package io.vproxy.vmirror;

import io.vproxy.base.processor.httpbin.frame.SettingsFrame;
import io.vproxy.base.util.ByteArray;
import io.vproxy.base.util.Consts;
import io.vproxy.base.util.LogType;
import io.vproxy.base.util.Logger;
import io.vproxy.base.util.Network;
import io.vproxy.base.util.Utils;
import io.vproxy.base.util.direct.DirectByteBuffer;
import io.vproxy.base.util.direct.DirectMemoryUtils;
import io.vproxy.base.util.file.FileWatcher;
import io.vproxy.base.util.file.FileWatcherHandler;
import io.vproxy.dep.vjson.CharStream;
import io.vproxy.dep.vjson.JSON;
import io.vproxy.dep.vjson.parser.ParserOptions;
import io.vproxy.dep.vjson.parser.ParserUtils;
import io.vproxy.vfd.FDProvider;
import io.vproxy.vfd.FDs;
import io.vproxy.vfd.FDsWithTap;
import io.vproxy.vfd.IP;
import io.vproxy.vfd.IPv4;
import io.vproxy.vfd.IPv6;
import io.vproxy.vfd.MacAddress;
import io.vproxy.vfd.TapDatagramFD;
import io.vproxy.vpacket.AbstractIpPacket;
import io.vproxy.vpacket.EthernetPacket;
import io.vproxy.vpacket.Ipv6Packet;
import io.vproxy.vpacket.PacketBytes;
import java.io.IOException;
import java.nio.file.Path;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.NoSuchElementException;
import java.util.Set;
import java.util.function.Consumer;
import java.util.function.Function;
import java.util.stream.Collectors;

/* loaded from: input_file:io/vproxy/vmirror/Mirror.class */
public class Mirror {
    private static final Mirror mirror = new Mirror();
    private FileWatcher watcher;
    private boolean initialized = false;
    private boolean enabled = false;
    private List<MirrorConfig> mirrors = Collections.emptyList();
    private Set<String> enabledOrigins = Collections.emptySet();
    private List<FilterConfig> filters = Collections.emptyList();
    private final DirectByteBuffer writeBuffer = DirectMemoryUtils.allocateDirectBuffer(2048);

    private Mirror() {
    }

    public static void init(String str) throws Exception {
        if (mirror.initialized) {
            throw new IllegalStateException("cannot initialize twice");
        }
        mirror.watcher = new FileWatcher(str, new FileWatcherHandler() { // from class: io.vproxy.vmirror.Mirror.1
            @Override // io.vproxy.base.util.file.FileWatcherHandler
            public void onFileCreated(Path path, String str2) {
                Mirror.mirror.loadConfig(str2);
            }

            @Override // io.vproxy.base.util.file.FileWatcherHandler
            public void onFileRemoved(Path path) {
                Mirror.mirror.enabled = false;
            }

            @Override // io.vproxy.base.util.file.FileWatcherHandler
            public void onFileUpdated(Path path, String str2) {
                Mirror.mirror.loadConfig(str2);
            }
        });
        mirror.initialized = true;
        mirror.watcher.start();
    }

    public static void destroy() {
        mirror.watcher.stop();
        mirror.initialized = false;
        mirror.enabled = false;
        mirror.destroyTaps(mirror.mirrors);
        mirror.mirrors = Collections.emptyList();
        mirror.filters = Collections.emptyList();
    }

    public static boolean isEnabled(String str) {
        if (mirror.enabled) {
            return mirror.enabledOrigins.contains(str);
        }
        return false;
    }

    public static void switchPacket(EthernetPacket ethernetPacket) {
        if (mirror.enabled) {
            HashSet hashSet = new HashSet();
            if (ethernetPacket.getPacket() instanceof AbstractIpPacket) {
                AbstractIpPacket abstractIpPacket = (AbstractIpPacket) ethernetPacket.getPacket();
                checkHelper(hashSet, "switch", filterConfig -> {
                    return Boolean.valueOf(filterConfig.matchIp(ethernetPacket.getSrc(), ethernetPacket.getDst(), abstractIpPacket.getSrc(), abstractIpPacket.getDst()));
                });
            } else {
                checkHelper(hashSet, "switch", filterConfig2 -> {
                    return Boolean.valueOf(filterConfig2.matchEthernet(ethernetPacket.getSrc(), ethernetPacket.getDst()));
                });
            }
            Iterator it = hashSet.iterator();
            while (it.hasNext()) {
                mirror.sendPacket(((MirrorConfig) it.next()).tap, ethernetPacket);
            }
        }
    }

    public static void mirror(MirrorData mirrorData) {
        if (mirror.enabled) {
            if (mirrorData.macSrc == null || mirrorData.macDst == null) {
                Logger.error(LogType.IMPROPER_USE, "should not set mac src nor dst to null");
                return;
            }
            if (mirrorData.data == null) {
                Logger.error(LogType.IMPROPER_USE, "missing data");
                return;
            }
            if (mirrorData.origin == null) {
                Logger.error(LogType.IMPROPER_USE, "origin must not be null");
                return;
            }
            HashSet<MirrorConfig> hashSet = new HashSet();
            if (mirrorData.ipSrc == null || mirrorData.ipDst == null) {
                checkHelper(hashSet, mirrorData.origin, filterConfig -> {
                    return Boolean.valueOf(filterConfig.matchEthernet(mirrorData.macSrc, mirrorData.macDst));
                });
            } else if (mirrorData.transportLayerProtocol == null) {
                checkHelper(hashSet, mirrorData.origin, filterConfig2 -> {
                    return Boolean.valueOf(filterConfig2.matchIp(mirrorData.macSrc, mirrorData.macDst, mirrorData.ipSrc, mirrorData.ipDst));
                });
            } else if (mirrorData.applicationLayerProtocol == null) {
                checkHelper(hashSet, mirrorData.origin, filterConfig3 -> {
                    return Boolean.valueOf(filterConfig3.matchTransport(mirrorData.macSrc, mirrorData.macDst, mirrorData.ipSrc, mirrorData.ipDst, mirrorData.transportLayerProtocol, mirrorData.portSrc, mirrorData.portDst));
                });
            } else {
                checkHelper(hashSet, mirrorData.origin, filterConfig4 -> {
                    return Boolean.valueOf(filterConfig4.matchApplication(mirrorData.macSrc, mirrorData.macDst, mirrorData.ipSrc, mirrorData.ipDst, mirrorData.transportLayerProtocol, mirrorData.portSrc, mirrorData.portDst, mirrorData.applicationLayerProtocol));
                });
            }
            for (MirrorConfig mirrorConfig : hashSet) {
                mirror.sendPacket(mirrorConfig.tap, formatPacket(mirrorData.ctx, mirrorConfig.mtu, mirrorData.origin, mirrorData.macSrc, mirrorData.macDst, mirrorData.ipSrc, mirrorData.ipDst, mirrorData.transportLayerProtocol, mirrorData.portSrc, mirrorData.portDst, mirrorData.applicationLayerProtocol, mirrorData.meta, mirrorData.flags, mirrorData.data));
            }
        }
    }

    private static void checkHelper(Set<MirrorConfig> set, String str, Function<FilterConfig, Boolean> function) {
        for (FilterConfig filterConfig : mirror.filters) {
            if (filterConfig.originConfig.origin.equals(str) && function.apply(filterConfig).booleanValue()) {
                set.add(filterConfig.originConfig.mirror);
            }
        }
    }

    private static List<EthernetPacket> formatPacket(MirrorContext mirrorContext, int i, String str, MacAddress macAddress, MacAddress macAddress2, IP ip, IP ip2, String str2, int i2, int i3, String str3, String str4, byte b, ByteArray byteArray) {
        if (macAddress == null) {
            macAddress = new MacAddress("00:00:00:00:00:00");
        }
        if (macAddress2 == null) {
            macAddress2 = new MacAddress("ff:ff:ff:ff:ff:ff");
        }
        byte[] allocateByteArrayInitZero = Utils.allocateByteArrayInitZero(16);
        allocateByteArrayInitZero[0] = -3;
        if (ip == null) {
            ip = IP.fromIPv6(allocateByteArrayInitZero);
        }
        if (ip2 == null) {
            ip2 = IP.fromIPv6(allocateByteArrayInitZero);
        }
        IPv6 ipv6FromIpv4 = getIpv6FromIpv4(ip);
        IPv6 ipv6FromIpv42 = getIpv6FromIpv4(ip2);
        if (str2 == null) {
            str2 = "";
        }
        if (str3 == null) {
            str3 = "";
        }
        ByteArray int16 = ByteArray.allocate(2).int16(0, i2);
        ByteArray int162 = ByteArray.allocate(2).int16(0, i3);
        ArrayList<ByteArray> arrayList = new ArrayList();
        while (byteArray.length() > i) {
            arrayList.add(byteArray.sub(0, i));
            byteArray = byteArray.sub(i, byteArray.length() - i);
        }
        arrayList.add(byteArray);
        ArrayList arrayList2 = new ArrayList(arrayList.size());
        for (ByteArray byteArray2 : arrayList) {
            ByteArray concat = int16.concat(int162).concat(ByteArray.allocate(16).int32(0, mirrorContext.getSeq()).set(8, (byte) 80).set(9, b).int16(10, SettingsFrame.DEFAULT_WINDOW_SIZE)).concat(byteArray2);
            PacketBytes packetBytes = new PacketBytes();
            packetBytes.setBytes(concat);
            int length = concat.length();
            Ipv6Packet ipv6Packet = new Ipv6Packet();
            ipv6Packet.setVersion(6);
            ipv6Packet.setTrafficClass(0);
            ipv6Packet.setFlowLabel(0);
            ipv6Packet.setNextHeader(0);
            ipv6Packet.setHopLimit(255);
            ipv6Packet.setSrc(IP.fromIPv6(ipv6FromIpv4.getAddress()));
            ipv6Packet.setDst(IP.fromIPv6(ipv6FromIpv42.getAddress()));
            ipv6Packet.setExtHeaders(new ArrayList());
            ipv6Packet.setPacket(packetBytes);
            ByteArray from = ByteArray.from(("o=" + str + ";l=" + str2 + ";p=" + str3 + ";").getBytes());
            ByteArray concat2 = ByteArray.allocate(2).set(0, (byte) -2).set(1, (byte) from.length()).concat(from);
            if ((2 + concat2.length()) % 8 != 0) {
                concat2 = concat2.concat(ByteArray.allocate(((((2 + concat2.length()) / 8) + 1) * 8) - (2 + concat2.length())));
            }
            Ipv6Packet.ExtHeader extHeader = new Ipv6Packet.ExtHeader();
            extHeader.setNextHeader(43);
            extHeader.setHdrExtLen((concat2.length() - 6) / 8);
            extHeader.setOther(concat2);
            int length2 = length + extHeader.getRawPacket(0).length();
            ipv6Packet.getExtHeaders().add(extHeader);
            ByteArray concat3 = ByteArray.allocate(2).set(0, (byte) -2).concat(ByteArray.from(str4.getBytes()));
            if ((2 + concat3.length()) % 8 != 0) {
                concat3 = concat3.concat(ByteArray.allocate(((((2 + concat3.length()) / 8) + 1) * 8) - (2 + concat3.length())));
            }
            Ipv6Packet.ExtHeader extHeader2 = new Ipv6Packet.ExtHeader();
            extHeader2.setNextHeader(6);
            extHeader2.setHdrExtLen((concat3.length() - 6) / 8);
            extHeader2.setOther(concat3);
            int length3 = length2 + extHeader2.getRawPacket(0).length();
            ipv6Packet.getExtHeaders().add(extHeader2);
            ipv6Packet.setPayloadLength(length3);
            ByteArray concat4 = Utils.buildPseudoIPv6Header(ipv6Packet, 6, concat.length()).concat(concat);
            concat.int16(16, Utils.calculateChecksum(concat4, concat4.length()));
            EthernetPacket ethernetPacket = new EthernetPacket();
            ethernetPacket.setDst(macAddress2);
            ethernetPacket.setSrc(macAddress);
            ethernetPacket.setType(Consts.ETHER_TYPE_IPv6);
            ethernetPacket.setPacket(ipv6Packet);
            arrayList2.add(ethernetPacket);
            mirrorContext.incrSeq(byteArray2.length());
        }
        return arrayList2;
    }

    private static IPv6 getIpv6FromIpv4(IP ip) {
        if (!(ip instanceof IPv4)) {
            return (IPv6) ip;
        }
        byte[] address = ip.getAddress();
        byte[] allocateByteArrayInitZero = Utils.allocateByteArrayInitZero(16);
        allocateByteArrayInitZero[10] = -1;
        allocateByteArrayInitZero[11] = -1;
        allocateByteArrayInitZero[12] = address[0];
        allocateByteArrayInitZero[13] = address[1];
        allocateByteArrayInitZero[14] = address[2];
        allocateByteArrayInitZero[15] = address[3];
        return IP.fromIPv6(allocateByteArrayInitZero);
    }

    private void loadConfig(String str) {
        try {
            parseAndLoad(ParserUtils.buildFrom(CharStream.from(str), ParserOptions.allFeatures()));
            Logger.alert("mirror config reloaded");
        } catch (Exception e) {
            Logger.error(LogType.SYS_ERROR, "loading mirror config failed", e);
        }
    }

    private void parseAndLoad(JSON.Instance<?> instance) throws Exception {
        String str = "";
        try {
            JSON.Object object = (JSON.Object) instance;
            boolean bool = object.getBool("enabled");
            str = "mirrors";
            JSON.Array array = object.getArray("mirrors");
            LinkedList linkedList = new LinkedList();
            HashSet hashSet = new HashSet();
            LinkedList<MirrorConfig> linkedList2 = new LinkedList();
            for (int i = 0; i < array.length(); i++) {
                MirrorConfig mirrorConfig = new MirrorConfig();
                str = "mirrors[" + i + "]";
                parseAndLoadMirror(hashSet, linkedList, mirrorConfig, (JSON.Object) array.get(i));
                linkedList2.add(mirrorConfig);
            }
            FDs provided = FDProvider.get().getProvided();
            if (!(provided instanceof FDsWithTap)) {
                throw new Exception("the provided fd impl does not support tap devices, use -Dvfd=posix or -Dvfd=windows instead");
            }
            FDsWithTap fDsWithTap = (FDsWithTap) provided;
            LinkedList linkedList3 = new LinkedList();
            LinkedList linkedList4 = new LinkedList();
            for (MirrorConfig mirrorConfig2 : linkedList2) {
                boolean z = false;
                Iterator<MirrorConfig> it = this.mirrors.iterator();
                while (true) {
                    if (it.hasNext()) {
                        if (it.next().tap.getTap().dev.equals(mirrorConfig2.tapName)) {
                            z = true;
                            break;
                        }
                    } else {
                        break;
                    }
                }
                if (!z) {
                    linkedList3.add(mirrorConfig2);
                }
            }
            for (MirrorConfig mirrorConfig3 : this.mirrors) {
                boolean z2 = false;
                Iterator it2 = linkedList2.iterator();
                while (true) {
                    if (!it2.hasNext()) {
                        break;
                    }
                    MirrorConfig mirrorConfig4 = (MirrorConfig) it2.next();
                    if (mirrorConfig3.tap.getTap().dev.equals(mirrorConfig4.tapName)) {
                        z2 = true;
                        mirrorConfig4.tap = mirrorConfig3.tap;
                        break;
                    }
                }
                if (!z2) {
                    linkedList4.add(mirrorConfig3.tap);
                }
            }
            for (MirrorConfig mirrorConfig5 : linkedList3) {
                try {
                    TapDatagramFD openTap = fDsWithTap.openTap(mirrorConfig5.tapName);
                    mirrorConfig5.tap = openTap;
                    if (!openTap.getTap().dev.equals(mirrorConfig5.tapName)) {
                        Logger.error(LogType.IMPROPER_USE, "should not specify tap pattern when mirroring. please create one before using");
                        destroyTaps(linkedList3);
                        throw new Exception("should not specify tap pattern when mirroring. please create one before using");
                    }
                    Logger.alert("open mirror tap device " + mirrorConfig5.tapName);
                } catch (Throwable th) {
                    Logger.error(LogType.SYS_ERROR, "cannot open tap device for mirror: " + mirrorConfig5.tapName, th);
                    destroyTaps(linkedList3);
                    throw new Exception("open tap device " + mirrorConfig5.tapName + " failed");
                }
            }
            boolean z3 = this.enabled;
            this.enabled = false;
            this.mirrors = linkedList2;
            this.enabledOrigins = hashSet;
            this.filters = linkedList;
            this.enabled = bool;
            destroyTaps0(linkedList4);
            if (z3 && !this.enabled) {
                Logger.alert("disable mirror");
            } else {
                if (z3 || !this.enabled) {
                    return;
                }
                Logger.alert("enable mirror");
            }
        } catch (ClassCastException e) {
            if (e.getMessage() != null && !e.getMessage().isBlank()) {
                throw new ClassCastException("type error when handling " + str + "." + e.getMessage());
            }
            throw new ClassCastException("type error when handling " + str);
        } catch (IllegalArgumentException | IndexOutOfBoundsException e2) {
            if (e2.getMessage() != null && !e2.getMessage().isBlank()) {
                throw new IllegalArgumentException("invalid value when handling " + str + "." + e2.getMessage());
            }
            throw new IllegalArgumentException("invalid value when handling " + str);
        } catch (NoSuchElementException e3) {
            if (e3.getMessage() != null && !e3.getMessage().isBlank()) {
                throw new NoSuchElementException("missing field when handling " + str + "." + e3.getMessage());
            }
            throw new NoSuchElementException("missing field when handling " + str);
        }
    }

    private void destroyTaps(List<MirrorConfig> list) {
        destroyTaps0((List) list.stream().filter(mirrorConfig -> {
            return mirrorConfig.tap != null;
        }).map(mirrorConfig2 -> {
            return mirrorConfig2.tap;
        }).collect(Collectors.toList()));
    }

    private void destroyTaps0(List<TapDatagramFD> list) {
        for (TapDatagramFD tapDatagramFD : list) {
            try {
                tapDatagramFD.close();
                Logger.warn(LogType.ALERT, "close mirror tap device " + tapDatagramFD.getTap().dev);
            } catch (IOException e) {
                Logger.shouldNotHappen("closing fd " + tapDatagramFD + "failed", e);
            }
        }
    }

    private void runSub(Consumer<String[]> consumer) {
        String[] strArr = {""};
        try {
            consumer.accept(strArr);
        } catch (ClassCastException e) {
            if (e.getMessage() != null && !e.getMessage().isBlank()) {
                throw new ClassCastException(strArr[0] + "." + e.getMessage());
            }
            throw new ClassCastException(strArr[0]);
        } catch (IllegalArgumentException | IndexOutOfBoundsException e2) {
            if (e2.getMessage() != null && !e2.getMessage().isBlank()) {
                throw new IllegalArgumentException(strArr[0] + "." + e2.getMessage());
            }
            throw new IllegalArgumentException(strArr[0]);
        } catch (NoSuchElementException e3) {
            if (e3.getMessage() != null && !e3.getMessage().isBlank()) {
                throw new NoSuchElementException(strArr[0] + "." + e3.getMessage());
            }
            throw new NoSuchElementException(strArr[0]);
        }
    }

    private void parseAndLoadMirror(Set<String> set, List<FilterConfig> list, MirrorConfig mirrorConfig, JSON.Object object) {
        runSub(strArr -> {
            strArr[0] = "tap";
            mirrorConfig.tapName = object.getString("tap");
            strArr[0] = "packetSize";
            mirrorConfig.mtu = object.getInt("mtu");
            if (mirrorConfig.mtu < 0) {
                throw new IllegalArgumentException("mtu should > 0");
            }
            if (mirrorConfig.mtu > 1500) {
                throw new IllegalArgumentException("mtu should < 1500");
            }
            strArr[0] = "origins";
            JSON.Array array = object.getArray("origins");
            for (int i = 0; i < array.length(); i++) {
                OriginConfig originConfig = new OriginConfig(mirrorConfig);
                strArr[0] = "origins[" + i + "]";
                parseAndLoadOrigin(set, list, originConfig, (JSON.Object) array.get(i));
            }
        });
    }

    private void parseAndLoadOrigin(Set<String> set, List<FilterConfig> list, OriginConfig originConfig, JSON.Object object) {
        runSub(strArr -> {
            strArr[0] = "origin";
            originConfig.origin = object.getString("origin");
            set.add(originConfig.origin);
            strArr[0] = "filters";
            JSON.Array array = object.getArray("filters");
            for (int i = 0; i < array.length(); i++) {
                strArr[0] = "filters[" + i + "]";
                JSON.Object object2 = (JSON.Object) array.get(i);
                FilterConfig filterConfig = new FilterConfig(originConfig);
                parseAndLoadFilter(filterConfig, object2);
                list.add(filterConfig);
            }
        });
    }

    private void parseAndLoadFilter(FilterConfig filterConfig, JSON.Object object) {
        runSub(strArr -> {
            strArr[0] = "mac";
            if (object.containsKey("mac")) {
                filterConfig.macX = new MacAddress(object.getString("mac"));
                strArr[0] = "mac2";
                if (object.containsKey("mac2")) {
                    filterConfig.macY = new MacAddress(object.getString("mac2"));
                }
            }
            strArr[0] = "network";
            if (object.containsKey("network")) {
                filterConfig.netX = Network.from(object.getString("network"));
                strArr[0] = "network2";
                if (object.containsKey("network2")) {
                    filterConfig.netY = Network.from(object.getString("network2"));
                }
            }
            strArr[0] = "transportLayerProtocol";
            if (object.containsKey("transportLayerProtocol")) {
                filterConfig.transportLayerProtocol = object.getString("transportLayerProtocol");
            }
            strArr[0] = "port";
            if (object.containsKey("port")) {
                JSON.Array array = object.getArray("port");
                int i = array.getInt(0);
                int i2 = array.getInt(1);
                if (i > i2) {
                    throw new IllegalArgumentException();
                }
                filterConfig.portX = new int[]{i, i2};
                strArr[0] = "port2";
                if (object.containsKey("port2")) {
                    JSON.Array array2 = object.getArray("port2");
                    int i3 = array2.getInt(0);
                    int i4 = array2.getInt(1);
                    if (i3 > i4) {
                        throw new IllegalArgumentException();
                    }
                    filterConfig.portY = new int[]{i3, i4};
                }
            }
            strArr[0] = "applicationLayerProtocol";
            if (object.containsKey("applicationLayerProtocol")) {
                filterConfig.applicationLayerProtocol = object.getString("applicationLayerProtocol");
            }
        });
    }

    private void sendPacket(TapDatagramFD tapDatagramFD, EthernetPacket ethernetPacket) {
        sendPacket(tapDatagramFD, Collections.singletonList(ethernetPacket));
    }

    private void sendPacket(TapDatagramFD tapDatagramFD, List<? extends EthernetPacket> list) {
        for (EthernetPacket ethernetPacket : list) {
            try {
                this.writeBuffer.limit(this.writeBuffer.capacity()).position(0);
                this.writeBuffer.put(ethernetPacket.getRawPacket(0).toJavaArray());
                this.writeBuffer.flip();
                tapDatagramFD.write(this.writeBuffer.realBuffer());
            } catch (Throwable th) {
                Logger.error(LogType.CONN_ERROR, "sending mirror packet to " + tapDatagramFD + " failed");
            }
        }
    }
}
