IPV6 support

[ghost]

Good evening, I would like to congratulate you on the excellent tool. After much research and several attempts, I found Heralding, this fantastic tool that allows you to capture undue access attempts; as it is simple to install, the tutorial is very well explained and the logs very intuitive.
My final undergraduate work is using this amazing tool. I am using only for IPv4 however, a colleague asked me if there would be support for IPv6?
Att.

Felipe Duarte

[kajojify]

@feliped79 Hello! Thanks for your opinion!
I think we can add IPv6 support, if @johnnykv doesn't mind of course :)
Good luck with your undergraduate work!

[johnnykv]

Yes, ipv6 should be possible, I wonder if all it takes is to do two create_server for each capability?

[kajojify]

@johnnykv I played with asyncio.start_server a little bit yesterday.
There are 2 variants:

1. Implement two modes separately: ipv4 mode and ipv6 mode.
2. Implement one mode, which works fine with both ipv4 and ipv6 modes.

For the first variant we can teach mitmproxy to respect -4 and -6 console arguments or --ipv4 and --ipv6. Then depending on the chosen variant:
ipv4

server_coro = asyncio.start_server(cap.handle_session, '0.0.0.0', port,
                                   loop=self.loop, family=socket.AF_INET)

ipv6

server_coro = asyncio.start_server(cap.handle_session, '::', port, 
                                   loop=self.loop, family=socket.AF_INET6)

For the second variant:

sock = socket.socket(socket.AF_INET6, socket.SOCK_STREAM)
sock.bind(('::', port))

server_coro = asyncio.start_server(cap.handle_session, sock=sock, loop=loop)

[ghost]

Wow, that's cool, I hope one day I'll get to that level of programming in Python and networks too ... but for now I know only the basics of Python.

[kajojify]

@feliped79 Hello again! :)
I've just looked through possible variants of ipv6 support providing and found out an interesting thing.
Heralding already has basic support of ipv6 support.
asyncio.start_server has attribute family, which is inteded to choose ip version

family can be set to either socket.AF_INET or AF_INET6 to force the socket to use IPv4 or IPv6. If not set it will be determined from host (defaults to socket.AF_UNSPEC).

The thing is asyncio.start_server can automatically choose appropriate family relying on the specified host.
Host is taken from config file heralding.yml. So you can enable ipv6 by setting ipv6 host address into config file directly:

or

[johnnykv]

Yes, confirmed. It sure does work:

$ telnet ::1
Trying ::1...
Connected to ::1.
Escape character is '^]'.
Username: james
Password:

And log_auth:

2018-04-27 19:35:14.490495,cd100a4f-64dd-4fe2-a403-0fec5d048495,f188c3f7-bf3c-46cc-b387-aeb68c6a73bc,::1,33636,,23,telnet,james,bond

I guess the challenge now is how to make it listen to both ipv6 and 4?

[slavkoja]

perhaps this can help about binding socket to both https://bugs.python.org/issue17561

[hammas9]

Hi @johnnykv and others interested in this thread,
Did you end up adding IPv6 support to Heralding officially? Or do I still have to go by the way mentioned above?

Regards