af-graft
af-graft copied to clipboard
Published
20 hours ago •
upa
upa
I need help with a program that can't be grafted
I tried to graft a C program which is compatible with LD_PRELOAD trick and got some error when doing, it's 3proxy:
https://github.com/z3APA3A/3proxy/blob/master/src/tcppm.c https://github.com/z3APA3A/3proxy/blob/master/src/proxymain.c https://github.com/z3APA3A/3proxy/blob/master/src/proxy.h
I run a iperf3 instance listening at port 8888 and forward to port 5201 with the program, so when I try to connect in this port with another instance of iperf3 an error happens:
$ iperf -s -B 127.0.0.1 -p 8888
$ LD_PRELOAD="/opt/af-graft/tools/libgraft-convert.so" GRAFT_VERBOSE="1" GRAFT_EGRESS_CONVERT="0.0.0.0/0=out4 ::/0=out6" GRAFT_INGRESS_CONVERT="127.0.0.1:5201=in4" /dev/shm/tcppm -i127.0.0.1 5201 127.0.0.1 8888
libgraft-convert.so:249:make_conv_addr(): use in4 for 127.0.0.1:5201-5201 (ingress)
libgraft-convert.so:419:make_conv_prefix(): use ep out4 for 0.0.0.0/0 (egress)
libgraft-convert.so:419:make_conv_prefix(): use ep out6 for ::/0 (egress)
libgraft-convert.so:597:socket(): overwrite family 2 with AF_GRAFT
libgraft-convert.so:708:setsockopt(): wrap setsockopt() level\=1, optname=2
libgraft-convert.so:708:setsockopt(): wrap setsockopt() level\=1, optname=15
libgraft-convert.so:691:bind(): convert bind 127.0.0.1:5201 to in4
libgraft-convert.so:597:socket(): overwrite family 2 with AF_GRAFT
libgraft-convert.so:708:setsockopt(): wrap setsockopt() level\=1, optname=13
libgraft-convert.so:683:bind(): no matched ep for fd\=5, 0.0.0.0:0. call original bind
strace with GRAFT_VERBOSE="0" shows:
$ LD_PRELOAD="/opt/af-graft/tools/libgraft-convert.so" GRAFT_VERBOSE="0" GRAFT_EGRESS_CONVERT="0.0.0.0/0=out4 ::/0=out6" GRAFT_INGRESS_CONVERT="127.0.0.1:5201=in4" strace /dev/shm/tcppm -i127.0.0.1 5201 127.0.0.1 8888
execve("/dev/shm/tcppm", ["/dev/shm/tcppm", "-i127.0.0.1", "5201", "127.0.0.1", "8888"], 0x7ffce2c99fd0 /* 26 vars */) = 0
brk(NULL) = 0x55a84362b000
openat(AT_FDCWD, "/opt/af-graft/tools/libgraft-convert.so", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\3604\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=105936, ...}) = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6c6a5d0000
mmap(NULL, 59544, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f6c6a5c1000
mmap(0x7f6c6a5c4000, 28672, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7f6c6a5c4000
mmap(0x7f6c6a5cb000, 12288, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xa000) = 0x7f6c6a5cb000
mmap(0x7f6c6a5ce000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xc000) = 0x7f6c6a5ce000
close(3) = 0
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=339806, ...}) = 0
mmap(NULL, 339806, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f6c6a56e000
close(3) = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libdl.so.2", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0000\21\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=14592, ...}) = 0
mmap(NULL, 16656, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f6c6a569000
mmap(0x7f6c6a56a000, 4096, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1000) = 0x7f6c6a56a000
mmap(0x7f6c6a56b000, 4096, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f6c6a56b000
mmap(0x7f6c6a56c000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f6c6a56c000
close(3) = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libpthread.so.0", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0@l\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=146968, ...}) = 0
mmap(NULL, 132288, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f6c6a548000
mmap(0x7f6c6a54e000, 61440, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6000) = 0x7f6c6a54e000
mmap(0x7f6c6a55d000, 24576, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x15000) = 0x7f6c6a55d000
mmap(0x7f6c6a563000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1a000) = 0x7f6c6a563000
mmap(0x7f6c6a565000, 13504, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f6c6a565000
close(3) = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260A\2\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=1824496, ...}) = 0
mmap(NULL, 1837056, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f6c6a387000
mprotect(0x7f6c6a3a9000, 1658880, PROT_NONE) = 0
mmap(0x7f6c6a3a9000, 1343488, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x22000) = 0x7f6c6a3a9000
mmap(0x7f6c6a4f1000, 311296, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x16a000) = 0x7f6c6a4f1000
mmap(0x7f6c6a53e000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1b6000) = 0x7f6c6a53e000
mmap(0x7f6c6a544000, 14336, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f6c6a544000
close(3) = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6c6a385000
arch_prctl(ARCH_SET_FS, 0x7f6c6a385b80) = 0
mprotect(0x7f6c6a53e000, 16384, PROT_READ) = 0
mprotect(0x7f6c6a563000, 4096, PROT_READ) = 0
mprotect(0x7f6c6a56c000, 4096, PROT_READ) = 0
mprotect(0x7f6c6a5ce000, 4096, PROT_READ) = 0
mprotect(0x55a843571000, 4096, PROT_READ) = 0
mprotect(0x7f6c6a5f9000, 4096, PROT_READ) = 0
munmap(0x7f6c6a56e000, 339806) = 0
set_tid_address(0x7f6c6a385e50) = 27824
set_robust_list(0x7f6c6a385e60, 24) = 0
rt_sigaction(SIGRTMIN, {sa_handler=0x7f6c6a54e6b0, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7f6c6a55a730}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {sa_handler=0x7f6c6a54e740, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f6c6a55a730}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
brk(NULL) = 0x55a84362b000
brk(0x55a84364c000) = 0x55a84364c000
futex(0x7f6c6a56d0c8, FUTEX_WAKE_PRIVATE, 2147483647) = 0
rt_sigaction(SIGPIPE, {sa_handler=SIG_IGN, sa_mask=[PIPE], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f6c6a3be840}, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
socket(AF_IPX, SOCK_STREAM, 6) = 3
setsockopt(3, 0xfe /* SOL_?? */, 1, [1], 4) = 0
setsockopt(3, 0xfe /* SOL_?? */, 5, [1], 4) = 0
fcntl(3, F_SETFL, O_RDONLY|O_NONBLOCK) = 0
setsockopt(3, 0xfe /* SOL_?? */, 4, "\1\0\0\0\2\0\0\0\4\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 128) = 0
setsockopt(3, 0xfe /* SOL_?? */, 4, "\1\0\0\0\17\0\0\0\4\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 128) = 0
getsockname(3, 0x7ffe2cba20a0, [128->0]) = 0
bind(3, {sa_family=AF_IPX, sipx_port=htons(26990), sipx_network=htonl(0x34000000), sipx_node=[00, 00, 00, 00, 00, 00], sipx_type=00}, 18) = 0
setsockopt(3, 0xfe /* SOL_?? */, 1, [0], 4) = 0
listen(3, 32) = 0
getpid() = 27824
poll([{fd=3, events=POLLIN}], 1, 1000) = 0 (Timeout)
poll([{fd=3, events=POLLIN}], 1, 1000) = 0 (Timeout)
poll([{fd=3, events=POLLIN}], 1, 1000) = 0 (Timeout)
poll([{fd=3, events=POLLIN}], 1, 1000) = 0 (Timeout)
poll([{fd=3, events=POLLIN}], 1, 1000) = 0 (Timeout)
poll([{fd=3, events=POLLIN}], 1, 1000) = 0 (Timeout)
poll([{fd=3, events=POLLIN}], 1, 1000) = 0 (Timeout)
poll([{fd=3, events=POLLIN}], 1, 1000) = 0 (Timeout)
poll([{fd=3, events=POLLIN}], 1, 1000) = 0 (Timeout)
=============================== When a connection is received
poll([{fd=3, events=POLLIN}], 1, 1000) = 1 ([{fd=3, revents=POLLIN}])
accept(3, {sa_family=AF_INET, sin_port=htons(58512), sin_addr=inet_addr("127.0.0.1")}, [28->16]) = 4
getsockname(4, {sa_family=AF_INET, sin_port=htons(5201), sin_addr=inet_addr("127.0.0.1")}, [28->16]) = 0
fcntl(4, F_SETFL, O_RDONLY|O_NONBLOCK) = 0
setsockopt(4, SOL_SOCKET, SO_LINGER, {l_onoff=1, l_linger=60}, 8) = 0
setsockopt(4, SOL_SOCKET, SO_OOBINLINE, [1], 4) = 0
mmap(NULL, 36864, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6c6a5b8000
mprotect(0x7f6c6a5b9000, 32768, PROT_READ|PROT_WRITE) = 0
clone(child_stack=0x7f6c6a5bffb0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tidptr=0x7f6c6a5c09d0, tls=0x7f6c6a5c0700, child_tidptr=0x7f6c6a5c09d0) = 27833
poll([{fd=3, events=POLLIN}], 1, 1000libgraft-convert.so:683:bind(): no matched ep for fd=5, 0.0.0.0:0. call original bind
) = 0 (Timeout)
poll([{fd=3, events=POLLIN}], 1, 1000) = 0 (Timeout)
poll([{fd=3, events=POLLIN}], 1, 1000) = 0 (Timeout)
poll([{fd=3, events=POLLIN}], 1, 1000) = 0 (Timeout)
poll([{fd=3, events=POLLIN}], 1, 1000) = 0 (Timeout)
poll([{fd=3, events=POLLIN}], 1, 1000^Cstrace: Process 27824 detached
<detached ...>
========================================================================
ltrace with GRAFT_VERBOSE="0" shows:
$ LD_PRELOAD="/opt/af-graft/tools/libgraft-convert.so" GRAFT_VERBOSE="0" GRAFT_EGRESS_CONVERT="0.0.0.0/0=out4 ::/0=out6" GRAFT_INGRESS_CONVERT="127.0.0.1:5201=in4" ltrace /dev/shm/tcppm -i127.0.0.1 5201 127.0.0.1 8888
signal(SIGPIPE, 0x1) = 0
time(0) = 1566206791
pthread_mutex_init(0x7ffc220a9e20, 0, 2, 2) = 0
pthread_mutex_init(0x558fa0792560, 0, 2, 0) = 0
inet_pton(2, 0x7ffc220ac7ba, 0x7ffc220a9dcc, 3) = 1
strtol(0x7ffc220ac7c4, 0, 10, 0) = 5201
strtol(0x7ffc220ac7d3, 0, 10, 0x1999999999999999) = 8888
strdup("127.0.0.1") = 0x558fa111f4f0
fcntl(3, 4, 2048, 0x7f0efb114a6a) = 0
pthread_self(3, 32, 1, 0x7f0efb1145f7) = 0x7f0efb018b80
getpid() = 27857
sprintf("Accepting connections [27857/421"..., "Accepting connections [%u/%u]", 27857, 4211182464) = 40
gettimeofday(0x7ffc220a9b20, 0x7ffc220a9b18) = 0
pthread_attr_init(0x7ffc220a9bf0, 0x7ffc220a9b20, 85, 0) = 0
pthread_attr_setstacksize(0x7ffc220a9bf0, 0x8000, 85, 0) = 0
pthread_attr_setdetachstate(0x7ffc220a9bf0, 1, 85, 0) = 0
=============================== When a connection is received
fcntl(4, 4, 2048, 0x7f0efb114597) = 0
malloc(696) = 0x558fa111f510
gettimeofday(0x7ffc220a9b20, 0x7ffc220a9b18) = 0
pthread_mutex_lock(0x7ffc220a9e20, 0x7ffc220a9b20, 146, 0) = 0
pthread_create(0x7ffc220a9bc0, 0x7ffc220a9bf0, 0x558fa078c190, 0x558fa111f510) = 0
pthread_mutex_unlock(0x7ffc220a9e20, 0, 0, 0x7f0efb253700) = 0
libgraft-convert.so:683:bind(): no matched ep for fd=5, 0.0.0.0:0. call original bind
^C--- SIGINT (Interrupt) ---
+++ killed by SIGINT +++
=======================================================
When non-grafted it runs fine
@upa, could you tell me what's wrong? Could you fix this in AF_GRAFT?
