Hey,
for a small project i am looking for a way of intercepting all the received packets at the WiFi module of an esp32 or esp8266 to analyze it and pass it on, dropping or rejecting it. Kind of like a firewall.
Is this possible? I was doing some digging and found the promiscuous mode on the esp32. (https://github.com/ESP-EOS/ESP32-WiFi-Sniffer/blob/master/WIFI_SNIFFER_ESP32.ino )
esp_wifi_set_promiscuous(true);
esp_wifi_set_promiscuous_rx_cb(&wifi_sniffer_packet_handler);
After setting up the WiFi, it shows all the packages but i am only interested in the packages for the esp mac address. So how would i create my own implementation of a wifi_rx_cb?
Thanks in Advance
Thank you for that reply. Let's say i connect to the wifi like this:
Serial.begin(115200);
Serial.println();
WiFi.mode(WIFI_STA);
WiFi.begin(ssid, psk);
while (!WiFi.isConnected())
{
delay(200);
}
Serial.print("IP: ");
Serial.println(WiFi.localIP());
How and where do i have access to the IwIP Hooks? I am totally lost on how i can register the callback. Do i have to change the wifi class to give me access?
It looks like you have to recompile the lwIP library .
if (IPH_V(iphdr) != 4) {
LWIP_DEBUGF(IP_DEBUG | LWIP_DBG_LEVEL_WARNING, ("IP packet dropped due to bad version number %"U16_F"\n", (u16_t)IPH_V(iphdr)));
ip4_debug_print(p);
pbuf_free(p);
IP_STATS_INC(ip.err);
IP_STATS_INC(ip.drop);
MIB2_STATS_INC(mib2.ipinhdrerrors);
return ERR_OK;
}
#ifdef LWIP_HOOK_IP4_INPUT
if (LWIP_HOOK_IP4_INPUT(p, inp)) {
/* the packet has been eaten */
return ERR_OK;
}
#endif
/* obtain IP header length in bytes */
iphdr_hlen = IPH_HL_BYTES(iphdr);
/* obtain ip length in bytes */
iphdr_len = lwip_ntohs(IPH_LEN(iphdr));
This is where it seems to be happening, but this file is not part of the ESP core. Instead liblwip.a is shipped in binary form.
1 Like
That looks good. I am now working with ESP-IDF Framework, changes to that file are compiled and included. Looking at opt.h (lwIP: Hooks ) if i want to register that hook do i have to define LWIP_HOOK_IP4_INPUT like this?
#define LWIP_HOOK_IP4_INPUT(pbuf, input_netif) \
({ \
0; \
})
or this
int my_hook(struct pbuf *pbuf, struct netif *input_netif)
{
ESP_LOGI(TAG, "TESTING!");
return ESP_OK;
}
#define LWIP_HOOK_IP4_INPUT(pbuf, input_netif) my_hook(pbuf, input_netif)
This looks like a promising attempt.
And here is a discussion on the same topic.
opened 01:02AM - 14 Dec 20 UTC
closed 09:23PM - 15 Jan 21 UTC
## Environment
- Module or chip used: ESP32-WROOM-32E
- IDF version: v4.3-de… v-2136-gb0150615dff5
- Build System: idf.py
- Compiler version: xtensa-esp32-elf-gcc (crosstool-NG esp-2020r3) 8.4.0
- Operating System: Linux
- Power Supply: USB
## Problem Description
I have a customized ip4_route_src_hook_local implementation for my project (to override the ip4_route_src_hook() in lwip)
It was working fine before pull esp-idf update today.
After pull the latest esp-idf, now I got a lot of build warnings.
Generated /home/axel/esp/esp-idf-dev/apps/myproj/build/bootloader/bootloader.bin
[341/1064] Building C object esp-idf/lwip/CMakeFiles/__idf_lwip.dir/apps/ping/esp_ping.c.obj
In file included from /home/axel/esp/esp-idf/components/lwip/lwip/src/include/lwip/opt.h:51,
from /home/axel/esp/esp-idf/components/lwip/lwip/src/include/lwip/ip_addr.h:40,
from /home/axel/esp/esp-idf/components/lwip/apps/ping/esp_ping.c:18:
/home/axel/esp/esp-idf/components/lwip/port/esp32/include/lwipopts.h:770: warning: "LWIP_HOOK_FILENAME" redefined
#define LWIP_HOOK_FILENAME "lwip_default_hooks.h"
<command-line>: note: this is the location of the previous definition
[344/1064] Building C object esp-idf/lwip/CMakeFiles/__idf_lwip.dir/apps/ping/ping.c.obj
In file included from /home/axel/esp/esp-idf/components/lwip/lwip/src/include/lwip/opt.h:51,
from /home/axel/esp/esp-idf/components/lwip/apps/ping/ping.c:41:
/home/axel/esp/esp-idf/components/lwip/port/esp32/include/lwipopts.h:770: warning: "LWIP_HOOK_FILENAME" redefined
#define LWIP_HOOK_FILENAME "lwip_default_hooks.h"
### Expected Behavior
The existing project should work fine without "LWIP_HOOK_FILENAME" redefined warning.
### Actual Behavior
See above messages.
Looks like now it does not allow user to add a customized hook.
### Steps to reproduce
Just build the project.
### Code to reproduce this issue
Add below in CMakeLists.txt to build:
target_compile_definitions(${lwip} PRIVATE "-DLWIP_HOOK_FILENAME=\"ip4_route_local.h\"")
target_compile_options(${lwip} PRIVATE "-I${PROJECT_DIR}/main/lwip_local/include")
target_sources(${lwip} PRIVATE "${PROJECT_DIR}/main/lwip_local/ip4_route_local.c")
It looks like the key to get the custom hooks imported is to define ESP_IDF_LWIP_HOOK_FILENAME (or LWIP_HOOK_FILENAME depending on which version of the library is used) before the lwIP library is included.
1 Like
Yeah, this is what i found as well. Looks like there is no final/working example around to show how it's done. I will try and get it to work.
Thank you so much for your help!
Good luck.
Once you have it figured out, perhaps you can write a short tutorial for future reference? There is a section for tutorials #using-arduino:introductory-tutorials (although this is a bit of an advanced topic, but still).
1 Like
So far i got it to work with esp-idf and platformIO.
Here the files working so far:
// file: <include/lwip_hooks.h>
#ifndef _LWIP_HOOKS_H_
#define _LWIP_HOOKS_H_
#include "lwip/netif.h"
#include "lwip/pbuf.h"
#include "lwip/ip4.h"
#include "esp_log.h"
#include "esp_err.h"
#ifdef __cplusplus
extern "C"
{
#endif
int lwip_hook_ip4_input(struct pbuf *pbuf, struct netif *input_netif);
#define LWIP_HOOK_IP4_INPUT lwip_hook_ip4_input
#ifdef __cplusplus
}
#endif
#endif /* _LWIP_HOOKS_H_ */
// file: <src/lwip_hooks.c>
#include "lwip_hooks.h"
const char *get_protocol(u16_t type)
{
switch (type)
{
case 1:
return "ICMP";
case 6:
return "TCP";
case 17:
return "UDP";
default:
return "-";
}
}
int lwip_hook_ip4_input(struct pbuf *pbuf, struct netif *input_netif)
{
const struct ip_hdr *iphdr;
char ip_address[IP_HLEN];
iphdr = (struct ip_hdr *)pbuf->payload;
sprintf(ip_address, "%d.%d.%d.%d", ip4_addr1_16_val(iphdr->src), ip4_addr2_16_val(iphdr->src), ip4_addr3_16_val(iphdr->src), ip4_addr4_16_val(iphdr->src));
ESP_LOGI("HOOK", "%s: %s",
get_protocol((u16_t)IPH_PROTO(iphdr)), ip_address);
return ESP_OK;
}
; file: <platformio.ini>
[env:az-delivery-devkit-v4]
platform = espressif32
board = az-delivery-devkit-v4
framework = espidf
monitor_speed = 115200
build_flags =
'-Iinclude'
'-DESP_IDF_LWIP_HOOK_FILENAME="lwip_hooks.h"'
This gives me following output when sending packets:
I (692811) HOOK: UDP: 10.93.0.1
I (693021) HOOK: UDP: 10.93.0.211
I (693431) HOOK: UDP: 10.93.0.51
I (693631) HOOK: UDP: 10.93.0.1
I (694251) HOOK: TCP: 10.93.0.211
I (695781) HOOK: UDP: 10.93.0.51
I (697321) HOOK: TCP: 10.93.0.211
I (697521) HOOK: UDP: 10.93.0.51
1 Like
system
January 21, 2023, 2:39pm
10
This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.