher(line).find())
+					{
+						continue;
+					}
+					Matcher protocolMatcher = PROTOCOL.matcher(line);
+					Matcher portMatcher = PORT.matcher(line);
+					if (protocolMatcher.find() && portMatcher.find())
+					{
+						Protocol protocol = Protocol.fromName(protocolMatcher.group());
+						if (protocol == null)
+						{
+							continue;
+						}
+						int port = Integer.parseInt(portMatcher.group(1));
+						attribute.addPort(protocol, (short)port);
+					}
+				}
+			}
+			finally
+			{
+				netstat.destroy();
+			}
+		}
+		catch (IOException e)
+		{
+			e.printStackTrace();
+		}
+		return attribute;
+	}
+
+}