增加80端口数据包数据包拦截

FastGithub.Configuration/ReverseProxyPort.cs

@@ -1,5 +1,4 @@
-using System;
+using System.Collections.Generic;
-using System.Collections.Generic;
 using System.Net;
 using System.Net.NetworkInformation;
 using System.Net.Sockets;
@@ -7,34 +6,27 @@ using System.Net.Sockets;
 namespace FastGithub.Configuration
 {
     /// <summary>
-    /// https反向代理端口
+    /// 反向代理端口
     /// </summary>
-    public static class HttpsReverseProxyPort
+    public static class ReverseProxyPort
     {
         /// <summary>
-        /// 获取端口值
+        /// http端口
         /// </summary>
-        public static int Value { get; } = GetAvailableTcpPort(AddressFamily.InterNetwork);
+        public static int Http { get; } = GetAvailableTcpPort(80);
+
+        /// <summary>
+        /// https端口
+        /// </summary>
+        public static int Https { get; } = GetAvailableTcpPort(443);
 
         /// <summary>
         /// 获取可用的随机Tcp端口
         /// </summary>
+        /// <param name="minValue"></param>
         /// <param name="addressFamily"></param>
         /// <returns></returns>
-        private static int GetAvailableTcpPort(AddressFamily addressFamily)
+        private static int GetAvailableTcpPort(int minValue, AddressFamily addressFamily = AddressFamily.InterNetwork)
-        {
-            return OperatingSystem.IsWindows()
-                ? GetAvailableTcpPort(addressFamily, 443)
-                : GetAvailableTcpPort(addressFamily, 12345);
-        }
-
-        /// <summary>
-        /// 获取可用的随机Tcp端口
-        /// </summary>
-        /// <param name="addressFamily"></param>
-        /// <param name="min">最小值</param>
-        /// <returns></returns>
-        private static int GetAvailableTcpPort(AddressFamily addressFamily, int min)
         {
             var hashSet = new HashSet<int>();
             var tcpListeners = IPGlobalProperties.GetIPGlobalProperties().GetActiveTcpListeners();
@@ -47,7 +39,7 @@ namespace FastGithub.Configuration
                 }
             }
 
-            for (var port = min; port < IPEndPoint.MaxPort; port++)
+            for (var port = minValue; port < IPEndPoint.MaxPort; port++)
             {
                 if (hashSet.Contains(port) == false)
                 {

FastGithub.HttpServer/HttpProxyMiddleware.cs

@@ -148,7 +148,7 @@ namespace FastGithub.HttpServer
             // 目标端口为443，走https代理中间人           
             if (targetPort == HTTPS_PORT && targetHost != "ssh.github.com")
             {
-                return new IPEndPoint(IPAddress.Loopback, HttpsReverseProxyPort.Value);
+                return new IPEndPoint(IPAddress.Loopback, ReverseProxyPort.Https);
             }
 
             // dns优选

FastGithub.HttpServer/KestrelServerOptionsExtensions.cs

@@ -69,11 +69,11 @@ namespace FastGithub
         /// <param name="kestrel"></param>
         public static void ListenHttpReverseProxy(this KestrelServerOptions kestrel)
         {
-            const int HTTP_PORT = 80;
+            var httpPort = ReverseProxyPort.Http;
-            if (CanListenTcp(HTTP_PORT) == true)
+            if (CanListenTcp(httpPort) == true)
             {
-                kestrel.Listen(IPAddress.Loopback, HTTP_PORT);
+                kestrel.Listen(IPAddress.Loopback, httpPort);
-                kestrel.GetLogger().LogInformation($"已监听http://{IPAddress.Loopback}:{HTTP_PORT}，http反向代理服务启动完成");
+                kestrel.GetLogger().LogInformation($"已监听http://{IPAddress.Loopback}:{httpPort}，http反向代理服务启动完成");
             }
         }
 
@@ -85,7 +85,7 @@ namespace FastGithub
         /// <returns></returns>
         public static int ListenHttpsReverseProxy(this KestrelServerOptions kestrel)
         {
-            var httpsPort = HttpsReverseProxyPort.Value;
+            var httpsPort = ReverseProxyPort.Https;
             if (CanListenTcp(httpsPort) == false)
             {
                 throw new FastGithubException($"tcp端口{httpsPort}已经被其它进程占用");

FastGithub.PacketIntercept/HttpInterceptHostedService.cs

@@ -0,0 +1,36 @@
+using Microsoft.Extensions.Hosting;
+using System.Runtime.Versioning;
+using System.Threading;
+using System.Threading.Tasks;
+
+namespace FastGithub.Dns
+{
+    /// <summary>
+    /// http拦截后台服务
+    /// </summary>
+    [SupportedOSPlatform("windows")]
+    sealed class HttpInterceptHostedService : BackgroundService
+    {
+        private readonly HttpInterceptor httpsInterceptor;
+
+        /// <summary>
+        /// http拦截后台服务
+        /// </summary> 
+        /// <param name="httpInterceptor"></param> 
+        public HttpInterceptHostedService(HttpInterceptor httpInterceptor)
+        {
+            this.httpsInterceptor = httpInterceptor;
+        }
+
+        /// <summary>
+        /// https后台
+        /// </summary>
+        /// <param name="stoppingToken"></param>
+        /// <returns></returns>
+        protected override async Task ExecuteAsync(CancellationToken stoppingToken)
+        {
+            await Task.Yield();
+            this.httpsInterceptor.Intercept(stoppingToken);
+        }
+    }
+}

FastGithub.PacketIntercept/HttpInterceptor.cs

@@ -0,0 +1,95 @@
+using FastGithub.Configuration;
+using Microsoft.Extensions.Logging;
+using System;
+using System.Buffers.Binary;
+using System.Runtime.Versioning;
+using System.Threading;
+using WinDivertSharp;
+
+namespace FastGithub.Dns
+{
+    /// <summary>
+    /// http拦截器
+    /// </summary>   
+    [SupportedOSPlatform("windows")]
+    sealed class HttpInterceptor
+    {
+        private readonly ILogger<HttpInterceptor> logger;
+        private readonly ushort http80Port = BinaryPrimitives.ReverseEndianness((ushort)80);
+        private readonly ushort httpReverseProxyPort = BinaryPrimitives.ReverseEndianness((ushort)ReverseProxyPort.Http);
+
+        /// <summary>
+        /// http拦截器
+        /// </summary>
+        /// <param name="logger"></param>
+        public HttpInterceptor(ILogger<HttpInterceptor> logger)
+        {
+            this.logger = logger;
+        }
+
+        /// <summary>
+        /// 拦截80端口的数据包
+        /// </summary>
+        /// <param name="cancellationToken"></param>
+        public void Intercept(CancellationToken cancellationToken)
+        {
+            if (ReverseProxyPort.Http == 80)
+            {
+                return;
+            }
+
+            var filter = $"loopback and (tcp.DstPort == 80 or tcp.SrcPort == {ReverseProxyPort.Http})";
+            var handle = WinDivert.WinDivertOpen(filter, WinDivertLayer.Network, 0, WinDivertOpenFlags.None);
+            if (handle == IntPtr.Zero)
+            {
+                return;
+            }
+
+            cancellationToken.Register(hwnd => WinDivert.WinDivertClose((IntPtr)hwnd!), handle);
+
+            var packetLength = 0U;
+            using var winDivertBuffer = new WinDivertBuffer();
+            var winDivertAddress = new WinDivertAddress();
+
+            while (cancellationToken.IsCancellationRequested == false)
+            {
+                if (WinDivert.WinDivertRecv(handle, winDivertBuffer, ref winDivertAddress, ref packetLength))
+                {
+                    try
+                    {
+                        this.ModifyHttpsPacket(winDivertBuffer, ref winDivertAddress, ref packetLength);
+                    }
+                    catch (Exception ex)
+                    {
+                        this.logger.LogWarning(ex.Message);
+                    }
+                    finally
+                    {
+                        WinDivert.WinDivertSend(handle, winDivertBuffer, packetLength, ref winDivertAddress);
+                    }
+                }
+            }
+        }
+
+        /// <summary>
+        /// 443端口转发到https反向代理端口
+        /// </summary>
+        /// <param name="winDivertBuffer"></param>
+        /// <param name="winDivertAddress"></param>
+        /// <param name="packetLength"></param> 
+        unsafe private void ModifyHttpsPacket(WinDivertBuffer winDivertBuffer, ref WinDivertAddress winDivertAddress, ref uint packetLength)
+        {
+            var packet = WinDivert.WinDivertHelperParsePacket(winDivertBuffer, packetLength);
+            if (packet.TcpHeader->DstPort == http80Port)
+            {
+                packet.TcpHeader->DstPort = this.httpReverseProxyPort;
+            }
+            else
+            {
+                packet.TcpHeader->SrcPort = http80Port;
+            }
+            winDivertAddress.Impostor = true;
+            WinDivert.WinDivertHelperCalcChecksums(winDivertBuffer, packetLength, ref winDivertAddress, WinDivertChecksumHelperParam.All);
+        }
+    }
+}

FastGithub.PacketIntercept/HttpsInterceptHostedService.cs

@@ -1,5 +1,4 @@
-using FastGithub.Configuration;
+using Microsoft.Extensions.Hosting;
-using Microsoft.Extensions.Hosting;
 using System.Runtime.Versioning;
 using System.Threading;
 using System.Threading.Tasks;

FastGithub.PacketIntercept/HttpsInterceptor.cs

@@ -14,15 +14,15 @@ namespace FastGithub.Dns
     [SupportedOSPlatform("windows")]
     sealed class HttpsInterceptor
     {
-        private readonly ILogger<DnsInterceptor> logger;
+        private readonly ILogger<HttpsInterceptor> logger;
         private readonly ushort https443Port = BinaryPrimitives.ReverseEndianness((ushort)443);
-        private readonly ushort httpReverseProxyPort = BinaryPrimitives.ReverseEndianness((ushort)HttpsReverseProxyPort.Value);
+        private readonly ushort httpsReverseProxyPort = BinaryPrimitives.ReverseEndianness((ushort)ReverseProxyPort.Https);
 
         /// <summary>
         /// https拦截器
         /// </summary>
         /// <param name="logger"></param>
-        public HttpsInterceptor(ILogger<DnsInterceptor> logger)
+        public HttpsInterceptor(ILogger<HttpsInterceptor> logger)
         {
             this.logger = logger;
         }
@@ -33,12 +33,12 @@ namespace FastGithub.Dns
         /// <param name="cancellationToken"></param>
         public void Intercept(CancellationToken cancellationToken)
         {
-            if (HttpsReverseProxyPort.Value == 443)
+            if (ReverseProxyPort.Https == 443)
             {
                 return;
             }
 
-            var filter = $"loopback and (tcp.DstPort == 443 or tcp.SrcPort == {HttpsReverseProxyPort.Value})";
+            var filter = $"loopback and (tcp.DstPort == 443 or tcp.SrcPort == {ReverseProxyPort.Https})";
             var handle = WinDivert.WinDivertOpen(filter, WinDivertLayer.Network, 0, WinDivertOpenFlags.None);
             if (handle == IntPtr.Zero)
             {
@@ -82,7 +82,7 @@ namespace FastGithub.Dns
             var packet = WinDivert.WinDivertHelperParsePacket(winDivertBuffer, packetLength);
             if (packet.TcpHeader->DstPort == https443Port)
             {
-                packet.TcpHeader->DstPort = this.httpReverseProxyPort;
+                packet.TcpHeader->DstPort = this.httpsReverseProxyPort;
             }
             else
             {

FastGithub.PacketIntercept/ServiceCollectionExtensions.cs

@@ -18,11 +18,15 @@ namespace FastGithub
         [SupportedOSPlatform("windows")]
         public static IServiceCollection AddPacketIntercept(this IServiceCollection services)
         {
-            services.TryAddSingleton<DnsInterceptor>();
-            services.TryAddSingleton<HttpsInterceptor>();
             services.AddSingleton<IConflictSolver, HostsConflictSolver>();
             services.AddSingleton<IConflictSolver, ProxyConflictSolver>();
+
+            services.TryAddSingleton<DnsInterceptor>();
+            services.TryAddSingleton<HttpInterceptor>();
+            services.TryAddSingleton<HttpsInterceptor>();
+
             services.AddHostedService<DnsInterceptHostedService>();
+            services.AddHostedService<HttpInterceptHostedService>();
             return services.AddHostedService<HttpsInterceptHostedService>();
         }
     }