Implement the pass through

config/rules.yaml

@@ -29,6 +29,9 @@ rules:
   - match: tcp dst port 11211
     type: conn_handler
     target: memcache
+  - match: tcp dst port 8080
+    type: pass_through
+    target: pass_through
   - match: tcp
     type: conn_handler
     target: tcp

glutton.go

@@ -216,6 +216,7 @@ func (g *Glutton) tcpListen() {
 		}
 
 		md, err := g.connTable.RegisterConn(conn, rule)
+
 		if err != nil {
 			g.Logger.Error("Failed to register connection", producer.ErrAttr(err))
 			continue

protocols/protocols.go

@@ -3,6 +3,7 @@ package protocols
 import (
 	"bytes"
 	"context"
+	"github.com/mushorg/glutton/rules"
 	"net"
 	"strings"
 
@@ -66,6 +67,10 @@ func MapTCPProtocolHandlers(log interfaces.Logger, h interfaces.Honeypot) map[st
 		return tcp.HandleADB(ctx, conn, md, log, h)
 	}
 	protocolHandlers["tcp"] = func(ctx context.Context, conn net.Conn, md connection.Metadata) error {
+		if md.Rule != nil && md.Rule.RuleType == rules.PassThrough {
+			return tcp.HandlePassThrough(ctx, conn, md, log, h)
+		}
+
 		snip, bufConn, err := Peek(conn, 4)
 		if err != nil {
 			if err := conn.Close(); err != nil {

protocols/tcp/pass_through.go

@@ -0,0 +1,66 @@
+package tcp
+
+import (
+	"context"
+	"fmt"
+	"github.com/mushorg/glutton/connection"
+	"github.com/mushorg/glutton/producer"
+	"github.com/mushorg/glutton/protocols/interfaces"
+	"io"
+	"log/slog"
+	"net"
+)
+
+type parsedPassThrough struct {
+	Direction   string `json:"direction,omitempty"`
+	Payload     []byte `json:"payload,omitempty"`
+	PayloadHash string `json:"payload_hash,omitempty"`
+}
+
+type passThroughServer struct {
+	events []parsedPassThrough
+	target string
+}
+
+func HandlePassThrough(ctx context.Context, conn net.Conn, md connection.Metadata, logger interfaces.Logger, h interfaces.Honeypot) error {
+	srcAddr := conn.RemoteAddr().String()
+	logger.Info("PassThrough details",
+		slog.String("srcAddr", srcAddr),
+		slog.String("localAddr", conn.LocalAddr().String()))
+
+	destAddr := conn.LocalAddr().String()
+	targetConn, err := net.Dial("tcp", destAddr)
+	if err != nil {
+		return fmt.Errorf("connection failed: %w", err)
+	}
+	defer targetConn.Close()
+
+	errChan := make(chan error, 2)
+
+	// source to target
+	go func() {
+		_, err := io.Copy(targetConn, conn)
+		errChan <- err
+	}()
+
+	// target to source
+	go func() {
+		_, err := io.Copy(conn, targetConn)
+		errChan <- err
+	}()
+
+	// wait for either direction to succeed
+	select {
+	case err := <-errChan:
+		if err != nil && err != io.EOF {
+			logger.Error("Transfer error", producer.ErrAttr(err))
+			return err
+		}
+	case <-ctx.Done():
+		logger.Info("Context cancelled")
+		return ctx.Err()
+	}
+
+	logger.Info("Pass through completed successfully")
+	return nil
+}

rules/rules.go

@@ -18,6 +18,7 @@ type RuleType int
 const (
 	UserConnHandler RuleType = iota
 	Drop
+	PassThrough
 )
 
 type Config struct {
@@ -32,7 +33,7 @@ type Rule struct {
 	Name   string `yaml:"name,omitempty"`
 
 	isInit   bool
-	ruleType RuleType
+	RuleType RuleType
 	index    int
 	matcher  *pcap.BPF
 }
@@ -59,9 +60,11 @@ func (rule *Rule) init(idx int) error {
 
 	switch rule.Type {
 	case "conn_handler":
-		rule.ruleType = UserConnHandler
+		rule.RuleType = UserConnHandler
 	case "drop":
-		rule.ruleType = Drop
+		rule.RuleType = Drop
+	case "pass_through":
+		rule.RuleType = PassThrough
 	default:
 		return fmt.Errorf("unknown rule type: %s", rule.Type)
 	}