Merge branch '43-us24-allow-server-to-communicate-with-a-fixed-partner-server' into develop

Closes #43

See merge request !53

The real Covert Channel will be implemented in a following User Story.

autoformat.sh

@@ -1,2 +1,42 @@
 #!/bin/bash
-clang-format -i {daemon,cli,gui}/src/*.cpp {daemon,cli,gui}/include/*.h {daemon,cli,gui}/test/*.cpp
+folderArray=( "daemon" "cli" "gui" )
+
+# Variable that will hold the name of the clang-format command
+FMT=""
+
+# Some distros just call it clang-format. Others (e.g. Ubuntu) are insistent
+# that the version number be part of the command. We prefer clang-format if
+# that's present, otherwise we work backwards from highest version to lowest
+# version.
+for clangfmt in clang-format{,-{4,3}.{9,8,7,6,5,4,3,2,1,0}}; do
+    if which "$clangfmt" &>/dev/null; then
+        FMT="$clangfmt"
+        break
+    fi
+done
+
+# Check if we found a working clang-format
+if [ -z "$FMT" ]; then
+    echo "failed to find clang-format"
+    exit 1
+fi
+
+function format() {
+    for f in $(find $@ -type d -path "$@/build" -prune -o -type f -name '*.h' -or -name '*.m' -or -name '*.mm' -or -name '*.c' -or -name '*.cpp'); do
+        if [ ! -d "${f}" ]; then
+            echo "format ${f}";
+            ${FMT} -i ${f};
+        fi
+    done
+
+    echo "~~~ $@ Done ~~~";
+}
+
+# Check all of the arguments first to make sure they're all directories
+for dir in ${folderArray[@]}; do
+    if [ ! -d "${dir}" ]; then
+        echo "${dir} is not a directory";
+    else
+        format ${dir};
+    fi
+done

daemon/Daemon-Config-Reference.md

@@ -1,7 +1,7 @@
 # Daemon configuration
 
 The daemon is configurable by config.txt.
-This file must be in the same directory as the binary.
+The config file must be in the same directory from where you run the binary.
 
 ### Configuration Values
 `port` : The port where the server listens. Must be a valid port.
@@ -22,14 +22,29 @@ Place the `rootca.crt` certificate in the directory you intend to run the client
 If you get an error about SSL related files not being found despite them existing, shorten the names of the files.
 If you cannot connect and the server prints a error related to TLSv1, ensure your version of boost and OpenSSL are up to date.
 
+#### Covert Channel options
+`covertChannelMode`: Sets the covert channel mode. To deactiveate don't set it or set it to none or false.<br/>
+`innerInterface`: The interface of your inner network<br/>
+`outerInterface`: The interface of your outer network<br/>
+
+##### Covert Channel Mode `forward`
+There no further config needed. Forward should work out of the pox
+
+##### Covert Channel Mode `proxy`
+`ownIP`: IP of this server<br/>
+`partnerIP`: IP of the partner server. If this is a relay the other cannot be a relay.<br/>
+`targetIP`: IP of the target server of teh covert channel<br/>
+`targetPort`: Port of the target server of the covert channel<br/>
+`relay`: Bool which sets the mode: true - just relays the covert channel | false - uses it's own covert channel<br/>
+
 ### Example for config.txt
 ```
 port=1234
-interface=lo
-userdatabase=user Storage.txt
+userdatabase=userStorage.txt
 filedirectory=./files/
 SSLenabled=true
 SSLcertificate=user.crt
 SSLprivatekey=user.key
 SSLdhparams=dh2048.pem
+activateCovertChannel=false
 ```

daemon/include/CovertChannel/CovertChannel.h

@@ -0,0 +1,174 @@
+#ifndef COVERTCHANNEL_H
+#define COVERTCHANNEL_H
+
+#include <tins/tins.h>
+
+/**
+ * @class CovertChannel
+ *
+ * Sniffs the network, redirects traffic and handles filtered traffic.
+ *
+ * CovertChannel class which will sniff on two network interfacees. It handles filtered traffic with a virtual handler
+ * function.
+ */
+class CovertChannel {
+public:
+	/**
+	 * Sets up a CovertChannel.
+	 *
+	 * Creates a CovertChannel, sets the network interfaces for sniffing and sending and sets the filter.
+	 *
+	 * @param innerInterface name of the interface of the inner network
+	 * @param outerInterface name of the interface of the outer network
+	 * @param innerForwardFilter pcap filter string which will be set for the channel sniffers and negated for the forward sniffers
+	 * @param outerForwardFilter pcap filter string which will be set for the channel sniffers and negated for the forward sniffers
+	 * @param innerChannelFilter pcap filter string which will be set for the channel sniffers and negated for the forward sniffers
+	 * @param outerChannelFilter pcap filter string which will be set for the channel sniffers and negated for the forward sniffers
+	 * @param outerPartnerFilter pcap filter string which will be set for the channel sniffers and negated for the forward sniffers
+	 */
+	CovertChannel(const std::string &innerInterface, const std::string &outerInterface, const std::string &innerForwardFilter = "",
+	              const std::string &outerForwardFilter = "", const std::string &innerChannelFilter = "", const std::string &outerChannelFilter = "",
+	              const std::string &outerPartnerFilter = "");
+
+	/**
+	 * Destroys the CovertChannel.
+	 */
+	virtual ~CovertChannel();
+
+	/**
+	 * Start sniffing on the interface.
+	 *
+	 * Starts a sniffing loop which calls handle. The loop will only be stopped if
+	 * handle returns false.
+	 */
+	void startSniffing();
+
+	/**
+	 * Sets a filter for the sniffers.
+	 *
+	 * Sets the filter for the forward and channel sniffers with a pcap filter string. E.g. "host 8.8.8.8".
+	 * The forward filter is the negated filter.
+	 *
+	 * @param filter pcap filter string which will be set for the channel sniffers and negated for the forward sniffers
+	 */
+	void setFilter(const std::string &innerForwardFilter = "", const std::string &outerForwardFilter = "", const std::string &innerChannelFilter = "",
+	               const std::string &outerChannelFilter = "", const std::string &outerPartnerFilter = "");
+
+protected:
+	/**
+	 * Handler for sniffed packets filterd to forward from the outer network.
+	 *
+	 * Handles incoming packets and forwards them.
+	 *
+	 * @param pdu sniffed packet
+	 *
+	 * @return false = stop loop | true = continue loop
+	 */
+	bool handleForwardFromOuter(Tins::PDU &pdu);
+
+	/**
+	 * Handler for sniffed packets filterd to forward from the inner network.
+	 *
+	 * Handles incoming packets and forwards them.
+	 *
+	 * @param pdu sniffed packet
+	 *
+	 * @return false = stop loop | true = continue loop
+	 */
+	bool handleForwardFromInner(Tins::PDU &pdu);
+
+	/**
+	 * Handler for sniffed packets filterd to use as channel from the outer network.
+	 *
+	 * Handles incoming packets and redirets them.
+	 *
+	 * @param pdu sniffed packet
+	 *
+	 * @return false = stop loop | true = continue loop
+	 */
+	virtual bool handleChannelFromOuter(Tins::PDU &pdu) = 0;
+
+	/**
+	 * Handler for sniffed packets filterd to use as channel from the outer network.
+	 *
+	 * Handles incoming packets and redirets them.
+	 *
+	 * @param pdu sniffed packet
+	 *
+	 * @return false = stop loop | true = continue loop
+	 */
+	virtual bool handleChannelFromInner(Tins::PDU &pdu) = 0;
+
+	/**
+	 * Handler for sniffed packets filterd to use as channel from the outer network.
+	 *
+	 * Handles incoming packets and redirets them.
+	 *
+	 * @param pdu sniffed packet
+	 *
+	 * @return false = stop loop | true = continue loop
+	 */
+	virtual bool handlePartnerFromOuter(Tins::PDU &pdu) = 0;
+
+	/**
+	 * Starts the sniffing loop of the inner forward sniffer.
+	 */
+	void startInnerForwardSniffing();
+
+	/**
+	 * Starts the sniffing loop of the outer forward sniffer.
+	 */
+	void startOuterForwardSniffing();
+
+	/**
+	 * Starts the sniffing loop of the inner channel sniffer.
+	 */
+	void startInnerChannelSniffing();
+
+	/**
+	 * Starts the sniffing loop of the outer channel sniffer.
+	 */
+	void startOuterChannelSniffing();
+
+	/**
+	 * Starts the sniffing loop of the outer partner sniffer.
+	 */
+	void startOuterPartnerSniffing();
+
+	/**
+	 * Tins Sniffer to filter packets to which should be forwarded
+	 */
+	Tins::Sniffer *innerForwardSniffer;
+
+	/**
+	 * Tins Sniffer to filter packets to which should be forwarded
+	 */
+	Tins::Sniffer *outerForwardSniffer;
+
+	/**
+	 * Tins Sniffer to filter packets to which should be used for the covert channel
+	 */
+	Tins::Sniffer *innerChannelSniffer;
+
+	/**
+	 * Tins Sniffer to filter packets to which should be used for the covert channel
+	 */
+	Tins::Sniffer *outerChannelSniffer;
+
+	/**
+	 * Tins Sniffer to filter packets to which should be used for the covert channel
+	 */
+	Tins::Sniffer *outerPartnerSniffer;
+
+	/**
+	 * Tins PacketSender which sends packets to the inner network
+	 */
+	Tins::PacketSender innerSender;
+
+	/**
+	 * Tins PacketSender which sends packets to the outer network
+	 */
+	Tins::PacketSender outerSender;
+};
+
+#endif

daemon/include/CovertChannel/ForwardChannel.h

@@ -0,0 +1,64 @@
+#ifndef FORWARDCHANNEL_H
+#define FORWARDCHANNEL_H
+
+#include "CovertChannel.h"
+
+/**
+ * @class ForwardChannel
+ *
+ * A CovertChannel which forwards the traffic it captures.
+ */
+class ForwardChannel : public CovertChannel {
+public:
+	/**
+	 * Sets up a CovertChannel.
+	 *
+	 * Creates a CovertChannel, sets the network interfaces for sniffing and sending and sets the filter.
+	 *
+	 * @param innerInterface name of the interface of the inner network
+	 * @param outerInterface name of the interface of the outer network
+	 * @param filter pcap filter string which will be set for the channel sniffers and negated for the forward sniffers
+	 */
+	ForwardChannel(const std::string &innerInterface, const std::string &outerInterface);
+
+	/**
+	 * Destroys the CovertChannel.
+	 */
+	virtual ~ForwardChannel();
+
+protected:
+	/**
+	 * Handler for sniffed packets filterd to forward from the outer network.
+	 *
+	 * Handles incoming packets and forwards them.
+	 *
+	 * @param pdu sniffed packet
+	 *
+	 * @return false = stop loop | true = continue loop
+	 */
+	virtual bool handleChannelFromOuter(Tins::PDU &pdu);
+
+	/**
+	 * Handler for sniffed packets filterd to forward from the inner network.
+	 *
+	 * Handles incoming packets and forwards them.
+	 *
+	 * @param pdu sniffed packet
+	 *
+	 * @return false = stop loop | true = continue loop
+	 */
+	virtual bool handleChannelFromInner(Tins::PDU &pdu);
+
+	/**
+	 * Handler for sniffed packets filterd to use as channel from the outer network.
+	 *
+	 * Handles incoming packets and redirets them.
+	 *
+	 * @param pdu sniffed packet
+	 *
+	 * @return false = stop loop | true = continue loop
+	 */
+	virtual bool handlePartnerFromOuter(Tins::PDU &pdu);
+};
+
+#endif

daemon/include/CovertChannel/ProxyChannel.h

@@ -0,0 +1,82 @@
+#ifndef PROXYCHANNEL_H
+#define PROXYCHANNEL_H
+
+#include "CovertChannel.h"
+
+/**
+ * @class ForwardChannel
+ *
+ * A CovertChannel which forwards the traffic it captures.
+ */
+class ProxyChannel : public CovertChannel {
+public:
+	/**
+	 * Sets up a CovertChannel.
+	 *
+	 * Creates a CovertChannel, sets the network interfaces for sniffing and sending and sets the filter.
+	 *
+	 * @param innerInterface name of the interface of the inner network
+	 * @param outerInterface name of the interface of the outer network
+	 * @param filter pcap filter string which will be set for the channel sniffers and negated for the forward sniffers
+	 * @param relayOnly true - server only relays traffic | false - server redirects traffic over another relay
+	 */
+	ProxyChannel(const std::string &innerInterface, const std::string &outerInterface, const std::string &ownIP, const std::string &partnerIP,
+	             const std::string &originIP, const std::string &targetIP, const std::string &targetPort, const std::string &ownMAC,
+	             const std::string &originMAC, const std::string &channelGatewayMAC, const std::string &gatewayMAC, const bool relayOnly);
+
+	/**
+	 * Destroys the CovertChannel.
+	 */
+	virtual ~ProxyChannel();
+
+protected:
+	/**
+	 * Handler for sniffed packets filterd to forward from the outer network.
+	 *
+	 * Handles incoming packets and forwards them.
+	 *
+	 * @param pdu sniffed packet
+	 *
+	 * @return false = stop loop | true = continue loop
+	 */
+	virtual bool handleChannelFromOuter(Tins::PDU &pdu);
+
+	/**
+	 * Handler for sniffed packets filterd to forward from the inner network.
+	 *
+	 * Handles incoming packets and forwards them.
+	 *
+	 * @param pdu sniffed packet
+	 *
+	 * @return false = stop loop | true = continue loop
+	 */
+	virtual bool handleChannelFromInner(Tins::PDU &pdu);
+
+	/**
+	 * Handler for sniffed packets filterd to use as channel from the outer network.
+	 *
+	 * Handles incoming packets and redirets them.
+	 *
+	 * @param pdu sniffed packet
+	 *
+	 * @return false = stop loop | true = continue loop
+	 */
+	virtual bool handlePartnerFromOuter(Tins::PDU &pdu);
+
+	/**
+	 * Relay option which activates relay only mode
+	 */
+	const bool relayOnly;
+
+	const Tins::IPv4Address ownAddress;
+	const Tins::IPv4Address partnerAddress;
+	const Tins::IPv4Address originAddress;
+	const Tins::IPv4Address targetAddress;
+
+	const Tins::HWAddress<6> ownMAC;
+	const Tins::HWAddress<6> channelGatewayMAC;
+	const Tins::HWAddress<6> gatewayMAC;
+	const Tins::HWAddress<6> originMAC;
+};
+
+#endif

daemon/include/Sniffer.h

@@ -1,70 +0,0 @@
-#ifndef SNIFFER_H
-#define SNIFFER_H
-
-#include <tins/tins.h>
-
-/**
- * @class Sniffer
- *
- * Sniffs the network.
- *
- * Sniffer class which will sniff on a network interface. It is supposed to
- * forward the packets to an analyzer or modifyer so we can hide data in the
- * traffic.
- */
-class Sniffer {
-public:
-	/**
-	 * Creates a Sniffer.
-	 *
-	 * Creates a Sniffer and sets the network interface for sniffing.
-	 *
-	 * @param interface name of the interface for sniffing
-	 */
-	Sniffer(const std::string &interfaceName);
-
-	/**
-	 * Destroys the Sniffer.
-	 *
-	 * Destructor of the Sniffer.
-	 */
-	~Sniffer();
-
-	/**
-	 * Start sniffing on the interface.
-	 *
-	 * Starts a sniffing loop which calls handle. The loop will only be stopped if
-	 * handle returns false.
-	 */
-	void startSniffing();
-
-	/**
-	 * Sets a filter for the sniffer.
-	 *
-	 * Sets the filter for a sniffer with a pcap filter string. E.g. "ip
-	 * dst 8.8.8.8".
-	 *
-	 * @param filterString pcap filter string
-	 */
-	void setFilter(const std::string &filterString);
-
-private:
-	/**
-	 * Handler for sniffed packets.
-	 *
-	 * Handles incoming connections and provides data for the package analyzer and
-	 * modifyer.
-	 *
-	 * @param pdu sniffed packet
-	 *
-	 * @return false = stop loop | true = continue loop
-	 */
-	bool handle(Tins::PDU &pdu);
-
-	/**
-	 * Tins sniffer object.
-	 */
-	Tins::Sniffer *sniffer;
-};
-
-#endif

daemon/src/CMakeLists.txt

@@ -2,7 +2,7 @@ cmake_minimum_required(VERSION 2.8)
 
 set(CMAKE_RUNTIME_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/bin)
 
-add_executable(ccats src/main.cpp src/Sniffer.cpp src/Server.cpp src/base64.cpp src/JsonCommander.cpp src/FileManager.cpp src/UserManager.cpp src/Config.cpp)
+add_executable(ccats src/main.cpp src/Server.cpp src/base64.cpp src/JsonCommander.cpp src/FileManager.cpp src/UserManager.cpp src/Config.cpp src/CovertChannel/CovertChannel.cpp src/CovertChannel/ForwardChannel.cpp src/CovertChannel/ProxyChannel.cpp)
 
 # dependencies used by server only
 find_package(libtins 4.2 REQUIRED)

daemon/src/CovertChannel/CovertChannel.cpp

@@ -0,0 +1,86 @@
+#include "../../include/CovertChannel/CovertChannel.h"
+#include <cstdlib>
+#include <iostream>
+#include <thread>
+
+CovertChannel::CovertChannel(const std::string &innerInterface, const std::string &outerInterface, const std::string &innerForwardFilter,
+                             const std::string &outerForwardFilter, const std::string &innerChannelFilter, const std::string &outerChannelFilter,
+                             const std::string &outerPartnerFilter)
+    : innerSender(innerInterface), outerSender(outerInterface) {
+	Tins::SnifferConfiguration config;
+	config.set_promisc_mode(true);
+	config.set_immediate_mode(true);
+	config.set_direction(PCAP_D_IN);
+	config.set_snap_len(1500);
+
+	try {
+		innerForwardSniffer = new Tins::Sniffer(innerInterface, config);
+		outerForwardSniffer = new Tins::Sniffer(outerInterface, config);
+		innerChannelSniffer = new Tins::Sniffer(innerInterface, config);
+		outerChannelSniffer = new Tins::Sniffer(outerInterface, config);
+		outerPartnerSniffer = new Tins::Sniffer(outerInterface, config);
+
+		setFilter(innerForwardFilter, outerForwardFilter, innerChannelFilter, outerChannelFilter, outerPartnerFilter);
+	} catch (const Tins::pcap_error &e) {
+		std::cerr << "An error accured setting up the sniffer: " << e.what() << std::endl;
+		std::exit(EXIT_FAILURE);
+	}
+}
+
+CovertChannel::~CovertChannel() {
+	innerForwardSniffer->stop_sniff();
+	outerForwardSniffer->stop_sniff();
+	innerChannelSniffer->stop_sniff();
+	outerChannelSniffer->stop_sniff();
+	outerPartnerSniffer->stop_sniff();
+	delete (innerForwardSniffer);
+	delete (outerForwardSniffer);
+	delete (innerChannelSniffer);
+	delete (outerChannelSniffer);
+	delete (outerPartnerSniffer);
+}
+
+void CovertChannel::setFilter(const std::string &innerForwardFilter, const std::string &outerForwardFilter, const std::string &innerChannelFilter,
+                              const std::string &outerChannelFilter, const std::string &outerPartnerFilter) {
+	innerForwardSniffer->set_filter(innerForwardFilter);
+	outerForwardSniffer->set_filter(outerForwardFilter);
+	innerChannelSniffer->set_filter(innerChannelFilter);
+	outerChannelSniffer->set_filter(outerChannelFilter);
+	outerPartnerSniffer->set_filter(outerPartnerFilter);
+}
+
+void CovertChannel::startSniffing() {
+	std::thread innerForwardSnifferThread(&CovertChannel::startInnerForwardSniffing, this);
+	std::thread outerForwardSnifferThread(&CovertChannel::startOuterForwardSniffing, this);
+	std::thread innerChannelSnifferThread(&CovertChannel::startInnerChannelSniffing, this);
+	std::thread outerChannelSnifferThread(&CovertChannel::startOuterChannelSniffing, this);
+	std::thread outerPartnerSnifferThread(&CovertChannel::startOuterPartnerSniffing, this);
+
+	innerForwardSnifferThread.detach();
+	outerForwardSnifferThread.detach();
+	innerChannelSnifferThread.detach();
+	outerChannelSnifferThread.detach();
+	outerPartnerSnifferThread.detach();
+}
+
+void CovertChannel::startInnerForwardSniffing() { innerForwardSniffer->sniff_loop(make_sniffer_handler(this, &CovertChannel::handleForwardFromInner)); }
+
+void CovertChannel::startOuterForwardSniffing() { outerForwardSniffer->sniff_loop(make_sniffer_handler(this, &CovertChannel::handleForwardFromOuter)); }
+
+void CovertChannel::startInnerChannelSniffing() { innerChannelSniffer->sniff_loop(make_sniffer_handler(this, &CovertChannel::handleChannelFromInner)); }
+
+void CovertChannel::startOuterChannelSniffing() { outerChannelSniffer->sniff_loop(make_sniffer_handler(this, &CovertChannel::handleChannelFromOuter)); }
+
+void CovertChannel::startOuterPartnerSniffing() { outerPartnerSniffer->sniff_loop(make_sniffer_handler(this, &CovertChannel::handlePartnerFromOuter)); }
+
+bool CovertChannel::handleForwardFromOuter(Tins::PDU &pdu) {
+	innerSender.send(pdu);
+
+	return true;
+}
+
+bool CovertChannel::handleForwardFromInner(Tins::PDU &pdu) {
+	outerSender.send(pdu);
+
+	return true;
+}

daemon/src/CovertChannel/ForwardChannel.cpp

@@ -0,0 +1,11 @@
+#include "../../include/CovertChannel/ForwardChannel.h"
+
+ForwardChannel::ForwardChannel(const std::string &innerInterface, const std::string &outerInterface) : CovertChannel(innerInterface, outerInterface) {}
+
+ForwardChannel::~ForwardChannel() {}
+
+bool ForwardChannel::handleChannelFromOuter(Tins::PDU &pdu) { return false; }
+
+bool ForwardChannel::handleChannelFromInner(Tins::PDU &pdu) { return false; }
+
+bool ForwardChannel::handlePartnerFromOuter(Tins::PDU &pdu) { return false; }

daemon/src/CovertChannel/ProxyChannel.cpp

@@ -0,0 +1,81 @@
+#include "../../include/CovertChannel/ProxyChannel.h"
+#include <iostream>
+
+ProxyChannel::ProxyChannel(const std::string &innerInterface, const std::string &outerInterface, const std::string &ownIP, const std::string &partnerIP,
+                           const std::string &originIP, const std::string &targetIP, const std::string &targetPort, const std::string &ownMAC,
+                           const std::string &originMAC, const std::string &channelGatewayMAC, const std::string &gatewayMAC, const bool relayOnly)
+    : CovertChannel(innerInterface, outerInterface,
+                    "(not (tcp and src host " + originIP + " and dst host " + targetIP + " and dst port " + targetPort + ")) and (not (dst host " + ownIP + "))",
+                    "(not (tcp and src host " + targetIP + " and dst host " + ownIP + " and src port " + targetPort + ")) and (not (dst host " + ownIP + "))",
+                    "tcp and src host " + originIP + " and dst host " + targetIP + " and dst port " + targetPort,
+                    "tcp and src host " + targetIP + " and dst host " + ownIP + " and src port " + targetPort,
+                    "tcp and src host " + partnerIP + " and dst host " + ownIP + " and port " + targetPort),
+
+      relayOnly(relayOnly), ownAddress(ownIP), partnerAddress(partnerIP), originAddress(originIP), targetAddress(targetIP), ownMAC(ownMAC),
+      channelGatewayMAC(channelGatewayMAC), gatewayMAC(gatewayMAC), originMAC(originMAC) {}
+
+ProxyChannel::~ProxyChannel() {}
+
+bool ProxyChannel::handleChannelFromOuter(Tins::PDU &pdu) {
+	// TODO: check in a list how to route it and who send the request for this answer
+
+	Tins::EthernetII &eth = pdu.rfind_pdu<Tins::EthernetII>();
+	Tins::IP &ip = pdu.rfind_pdu<Tins::IP>();
+	if (relayOnly) {
+		// redirect to partner
+		eth.src_addr(ownMAC);
+		eth.dst_addr(channelGatewayMAC);
+		ip.src_addr(ownAddress);
+		ip.dst_addr(partnerAddress);
+		outerSender.send(pdu);
+	} else {
+		// Just forward it
+		//eth.src_addr(gatewayMAC);
+		//eth.dst_addr(originMAC);
+		//ip.src_addr(targetAddress);
+		//ip.dst_addr(originAddress);
+		innerSender.send(pdu);
+		std::cout << "channel from outer" << std::endl;
+	}
+	return true;
+}
+
+bool ProxyChannel::handleChannelFromInner(Tins::PDU &pdu) {
+	Tins::EthernetII &eth = pdu.rfind_pdu<Tins::EthernetII>();
+	Tins::IP &ip = pdu.rfind_pdu<Tins::IP>();
+	if (relayOnly) {
+		std::cerr << "Fixme: packet cannot be routed back so it's dropped here!!!" << std::endl;
+		// outerSender.send(pdu);
+		// TODO: add pdu to a list to check later how to route it
+	} else {
+		eth.src_addr(ownMAC);
+		eth.dst_addr(channelGatewayMAC);
+		ip.src_addr(ownAddress);
+		ip.dst_addr(partnerAddress);
+		outerSender.send(pdu);
+		std::cout << "channel from inner" << std::endl;
+	}
+	return true;
+}
+
+bool ProxyChannel::handlePartnerFromOuter(Tins::PDU &pdu) {
+	Tins::EthernetII &eth = pdu.rfind_pdu<Tins::EthernetII>();
+	Tins::IP &ip = pdu.rfind_pdu<Tins::IP>();
+	if (relayOnly) {
+		// redirect to target
+		eth.src_addr(ownMAC);
+		eth.dst_addr(gatewayMAC);
+		ip.src_addr(ownAddress);
+		ip.dst_addr(targetAddress);
+		outerSender.send(pdu);
+		std::cout << "relay" << std::endl;
+	} else {
+		eth.src_addr(gatewayMAC);
+		eth.dst_addr(originMAC);
+		ip.src_addr(targetAddress);
+		ip.dst_addr(originAddress);
+		innerSender.send(pdu);
+		std::cout << "partner" << std::endl;
+	}
+	return true;
+}

daemon/src/Sniffer.cpp

@@ -1,33 +0,0 @@
-#include "../include/Sniffer.h"
-#include <cstdlib>
-#include <iostream>
-
-Sniffer::Sniffer(const std::string &interfaceName) {
-	Tins::SnifferConfiguration config;
-	config.set_promisc_mode(true);
-
-	try {
-		sniffer = new Tins::Sniffer(interfaceName, config);
-	} catch (const Tins::pcap_error &e) {
-		std::cerr << "An error accured setting up the sniffer: " << e.what() << std::endl;
-		std::exit(EXIT_FAILURE);
-	}
-}
-
-Sniffer::~Sniffer() {
-	sniffer->stop_sniff();
-	delete (sniffer);
-}
-
-void Sniffer::startSniffing() { sniffer->sniff_loop(make_sniffer_handler(this, &Sniffer::handle)); }
-
-void Sniffer::setFilter(const std::string &filterString) { sniffer->set_filter(filterString); }
-
-bool Sniffer::handle(Tins::PDU &pdu) {
-	// TODO implement handler for sniffed traffic
-
-	std::cout << "packet sniffed" << std::endl;
-
-	return false; // will stop sniffing after the first packet because this
-	              // handler returns false
-}

daemon/src/main.cpp

@@ -1,9 +1,10 @@
 #include <iostream>
-#include <thread>
 
 #include "../include/Config.h"
+#include "../include/CovertChannel/CovertChannel.h"
+#include "../include/CovertChannel/ForwardChannel.h"
+#include "../include/CovertChannel/ProxyChannel.h"
 #include "../include/Server.h"
-#include "../include/Sniffer.h"
 #include "../include/UserManager.h"
 
 using namespace std;
@@ -15,15 +16,39 @@ int main(int argc, char *argv[]) {
 		exit(EXIT_FAILURE);
 	}
 
-	const string interface = Config::getValue("interface");
+	CovertChannel *covertchannel = nullptr;
+	const std::string covertChannelMode = Config::getValue("covertChannelMode");
+	if (covertChannelMode == "proxy") {
+		const string innerInterface = Config::getValue("innerInterface");
+		const string outerInterface = Config::getValue("outerInterface");
+
+		const string ownIP = Config::getValue("ownIP");
+		const string partnerIP = Config::getValue("partnerIP");
+		const string originIP = Config::getValue("originIP");
+		const string targetIP = Config::getValue("targetIP");
+		const string targetPort = Config::getValue("targetPort");
+		const string relayMode = Config::getValue("relayMode");
+		const string ownMAC = Config::getValue("ownMAC");
+		const string originMAC = Config::getValue("originMAC");
+		const string gatewayMAC = Config::getValue("gatewayMAC");
+		const string channelGatewayMAC = Config::getValue("channelGatewayMAC");
+		covertchannel = new ProxyChannel(innerInterface, outerInterface, ownIP, partnerIP, originIP, targetIP, targetPort, ownMAC, originMAC, channelGatewayMAC,
+		                                 gatewayMAC, relayMode == "true");
+
+		// covertchannel = new ForwardChannel(innerInterface, outerInterface);
+		covertchannel->startSniffing();
+	} else if (covertChannelMode == "forward") {
+		const string innerInterface = Config::getValue("innerInterface");
+		const string outerInterface = Config::getValue("outerInterface");
+
+		covertchannel = new ForwardChannel(innerInterface, outerInterface);
+		covertchannel->startSniffing();
+	}
 
 	// check if userStorage is add specified location
 	// if not create one
 	UserManager::init(Config::getValue("userdatabase"));
 
-	Sniffer *sniffer = new Sniffer(interface);
-	thread snifferThread(&Sniffer::startSniffing, sniffer);
-
 	try {
 		io_service io_service;
 		Server server(io_service);
@@ -32,7 +57,9 @@ int main(int argc, char *argv[]) {
 		cerr << e.what() << endl;
 	}
 
-	snifferThread.join();
-	delete (sniffer);
+	if (covertchannel == nullptr) {
+		delete (covertchannel);
+	}
+
 	return 0;
 }