MeshCentral/meshrelay.js

429 lines
25 KiB
JavaScript
Raw Normal View History

2017-08-28 12:27:45 -04:00
/**
2018-01-04 15:15:21 -05:00
* @description MeshCentral connection relay module
2017-08-28 12:27:45 -04:00
* @author Ylian Saint-Hilaire
2019-01-03 19:22:15 -05:00
* @copyright Intel Corporation 2018-2019
2018-01-04 15:15:21 -05:00
* @license Apache-2.0
2017-08-28 12:27:45 -04:00
* @version v0.0.1
*/
/*jslint node: true */
/*jshint node: true */
/*jshint strict:false */
/*jshint -W097 */
/*jshint esversion: 6 */
"use strict";
2018-08-27 15:24:15 -04:00
module.exports.CreateMeshRelay = function (parent, ws, req, domain, user, cookie) {
2017-08-28 12:27:45 -04:00
var obj = {};
obj.ws = ws;
2017-10-23 17:09:58 -04:00
obj.id = req.query.id;
// Relay session count (we may remove this in the future)
obj.relaySessionCounted = true;
parent.relaySessionCount++;
2017-08-28 12:27:45 -04:00
2018-10-16 13:52:05 -04:00
// Mesh Rights
const MESHRIGHT_EDITMESH = 1;
const MESHRIGHT_MANAGEUSERS = 2;
const MESHRIGHT_MANAGECOMPUTERS = 4;
const MESHRIGHT_REMOTECONTROL = 8;
const MESHRIGHT_AGENTCONSOLE = 16;
const MESHRIGHT_SERVERFILES = 32;
const MESHRIGHT_WAKEDEVICE = 64;
const MESHRIGHT_SETNOTES = 128;
const MESHRIGHT_REMOTEVIEW = 256;
2018-10-16 13:52:05 -04:00
// Site rights
const SITERIGHT_SERVERBACKUP = 1;
const SITERIGHT_MANAGEUSERS = 2;
const SITERIGHT_SERVERRESTORE = 4;
const SITERIGHT_FILEACCESS = 8;
const SITERIGHT_SERVERUPDATE = 16;
const SITERIGHT_LOCKED = 32;
// Clean a IPv6 address that encodes a IPv4 address
function cleanRemoteAddr(addr) { if (addr.startsWith('::ffff:')) { return addr.substring(7); } else { return addr; } }
2017-10-23 17:09:58 -04:00
// Disconnect this agent
obj.close = function (arg) {
if ((arg == 1) || (arg == null)) { try { ws.close(); parent.parent.debug(1, 'Relay: Soft disconnect (' + cleanRemoteAddr(ws._socket.remoteAddress) + ')'); } catch (e) { console.log(e); } } // Soft close, close the websocket
if (arg == 2) { try { ws._socket._parent.end(); parent.parent.debug(1, 'Relay: Hard disconnect (' + cleanRemoteAddr(ws._socket.remoteAddress) + ')'); } catch (e) { console.log(e); } } // Hard close, close the TCP socket
// Aggressive cleanup
delete obj.id;
delete obj.ws;
delete obj.peer;
};
2017-10-23 17:09:58 -04:00
obj.sendAgentMessage = function (command, userid, domainid) {
2019-04-12 17:19:03 -04:00
var rights, mesh;
2017-10-23 17:09:58 -04:00
if (command.nodeid == null) return false;
var user = parent.users[userid];
2017-10-23 17:09:58 -04:00
if (user == null) return false;
var splitnodeid = command.nodeid.split('/');
// Check that we are in the same domain and the user has rights over this node.
if ((splitnodeid[0] == 'node') && (splitnodeid[1] == domainid)) {
// Get the user object
// See if the node is connected
var agent = parent.wsagents[command.nodeid];
2017-10-23 17:09:58 -04:00
if (agent != null) {
// Check if we have permission to send a message to that node
rights = user.links[agent.dbMeshKey];
2019-04-12 17:19:03 -04:00
mesh = parent.meshes[agent.dbMeshKey];
if ((rights != null) && (mesh != null) || ((rights & 16) != 0)) { // TODO: 16 is console permission, may need more gradular permission checking
2017-10-23 17:09:58 -04:00
command.sessionid = ws.sessionId; // Set the session id, required for responses.
command.rights = rights.rights; // Add user rights flags to the message
2019-04-12 17:19:03 -04:00
command.consent = mesh.consent; // Add user consent
if (typeof domain.userconsentflags == 'number') { command.consent |= domain.userconsentflags; } // Add server required consent flags
command.username = user.name; // Add user name
2017-10-23 17:09:58 -04:00
delete command.nodeid; // Remove the nodeid since it's implyed.
agent.send(JSON.stringify(command));
return true;
}
} else {
// Check if a peer server is connected to this agent
var routing = parent.parent.GetRoutingServerId(command.nodeid, 1); // 1 = MeshAgent routing type
2017-10-23 17:09:58 -04:00
if (routing != null) {
// Check if we have permission to send a message to that node
rights = user.links[routing.meshid];
2019-04-12 17:19:03 -04:00
mesh = parent.meshes[routing.meshid];
2017-10-23 17:09:58 -04:00
if (rights != null || ((rights & 16) != 0)) { // TODO: 16 is console permission, may need more gradular permission checking
command.fromSessionid = ws.sessionId; // Set the session id, required for responses.
command.rights = rights.rights; // Add user rights flags to the message
2019-04-12 17:19:03 -04:00
command.consent = mesh.consent; // Add user consent
if (typeof domain.userconsentflags == 'number') { command.consent |= domain.userconsentflags; } // Add server required consent flags
command.username = user.name; // Add user name
parent.parent.multiServer.DispatchMessageSingleServer(command, routing.serverid);
2017-10-23 17:09:58 -04:00
return true;
}
}
}
}
return false;
};
2017-10-31 19:19:58 -04:00
function performRelay() {
if (obj.id == null) { try { obj.close(); } catch (e) { } return null; } // Attempt to connect without id, drop this.
ws._socket.setKeepAlive(true, 240000); // Set TCP keep alive
2017-10-23 17:09:58 -04:00
// If this is a MeshMessenger session, the ID is the two userid's and authentication must match one of them.
if (obj.id.startsWith('meshmessenger/')) {
if ((obj.id.startsWith('meshmessenger/user/') == true) && (user == null)) { try { obj.close(); } catch (e) { } return null; } // If user-to-user, both sides need to be authenticated.
var x = obj.id.split('/'), user1 = x[1] + '/' + x[2] + '/' + x[3], user2 = x[4] + '/' + x[5] + '/' + x[6];
if ((x[1] != 'user') && (x[4] != 'user')) { try { obj.close(); } catch (e) { } return null; } // MeshMessenger session must have at least one authenticated user
if ((x[1] == 'user') && (x[4] == 'user')) {
// If this is a user-to-user session, you must be authenticated to join.
if ((user._id != user1) && (user._id != user2)) { try { obj.close(); } catch (e) { } return null; }
} else {
// If only one side of the session is a user
// !!!!! TODO: Need to make sure that one of the two sides is the correct user. !!!!!
}
}
2017-10-31 19:19:58 -04:00
// Validate that the id is valid, we only need to do this on non-authenticated sessions.
// TODO: Figure out when this needs to be done.
/*
if (!parent.args.notls) {
// Check the identifier, if running without TLS, skip this.
var ids = obj.id.split(':');
if (ids.length != 3) { ws.close(); delete obj.id; return null; } // Invalid ID, drop this.
if (parent.crypto.createHmac('SHA384', parent.relayRandom).update(ids[0] + ':' + ids[1]).digest('hex') != ids[2]) { ws.close(); delete obj.id; return null; } // Invalid HMAC, drop this.
if ((Date.now() - parseInt(ids[1])) > 120000) { ws.close(); delete obj.id; return null; } // Expired time, drop this.
2017-10-31 19:19:58 -04:00
obj.id = ids[0];
}
*/
// Check the peer connection status
{
var relayinfo = parent.wsrelays[obj.id];
if (relayinfo) {
if (relayinfo.state == 1) {
// Check that at least one connection is authenticated
if ((obj.authenticated != true) && (relayinfo.peer1.authenticated != true)) {
ws.close();
parent.parent.debug(1, 'Relay without-auth: ' + obj.id + ' (' + cleanRemoteAddr(ws._socket.remoteAddress) + ')');
delete obj.id;
delete obj.ws;
delete obj.peer;
2017-10-31 19:19:58 -04:00
return null;
}
// Connect to peer
obj.peer = relayinfo.peer1;
obj.peer.peer = obj;
relayinfo.peer2 = obj;
relayinfo.state = 2;
2018-12-01 00:23:10 -05:00
relayinfo.peer1.ws._socket.resume(); // Release the traffic
relayinfo.peer2.ws._socket.resume(); // Release the traffic
ws.time = relayinfo.peer1.ws.time = Date.now();
2017-08-28 12:27:45 -04:00
2017-10-31 19:19:58 -04:00
relayinfo.peer1.ws.peer = relayinfo.peer2.ws;
relayinfo.peer2.ws.peer = relayinfo.peer1.ws;
// Remove the timeout
if (relayinfo.timeout) { clearTimeout(relayinfo.timeout); delete relayinfo.timeout; }
// Setup session recording
var sessionUser = user;
if (sessionUser == null) { sessionUser = obj.peer.user; }
if (domain.sessionrecording) {
try { parent.parent.fs.mkdirSync(parent.parent.recordpath); } catch (e) { }
var recFilename = 'relaysession' + ((domain.id == '') ? '' : '-') + domain.id + '-' + Date.now() + '-' + sessionUser.name + '-' + obj.id + '.mcrec'
var recFullFilename = parent.parent.path.join(parent.parent.recordpath, recFilename);
parent.parent.fs.open(recFullFilename, 'w', function (err, fd) {
// Write the recording file header
var firstBlock = Buffer.from(JSON.stringify({ magic: 'MeshCentralRelaySession', ver: 1, userid: sessionUser._id, username: sessionUser.name, sessionid: obj.id, ipaddr1: cleanRemoteAddr(ws._socket.remoteAddress), ipaddr2: cleanRemoteAddr(obj.peer.ws._socket.remoteAddress), time: new Date().toLocaleString() }));
var header = Buffer.alloc(16); // Type (2) + Flags (2) + Size(4) + Time(8)
header.writeInt16BE(1, 0); // Type (1 = Header, 2 = Network Data)
header.writeInt16BE(0, 2); // Flags (1 = Binary, 2 = User)
header.writeInt32BE(firstBlock.length, 4); // Size
header.writeIntBE(ws.time, 10, 6); // Time
var block = Buffer.concat([header, firstBlock]);
parent.parent.fs.write(fd, block, 0, block.length, function (err, bytesWritten, buffer) {
relayinfo.peer1.ws.logfile = ws.logfile = { fd: fd, lock: false };
ws.send('c'); // Send connect to both peers
relayinfo.peer1.ws.send('c');
});
});
} else {
// Send session start
ws.send('c'); // Send connect to both peers
relayinfo.peer1.ws.send('c');
}
parent.parent.debug(1, 'Relay connected: ' + obj.id + ' (' + cleanRemoteAddr(ws._socket.remoteAddress) + ' --> ' + cleanRemoteAddr(obj.peer.ws._socket.remoteAddress) + ')');
// Log the connection
if (sessionUser) {
var event = { etype: 'relay', action: 'relaylog', domain: domain.id, userid: sessionUser._id, username: sessionUser.name, msg: 'Started relay session \"' + obj.id + '\" from ' + cleanRemoteAddr(obj.peer.ws._socket.remoteAddress) + ' to ' + cleanRemoteAddr(ws._socket.remoteAddress) };
parent.parent.DispatchEvent(['*', user._id], obj, event);
}
2017-10-31 19:19:58 -04:00
} else {
// Connected already, drop (TODO: maybe we should re-connect?)
ws.close();
parent.parent.debug(1, 'Relay duplicate: ' + obj.id + ' (' + cleanRemoteAddr(ws._socket.remoteAddress) + ')');
delete obj.id;
delete obj.ws;
delete obj.peer;
return null;
}
2017-08-28 12:27:45 -04:00
} else {
2017-10-31 19:19:58 -04:00
// Wait for other relay connection
2018-12-01 00:23:10 -05:00
ws._socket.pause(); // Hold traffic until the other connection
parent.wsrelays[obj.id] = { peer1: obj, state: 1, timeout: setTimeout(function () { closeBothSides(); }, 30000) };
parent.parent.debug(1, 'Relay holding: ' + obj.id + ' (' + cleanRemoteAddr(ws._socket.remoteAddress) + ') ' + (obj.authenticated ? 'Authenticated' : ''));
2017-09-17 20:22:18 -04:00
2017-10-31 19:19:58 -04:00
// Check if a peer server has this connection
if (parent.parent.multiServer != null) {
var rsession = parent.wsPeerRelays[obj.id];
if ((rsession != null) && (rsession.serverId > parent.parent.serverId)) {
2017-10-31 19:19:58 -04:00
// We must initiate the connection to the peer
parent.parent.multiServer.createPeerRelay(ws, req, rsession.serverId, req.session.userid);
delete parent.wsrelays[obj.id];
} else {
// Send message to other peers that we have this connection
parent.parent.multiServer.DispatchMessage(JSON.stringify({ action: 'relay', id: obj.id }));
}
2017-09-17 20:22:18 -04:00
}
}
2017-08-28 12:27:45 -04:00
}
}
2018-01-16 20:30:34 -05:00
2018-12-11 20:52:37 -05:00
ws.flushSink = function () { try { ws._socket.resume(); } catch (ex) { console.log(ex); } };
2017-08-28 12:27:45 -04:00
// When data is received from the mesh relay web socket
2017-09-01 14:23:22 -04:00
ws.on('message', function (data) {
2017-12-19 11:50:19 -05:00
//console.log(typeof data, data.length);
2018-01-16 20:30:34 -05:00
if (this.peer != null) {
2018-07-06 13:13:19 -04:00
//if (typeof data == 'string') { console.log('Relay: ' + data); } else { console.log('Relay:' + data.length + ' byte(s)'); }
2018-12-11 20:52:37 -05:00
try {
this._socket.pause();
if (this.logfile != null) {
// Write data to log file then perform relay
var xthis = this;
try {
//console.log(obj);
if (typeof data == 'string') {
// String write
var blockData = Buffer.from(data), header = Buffer.alloc(16); // Header: Type (2) + Flags (2) + Size(4) + Time(8)
header.writeInt16BE(2, 0); // Type (1 = Header, 2 = Network Data)
header.writeInt16BE(((req.query.browser) ? 2 : 0), 2); // Flags (1 = Binary, 2 = User)
header.writeInt32BE(blockData.length, 4); // Size
header.writeIntBE(new Date(), 10, 6); // Time
var block = Buffer.concat([header, blockData]);
parent.parent.fs.write(this.logfile.fd, block, 0, block.length, function (err, bytesWritten, buffer) {
xthis.peer.send(data, ws.flushSink);
});
} else {
// Binary write
var header = Buffer.alloc(16); // Header: Type (2) + Flags (2) + Size(4) + Time(8)
header.writeInt16BE(2, 0); // Type (1 = Header, 2 = Network Data)
header.writeInt16BE(((req.query.browser) ? 3 : 1), 2); // Flags (1 = Binary, 2 = User)
header.writeInt32BE(data.length, 4); // Size
header.writeIntBE(new Date(), 10, 6); // Time
var block = Buffer.concat([header, data]);
parent.parent.fs.write(this.logfile.fd, block, 0, block.length, function (err, bytesWritten, buffer) {
xthis.peer.send(data, ws.flushSink);
});
}
} catch (ex) { console.log(ex); }
} else {
// Perform relay
this.peer.send(data, ws.flushSink);
}
2018-12-11 20:52:37 -05:00
} catch (ex) { console.log(ex); }
2018-01-16 20:30:34 -05:00
}
2017-09-01 14:23:22 -04:00
});
2017-08-28 12:27:45 -04:00
// If error, close both sides of the relay.
2018-12-11 20:52:37 -05:00
ws.on('error', function (err) {
parent.relaySessionErrorCount++;
if (obj.relaySessionCounted) { parent.relaySessionCount--; delete obj.relaySessionCounted; }
console.log('Relay error from ' + cleanRemoteAddr(ws._socket.remoteAddress) + ', ' + err.toString().split('\r')[0] + '.');
closeBothSides();
2018-12-11 20:52:37 -05:00
});
2017-08-28 12:27:45 -04:00
// If the relay web socket is closed, close both sides.
2017-08-28 12:27:45 -04:00
ws.on('close', function (req) {
if (obj.relaySessionCounted) { parent.relaySessionCount--; delete obj.relaySessionCounted; }
closeBothSides();
});
// Close both our side and the peer side.
function closeBothSides() {
2017-08-28 12:27:45 -04:00
if (obj.id != null) {
var relayinfo = parent.wsrelays[obj.id];
2017-09-17 20:22:18 -04:00
if (relayinfo != null) {
if (relayinfo.state == 2) {
var peer = (relayinfo.peer1 == obj) ? relayinfo.peer2 : relayinfo.peer1;
// Close the recording file
if (ws.logfile != null) { parent.parent.fs.close(ws.logfile.fd); ws.logfile = null; peer.ws.logfile = null; }
// Disconnect the peer
try { if (peer.relaySessionCounted) { parent.relaySessionCount--; delete peer.relaySessionCounted; } } catch (ex) { console.log(ex); }
parent.parent.debug(1, 'Relay disconnect: ' + obj.id + ' (' + cleanRemoteAddr(ws._socket.remoteAddress) + ' --> ' + cleanRemoteAddr(peer.ws._socket.remoteAddress) + ')');
2017-09-17 20:22:18 -04:00
try { peer.ws.close(); } catch (e) { } // Soft disconnect
try { peer.ws._socket._parent.end(); } catch (e) { } // Hard disconnect
// Log the disconnection
2019-08-01 18:44:08 -04:00
if (ws.time) {
if (user) {
var event = { etype: 'relay', action: 'relaylog', domain: domain.id, userid: user._id, username: parent.users[user._id].name, msg: 'Ended relay session \"' + obj.id + '\" from ' + cleanRemoteAddr(obj.peer.ws._socket.remoteAddress) + ' to ' + cleanRemoteAddr(ws._socket.remoteAddress) + ', ' + Math.floor((Date.now() - ws.time) / 1000) + ' second(s)' };
parent.parent.DispatchEvent(['*', user._id], obj, event);
} else if (peer.user) {
var event = { etype: 'relay', action: 'relaylog', domain: domain.id, userid: peer.user._id, username: parent.users[peer.user._id].name, msg: 'Ended relay session \"' + obj.id + '\" from ' + cleanRemoteAddr(obj.peer.ws._socket.remoteAddress) + ' to ' + cleanRemoteAddr(ws._socket.remoteAddress) + ', ' + Math.floor((Date.now() - ws.time) / 1000) + ' second(s)' };
parent.parent.DispatchEvent(['*', peer.user._id], obj, event);
}
}
// Aggressive peer cleanup
delete peer.id;
delete peer.ws;
delete peer.peer;
2017-09-17 20:22:18 -04:00
} else {
parent.parent.debug(1, 'Relay disconnect: ' + obj.id + ' (' + cleanRemoteAddr(ws._socket.remoteAddress) + ')');
2017-09-17 20:22:18 -04:00
}
try { ws.close(); } catch (ex) { }
2017-09-17 20:22:18 -04:00
delete parent.wsrelays[obj.id];
2017-08-28 12:27:45 -04:00
}
}
// Aggressive cleanup
delete obj.id;
delete obj.ws;
delete obj.peer;
}
2018-10-16 13:52:05 -04:00
// Mark this relay session as authenticated if this is the user end.
obj.authenticated = (user != null);
2018-10-16 13:52:05 -04:00
if (obj.authenticated) {
// Kick off the routing, if we have agent routing instructions, process them here.
// Routing instructions can only be given by a authenticated user
if ((cookie != null) && (cookie.nodeid != null) && (cookie.tcpport != null) && (cookie.domainid != null)) {
2018-10-16 13:52:05 -04:00
// We have routing instructions in the cookie, but first, check user access for this node.
parent.db.Get(cookie.nodeid, function (err, docs) {
2018-10-16 13:52:05 -04:00
if (docs.length == 0) { console.log('ERR: Node not found'); try { obj.close(); } catch (e) { } return; } // Disconnect websocket
var node = docs[0];
// Check if this user has permission to manage this computer
var meshlinks = user.links[node.meshid];
2018-10-16 13:52:05 -04:00
if ((!meshlinks) || (!meshlinks.rights) || ((meshlinks.rights & MESHRIGHT_REMOTECONTROL) == 0)) { console.log('ERR: Access denied (2)'); try { obj.close(); } catch (e) { } return; }
// Send connection request to agent
if (obj.id == undefined) { obj.id = ('' + Math.random()).substring(2); } // If there is no connection id, generate one.
var command = { nodeid: cookie.nodeid, action: 'msg', type: 'tunnel', value: '*/meshrelay.ashx?id=' + obj.id, tcpport: cookie.tcpport, tcpaddr: cookie.tcpaddr };
parent.parent.debug(1, 'Relay: Sending agent tunnel command: ' + JSON.stringify(command));
if (obj.sendAgentMessage(command, user._id, cookie.domainid) == false) { delete obj.id; parent.parent.debug(1, 'Relay: Unable to contact this agent (' + cleanRemoteAddr(ws._socket.remoteAddress) + ')'); }
2018-10-16 13:52:05 -04:00
performRelay();
});
return obj;
} else if ((req.query.nodeid != null) && ((req.query.tcpport != null) || (req.query.udpport != null))) {
2018-10-16 13:52:05 -04:00
// We have routing instructions in the URL arguments, but first, check user access for this node.
parent.db.Get(req.query.nodeid, function (err, docs) {
2018-10-16 13:52:05 -04:00
if (docs.length == 0) { console.log('ERR: Node not found'); try { obj.close(); } catch (e) { } return; } // Disconnect websocket
var node = docs[0];
// Check if this user has permission to manage this computer
var meshlinks = user.links[node.meshid];
2018-10-16 13:52:05 -04:00
if ((!meshlinks) || (!meshlinks.rights) || ((meshlinks.rights & MESHRIGHT_REMOTECONTROL) == 0)) { console.log('ERR: Access denied (2)'); try { obj.close(); } catch (e) { } return; }
// Send connection request to agent
if (obj.id == null) { obj.id = ('' + Math.random()).substring(2); } // If there is no connection id, generate one.
if (req.query.tcpport != null) {
var command = { nodeid: req.query.nodeid, action: 'msg', type: 'tunnel', value: '*/meshrelay.ashx?id=' + obj.id, tcpport: req.query.tcpport, tcpaddr: ((req.query.tcpaddr == null) ? '127.0.0.1' : req.query.tcpaddr) };
parent.parent.debug(1, 'Relay: Sending agent TCP tunnel command: ' + JSON.stringify(command));
if (obj.sendAgentMessage(command, user._id, domain.id) == false) { delete obj.id; parent.parent.debug(1, 'Relay: Unable to contact this agent (' + cleanRemoteAddr(ws._socket.remoteAddress) + ')'); }
} else if (req.query.udpport != null) {
var command = { nodeid: req.query.nodeid, action: 'msg', type: 'tunnel', value: '*/meshrelay.ashx?id=' + obj.id, udpport: req.query.udpport, udpaddr: ((req.query.udpaddr == null) ? '127.0.0.1' : req.query.udpaddr) };
parent.parent.debug(1, 'Relay: Sending agent UDP tunnel command: ' + JSON.stringify(command));
if (obj.sendAgentMessage(command, user._id, domain.id) == false) { delete obj.id; parent.parent.debug(1, 'Relay: Unable to contact this agent (' + cleanRemoteAddr(ws._socket.remoteAddress) + ')'); }
}
2018-10-16 13:52:05 -04:00
performRelay();
});
return obj;
}
}
// If this is not an authenticated session, or the session does not have routing instructions, just go ahead an connect to existing session.
performRelay();
2017-08-28 12:27:45 -04:00
return obj;
};
/*
Relay session recording required that "SessionRecording":true be set in the domain section of the config.json.
Once done, a folder "meshcentral-recordings" will be created next to "meshcentral-data" that will contain all
of the recording files with the .mcrec extension.
The recording files are binary and contain a set of:
<HEADER><DATABLOCK><HEADER><DATABLOCK><HEADER><DATABLOCK><HEADER><DATABLOCK>...
The header is always 16 bytes long and is encoded like this:
TYPE 2 bytes, 1 = Header, 2 = Network Data
FLAGS 2 bytes, 0x0001 = Binary, 0x0002 = User
SIZE 4 bytes, Size of the data following this header.
TIME 8 bytes, Time this record was written, number of milliseconds since 1 January, 1970 UTC.
All values are BigEndian encoded. The first data block is of TYPE 1 and contains a JSON string with information
about this recording. It looks something like this:
{
magic: 'MeshCentralRelaySession',
ver: 1,
userid: "user\domain\userid",
username: "username",
sessionid: "RandomValue",
ipaddr1: 1.2.3.4,
ipaddr2: 1.2.3.5,
time: new Date().toLocaleString()
}
The rest of the data blocks are all network traffic that was relayed thru the server. They are of TYPE 2 and have
a given size and timestamp. When looking at network traffic the flags are imporant.
- If traffic has the first (0x0001) flag set, the data is binary otherwise it's a string.
- If the traffic has the second (0x0002) flag set, traffic is coming from the user's browser, if not, it's coming from the MeshAgent.
*/