Add port mapping connection redirection indicator

emanuele-f · Jan 28, 2024 · c0bea02 · c0bea02
1 parent a6c547d
commit c0bea02
Show file tree

Hide file tree

Showing 8 changed files with 32 additions and 7 deletions.
diff --git a/app/src/main/java/com/emanuelef/remote_capture/adapters/ConnectionsAdapter.java b/app/src/main/java/com/emanuelef/remote_capture/adapters/ConnectionsAdapter.java
@@ -79,6 +79,7 @@ public static class ViewHolder extends RecyclerView.ViewHolder {
         ImageView jsInjectorInd;
         ImageView blacklistedInd;
         ImageView blockedInd;
+        ImageView redirectedInd;
         ImageView decryptionInd;
         TextView statusInd;
         TextView remote;
@@ -103,6 +104,7 @@ public static class ViewHolder extends RecyclerView.ViewHolder {
             jsInjectorInd = itemView.findViewById(R.id.js_injector);
             blacklistedInd = itemView.findViewById(R.id.blacklisted);
             blockedInd = itemView.findViewById(R.id.blocked);
+            redirectedInd = itemView.findViewById(R.id.redirected);
             //countryFlag = itemView.findViewById(R.id.country_flag);
 
             Context context = itemView.getContext();
@@ -160,6 +162,7 @@ else if((conn.status == ConnectionDescriptor.CONN_STATUS_CLOSED)
             jsInjectorInd.setVisibility(((conn.js_injected_scripts != null) && !conn.js_injected_scripts.isEmpty()) ? View.VISIBLE : View.GONE);
             blacklistedInd.setVisibility(conn.isBlacklisted() ? View.VISIBLE : View.GONE);
             blockedInd.setVisibility(conn.is_blocked ? View.VISIBLE : View.GONE);
+            redirectedInd.setVisibility((conn.isPortMappingApplied() && !conn.is_blocked) ? View.VISIBLE : View.GONE);
 
             if(CaptureService.isDecryptingTLS()) {
                 decryptionInd.setVisibility(View.VISIBLE);

diff --git a/app/src/main/java/com/emanuelef/remote_capture/fragments/ConnectionOverview.java b/app/src/main/java/com/emanuelef/remote_capture/fragments/ConnectionOverview.java
@@ -292,6 +292,10 @@ public void connectionUpdated() {
             mError.setTextColor(ContextCompat.getColor(context, R.color.warning));
             mError.setText(context.getString(R.string.connection_start_not_seen));
             mError.setVisibility(View.VISIBLE);
+        } else if(mConn.isPortMappingApplied()) {
+            mError.setTextColor(ContextCompat.getColor(context, R.color.colorTabText));
+            mError.setText(context.getString(R.string.connection_redirected_port_map));
+            mError.setVisibility(View.VISIBLE);
         } else if(mConn.payload_length == 0) {
             mError.setTextColor(ContextCompat.getColor(context, R.color.warning));
             mError.setText(context.getString(R.string.warn_no_app_data));

diff --git a/app/src/main/java/com/emanuelef/remote_capture/model/ConnectionDescriptor.java b/app/src/main/java/com/emanuelef/remote_capture/model/ConnectionDescriptor.java
@@ -111,6 +111,7 @@ public enum FilteringStatus {
     private boolean blacklisted_ip;
     private boolean blacklisted_host;
     public boolean is_blocked;
+    private boolean port_mapping_applied;
     public boolean decryption_ignored;
     public boolean netd_block_missed;
     private boolean payload_truncated;
@@ -155,11 +156,12 @@ public void processUpdate(ConnectionUpdate update) {
             rcvd_pkts = update.rcvd_pkts;
             blocked_pkts = update.blocked_pkts;
             status = (update.status & 0x00FF);
+            port_mapping_applied = (update.status & 0x2000) != 0;
             decryption_ignored = (update.status & 0x1000) != 0;
             netd_block_missed = (update.status & 0x0800) != 0;
             is_blocked = (update.status & 0x0400) != 0;
-            blacklisted_ip = (update.status & 0x0100) != 0;
             blacklisted_host = (update.status & 0x0200) != 0;
+            blacklisted_ip = (update.status & 0x0100) != 0;
             last_seen = update.last_seen;
             tcp_flags = update.tcp_flags; // NOTE: only for root capture
 
@@ -302,9 +304,8 @@ public void setPayloadTruncatedByAddon() {
         payload_truncated = true;
     }
 
-    public boolean isPayloadTruncated() {
-        return payload_truncated;
-    }
+    public boolean isPayloadTruncated() { return payload_truncated; }
+    public boolean isPortMappingApplied() { return port_mapping_applied; }
 
     public boolean isNotDecryptable()   { return !decryption_ignored && (encrypted_payload || !mitm_decrypt); }
     public boolean isDecrypted()        { return !decryption_ignored && !isNotDecryptable() && (getNumPayloadChunks() > 0); }

diff --git a/app/src/main/jni/core/jni_impl.c b/app/src/main/jni/core/jni_impl.c
@@ -167,7 +167,8 @@ static jobject getConnUpdate(pcapdroid_t *pd, const conn_and_tuple_t *conn) {
         (*env)->CallVoidMethod(env, update, mids.connUpdateSetStats, data->last_seen,
                                data->payload_length, data->sent_bytes, data->rcvd_bytes, data->sent_pkts, data->rcvd_pkts, data->blocked_pkts,
                                (data->tcp_flags[0] << 8) | data->tcp_flags[1],
-                               (data->decryption_ignored << 12) |
+                               (data->port_mapping_applied << 13) |
+                                    (data->decryption_ignored << 12) |
                                     (data->netd_block_missed << 11) |
                                     (blocked << 10) |
                                     (data->blacklisted_domain << 9) |

diff --git a/app/src/main/res/drawable/reply.xml b/app/src/main/res/drawable/reply.xml
@@ -0,0 +1,5 @@
+<vector android:autoMirrored="true" android:height="20dp"
+    android:tint="#000000" android:viewportHeight="20"
+    android:viewportWidth="20" android:width="20dp" xmlns:android="http://schemas.android.com/apk/res/android">
+    <path android:fillColor="@android:color/white" android:pathData="M10,9V5l-7,7 7,7v-4.1c5,0 8.5,1.6 11,5.1 -1,-5 -4,-10 -11,-11z"/>
+</vector>
diff --git a/app/src/main/res/layout/about_activity.xml b/app/src/main/res/layout/about_activity.xml
@@ -52,7 +52,7 @@
                 android:layout_height="wrap_content"
                 android:layout_marginTop="20dp"
                 android:autoLink="email"
-                android:text="Copyright (C) 2020-23 - Emanuele Faranda black.silver@hotmail.it" />
+                android:text="Copyright (C) 2020-24 - Emanuele Faranda black.silver@hotmail.it" />
 
             <TextView
                 android:id="@+id/app_license"
@@ -76,4 +76,4 @@
                 android:text="@string/opensource_licenses"/>
         </LinearLayout>
     </RelativeLayout>
-</ScrollView>
+</ScrollView>
diff --git a/app/src/main/res/layout/connection_item.xml b/app/src/main/res/layout/connection_item.xml
@@ -67,6 +67,15 @@
                     android:contentDescription="@string/injected"
                     android:src="@drawable/ic_baseline_javascript" />
 
+                <ImageView
+                    android:id="@+id/redirected"
+                    android:layout_width="wrap_content"
+                    android:layout_height="12sp"
+                    android:layout_marginEnd="5dp"
+                    app:tint="@color/colorTabText"
+                    android:contentDescription="@string/redirected"
+                    android:src="@drawable/reply" />
+
                 <ImageView
                     android:id="@+id/blacklisted"
                     android:layout_width="wrap_content"

diff --git a/app/src/main/res/values/strings.xml b/app/src/main/res/values/strings.xml
@@ -494,4 +494,6 @@
     <string name="tls_decryption_no_rules_notice">TLS decryption is only applied to connections that match the configured rules. Do you want to create decryption rules now?</string>
     <string name="active_vpn_detected">Active VPN detected</string>
     <string name="mitm_doze_notice">Battery optimization may interfere with the mitm addon</string>
+    <string name="redirected">redirected</string>
+    <string name="connection_redirected_port_map">This connection has been redirected due to a port mapping rule</string>
 </resources>