feat(net): add support for ping sockets (#101) - WIP

src/config.rs

@@ -211,6 +211,7 @@ pub struct TrippyConfig {
     pub tui_theme: TuiTheme,
     pub tui_bindings: TuiBindings,
     pub mode: Mode,
+    pub unprivileged: bool,
     pub report_cycles: usize,
     pub geoip_mmdb_file: Option<String>,
     pub max_rounds: Option<usize>,
@@ -260,6 +261,11 @@ impl TryFrom<(Args, u16)> for TrippyConfig {
         let cfg_file_dns = cfg_file.dns.unwrap_or_default();
         let cfg_file_report = cfg_file.report.unwrap_or_default();
         let mode = cfg_layer(args.mode, cfg_file_trace.mode, constants::DEFAULT_MODE);
+        let unprivileged = cfg_layer_bool_flag(
+            args.unprivileged,
+            cfg_file_trace.unprivileged,
+            constants::DEFAULT_unprivileged,
+        );
         let verbose = args.verbose;
         let log_format = cfg_layer(
             args.log_format,
@@ -526,6 +532,7 @@ impl TryFrom<(Args, u16)> for TrippyConfig {
             tui_theme,
             tui_bindings,
             mode,
+            unprivileged,
             report_cycles,
             geoip_mmdb_file,
             max_rounds,

src/config/cmd.rs

@@ -25,6 +25,10 @@ pub struct Args {
     #[arg(value_enum, short = 'm', long)]
     pub mode: Option<Mode>,
 
+    /// Trace without requiring elevated privileges (Unix ICMP and UDP only)
+    #[arg(long)]
+    pub unprivileged: bool,
+
     /// Tracing protocol [default: icmp]
     #[arg(value_enum, short = 'p', long)]
     pub protocol: Option<Protocol>,

src/config/constants.rs

@@ -13,6 +13,9 @@ pub const MAX_HOPS: usize = u8::MAX as usize;
 /// The default value for `mode`.
 pub const DEFAULT_MODE: Mode = Mode::Tui;
 
+/// The default value for `unprivileged`.
+pub const DEFAULT_unprivileged: bool = false;
+
 /// The default value for `log-format`.
 pub const DEFAULT_LOG_FORMAT: LogFormat = LogFormat::Pretty;
 

src/config/file.rs

@@ -85,6 +85,7 @@ pub struct ConfigFile {
 #[serde(rename_all = "kebab-case", deny_unknown_fields)]
 pub struct ConfigTrippy {
     pub mode: Option<Mode>,
+    pub unprivileged: Option<bool>,
     pub log_format: Option<LogFormat>,
     pub log_filter: Option<String>,
     pub log_span_events: Option<LogSpanEvents>,

src/main.rs

@@ -50,7 +50,9 @@ fn main() -> anyhow::Result<()> {
     let _guard = configure_logging(&cfg);
     let resolver = start_dns_resolver(&cfg)?;
     let geoip_lookup = create_geoip_lookup(&cfg)?;
-    ensure_caps()?;
+    if !cfg.unprivileged {
+        ensure_caps()?;
+    }
     let traces: Vec<_> = cfg
         .targets
         .iter()
@@ -227,6 +229,7 @@ fn make_channel_config(
     target_addr: IpAddr,
 ) -> TracerChannelConfig {
     TracerChannelConfig::new(
+        args.unprivileged,
         args.protocol,
         args.addr_family,
         source_addr,

src/tracing/config.rs

@@ -149,6 +149,7 @@ impl PortDirection {
 /// Tracer network channel configuration.
 #[derive(Debug, Clone)]
 pub struct TracerChannelConfig {
+    pub unprivileged: bool,
     pub protocol: TracerProtocol,
     pub addr_family: TracerAddrFamily,
     pub source_addr: IpAddr,
@@ -165,6 +166,7 @@ impl TracerChannelConfig {
     #[allow(clippy::too_many_arguments)]
     #[must_use]
     pub fn new(
+        unprivileged: bool,
         protocol: TracerProtocol,
         addr_family: TracerAddrFamily,
         source_addr: IpAddr,
@@ -177,6 +179,7 @@ impl TracerChannelConfig {
         tcp_connect_timeout: Duration,
     ) -> Self {
         Self {
+            unprivileged,
             protocol,
             addr_family,
             source_addr,

src/tracing/net/channel.rs

@@ -18,6 +18,7 @@ const MAX_TCP_PROBES: usize = 256;
 
 /// A channel for sending and receiving `Probe` packets.
 pub struct TracerChannel<S: Socket> {
+    unprivileged: bool,
     protocol: TracerProtocol,
     src_addr: IpAddr,
     ipv4_length_order: platform::PlatformIpv4FieldByteOrder,
@@ -55,6 +56,7 @@ impl<S: Socket> TracerChannel<S> {
         };
         let recv_socket = make_recv_socket(config.source_addr)?;
         Ok(Self {
+            unprivileged: config.unprivileged,
             protocol: config.protocol,
             src_addr: config.source_addr,
             ipv4_length_order,

src/tracing/net/platform/unix.rs

@@ -209,7 +209,9 @@ impl SocketImpl {
 impl Socket for SocketImpl {
     #[instrument]
     fn new_icmp_send_socket_ipv4() -> IoResult<Self> {
-        let socket = Self::new_raw_ipv4(Protocol::from(nix::libc::IPPROTO_RAW))?;
+        let socket = Self::new(Domain::IPV4, Type::DGRAM, Protocol::ICMPV4)?;
+        // TODO pass unprivileged here to decide which socket to create?
+        // let socket = Self::new_raw_ipv4(Protocol::from(nix::libc::IPPROTO_RAW))?;
         socket.set_nonblocking(true)?;
         socket.set_header_included(true)?;
         Ok(socket)
@@ -222,8 +224,9 @@ impl Socket for SocketImpl {
     }
     #[instrument]
     fn new_udp_send_socket_ipv4() -> IoResult<Self> {
-        let socket = Self::new_raw_ipv4(Protocol::from(nix::libc::IPPROTO_RAW))?;
+        let socket = Self::new_dgram_ipv4(Protocol::UDP)?;
         socket.set_nonblocking(true)?;
+        // TODO udp doesn't work
         socket.set_header_included(true)?;
         Ok(socket)
     }
@@ -235,7 +238,9 @@ impl Socket for SocketImpl {
     }
     #[instrument]
     fn new_recv_socket_ipv4(addr: Ipv4Addr) -> IoResult<Self> {
-        let socket = Self::new_raw_ipv4(Protocol::ICMPV4)?;
+        let socket = Self::new(Domain::IPV4, Type::DGRAM, Protocol::ICMPV4)?;
+        // TODO pass unprivileged here to decide which socket to create?
+        // let socket = Self::new_raw_ipv4(Protocol::ICMPV4)?;
         socket.set_nonblocking(true)?;
         socket.set_header_included(true)?;
         Ok(socket)

trippy-config-sample.toml

@@ -32,6 +32,13 @@
 #   silent      - Do not generate any output for N cycles
 mode = "tui"
 
+# Trace without requiring elevated privileges [default: false]
+#
+# Enabling will cause IPPROTO_ICMP sockets to be used for ICMP
+#
+# Applicable for ICMP and UDP protocols only.  Unix only.
+unprivileged = false
+
 # How to format log data.
 #
 # Allowed values are:
@@ -126,7 +133,7 @@ multipath-strategy = "classic"
 
 # The maximum number of in-flight ICMP echo requests [default: 24]
 #
-# The tracing stratgey operates a sliding window protocol and will allow a
+# The tracing strategy operates a sliding window protocol and will allow a
 # maximum number of probes to be inflight (sent, and not received or lost)
 # at any given time.
 max-inflight = 24