@@ -298,6 +298,7 @@ file:
298298 Listener: DNSListener
299299 DNSResponse: 192.0.2.123
300300 NXDomains: 0
301+ Hidden: False
301302
302303 [RawTCPListener]
303304 Enabled: True
@@ -306,6 +307,7 @@ file:
306307 Listener: RawListener
307308 UseSSL: No
308309 Timeout: 10
310+ Hidden: False
309311
310312The configuration file is broken up into several sections.
311313
@@ -456,6 +458,7 @@ look at a sample listener configuration:
456458 Listener: RawListener
457459 UseSSL: Yes
458460 Timeout: 10
461+ Hidden: False
459462
460463The configuration above consists of the listener name ` TCPListener1234 ` . It
461464will be used for logging purposes so you can distinguish between different
@@ -479,6 +482,9 @@ The following settings are generic for all listeners:
479482 feature is useful for extending FakeNet-NG's functionality
480483 (e.g. launch a debugger on the connecting pid to help with
481484 unpacking and decoding.)
485+ * ** Hidden** - Do not allow traffic to be directed to this listener
486+ without going through the proxy which will determine the
487+ protocol based on the packet contents
482488
483489The ` Port ` and ` Protocol ` settings are necessary for the listeners to know to
484490which ports to bind and, if they support multiple protocol (e.g RawListener),
@@ -505,6 +511,8 @@ listeners:
505511 a configurable file which can be specified using
506512 ` DumpHTTPPosts ` and ` DumpHTTPPostsFilePrefix ` settings.
507513* ** SMTPListener** - supports SMTP protocol.
514+ * ** ProxyListener** - Detects protocol based on packet contents and redirects
515+ packets accordingly.
508516
509517
510518NOTE: FakeNet-NG will attempt to locate the webroot directory, first by using
@@ -653,7 +661,7 @@ configuration below:
653661 Listeners: HTTPListener, RawListener, FTPListener, DNSListener, POPListener, SMTPListener, TFTPListener, IRCListener, BITSListener
654662 Hidden: False
655663
656- Note, the new ` Listeners ` parameter which defines a list of potential protocol handler
664+ Note, the new ` Listeners ` parameter which defines a list of potential protocol handlers
657665to try for all incoming connections.
658666
659667It is also recommended to define a proxy listener as your default handler by updating
@@ -667,6 +675,18 @@ With the default listener pointing to the proxy listener, all unknown connection
667675will be appropriately handled. You can still assign specific listeners to ports to
668676enforce a specific protocol (e.g. always use HTTP listener for port 80).
669677
678+ The Proxy determines the protocol of packets by polling all available listeners with
679+ the function taste(). Each Listener that implements taste() will respond with a score
680+ indicating the likelihood that the protocol handled by that listener matches the
681+ packet contents. The Proxy will forward the packet to the Listener that returned the
682+ highest score. The RawListener will always return a score of 1, so it will be chosen
683+ in the case that all other Listeners return 0, thus serving as the default.
684+
685+ Users can alter the configuration parameter 'Hidden' in each Listener's configuration.
686+ If Hidden is 'False', the Listener will be bound to a specific port and automatically
687+ receive all traffic on that port. With Hidden set to 'True', the Listener can only
688+ receive traffic that is redirected through the Proxy.
689+
670690Development
671691===========
672692
@@ -725,6 +745,11 @@ Another requirement is to ensure that the listener can reliably shutdown when
725745the ` stop() ` method is called. For example, make use of connection timeouts to
726746ensure that the listener does not block on some connection for too long.
727747
748+ Listeners that implement the function ` taste(self, data, dport) ` will be
749+ considered when packets are directed by the Proxy. The function must return
750+ a score which indicates the likelihood that the Listener handles the
751+ protocol that is contained in the packet.
752+
728753The logging convention used by FakeNet-NG's listeners is to use the self.logger
729754object for the output. That way the logging is uniform across the application.
730755For example to display an error or warning you would use the following:
0 commit comments