Split DHCP request/response code into separate files

2024-11-22 08:54:24 +00:00 · 2019-11-28 19:38:41 +01:00 · 2019-11-28 19:38:41 +01:00 · 677897c50c
commit 677897c50c
parent 87ee36348c
3 changed files with 102 additions and 79 deletions
--- a/ethernet/dhcpv4/dhcp.go
+++ b/ethernet/dhcpv4/dhcp.go
@ -1,16 +1,9 @@
 package dhcpv4

 import (
-	"fmt"
 	"github.com/fatih/color"
 	"github.com/google/gopacket"
 	"github.com/google/gopacket/layers"
-	"log"
-)
-
-var (
-	requestMAC []string
-	responses []dhcpResponse
 )

 // Called on every DHCP (v4) packet
@ -42,10 +35,10 @@ func HandleDHCPv4Packet(packet gopacket.Packet) error {
 	// Examine packet further
 	if dhcppacket.Operation == layers.DHCPOpRequest {
 		// Request packet
-		requestMAC = appendIfUnique(dhcppacket.ClientHWAddr.String(), requestMAC)
+		processRequestPacket(dhcppacket)
 	} else {
 		// Response/Offer packet
-		addResponseEntry(dhcppacket.ClientIP.String(), dhcppacket.YourClientIP.String(), dhcppacket.ClientHWAddr.String(), ethernetpacket.SrcMAC.String())
+		processResponsePacket(dhcppacket, ethernetpacket)
 	}

 	return nil
@ -59,73 +52,3 @@ func PrintDHCPv4Summary() {
 	headline.Println("DHCP Responses/Offers")
 	printResponseSummary()
 }
-
-// Prints the summary of all DHCP request packets
-func printRequestSummary() {
-	fmt.Printf("%d unique DHCP requests\n", len(requestMAC))
-	printTree(requestMAC)
-}
-
-// Prints the summary of all DHCP offer packets
-func printResponseSummary() {
-	var tmpaddr []string
-
-	// Iterate over all responses
-	for _, r := range responses {
-		addition := ""
-
-		if r.askedFor {
-			addition = " which the client explicitly asked for."
-		}
-
-		tmpaddr = append(tmpaddr, fmt.Sprintf("%s offered %s IP address %s%s", r.serverMACAddr, r.destMACAddr, r.newIPAddr, addition))
-	}
-
-	// Draw as tree
-	printTree(tmpaddr)
-}
-
-// Adds a new response entry. If an IP address was already issued or a MAC asks multiple times for DNS, the case is examined further
-func addResponseEntry(newIP string, yourIP string, destMAC string, serverMAC string) {
-	// Check if client asked for a specific address (which was granted by the DHCP server)
-	askedFor := false
-	if newIP == "0.0.0.0" {
-		// Yes, client asked for a specific address. Most likely not the first time in this network.
-		newIP = yourIP
-		askedFor = true
-	}
-
-	for _, r := range responses {
-		// Check for interesting cases
-		if r.destMACAddr == destMAC {
-			// The same client device received multiple IP addresses, let's examine further
-			if r.newIPAddr == newIP {
-				// the handed IP is the same - this is ok, just badly configured
-				if r.serverMACAddr == serverMAC {
-					// Same DHCP server answered.
-					log.Printf("MAC address %s received the same IP address multiple times via DHCP by the same server.", destMAC)
-				} else {
-					// Different DHCP servers answered, but with the same address - strange network, but ok...
-					log.Printf("MAC address %s received the same IP address multiple times via DHCP by different servers.", destMAC)
-				}
-			} else {
-				// far more interesting - one client received multiple addresses
-				if r.serverMACAddr == serverMAC {
-					// Same DHCP server answered.
-					log.Printf("MAC address %s received different IP addresses (%s, %s) multiple times via DHCP by the same server.", destMAC, r.newIPAddr, newIP)
-				} else {
-					// Different DHCP servers answered, with different addresses - possibly an attempt to build up MitM
-					log.Printf("MAC address %s received different IP addresses (%s, %s) multiple times via DHCP by different servers (%s, %s).", destMAC, r.newIPAddr, newIP, r.serverMACAddr, serverMAC)
-				}
-			}
-		}
-	}
-
-	// Add a response entry - even if we found some "strange" behavior before.
-	responses = append(responses, dhcpResponse{
-		destMACAddr:   destMAC,
-		newIPAddr:     newIP,
-		serverMACAddr: serverMAC,
-		askedFor:      askedFor,
-	})
-}
--- a/ethernet/dhcpv4/request.go
+++ b/ethernet/dhcpv4/request.go
@ -0,0 +1,21 @@
+package dhcpv4
+
+import (
+	"fmt"
+	"github.com/google/gopacket/layers"
+)
+
+var (
+	requestMAC []string
+)
+
+// Processes the DHCP request packet handed over
+func processRequestPacket(dhcppacket layers.DHCPv4) {
+	requestMAC = appendIfUnique(dhcppacket.ClientHWAddr.String(), requestMAC)
+}
+
+// Prints the summary of all DHCP request packets
+func printRequestSummary() {
+	fmt.Printf("%d unique DHCP requests\n", len(requestMAC))
+	printTree(requestMAC)
+}
--- a/ethernet/dhcpv4/response.go
+++ b/ethernet/dhcpv4/response.go
@ -0,0 +1,79 @@
+package dhcpv4
+
+import (
+	"fmt"
+	"github.com/google/gopacket/layers"
+	"log"
+)
+
+var (
+	responses []dhcpResponse
+)
+
+func processResponsePacket(dhcppacket layers.DHCPv4, ethernetpacket layers.Ethernet) {
+	addResponseEntry(dhcppacket.ClientIP.String(), dhcppacket.YourClientIP.String(), dhcppacket.ClientHWAddr.String(), ethernetpacket.SrcMAC.String())
+}
+
+// Prints the summary of all DHCP offer packets
+func printResponseSummary() {
+	var tmpaddr []string
+
+	// Iterate over all responses
+	for _, r := range responses {
+		addition := ""
+
+		if r.askedFor {
+			addition = " which the client explicitly asked for."
+		}
+
+		tmpaddr = append(tmpaddr, fmt.Sprintf("%s offered %s IP address %s%s", r.serverMACAddr, r.destMACAddr, r.newIPAddr, addition))
+	}
+
+	// Draw as tree
+	printTree(tmpaddr)
+}
+
+// Adds a new response entry. If an IP address was already issued or a MAC asks multiple times for DNS, the case is examined further
+func addResponseEntry(newIP string, yourIP string, destMAC string, serverMAC string) {
+	// Check if client asked for a specific address (which was granted by the DHCP server)
+	askedFor := false
+	if newIP == "0.0.0.0" {
+		// Yes, client asked for a specific address. Most likely not the first time in this network.
+		newIP = yourIP
+		askedFor = true
+	}
+
+	for _, r := range responses {
+		// Check for interesting cases
+		if r.destMACAddr == destMAC {
+			// The same client device received multiple IP addresses, let's examine further
+			if r.newIPAddr == newIP {
+				// the handed IP is the same - this is ok, just badly configured
+				if r.serverMACAddr == serverMAC {
+					// Same DHCP server answered.
+					log.Printf("MAC address %s received the same IP address multiple times via DHCP by the same server.", destMAC)
+				} else {
+					// Different DHCP servers answered, but with the same address - strange network, but ok...
+					log.Printf("MAC address %s received the same IP address multiple times via DHCP by different servers.", destMAC)
+				}
+			} else {
+				// far more interesting - one client received multiple addresses
+				if r.serverMACAddr == serverMAC {
+					// Same DHCP server answered.
+					log.Printf("MAC address %s received different IP addresses (%s, %s) multiple times via DHCP by the same server.", destMAC, r.newIPAddr, newIP)
+				} else {
+					// Different DHCP servers answered, with different addresses - possibly an attempt to build up MitM
+					log.Printf("MAC address %s received different IP addresses (%s, %s) multiple times via DHCP by different servers (%s, %s).", destMAC, r.newIPAddr, newIP, r.serverMACAddr, serverMAC)
+				}
+			}
+		}
+	}
+
+	// Add a response entry - even if we found some "strange" behavior before.
+	responses = append(responses, dhcpResponse{
+		destMACAddr:   destMAC,
+		newIPAddr:     newIP,
+		serverMACAddr: serverMAC,
+		askedFor:      askedFor,
+	})
+}