#!/usr/bin/env python3
# Copyright (C) 2018-present, Facebook, Inc.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; version 2 of the License.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

import argparse
import ipaddress
import struct

CHUNK_SIZE = 10
EMPTY_FILTER = 2
V4_HDR_SIZE = 20
V6_HDR_SIZE = 40
UDP_HDR_SIZE = 8
V4_SRC_OFFSET = 12
V4_DST_OFFSET = 16
V4_PROTO_OFFSET = 9
SPORT_OFFSET = 0
DPORT_OFFSET = 2
V6_SRC_OFFSET = 8
V6_DST_OFFSET = 24
V6_PROTO_OFFSET = 6
V4_ADDR_SIZE = 4
V6_PART_SIZE = 4
PROTO_SIZE = 1
PORT_SIZE = 2


def ipv4_in_hex(addr):
    """
    @param string addr ipv4 address
    @return string hex representation of this address
    """
    return "0x{:08X}".format(int(ipaddress.ip_address(addr)))


def ip6_exploded(addr):
    """
    @param string addr ipv6 address
    @return list<string> ipv6 addresses splited into 4 groups by 32bit each
    """
    return [
        "0x{:04X}".format(x)
        for x in struct.unpack("!IIII", ipaddress.ip_address(addr).packed)
    ]


def modify_filter(tcpdump_filters, value, offset, size, v6=False):
    """
    @param list<string> tcpdump_filter list of currently generated filters
    @param string value to match
    @param int offset offset of this value in the packet
    @param int size of the value in bytes
    @param bool v6 flag if the filter is related to ipv6 packet
    @return modified tcpdump_filter
    """
    packet_type = "ip"
    if v6:
        packet_type = "ip6"
    tcpdump_filters.append(
        "({}[{}:{}] == {} )".format(packet_type, offset, size, value)
    )
    return tcpdump_filters


def create_tcpdump_line_v6(args, offset):
    """
     @param args cli arguments
     @param int offset of internal header compare to external one
     @return None
     IPv6 Header Format

    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |Version| Traffic Class |           Flow Label                  |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |         Payload Length        |  Next Header  |   Hop Limit   |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |                                                               |
    +                                                               +
    |                                                               |
    +                         Source Address                        +
    |                                                               |
    +                                                               +
    |                                                               |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |                                                               |
    +                                                               +
    |                                                               |
    +                      Destination Address                      +
    |                                                               |
    +                                                               +
    |                                                               |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    """
    tcpdump_filters = []
    if args.src:
        chunk_offset = 0
        for v6_chunk in ip6_exploded(args.src):
            tcpdump_filters = modify_filter(
                tcpdump_filters,
                v6_chunk,
                offset + V6_SRC_OFFSET + chunk_offset,
                V6_PART_SIZE,
                True,
            )
            chunk_offset += V6_PART_SIZE
    if args.dst:
        chunk_offset = 0
        for v6_chunk in ip6_exploded(args.dst):
            tcpdump_filters = modify_filter(
                tcpdump_filters,
                v6_chunk,
                offset + V6_DST_OFFSET + chunk_offset,
                V6_PART_SIZE,
                True,
            )
            chunk_offset += V6_PART_SIZE
    if args.proto:
        tcpdump_filters = modify_filter(
            tcpdump_filters, args.proto, offset + V6_PROTO_OFFSET, PROTO_SIZE, True
        )
    if args.sport:
        tcpdump_filters = modify_filter(
            tcpdump_filters,
            args.sport,
            offset + V6_HDR_SIZE + SPORT_OFFSET,
            PORT_SIZE,
            True,
        )
    if args.dport:
        tcpdump_filters = modify_filter(
            tcpdump_filters,
            args.dport,
            offset + V6_HDR_SIZE + DPORT_OFFSET,
            PORT_SIZE,
            True,
        )
    print('"(' + " and ".join(tcpdump_filters) + ')"')


def create_tcpdump_line_v4(args, offset, encap_v6=False):
    """
     @param object args cli arguments
     @param int offset of internal header compare to external one
     @param bool encap_v6 flag to indicate that outer packet is ipv6
     @return None

     IP header format:
     0                   1                   2                   3
     0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |Version|  IHL  |Type of Service|          Total Length         |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |         Identification        |Flags|      Fragment Offset    |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |  Time to Live |    Protocol   |         Header Checksum       |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |                       Source Address                          |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |                    Destination Address                        |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |                    Options                    |    Padding    |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    """
    tcpdump_filters = []
    if args.src:
        tcpdump_filters = modify_filter(
            tcpdump_filters,
            ipv4_in_hex(args.src),
            offset + V4_SRC_OFFSET,
            V4_ADDR_SIZE,
            encap_v6,
        )
    if args.dst:
        tcpdump_filters = modify_filter(
            tcpdump_filters,
            ipv4_in_hex(args.dst),
            offset + V4_DST_OFFSET,
            V4_ADDR_SIZE,
            encap_v6,
        )
    if args.proto:
        tcpdump_filters = modify_filter(
            tcpdump_filters,
            args.proto,
            offset + V4_PROTO_OFFSET,
            PROTO_SIZE,
            encap_v6,
        )
    if args.sport:
        tcpdump_filters = modify_filter(
            tcpdump_filters,
            args.sport,
            offset + V4_HDR_SIZE + SPORT_OFFSET,
            PORT_SIZE,
            encap_v6,
        )
    if args.dport:
        tcpdump_filters = modify_filter(
            tcpdump_filters,
            args.dport,
            offset + V4_HDR_SIZE + DPORT_OFFSET,
            PORT_SIZE,
            encap_v6,
        )
    print('"(' + " and ".join(tcpdump_filters) + ')"')


def parse_args():
    parser = argparse.ArgumentParser(
        description=(
            "this is a tool which helps to create a filter to match "
            "fields from internal header of IPIP/GUE packet"
        )
    )
    parser.add_argument(
        "-m",
        "--mode",
        choices=["4", "6", "46"],
        help=(
            "mode of the filter. possible values: 4 (for ipip) "
            "6 (for ip6ip6), 46 (for ip4ip6)"
        ),
    )
    parser.add_argument(
        "-g",
        "--gue",
        action="store_true",
        help=("run helper in GUE mode (instead of default IPIP)"),
    )
    parser.add_argument(
        "-s",
        "--src",
        default=None,
        help="src ip address of internal packet. could be ipv4 or ipv6",
    )
    parser.add_argument(
        "-d",
        "--dst",
        default=None,
        help="dst ip address of internal packet. could be ipv4 or ipv6",
    )
    parser.add_argument(
        "-p",
        "--proto",
        default=None,
        type=int,
        help=(
            "protocol of internal packet. must be a number. "
            "e.g. 6 for tcp or 17 for udp"
        ),
    )
    parser.add_argument(
        "--sport",
        default=None,
        type=int,
        help="src port of internal packet (e.g. if it's udp or tcp)",
    )
    parser.add_argument(
        "--dport",
        default=None,
        type=int,
        help="dst port of internal packet (e.g. if it's udp or tcp)",
    )

    return parser.parse_args()


def main():
    args = parse_args()
    offset = 0
    if args.gue:
        offset += UDP_HDR_SIZE
    if args.mode == "4":
        offset += V4_HDR_SIZE
        create_tcpdump_line_v4(args, offset)
    elif args.mode == "6":
        offset += V6_HDR_SIZE
        create_tcpdump_line_v6(args, offset)
    elif args.mode == "46":
        offset += V6_HDR_SIZE
        create_tcpdump_line_v4(args, offset, True)


if __name__ == "__main__":
    main()