Add: dns leak detection

crates/wtfnet-platform/src/lib.rs

@@ -1,5 +1,6 @@
 use async_trait::async_trait;
 use serde::{Deserialize, Serialize};
+use std::net::IpAddr;
 use std::sync::Arc;
 use wtfnet_core::ErrorCode;
 
@@ -80,6 +81,46 @@ pub struct NeighborEntry {
     pub state: Option<String>,
 }
 
+#[derive(Debug, Clone, Copy, Serialize, Deserialize, PartialEq, Eq)]
+#[serde(rename_all = "lowercase")]
+pub enum FlowProtocol {
+    Udp,
+    Tcp,
+}
+
+#[derive(Debug, Clone, Copy, Serialize, Deserialize)]
+#[serde(rename_all = "lowercase")]
+pub enum FlowOwnerConfidence {
+    High,
+    Medium,
+    Low,
+    None,
+}
+
+#[derive(Debug, Clone, Serialize, Deserialize)]
+pub struct FlowOwner {
+    pub pid: Option<u32>,
+    pub ppid: Option<u32>,
+    pub process_name: Option<String>,
+    pub process_path: Option<String>,
+}
+
+#[derive(Debug, Clone, Serialize, Deserialize)]
+pub struct FlowOwnerResult {
+    pub owner: Option<FlowOwner>,
+    pub confidence: FlowOwnerConfidence,
+    pub failure_reason: Option<String>,
+}
+
+#[derive(Debug, Clone)]
+pub struct FlowTuple {
+    pub proto: FlowProtocol,
+    pub src_ip: IpAddr,
+    pub src_port: u16,
+    pub dst_ip: IpAddr,
+    pub dst_port: u16,
+}
+
 #[derive(Debug, Clone)]
 pub struct PlatformError {
     pub code: ErrorCode,
@@ -123,9 +164,15 @@ pub trait NeighProvider: Send + Sync {
     async fn neighbors(&self) -> Result<Vec<NeighborEntry>, PlatformError>;
 }
 
+#[async_trait]
+pub trait FlowOwnerProvider: Send + Sync {
+    async fn owner_of(&self, flow: FlowTuple) -> Result<FlowOwnerResult, PlatformError>;
+}
+
 pub struct Platform {
     pub sys: Arc<dyn SysProvider>,
     pub ports: Arc<dyn PortsProvider>,
     pub cert: Arc<dyn CertProvider>,
     pub neigh: Arc<dyn NeighProvider>,
+    pub flow_owner: Arc<dyn FlowOwnerProvider>,
 }