Query the RouteSocket for routes on Unix systems

Mimic what `route get` does, instead of dumping the routing table and
trying to determine the most specific route from the dump.

Author: hurricanehrndz

go.mod

@@ -9,3 +9,10 @@ require (
 	golang.org/x/net v0.37.0
 	golang.org/x/sys v0.31.0
 )
+
+require (
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/stretchr/testify v1.10.0 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+)

go.sum

@@ -1,5 +1,11 @@
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/google/gopacket v1.1.19 h1:ves8RnFZPGiFnTS0uPQStjwru6uO6h+nlr9j6fL7kF8=
 github.com/google/gopacket v1.1.19/go.mod h1:iJ8V8n6KS+z2U1A8pUwu8bW5SyEMkXJB8Yo/Vo+TKTo=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
+github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
@@ -20,3 +26,6 @@ golang.org/x/sys v0.31.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

netroute_bsd.go

@@ -13,137 +13,220 @@
 package netroute
 
 import (
+	"errors"
 	"fmt"
+	"math/rand/v2"
 	"net"
-	"sort"
+	"os"
 	"syscall"
 
 	"github.com/google/gopacket/routing"
 	"golang.org/x/net/route"
+	"golang.org/x/sys/unix"
 )
 
-func toIPAddr(a route.Addr) (net.IP, error) {
+const (
+	RTF_IFSCOPE = 0x1000000
+)
+
+type bsdRouter struct{}
+
+func toIPAddr(a route.Addr) net.IP {
 	switch t := a.(type) {
 	case *route.Inet4Addr:
-		return t.IP[:], nil
+		return t.IP[:]
 	case *route.Inet6Addr:
-		return t.IP[:], nil
+		return t.IP[:]
 	default:
-		return net.IP{}, fmt.Errorf("unknown family: %v", t)
+		return nil
 	}
 }
 
-// selected BSD Route flags.
-const (
-	RTF_UP        = 0x1
-	RTF_GATEWAY   = 0x2
-	RTF_HOST      = 0x4
-	RTF_REJECT    = 0x8
-	RTF_DYNAMIC   = 0x10
-	RTF_MODIFIED  = 0x20
-	RTF_STATIC    = 0x800
-	RTF_BLACKHOLE = 0x1000
-	RTF_LOCAL     = 0x200000
-	RTF_BROADCAST = 0x400000
-	RTF_MULTICAST = 0x800000
-)
+// toRouteAddr converts the net.IP to route.Addr .
+// If ip is not an IPv4 address, toRouteAddr returns nil.
+func toRouteAddr(ip net.IP) route.Addr {
+	if len(ip) == 0 {
+		return nil
+	}
 
-func New() (routing.Router, error) {
-	rtr := &router{}
-	rtr.ifaces = make(map[int]net.Interface)
-	rtr.addrs = make(map[int]ipAddrs)
-	tab, err := route.FetchRIB(syscall.AF_UNSPEC, route.RIBTypeRoute, 0)
-	if err != nil {
-		return nil, err
+	if len(ip) != net.IPv4len && len(ip) != net.IPv6len {
+		return nil
 	}
-	msgs, err := route.ParseRIB(route.RIBTypeRoute, tab)
-	if err != nil {
-		return nil, err
+	if p4 := ip.To4(); len(p4) == net.IPv4len {
+		return &route.Inet4Addr{IP: [4]byte(p4)}
 	}
-	var ipn *net.IPNet
-	for _, msg := range msgs {
-		m := msg.(*route.RouteMessage)
-		// We ignore the error (m.Err) here. It's not clear what this error actually means,
-		// and it makes us miss routes that _should_ be included.
-		routeInfo := new(rtInfo)
-
-		if m.Version < 3 || m.Version > 5 {
-			return nil, fmt.Errorf("unexpected RIB message version: %d", m.Version)
-		}
-		if m.Type != 4 /* RTM_GET */ {
-			return nil, fmt.Errorf("unexpected RIB message type: %d", m.Type)
-		}
+	return &route.Inet6Addr{IP: [16]byte(ip)}
+}
 
-		if m.Flags&RTF_UP == 0 ||
-			m.Flags&(RTF_REJECT|RTF_BLACKHOLE) != 0 {
+// IPToIfIndex takes an IP and returns index of the interface with the given IP assigned if any
+func IPToIfIndex(ip net.IP) (int, error) {
+	ifaces, err := net.Interfaces()
+	if err != nil {
+		return -1, fmt.Errorf("failed to get interfaces: %s", err)
+	}
+	for _, iface := range ifaces {
+		addrs, err := iface.Addrs()
+		if err != nil {
 			continue
 		}
-
-		dst, err := toIPAddr(m.Addrs[0])
-		if err == nil {
-			mask, _ := toIPAddr(m.Addrs[2])
-			if mask == nil {
-				mask = net.IP(net.CIDRMask(0, 8*len(dst)))
+		for _, addr := range addrs {
+			inet, ok := addr.(*net.IPNet)
+			if !ok {
+				continue
 			}
-			ipn = &net.IPNet{IP: dst, Mask: net.IPMask(mask)}
-			if m.Flags&RTF_HOST != 0 {
-				ipn.Mask = net.CIDRMask(8*len(ipn.IP), 8*len(ipn.IP))
+			if inet.IP.Equal(ip) {
+				return iface.Index, nil
 			}
-			routeInfo.Dst = ipn
-		} else {
-			return nil, fmt.Errorf("unexpected RIB destination: %v", err)
 		}
+	}
+	return -1, fmt.Errorf("no interface found for IP: %s", ip)
+}
 
-		if m.Flags&RTF_GATEWAY != 0 {
-			if gw, err := toIPAddr(m.Addrs[1]); err == nil {
-				routeInfo.Gateway = gw
-			}
+// MACToIfIndex takes a MAC address and returns index of interface with matching address
+func MACToIfIndex(hwAddr net.HardwareAddr) (int, error) {
+	ifaces, err := net.Interfaces()
+	if err != nil {
+		return -1, fmt.Errorf("failed to get interfaces: %s", err)
+	}
+	for _, iface := range ifaces {
+		if hwAddr.String()  == iface.HardwareAddr.String() {
+				return iface.Index, nil
 		}
-		if src, err := toIPAddr(m.Addrs[5]); err == nil {
-			ipn = &net.IPNet{IP: src, Mask: net.CIDRMask(8*len(src), 8*len(src))}
-			routeInfo.Src = ipn
-			routeInfo.PrefSrc = src
-			if m.Flags&0x2 != 0 /* RTF_GATEWAY */ {
-				routeInfo.Src.Mask = net.CIDRMask(0, 8*len(routeInfo.Src.IP))
-			}
+	}
+	return -1, fmt.Errorf("no interface found for MAC: %s", hwAddr.String())
+}
+
+func getIfIndex(MACAddr net.HardwareAddr, ip net.IP) (int, error) {
+	ipIndex := -1
+	macIndex := -1
+	var err error
+	if ip == nil && MACAddr == nil {
+		return -1, nil
+	}
+
+	if ip != nil  {
+		ipIndex, err = IPToIfIndex(ip)
+		if err != nil {
+			return -1, fmt.Errorf("failed to find interface with IP: %s", ip.String())
 		}
-		routeInfo.OutputIface = uint32(m.Index)
+	}
 
-		switch m.Addrs[0].(type) {
-		case *route.Inet4Addr:
-			rtr.v4 = append(rtr.v4, routeInfo)
-		case *route.Inet6Addr:
-			rtr.v6 = append(rtr.v6, routeInfo)
+	if MACAddr != nil  {
+		macIndex, err = MACToIfIndex(MACAddr)
+		if err != nil {
+			return -1, fmt.Errorf("failed to find interface with MAC: %s", MACAddr.String())
 		}
 	}
-	sort.Sort(rtr.v4)
-	sort.Sort(rtr.v6)
-	ifaces, err := net.Interfaces()
+
+	switch {
+	case (ipIndex >= 0 &&  macIndex >= 0) && (macIndex != ipIndex):
+		return -1, fmt.Errorf("given MAC address and source IP do resolve to same Interface")
+	case (ipIndex >= 0 &&  macIndex >= 0) && (macIndex == ipIndex):
+		return ipIndex, nil
+	case ipIndex >= 0:
+		return ipIndex, nil
+	case macIndex >= 0:
+		return macIndex, nil
+	default:
+		return -1, fmt.Errorf("no index found for given ip and/or mac")
+	}
+}
+
+
+func (r *bsdRouter) Route(dst net.IP) (iface *net.Interface, gateway, preferredSrc net.IP, err error) {
+	return r.RouteWithSrc(nil, nil, dst)
+}
+
+func (r *bsdRouter) RouteWithSrc(MACAddr net.HardwareAddr, src, dst net.IP) (iface *net.Interface, gateway, preferredSrc net.IP, err error) {
+	dstAddr := toRouteAddr(dst)
+	if dstAddr == nil {
+		return nil, nil, nil, fmt.Errorf("failed to parse dst: %#v", dst)
+	}
+
+	pid := os.Getpid()
+	seq := rand.Int()
+	msg := &route.RouteMessage{
+		Version: syscall.RTM_VERSION,
+		Type:    unix.RTM_GET,
+		ID:      uintptr(pid),
+		Seq:     seq,
+		Addrs: []route.Addr{
+			dstAddr,
+			nil,
+			nil,
+			nil,
+			&route.LinkAddr{},
+		},
+	}
+    ifIndex, err := getIfIndex(MACAddr, src)
+	if err != nil {
+		return nil, nil, nil, fmt.Errorf("failed to determine ifIndex: %s", err)
+	}
+	if ifIndex >= 0 {
+		msg.Flags = RTF_IFSCOPE
+		msg.Index = ifIndex
+	}
+
+	var reply *route.RouteMessage
+	if reply, err = GetRouteMsgAnswer(msg); err != nil {
+		return
+	}
+	if iface, err = net.InterfaceByIndex(reply.Index); err != nil {
+		return
+	}
+	preferredSrc = toIPAddr(reply.Addrs[5])
+	if dst.String() == preferredSrc.String() {
+		return
+	}
+	gateway = toIPAddr(reply.Addrs[1])
+	return
+}
+
+// GetRouteMsgAnswer takes an RTM_GET RouteMessage and returns a answer (RouteMessage)
+func GetRouteMsgAnswer(m *route.RouteMessage) (*route.RouteMessage, error) {
+	if m.Type != syscall.RTM_GET {
+		return nil, errors.New("message type is not RTM_GET")
+	}
+	so, err := unix.Socket(unix.AF_ROUTE, unix.SOCK_RAW, unix.AF_UNSPEC)
 	if err != nil {
 		return nil, err
 	}
-	for _, iface := range ifaces {
-		rtr.ifaces[iface.Index] = iface
-		var addrs ipAddrs
-		ifaceAddrs, err := iface.Addrs()
+	defer unix.Close(so)
+
+	wb, err := m.Marshal()
+	if err != nil {
+		return nil, err
+	}
+	if _, err := unix.Write(so, wb); err != nil {
+		return nil, err
+	}
+
+	var rb [2 << 10]byte
+	for {
+		n, err := unix.Read(so, rb[:])
 		if err != nil {
-			return nil, err
+			return nil, fmt.Errorf("failed to read from routing socket: %s", err)
 		}
-		for _, addr := range ifaceAddrs {
-			if inet, ok := addr.(*net.IPNet); ok {
-				// Go has a nasty habit of giving you IPv4s as ::ffff:1.2.3.4 instead of 1.2.3.4.
-				// We want to use mapped v4 addresses as v4 preferred addresses, never as v6
-				// preferred addresses.
-				if v4 := inet.IP.To4(); v4 != nil {
-					if addrs.v4 == nil {
-						addrs.v4 = v4
-					}
-				} else if addrs.v6 == nil {
-					addrs.v6 = inet.IP
-				}
-			}
+		// Parse the response messages
+		rms, err := route.ParseRIB(route.RIBTypeRoute, rb[:n])
+		if err != nil {
+			return nil, fmt.Errorf("failed to parsed messages: %s", err)
 		}
-		rtr.addrs[iface.Index] = addrs
+		if len(rms) == 0 {
+			break
+		}
+		rm, ok := rms[0].(*route.RouteMessage)
+		// confirm it is a reply to our query
+		if !ok || (m.ID != rm.ID && m.Seq != rm.Seq && rm.Type != unix.RTM_GET) {
+			continue
+		}
+		return rm, nil
 	}
+	return nil, errors.New("failed to read from routing socket")
+}
+
+// New return a stateless routing router
+func New() (routing.Router, error) {
+	rtr := &bsdRouter{}
 	return rtr, nil
 }