billchenchina/n2n
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Imported Debian patch 1.3.1~svn3789-1

Browse source
This commit is contained in:
cristian paul peñaranda rojas 2009-06-22 21:19:58 -05:00 committed by root
commit 50f9238581
20 changed files with 438 additions and 208 deletions
Download patch file Download diff file Expand all files Collapse all files

81
HACKING
View file

@ -186,11 +186,88 @@ up to date so contacting the host will be faster after an long idle time.
MAN PAGES MAN PAGES
--------- ---------
Look at a non-installed man page like this (linux): Look at a non-installed man page like this (linux/UNIX):
nroff -man edge.8 | less nroff -man edge.8 | less
PACKET FORMAT
-------------
Version 1
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
0 ! Version=1 ! Message Type ! TTL ! Origin !
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
4 ! !
8 ! Community Name !
12 ! !
16 ! !
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
20 ! Source MAC Address :
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
24 : Source MAC Address ! Destination MAC Address :
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
28 : Destination MAC Address !
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
32 ! Public Peer !
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
: :
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
40 : :
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
: :
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
48 : ! Alignment !
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
! Private Peer :
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
56 : :
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
: :
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
64 : :
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
: ! Alignment !
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
72 ! Packet Type !
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
! Seq Number !
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
80 ! CRC32 !
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Payload
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Version = 1
MessageType = 1
TTL = 1
Origin = 1
Community = 16
src MAC = 6
dst MAC = 6
Pub Peer = 19 (20)
Priv Peer = 19 (20)
Pkt Type = 1 (4)
Seq = 4
CRC = 4
======================
Total = 79 (84)
Sizes in parentheses indicate alignment adjusted sizes on i686. The intel
alignment is also shown in the diagram. Some platforms have different alignment
padding.
The above packet format describes the header of IP packets carried between edge
nodes. Payload is an encoded ethernet frame appended to the packet header. The
ethernet payload is encrypted and compressed.
When the payload is created it is first encrypted with twofish, then compressed
using lzo1x_compress. When the payload is decoded it is first decompressed using
lzo1x_decompress_safe then decrypted using twofish.
------- -------
April 2008 - Richard Andrews <bbmaj7@yahoo.com.au> January 2009 - Richard Andrews <bbmaj7@yahoo.com.au>

6
INSTALL
View file

@ -43,8 +43,8 @@ line in it:
To build an RPM the hard way follow these steps. To build an RPM the hard way follow these steps.
$ cp -a n2ndir n2n-1.2 $ cp -a n2ndir n2n-1.3
$ tar czf n2n-1.2.tar.gz n2n-1.2 $ tar czf n2n-1.3.tar.gz n2n-1.3
$ mv n2n-1.2.tar.gz /usr/src/redhat/SOURCES $ mv n2n-1.3.tar.gz /usr/src/redhat/SOURCES
$ cp n2ndir/n2n.spec /usr/src/redhat/SPECS $ cp n2ndir/n2n.spec /usr/src/redhat/SPECS
$ rpmbuild -bb n2n.spec $ rpmbuild -bb n2n.spec

24
Makefile
View file

@ -1,11 +1,18 @@
N2N_VERSION="1.2.2" N2N_VERSION="1.3.2"
######## ########
CC=gcc CC=gcc
CFLAGS+=-g -Wall -Wshadow -Wpointer-arith -Wmissing-declarations -Wnested-externs #-static DEBUG?=-g
WARN?=-Wall -Wshadow -Wpointer-arith -Wmissing-declarations -Wnested-externs
#Ultrasparc64 users experiencing SIGBUS should try the following gcc options
#(thanks to Robert Gibbon)
PLATOPTS_SPARC64=-mcpu=ultrasparc -pipe -fomit-frame-pointer -ffast-math -finline-functions -fweb -frename-registers -mapp-regs
CFLAGS+=$(DEBUG) $(WARN) $(OPTIONS) $(PLATOPTS)
INSTALL=install INSTALL=install
MKDIR=mkdir -p MKDIR=mkdir -p
@ -48,9 +55,9 @@ $(N2N_LIB): $(N2N_OBJS)
# $(RANLIB) $@ # $(RANLIB) $@
version.c: version.c:
echo $(N2N_VERSION) | sed -e 's/.*/char * version = "&";/' > version.c @echo $(N2N_VERSION) | sed -e 's/.*/const char * version = "&";/' > version.c
uname -p | sed -e 's/.*/char * osName = "&";/' >> version.c @uname -p | sed -e 's/.*/const char * osName = "&";/' >> version.c
date +"%D %r" | sed -e 's/.*/char * buildDate = "&";/' >> version.c @date +"%D %r" | sed -e 's/.*/const char * buildDate = "&";/' >> version.c
clean: clean:
rm -rf $(N2N_OBJS) $(N2N_LIB) $(APPS) $(DOCS) *.dSYM *~ version.c rm -rf $(N2N_OBJS) $(N2N_LIB) $(APPS) $(DOCS) *.dSYM *~ version.c
@ -62,3 +69,8 @@ install: edge supernode edge.8.gz supernode.1.gz
$(INSTALL_PROG) edge $(SBINDIR)/ $(INSTALL_PROG) edge $(SBINDIR)/
$(INSTALL_DOC) edge.8.gz $(MAN8DIR)/ $(INSTALL_DOC) edge.8.gz $(MAN8DIR)/
$(INSTALL_DOC) supernode.1.gz $(MAN1DIR)/ $(INSTALL_DOC) supernode.1.gz $(MAN1DIR)/
# Courtesy of Ole Tange <ole@tange.dk>
deb:
dpkg-buildpackage

10
debian/changelog vendored
View file

@ -1,3 +1,13 @@
n2n (1.3.1~svn3789-1) unstable; urgency=low
* Update package to version 1.3 from upstream cvs
* Removed "libc6-dev (>= 2.0)" build dependency (closes: Bug#533881)
* DH compatibility level is 7
* Run dh_prep instead of dh_clean -k
* Standards Version is 3.8.2
-- cristian paul peñaranda rojas <kristian.paul@gmail.com> Sun, 22 Jun 2009 21:19:58 -0500
n2n (1.2.2~svn3653) unstable; urgency=low n2n (1.2.2~svn3653) unstable; urgency=low
* Initial release (closes: Bug#507750) * Initial release (closes: Bug#507750)

2
debian/compat vendored
View file

@ -1 +1 @@
5 7

4
debian/control vendored
View file

@ -2,8 +2,8 @@ Source: n2n
Section: net Section: net
Priority: extra Priority: extra
Maintainer: cristian paul peñaranda rojas <kristian.paul@gmail.com> Maintainer: cristian paul peñaranda rojas <kristian.paul@gmail.com>
Build-Depends: debhelper (>= 5), libc6-dev (>= 2.0), quilt Build-Depends: debhelper (>= 7), quilt
Standards-Version: 3.8.0 Standards-Version: 3.8.2
Package: n2n Package: n2n
Architecture: any Architecture: any

4
debian/copyright vendored
View file

@ -1,6 +1,6 @@
This package was debianized by cristian paul peñaranda rojas <kristian.paul@gmail.com> on This package was debianized by cristian paul peñaranda rojas <kristian.paul@gmail.com> on
and is licensed under the GNU General Public License (GPL) version 3. and is licensed under the GNU General Public License (GPL) version 3.
A copy of the GNU GPL version 2 is in `/usr/share/common-licenses/GPL-3'. A copy of the GNU GPL version 3 is in `/usr/share/common-licenses/GPL-3'.
Sat, 29 Nov 2008 00:31:58 -0500. Sat, 29 Nov 2008 00:31:58 -0500.
@ -88,7 +88,7 @@ The Files:
Copyright (C) 1996 - 2005 Markus Franz Xaver Johannes Oberhumer Copyright (C) 1996 - 2005 Markus Franz Xaver Johannes Oberhumer
These file are part of the LZO real-time data compression library. These files are part of the LZO real-time data compression library.
All Rights Reserved. All Rights Reserved.

4
debian/patches/01-edge.8.diff vendored
View file

@ -1,8 +1,8 @@
--- a/edge.8.old 2008-12-02 20:33:54.000000000 -0500 --- a/edge.8.old 2008-12-02 20:33:54.000000000 -0500
+++ b/edge.8 2008-12-02 20:34:13.000000000 -0500 +++ b/edge.8 2008-12-02 20:34:13.000000000 -0500
@@ -1,4 +1,4 @@ @@ -1,4 +1,4 @@
-.TH edge 1 "May 3, 2008" "revision 3472" "SUPERUSER COMMANDS" -.TH edge 1 "Jan 3, 2009" "revision 3679" "SUPERUSER COMMANDS"
+.TH edge 8 "May 3, 2008" "revision 3472" "SUPERUSER COMMANDS" +.TH edge 8 "Jan 3, 2009" "revision 3679" "SUPERUSER COMMANDS"
.SH NAME .SH NAME
edge \- n2n edge node daemon edge \- n2n edge node daemon
.SH SYNOPSIS .SH SYNOPSIS

2
debian/rules vendored
View file

@ -46,7 +46,7 @@ clean: unpatch
install: build install: build
dh_testdir dh_testdir
dh_testroot dh_testroot
dh_clean -k dh_prep
dh_installdirs dh_installdirs
# Add here commands to install the package into debian/n2n. # Add here commands to install the package into debian/n2n.

95
edge.8
View file

@ -1,4 +1,4 @@
.TH edge 1 "May 3, 2008" "revision 3472" "SUPERUSER COMMANDS" .TH edge 1 "Jan 3, 2009" "revision 3679" "SUPERUSER COMMANDS"
.SH NAME .SH NAME
edge \- n2n edge node daemon edge \- n2n edge node daemon
.SH SYNOPSIS .SH SYNOPSIS
@ -13,65 +13,104 @@ begin to find other nodes in the community.
.PP .PP
.SH OPTIONS .SH OPTIONS
.TP .TP
\-d \-d <name>
sets the TAP device name as seen in ifconfig. sets the TAP device name as seen in ifconfig.
.TP .TP
\-a \-a <addr>
sets the n2n LAN IP address being claimed. sets the n2n virtual LAN IP address being claimed. This is a private IP
address. All IP addresses in an n2n community should belong to the same /24
network (ie. only the last segment of the IP addresses varies).
.TP .TP
\-c \-b
sets the n2n community name. cause edge to perform hostname resolution for the supernode address each time
the supernode is periodically contacted.
.TP .TP
\-k \-c <community>
sets the twofish encryption key from ASCII text (see also N2N_KEY in ENVIRONMENT) sets the n2n community name. All edges within the same community look to be on
the same LAN (layer 2 network segment). All edges communicating must use the
same key and community name.
.TP .TP
\-l \-h
sets the n2n supernode IP address and port to register to write usage to tty then exit.
.TP .TP
\-p \-k <keystring>
binds to the given UDP port sets the twofish encryption key from ASCII text (see also N2N_KEY in
ENVIRONMENT). All edges communicating must use the same key and community name.
.TP .TP
\-u \-l <addr>:<port>
causes the edge process to drop to the given user ID when privileges are no longer required sets the n2n supernode IP address and port to register to.
.TP .TP
\-g \-p <num>
causes the edge process to drop to the given group ID when privileges are no longer required binds edge to the given UDP port. Useful for keeping the same external socket
across restarts of edge.
.TP
\-u <uid>
causes the edge process to drop to the given user ID when privileges are no
longer required.
.TP
\-g <gid>
causes the edge process to drop to the given group ID when privileges are no
longer required.
.TP .TP
\-f \-f
causes the edge process to fork and run as a daemon, closing stdin, stdout, stderr and becoming a process group leader causes the edge process to fork and run as a daemon, closing stdin, stdout,
stderr and becoming a process group leader.
.TP .TP
\-m \-m <MAC>
start the TAP interface with the given MAC address. This is highly recommended start the TAP interface with the given MAC address. This is highly recommended
as it means the same address will be used if edge stops and restarts. If this is as it means the same address will be used if edge stops and restarts. If this is
not done, the ARP caches of all peers will be wrong and packets will not flow to not done, the ARP caches of all peers will be wrong and packets will not flow to
this edge until the next ARP refresh. this edge until the next ARP refresh.
.TP .TP
\-M <MTU>
set the MTU of the edge interface in bytes. MTU is the largest packet fragment
size allowed to be moved throught the interface. The default is 1400.
.TP
\-s <netmask>
set the netmask of edge interface in IPv4 dotted decimal notation. The default
is 255.255.255.0 (ie. /24).
.TP
\-t \-t
use HTTP tunneling instead of the normal UDP mechanism (experimental) use HTTP tunneling instead of the normal UDP mechanism (experimental).
.TP .TP
\-r \-r
all packet forwarding/routing through the n2n virtual LAN enable packet forwarding/routing through the n2n virtual LAN. Without this
option, packets arriving over n2n which are not for the -a <addr> IP address are
dropped.
.TP .TP
\-v \-v
use verbose logging use verbose logging.
.SH ENVIRONMENT .SH ENVIRONMENT
.TP .TP
.B N2N_KEY .B N2N_KEY
set the encryption key so it is not visible on the command line set the encryption key so it is not visible on the command line
.SH EXAMPLES .SH EXAMPLES
.TP .TP
.B edge \-d n2n0 \-c mynetwork \-k encryptme \-u 99 \-g 99 \-m DE:AD:BE:EF:01:23 \-a 192.168.254.7 \-l 123.121.120.119:7654 .B edge \-d n2n0 \-c mynetwork \-k encryptme \-u 99 \-g 99 \-m DE:AD:BE:EF:01:23 \-a 192.168.254.7 \-p 50001 \-l 123.121.120.119:7654
Start edge with TAP device n2n0 on community "mynetwork" with community Start edge with TAP device n2n0 on community "mynetwork" with community
supernode at 123.121.120.119 UDP port 7654. Use "encryptme" as the shared supernode at 123.121.120.119 UDP port 7654 and bind the locally used UDP port to
encryption key. Assign MAC address DE:AD:BE:EF:01:23 to the n2n interface and 50001. Use "encryptme" as the shared encryption key. Assign MAC address
drop to user=99 and group=99 after the TAP device is successfull configured. DE:AD:BE:EF:01:23 to the n2n interface and drop to user=99 and group=99 after
the TAP device is successfull configured.
.PP .PP
Add the -f option to make it run as a daemon Add the -f option to make edge run as a daemon.
.PP .PP
Somewhere else setup another edge with similar parameters, eg.
.B edge \-d n2n0 \-c mynetwork \-k encryptme \-u 99 \-g 99 \-m DE:AD:BE:EF:01:21 \-a 192.168.254.5 \-p 50001 \-l 123.121.120.119:7654
.PP
Now you can ping from 192.168.254.5 to 192.168.254.7.
.PP
The MAC address (-m <MAC>) and virtual IP address (-a <addr>) must be different on all edges in the same community.
.SH CONFIGURATION
All configuration for edge is from the command line and environment
variables. If you wish to reconfigure edge you should kill the process and
restart with the desired options.
.SH EXIT STATUS .SH EXIT STATUS
edge is a daemon and any exit is an error edge is a daemon and any exit is an error.
.SH AUTHOR .SH AUTHOR
Luca Deri ( deri (at) ntop.org ), Richard Andrews ( andrews (at) ntop.org ), Don Bindner Luca Deri ( deri (at) ntop.org ), Richard Andrews ( andrews (at) ntop.org ), Don Bindner
.SH SEE ALSO .SH SEE ALSO
ifconfig(1) supernode(1) tunctl(1) ifconfig(8) supernode(1) tunctl(8)

140
edge.c
View file

@ -1,5 +1,6 @@
/* /*
* (C) 2007-09 - Luca Deri <deri@ntop.org> * (C) 2007-09 - Luca Deri <deri@ntop.org>
* Richard Andrews <andrews@ntop.org>
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
@ -15,8 +16,9 @@
* along with this program; if not see see <http://www.gnu.org/licenses/> * along with this program; if not see see <http://www.gnu.org/licenses/>
* *
* Code contributions courtesy of: * Code contributions courtesy of:
* Richard Andrews <bbmaj7@yahoo.com.au>
* Don Bindner <don.bindner@gmail.com> * Don Bindner <don.bindner@gmail.com>
* Sylwester Sosnowski <syso-n2n@no-route.org>
* Wilfried "Wonka" Klaebe
* *
*/ */
@ -49,7 +51,8 @@ struct n2n_edge
int allow_routing /*= 0*/; int allow_routing /*= 0*/;
int drop_ipv6_ndp /*= 0*/; int drop_ipv6_ndp /*= 0*/;
char * encrypt_key /* = NULL*/; char * encrypt_key /* = NULL*/;
TWOFISH * tf; TWOFISH * enc_tf;
TWOFISH * dec_tf;
struct peer_info * known_peers /* = NULL*/; struct peer_info * known_peers /* = NULL*/;
struct peer_info * pending_peers /* = NULL*/; struct peer_info * pending_peers /* = NULL*/;
@ -141,7 +144,7 @@ static char ** buildargv(char * const linebuffer) {
char ** argv; char ** argv;
char * buffer, * buff; char * buffer, * buff;
buffer = (char *)malloc(strlen(linebuffer)+2); buffer = (char *)calloc(1, strlen(linebuffer)+2);
if (!buffer) { if (!buffer) {
traceEvent( TRACE_ERROR, "Unable to allocate memory"); traceEvent( TRACE_ERROR, "Unable to allocate memory");
return NULL; return NULL;
@ -199,7 +202,8 @@ static int edge_init(n2n_edge_t * eee) {
eee->allow_routing = 0; eee->allow_routing = 0;
eee->drop_ipv6_ndp = 0; eee->drop_ipv6_ndp = 0;
eee->encrypt_key = NULL; eee->encrypt_key = NULL;
eee->tf = NULL; eee->enc_tf = NULL;
eee->dec_tf = NULL;
eee->known_peers = NULL; eee->known_peers = NULL;
eee->pending_peers = NULL; eee->pending_peers = NULL;
eee->last_register = 0; eee->last_register = 0;
@ -214,9 +218,10 @@ static int edge_init(n2n_edge_t * eee) {
static int edge_init_twofish( n2n_edge_t * eee, u_int8_t *encrypt_pwd, u_int32_t encrypt_pwd_len ) static int edge_init_twofish( n2n_edge_t * eee, u_int8_t *encrypt_pwd, u_int32_t encrypt_pwd_len )
{ {
eee->tf = TwoFishInit(encrypt_pwd, encrypt_pwd_len); eee->enc_tf = TwoFishInit(encrypt_pwd, encrypt_pwd_len);
eee->dec_tf = TwoFishInit(encrypt_pwd, encrypt_pwd_len);
if ( eee->tf ) if ( (eee->enc_tf) && (eee->dec_tf) )
{ {
return 0; return 0;
} }
@ -229,7 +234,8 @@ static int edge_init_twofish( n2n_edge_t * eee, u_int8_t *encrypt_pwd, u_int32_t
/* ************************************** */ /* ************************************** */
static void edge_deinit(n2n_edge_t * eee) { static void edge_deinit(n2n_edge_t * eee) {
TwoFishDestroy(eee->tf); TwoFishDestroy(eee->enc_tf);
TwoFishDestroy(eee->dec_tf);
if ( eee->sinfo.sock >=0 ) if ( eee->sinfo.sock >=0 )
{ {
close( eee->sinfo.sock ); close( eee->sinfo.sock );
@ -248,6 +254,7 @@ static void help() {
"-a <tun IP address> " "-a <tun IP address> "
"-c <community> " "-c <community> "
"-k <encrypt key> " "-k <encrypt key> "
"-s <netmask> "
#ifndef WIN32 #ifndef WIN32
"[-u <uid> -g <gid>]" "[-u <uid> -g <gid>]"
"[-f]" "[-f]"
@ -255,7 +262,7 @@ static void help() {
"[-m <MAC address>]" "[-m <MAC address>]"
"\n" "\n"
"-l <supernode host:port> " "-l <supernode host:port> "
"[-p <local port>] " "[-p <local port>] [-M <mtu>] "
"[-t] [-r] [-v] [-b] [-h]\n\n"); "[-t] [-r] [-v] [-b] [-h]\n\n");
#ifdef __linux__ #ifdef __linux__
@ -265,6 +272,7 @@ static void help() {
printf("-a <tun IP address> | n2n IP address\n"); printf("-a <tun IP address> | n2n IP address\n");
printf("-c <community> | n2n community name\n"); printf("-c <community> | n2n community name\n");
printf("-k <encrypt key> | Encryption key (ASCII) - also N2N_KEY=<encrypt key>\n"); printf("-k <encrypt key> | Encryption key (ASCII) - also N2N_KEY=<encrypt key>\n");
printf("-s <netmask> | Edge interface netmask in dotted decimal notation (255.255.255.0)\n");
printf("-l <supernode host:port> | Supernode IP:port\n"); printf("-l <supernode host:port> | Supernode IP:port\n");
printf("-b | Periodically resolve supernode IP\n"); printf("-b | Periodically resolve supernode IP\n");
printf(" | (when supernodes are running on dynamic IPs)\n"); printf(" | (when supernodes are running on dynamic IPs)\n");
@ -276,6 +284,7 @@ static void help() {
#endif #endif
printf("-m <MAC address> | Choose a MAC address for the TAP interface\n" printf("-m <MAC address> | Choose a MAC address for the TAP interface\n"
" | eg. -m 01:02:03:04:05:06\n"); " | eg. -m 01:02:03:04:05:06\n");
printf("-M <mtu> | Specify n2n MTU (default %d)\n", DEFAULT_MTU);
printf("-t | Use http tunneling (experimental)\n"); printf("-t | Use http tunneling (experimental)\n");
printf("-r | Enable packet forwarding through n2n community\n"); printf("-r | Enable packet forwarding through n2n community\n");
printf("-v | Verbose\n"); printf("-v | Verbose\n");
@ -288,7 +297,6 @@ static void help() {
/* *********************************************** */ /* *********************************************** */
static void send_register( n2n_edge_t * eee, static void send_register( n2n_edge_t * eee,
const struct peer_addr *remote_peer, const struct peer_addr *remote_peer,
u_char is_ack) { u_char is_ack) {
@ -303,9 +311,9 @@ static void send_register( n2n_edge_t * eee,
memcpy(hdr.community_name, eee->community_name, COMMUNITY_LEN); memcpy(hdr.community_name, eee->community_name, COMMUNITY_LEN);
marshall_n2n_packet_header( (u_int8_t *)pkt, &hdr ); marshall_n2n_packet_header( (u_int8_t *)pkt, &hdr );
send_packet( &(eee->sinfo), pkt, &len, remote_peer, 1 ); send_packet( &(eee->sinfo), pkt, &len, remote_peer, N2N_COMPRESSION_ENABLED );
traceEvent(TRACE_INFO, "Sent %s message to %s:%d", traceEvent(TRACE_INFO, "Sent %s message to %s:%hd",
((hdr.msg_type==MSG_TYPE_REGISTER)?"MSG_TYPE_REGISTER":"MSG_TYPE_REGISTER_ACK"), ((hdr.msg_type==MSG_TYPE_REGISTER)?"MSG_TYPE_REGISTER":"MSG_TYPE_REGISTER_ACK"),
intoa(ntohl(remote_peer->addr_type.v4_addr), ip_buf, sizeof(ip_buf)), intoa(ntohl(remote_peer->addr_type.v4_addr), ip_buf, sizeof(ip_buf)),
ntohs(remote_peer->port)); ntohs(remote_peer->port));
@ -325,7 +333,7 @@ static void send_deregister(n2n_edge_t * eee,
memcpy(hdr.community_name, eee->community_name, COMMUNITY_LEN); memcpy(hdr.community_name, eee->community_name, COMMUNITY_LEN);
marshall_n2n_packet_header( (u_int8_t *)pkt, &hdr ); marshall_n2n_packet_header( (u_int8_t *)pkt, &hdr );
send_packet( &(eee->sinfo), pkt, &len, remote_peer, 1); send_packet( &(eee->sinfo), pkt, &len, remote_peer, N2N_COMPRESSION_ENABLED);
} }
/* *********************************************** */ /* *********************************************** */
@ -377,7 +385,7 @@ void try_send_register( n2n_edge_t * eee,
traceEvent( TRACE_NORMAL, "Pending peers list size=%ld", traceEvent( TRACE_NORMAL, "Pending peers list size=%ld",
peer_list_size( eee->pending_peers ) ); peer_list_size( eee->pending_peers ) );
traceEvent( TRACE_NORMAL, "Sending REGISTER request to %s:%d", traceEvent( TRACE_NORMAL, "Sending REGISTER request to %s:%hd",
intoa(ntohl(scan->public_ip.addr_type.v4_addr), ip_buf, sizeof(ip_buf)), intoa(ntohl(scan->public_ip.addr_type.v4_addr), ip_buf, sizeof(ip_buf)),
ntohs(scan->public_ip.port)); ntohs(scan->public_ip.port));
@ -396,7 +404,7 @@ void try_send_register( n2n_edge_t * eee,
/* over-write supernode-based socket with direct socket. */ /* over-write supernode-based socket with direct socket. */
scan->public_ip = hdr->public_ip; scan->public_ip = hdr->public_ip;
traceEvent( TRACE_NORMAL, "Sending additional REGISTER request to %s:%d", traceEvent( TRACE_NORMAL, "Sending additional REGISTER request to %s:%hd",
intoa(ntohl(scan->public_ip.addr_type.v4_addr), ip_buf, sizeof(ip_buf)), intoa(ntohl(scan->public_ip.addr_type.v4_addr), ip_buf, sizeof(ip_buf)),
ntohs(scan->public_ip.port)); ntohs(scan->public_ip.port));
@ -473,7 +481,7 @@ void set_peer_operational( n2n_edge_t * eee, const struct n2n_packet_header * hd
scan->public_ip = hdr->public_ip; scan->public_ip = hdr->public_ip;
traceEvent(TRACE_INFO, "=== new peer [mac=%s][socket=%s:%d]", traceEvent(TRACE_INFO, "=== new peer [mac=%s][socket=%s:%hd]",
macaddr_str(scan->mac_addr, mac_buf, sizeof(mac_buf)), macaddr_str(scan->mac_addr, mac_buf, sizeof(mac_buf)),
intoa(ntohl(scan->public_ip.addr_type.v4_addr), ip_buf, sizeof(ip_buf)), intoa(ntohl(scan->public_ip.addr_type.v4_addr), ip_buf, sizeof(ip_buf)),
ntohs(scan->public_ip.port)); ntohs(scan->public_ip.port));
@ -501,7 +509,7 @@ void trace_registrations( struct peer_info * scan )
while ( scan ) while ( scan )
{ {
traceEvent(TRACE_INFO, "=== peer [mac=%s][socket=%s:%d]", traceEvent(TRACE_INFO, "=== peer [mac=%s][socket=%s:%hd]",
macaddr_str(scan->mac_addr, mac_buf, sizeof(mac_buf)), macaddr_str(scan->mac_addr, mac_buf, sizeof(mac_buf)),
intoa(ntohl(scan->public_ip.addr_type.v4_addr), ip_buf, sizeof(ip_buf)), intoa(ntohl(scan->public_ip.addr_type.v4_addr), ip_buf, sizeof(ip_buf)),
ntohs(scan->public_ip.port)); ntohs(scan->public_ip.port));
@ -563,7 +571,7 @@ static void update_peer_address(n2n_edge_t * eee,
{ {
if ( 0 == hdr->sent_by_supernode ) if ( 0 == hdr->sent_by_supernode )
{ {
traceEvent( TRACE_NORMAL, "Peer changed public socket, Was %s:%d", traceEvent( TRACE_NORMAL, "Peer changed public socket, Was %s:%hd",
intoa(ntohl(hdr->public_ip.addr_type.v4_addr), ip_buf, sizeof(ip_buf)), intoa(ntohl(hdr->public_ip.addr_type.v4_addr), ip_buf, sizeof(ip_buf)),
ntohs(hdr->public_ip.port)); ntohs(hdr->public_ip.port));
@ -686,7 +694,7 @@ static int find_peer_destination(n2n_edge_t * eee,
mac_address[3] & 0xFF, mac_address[4] & 0xFF, mac_address[5] & 0xFF); mac_address[3] & 0xFF, mac_address[4] & 0xFF, mac_address[5] & 0xFF);
while(scan != NULL) { while(scan != NULL) {
traceEvent(TRACE_INFO, "Evaluating peer [MAC=%02X:%02X:%02X:%02X:%02X:%02X][ip=%s:%d]", traceEvent(TRACE_INFO, "Evaluating peer [MAC=%02X:%02X:%02X:%02X:%02X:%02X][ip=%s:%hd]",
scan->mac_addr[0] & 0xFF, scan->mac_addr[1] & 0xFF, scan->mac_addr[2] & 0xFF, scan->mac_addr[0] & 0xFF, scan->mac_addr[1] & 0xFF, scan->mac_addr[2] & 0xFF,
scan->mac_addr[3] & 0xFF, scan->mac_addr[4] & 0xFF, scan->mac_addr[5] & 0xFF, scan->mac_addr[3] & 0xFF, scan->mac_addr[4] & 0xFF, scan->mac_addr[5] & 0xFF,
intoa(ntohl(scan->public_ip.addr_type.v4_addr), ip_buf, sizeof(ip_buf)), intoa(ntohl(scan->public_ip.addr_type.v4_addr), ip_buf, sizeof(ip_buf)),
@ -707,7 +715,7 @@ static int find_peer_destination(n2n_edge_t * eee,
memcpy(destination, &(eee->supernode), sizeof(struct sockaddr_in)); memcpy(destination, &(eee->supernode), sizeof(struct sockaddr_in));
} }
traceEvent(TRACE_INFO, "find_peer_address(%s) -> [socket=%s:%d]", traceEvent(TRACE_INFO, "find_peer_address(%s) -> [socket=%s:%hd]",
macaddr_str( (char *)mac_address, mac_buf, sizeof(mac_buf)), macaddr_str( (char *)mac_address, mac_buf, sizeof(mac_buf)),
intoa(ntohl(destination->addr_type.v4_addr), ip_buf, sizeof(ip_buf)), intoa(ntohl(destination->addr_type.v4_addr), ip_buf, sizeof(ip_buf)),
ntohs(destination->port)); ntohs(destination->port));
@ -746,18 +754,17 @@ static void send_packet2net(n2n_edge_t * eee,
/* Discard IP packets that are not originated by this hosts */ /* Discard IP packets that are not originated by this hosts */
if(!(eee->allow_routing)) { if(!(eee->allow_routing)) {
if(ntohs(eh->ether_type) == 0x0800) { if(ntohs(eh->ether_type) == 0x0800) {
/* This is an IP packet from the local source address - not forwarded. */ /* This is an IP packet from the local source address - not forwarded. */
#define ETH_FRAMESIZE 14 #define ETH_FRAMESIZE 14
#define IP4_SRCOFFSET 12 #define IP4_SRCOFFSET 12
#define IP4_ADDRSIZE 4 u_int32_t *dst = (u_int32_t*)&decrypted_msg[ETH_FRAMESIZE + IP4_SRCOFFSET];
/* Note: all elements of the_ip are in network order */ /* Note: all elements of the_ip are in network order */
if( 0 != memcmp( decrypted_msg + ETH_FRAMESIZE + IP4_SRCOFFSET, if( *dst != eee->device.ip_addr) {
&(eee->device.ip_addr), /* This is a packet that needs to be routed */
IP4_ADDRSIZE ) ) { traceEvent(TRACE_INFO, "Discarding routed packet [%s]",
/* This is a packet that needs to be routed */ intoa(ntohl(*dst), ip_buf, sizeof(ip_buf)));
traceEvent(TRACE_INFO, "Discarding routed packet"); return;
return;
} else { } else {
/* This packet is originated by us */ /* This packet is originated by us */
/* traceEvent(TRACE_INFO, "Sending non-routed packet"); */ /* traceEvent(TRACE_INFO, "Sending non-routed packet"); */
@ -767,7 +774,7 @@ static void send_packet2net(n2n_edge_t * eee,
/* Encrypt "decrypted_msg" into the second half of the n2n packet. */ /* Encrypt "decrypted_msg" into the second half of the n2n packet. */
len = TwoFishEncryptRaw((u_int8_t *)decrypted_msg, len = TwoFishEncryptRaw((u_int8_t *)decrypted_msg,
(u_int8_t *)&packet[N2N_PKT_HDR_SIZE], len, eee->tf); (u_int8_t *)&packet[N2N_PKT_HDR_SIZE], len, eee->enc_tf);
/* Add the n2n header to the start of the n2n packet. */ /* Add the n2n header to the start of the n2n packet. */
fill_standard_header_fields( &(eee->sinfo), &hdr, (char*)(eee->device.mac_addr) ); fill_standard_header_fields( &(eee->sinfo), &hdr, (char*)(eee->device.mac_addr) );
@ -781,7 +788,7 @@ static void send_packet2net(n2n_edge_t * eee,
len += N2N_PKT_HDR_SIZE; len += N2N_PKT_HDR_SIZE;
if(find_peer_destination(eee, eh->ether_dhost, &destination)) if(find_peer_destination(eee, eh->ether_dhost, &destination))
traceEvent(TRACE_INFO, "** Going direct [dst_mac=%s][dest=%s:%d]", traceEvent(TRACE_INFO, "** Going direct [dst_mac=%s][dest=%s:%hd]",
macaddr_str((char*)eh->ether_dhost, mac_buf, sizeof(mac_buf)), macaddr_str((char*)eh->ether_dhost, mac_buf, sizeof(mac_buf)),
intoa(ntohl(destination.addr_type.v4_addr), ip_buf, sizeof(ip_buf)), intoa(ntohl(destination.addr_type.v4_addr), ip_buf, sizeof(ip_buf)),
ntohs(destination.port)); ntohs(destination.port));
@ -790,7 +797,8 @@ static void send_packet2net(n2n_edge_t * eee,
macaddr_str((char*)eh->ether_shost, mac_buf, sizeof(mac_buf)), macaddr_str((char*)eh->ether_shost, mac_buf, sizeof(mac_buf)),
macaddr_str((char*)eh->ether_dhost, mac2_buf, sizeof(mac2_buf))); macaddr_str((char*)eh->ether_dhost, mac2_buf, sizeof(mac2_buf)));
data_sent_len = reliable_sendto( &(eee->sinfo), packet, &len, &destination, 1); data_sent_len = reliable_sendto( &(eee->sinfo), packet, &len, &destination,
N2N_COMPRESSION_ENABLED);
if(data_sent_len != len) if(data_sent_len != len)
traceEvent(TRACE_WARNING, "sendto() [sent=%d][attempted_to_send=%d] [%s]\n", traceEvent(TRACE_WARNING, "sendto() [sent=%d][attempted_to_send=%d] [%s]\n",
@ -850,6 +858,8 @@ static int check_received_packet(n2n_edge_t * eee, char *pkt,
} else if(pkt_len > 32 /* IP + Ethernet */) { } else if(pkt_len > 32 /* IP + Ethernet */) {
/* Check if this packet is for us or if it's routed */ /* Check if this packet is for us or if it's routed */
struct ether_header *eh = (struct ether_header*)pkt; struct ether_header *eh = (struct ether_header*)pkt;
const struct in_addr bcast = { 0xffffffff };
if(ntohs(eh->ether_type) == 0x0800) { if(ntohs(eh->ether_type) == 0x0800) {
@ -857,8 +867,14 @@ static int check_received_packet(n2n_edge_t * eee, char *pkt,
struct ip *the_ip = (struct ip*)(pkt+sizeof(struct ether_header)); struct ip *the_ip = (struct ip*)(pkt+sizeof(struct ether_header));
if((the_ip->ip_dst.s_addr != eee->device.ip_addr) if((the_ip->ip_dst.s_addr != eee->device.ip_addr)
&& ((the_ip->ip_dst.s_addr & eee->device.device_mask) != (eee->device.ip_addr & eee->device.device_mask))) /* Not a broadcast */ && ((the_ip->ip_dst.s_addr & eee->device.device_mask) != (eee->device.ip_addr & eee->device.device_mask)) /* Not a broadcast */
{ && ((the_ip->ip_dst.s_addr & 0xE0000000) != (0xE0000000 /* 224.0.0.0-239.255.255.255 */)) /* Not a multicast */
&& ((the_ip->ip_dst.s_addr) != (bcast.s_addr)) /* always broadcast (RFC919) */
&& (!(eee->allow_routing)) /* routing is enabled so let it in */
)
{
/* Dropping the packet */
ipstr_t ip_buf; ipstr_t ip_buf;
ipstr_t ip_buf2; ipstr_t ip_buf2;
@ -866,7 +882,7 @@ static int check_received_packet(n2n_edge_t * eee, char *pkt,
traceEvent(TRACE_INFO, "Discarding routed packet [rcvd=%s][expected=%s]", traceEvent(TRACE_INFO, "Discarding routed packet [rcvd=%s][expected=%s]",
intoa(ntohl(the_ip->ip_dst.s_addr), ip_buf, sizeof(ip_buf)), intoa(ntohl(the_ip->ip_dst.s_addr), ip_buf, sizeof(ip_buf)),
intoa(ntohl(eee->device.ip_addr), ip_buf2, sizeof(ip_buf2))); intoa(ntohl(eee->device.ip_addr), ip_buf2, sizeof(ip_buf2)));
} else { } else {
/* This packet is for us */ /* This packet is for us */
/* traceEvent(TRACE_INFO, "Received non-routed packet"); */ /* traceEvent(TRACE_INFO, "Received non-routed packet"); */
@ -927,7 +943,8 @@ void readFromIPSocket( n2n_edge_t * eee )
struct n2n_packet_header hdr_storage; struct n2n_packet_header hdr_storage;
len = receive_data( &(eee->sinfo), packet, sizeof(packet), &sender, len = receive_data( &(eee->sinfo), packet, sizeof(packet), &sender,
&discarded_pkt, (char*)(eee->device.mac_addr), 1, &hdr_storage); &discarded_pkt, (char*)(eee->device.mac_addr),
N2N_COMPRESSION_ENABLED, &hdr_storage);
if(len <= 0) return; if(len <= 0) return;
@ -944,7 +961,7 @@ void readFromIPSocket( n2n_edge_t * eee )
else { else {
struct n2n_packet_header *hdr = &hdr_storage; struct n2n_packet_header *hdr = &hdr_storage;
traceEvent(TRACE_INFO, "Received packet from %s:%d", traceEvent(TRACE_INFO, "Received packet from %s:%hd",
intoa(ntohl(sender.addr_type.v4_addr), ip_buf, sizeof(ip_buf)), intoa(ntohl(sender.addr_type.v4_addr), ip_buf, sizeof(ip_buf)),
ntohs(sender.port)); ntohs(sender.port));
@ -953,7 +970,7 @@ void readFromIPSocket( n2n_edge_t * eee )
hdr->sent_by_supernode ? "supernode" : "peer", hdr->sent_by_supernode ? "supernode" : "peer",
macaddr_str(hdr->dst_mac, mac_buf, sizeof(mac_buf))); macaddr_str(hdr->dst_mac, mac_buf, sizeof(mac_buf)));
if(hdr->version != N2N_VERSION) { if(hdr->version != N2N_PKT_VERSION) {
traceEvent(TRACE_WARNING, traceEvent(TRACE_WARNING,
"Received packet with unknown protocol version (%d): discarded\n", "Received packet with unknown protocol version (%d): discarded\n",
hdr->version); hdr->version);
@ -978,7 +995,7 @@ void readFromIPSocket( n2n_edge_t * eee )
/* Decrypt message first */ /* Decrypt message first */
len = TwoFishDecryptRaw((u_int8_t *)&packet[N2N_PKT_HDR_SIZE], len = TwoFishDecryptRaw((u_int8_t *)&packet[N2N_PKT_HDR_SIZE],
(u_int8_t *)decrypted_msg, len, eee->tf); (u_int8_t *)decrypted_msg, len, eee->dec_tf);
if(len > 0) { if(len > 0) {
if(check_received_packet(eee, decrypted_msg, len) == 0) { if(check_received_packet(eee, decrypted_msg, len) == 0) {
@ -998,13 +1015,13 @@ void readFromIPSocket( n2n_edge_t * eee )
traceEvent(TRACE_INFO, "### Tx L2 Msg -> tun"); traceEvent(TRACE_INFO, "### Tx L2 Msg -> tun");
} }
} else { } else {
traceEvent(TRACE_WARNING, "Bad destination: message discarded"); traceEvent(TRACE_WARNING, "Bad destination: message discarded");
} }
} }
/* else silently ignore empty packet. */ /* else silently ignore empty packet. */
} else if(hdr->msg_type == MSG_TYPE_REGISTER) { } else if(hdr->msg_type == MSG_TYPE_REGISTER) {
traceEvent(TRACE_INFO, "Received registration request from remote peer [ip=%s:%d]", traceEvent(TRACE_INFO, "Received registration request from remote peer [ip=%s:%hd]",
intoa(ntohl(hdr->public_ip.addr_type.v4_addr), ip_buf, sizeof(ip_buf)), intoa(ntohl(hdr->public_ip.addr_type.v4_addr), ip_buf, sizeof(ip_buf)),
ntohs(hdr->public_ip.port)); ntohs(hdr->public_ip.port));
if ( 0 == memcmp(hdr->dst_mac, (eee->device.mac_addr), 6) ) if ( 0 == memcmp(hdr->dst_mac, (eee->device.mac_addr), 6) )
@ -1015,7 +1032,7 @@ void readFromIPSocket( n2n_edge_t * eee )
send_register(eee, &hdr->public_ip, 1); /* Send ACK back */ send_register(eee, &hdr->public_ip, 1); /* Send ACK back */
} else if(hdr->msg_type == MSG_TYPE_REGISTER_ACK) { } else if(hdr->msg_type == MSG_TYPE_REGISTER_ACK) {
traceEvent(TRACE_NORMAL, "Received REGISTER_ACK from remote peer [ip=%s:%d]", traceEvent(TRACE_NORMAL, "Received REGISTER_ACK from remote peer [ip=%s:%hd]",
intoa(ntohl(hdr->public_ip.addr_type.v4_addr), ip_buf, sizeof(ip_buf)), intoa(ntohl(hdr->public_ip.addr_type.v4_addr), ip_buf, sizeof(ip_buf)),
ntohs(hdr->public_ip.port)); ntohs(hdr->public_ip.port));
@ -1116,7 +1133,7 @@ static void supernode2addr(n2n_edge_t * eee, char* addr) {
eee->supernode.addr_type.v4_addr = inet_addr(supernode_host); eee->supernode.addr_type.v4_addr = inet_addr(supernode_host);
} }
traceEvent(TRACE_NORMAL, "Using supernode %s:%d", traceEvent(TRACE_NORMAL, "Using supernode %s:%hd",
intoa(ntohl(eee->supernode.addr_type.v4_addr), ip_buf, sizeof(ip_buf)), intoa(ntohl(eee->supernode.addr_type.v4_addr), ip_buf, sizeof(ip_buf)),
ntohs(eee->supernode.port)); ntohs(eee->supernode.port));
} else } else
@ -1127,10 +1144,16 @@ static void supernode2addr(n2n_edge_t * eee, char* addr) {
extern int useSyslog; extern int useSyslog;
#define N2N_NETMASK_STR_SIZE 16 /* dotted decimal 12 numbers + 3 dots */
int main(int argc, char* argv[]) { int main(int argc, char* argv[]) {
int opt, local_port = 0 /* any port */; int opt, local_port = 0 /* any port */;
char *tuntap_dev_name = "edge0"; char *tuntap_dev_name = "edge0";
char *ip_addr = NULL; char *ip_addr = NULL;
char netmask[N2N_NETMASK_STR_SIZE]="255.255.255.0";
int mtu = DEFAULT_MTU;
int got_s = 0;
#ifndef WIN32 #ifndef WIN32
uid_t userid=0; /* root is the only guaranteed ID */ uid_t userid=0; /* root is the only guaranteed ID */
@ -1142,7 +1165,7 @@ int main(int argc, char* argv[]) {
time_t lastStatus=0; time_t lastStatus=0;
char * device_mac=NULL; char * device_mac=NULL;
char * encrypt_key; char * encrypt_key=NULL;
int i, effectiveargc=0; int i, effectiveargc=0;
char ** effectiveargv=NULL; char ** effectiveargv=NULL;
@ -1171,6 +1194,12 @@ int main(int argc, char* argv[]) {
exit(1); exit(1);
} }
snprintf(linebuffer, MAX_CMDLINE_BUFFER_LENGTH, "%s",argv[0]); snprintf(linebuffer, MAX_CMDLINE_BUFFER_LENGTH, "%s",argv[0]);
#ifdef WIN32
for(i=0; i<strlen(linebuffer); i++)
if(linebuffer[i] == '\\') linebuffer[i] = '/';
#endif
for(i=1;i<argc;++i) { for(i=1;i<argc;++i) {
if(argv[i][0] == '@') { if(argv[i][0] == '@') {
if (readConfFile(&argv[i][1], linebuffer)<0) exit(1); /* <<<<----- check */ if (readConfFile(&argv[i][1], linebuffer)<0) exit(1); /* <<<<----- check */
@ -1192,7 +1221,7 @@ int main(int argc, char* argv[]) {
effectiveargc =0; effectiveargc =0;
while (effectiveargv[effectiveargc]) ++effectiveargc; while (effectiveargv[effectiveargc]) ++effectiveargc;
effectiveargv[effectiveargc] = 0;
if (linebuffer) { if (linebuffer) {
free(linebuffer); free(linebuffer);
linebuffer = NULL; linebuffer = NULL;
@ -1201,9 +1230,10 @@ int main(int argc, char* argv[]) {
/* {int k;for(k=0;k<effectiveargc;++k) printf("%s\n",effectiveargv[k]);} */ /* {int k;for(k=0;k<effectiveargc;++k) printf("%s\n",effectiveargv[k]);} */
optarg = NULL; optarg = NULL;
while((opt = getopt_long(effectiveargc, effectiveargv, "k:a:bc:u:g:m:d:l:p:fvhrt", long_options, NULL)) != EOF) { while((opt = getopt_long(effectiveargc, effectiveargv, "k:a:bc:u:g:m:M:s:d:l:p:fvhrt", long_options, NULL)) != EOF) {
switch (opt) { switch (opt) {
case 'a': case 'a':
printf("%s\n", optarg);
ip_addr = strdup(optarg); ip_addr = strdup(optarg);
break; break;
case 'c': /* community */ case 'c': /* community */
@ -1215,23 +1245,28 @@ int main(int argc, char* argv[]) {
case 'u': /* uid */ case 'u': /* uid */
{ {
userid=atoi(optarg); userid = atoi(optarg);
break; break;
} }
case 'g': /* uid */ case 'g': /* uid */
{ {
groupid=atoi(optarg); groupid = atoi(optarg);
break; break;
} }
case 'f' : /* fork as daemon */ case 'f' : /* fork as daemon */
{ {
fork_as_daemon=1; fork_as_daemon = 1;
break; break;
} }
#endif #endif
case 'm' : /* device_mac */ case 'm' : /* device_mac */
{ {
device_mac=strdup(optarg); device_mac = strdup(optarg);
break;
}
case 'M' : /* device_mac */
{
mtu = atoi(optarg);
break; break;
} }
case 'k': /* encrypt key */ case 'k': /* encrypt key */
@ -1258,6 +1293,13 @@ int main(int argc, char* argv[]) {
case 'p': case 'p':
local_port = atoi(optarg); local_port = atoi(optarg);
break; break;
case 's': /* Subnet Mask */
if (0 != got_s) {
traceEvent(TRACE_WARNING, "Multiple subnet masks supplied.");
}
strncpy(netmask, optarg, N2N_NETMASK_STR_SIZE);
got_s = 1;
break;
case 'h': /* help */ case 'h': /* help */
help(); help();
break; break;
@ -1283,7 +1325,7 @@ int main(int argc, char* argv[]) {
/* setgid( 0 ); */ /* setgid( 0 ); */
#endif #endif
if(tuntap_open(&(eee.device), tuntap_dev_name, ip_addr, "255.255.255.0", device_mac ) < 0) if(tuntap_open(&(eee.device), tuntap_dev_name, ip_addr, netmask, device_mac, mtu) < 0)
return(-1); return(-1);
#ifndef WIN32 #ifndef WIN32

170
n2n.c
View file

@ -1,5 +1,6 @@
/* /*
* (C) 2007-08 - Luca Deri <deri@ntop.org> * (C) 2007-09 - Luca Deri <deri@ntop.org>
* Richard Andrews <andrews@ntop.org>
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
@ -74,10 +75,13 @@ extern void peer_addr2sockaddr_in(const struct peer_addr *in, struct sockaddr_in
/* ************************************** */ /* ************************************** */
static static
int marshall_peer_addr( u_int8_t * buf, const struct peer_addr * s ) int marshall_peer_addr( u_int8_t * buf, size_t * offset, const struct peer_addr * s )
{ {
memcpy( buf, s, sizeof(struct peer_addr)); /* RA: I'm pretty sure that this is broken. There is no guarantee that the
buf += sizeof(struct peer_addr); * peer_addr structure is packed. This will always work between like hosts but
* is almost certainly broken between different host types. */
memcpy( buf + *offset, s, sizeof(struct peer_addr));
*offset += sizeof(struct peer_addr);
return sizeof(struct peer_addr); /* bytes written */ return sizeof(struct peer_addr); /* bytes written */
} }
@ -85,74 +89,80 @@ int marshall_peer_addr( u_int8_t * buf, const struct peer_addr * s )
/* ************************************** */ /* ************************************** */
static static
int marshall_uint32( u_int8_t * buf, u_int32_t val ) int marshall_uint32( u_int8_t * buf, size_t * offset, u_int32_t val )
{ {
u_int32_t * nu32 = (u_int32_t *)buf; buf[*offset + 0] = ((val >> 24) & 0xff);
*nu32 = htonl(val); buf[*offset + 1] = ((val >> 16) & 0xff);
buf[*offset + 2] = ((val >> 8) & 0xff);
buf[*offset + 3] = ((val ) & 0xff);
return 4; *offset += 4;
return 4;
} }
/* ************************************** */ /* ************************************** */
int marshall_n2n_packet_header( u_int8_t * buf, const struct n2n_packet_header * hdr ) int marshall_n2n_packet_header( u_int8_t * buf, const struct n2n_packet_header * hdr )
{ {
u_int8_t * bufStart = buf; size_t offset = 0;
print_header( "Marshalling ", hdr ); print_header( "Marshalling ", hdr );
*buf = hdr->version; *(buf+offset) = hdr->version;
++buf; ++offset;
*buf = hdr->msg_type; *(buf+offset) = hdr->msg_type;
++buf; ++offset;
*buf = hdr->ttl; *(buf+offset) = hdr->ttl;
++buf; ++offset;
*buf = hdr->sent_by_supernode; *(buf+offset) = hdr->sent_by_supernode;
++buf; ++offset;
memcpy( buf, hdr->community_name, COMMUNITY_LEN ); memcpy( buf+offset, hdr->community_name, COMMUNITY_LEN );
buf += COMMUNITY_LEN; offset += COMMUNITY_LEN;
memcpy( buf, hdr->src_mac, 6 ); memcpy( buf+offset, hdr->src_mac, 6 );
buf += 6; offset += 6;
memcpy( buf, hdr->dst_mac, 6 ); memcpy( buf+offset, hdr->dst_mac, 6 );
buf += 6; offset += 6;
buf += marshall_peer_addr( buf, &(hdr->public_ip) ); marshall_peer_addr( buf, &offset, &(hdr->public_ip) );
buf += marshall_peer_addr( buf, &(hdr->private_ip) ); marshall_peer_addr( buf, &offset, &(hdr->private_ip) );
*buf = (hdr->pkt_type & 0xff); *(buf+offset) = (hdr->pkt_type & 0xff);
++buf; ++offset;
buf += marshall_uint32( buf, hdr->sequence_id ); marshall_uint32( buf, &offset, hdr->sequence_id );
buf += marshall_uint32( buf, hdr->crc ); marshall_uint32( buf, &offset, hdr->crc );
return (buf - bufStart); return offset;
} }
/* ************************************** */ /* ************************************** */
static static
int unmarshall_peer_addr( struct peer_addr * s, int unmarshall_peer_addr( struct peer_addr * s, size_t * offset,
const u_int8_t * buf ) const u_int8_t * buf )
{ {
memcpy(s, buf, sizeof(struct peer_addr)); memcpy(s, buf + *offset, sizeof(struct peer_addr));
buf += sizeof(struct peer_addr); *offset += sizeof(struct peer_addr);
return (sizeof(struct peer_addr)); /* bytes written */ return (sizeof(struct peer_addr)); /* bytes written */
} }
/* ************************************** */ /* ************************************** */
static static
int unmarshall_uint32( u_int32_t * val, const u_int8_t * buf ) int unmarshall_uint32( u_int32_t * val, size_t * offset, const u_int8_t * buf )
{ {
u_int32_t * nu32 = (u_int32_t *)buf; *val = ( (buf[*offset + 0] & 0xff) << 24 );
*val = ntohl(*nu32); *val |= ( (buf[*offset + 1] & 0xff) << 16 );
*val |= ( (buf[*offset + 2] & 0xff) << 8 );
*val |= ( (buf[*offset + 3] & 0xff) );
*offset += 4;
return 4; return 4;
} }
@ -160,41 +170,41 @@ int unmarshall_uint32( u_int32_t * val, const u_int8_t * buf )
int unmarshall_n2n_packet_header( struct n2n_packet_header * hdr, const u_int8_t * buf ) int unmarshall_n2n_packet_header( struct n2n_packet_header * hdr, const u_int8_t * buf )
{ {
const u_int8_t * bufStart = buf; size_t offset=0;
hdr->version = *buf; hdr->version = *(buf + offset);
++buf; ++offset;
hdr->msg_type = *buf; hdr->msg_type = *(buf + offset);
++buf; ++offset;
hdr->ttl = *buf; hdr->ttl = *(buf + offset);
++buf; ++offset;
hdr->sent_by_supernode = *buf; hdr->sent_by_supernode = *(buf + offset);
++buf; ++offset;
memcpy( hdr->community_name, buf, COMMUNITY_LEN ); memcpy( hdr->community_name, (buf + offset), COMMUNITY_LEN );
buf += COMMUNITY_LEN; offset += COMMUNITY_LEN;
memcpy( hdr->src_mac, buf, 6 ); memcpy( hdr->src_mac, (buf + offset), 6 );
buf += 6; offset += 6;
memcpy( hdr->dst_mac, buf, 6 ); memcpy( hdr->dst_mac, (buf + offset), 6 );
buf += 6; offset += 6;
buf += unmarshall_peer_addr( &(hdr->public_ip), buf ); unmarshall_peer_addr( &(hdr->public_ip), &offset, buf );
buf += unmarshall_peer_addr( &(hdr->private_ip), buf ); unmarshall_peer_addr( &(hdr->private_ip), &offset, buf );
hdr->pkt_type = (*buf & 0xff); /* Make sure only 8 bits are copied. */ hdr->pkt_type = (*(buf + offset) & 0xff); /* Make sure only 8 bits are copied. */
++buf; ++offset;
buf += unmarshall_uint32( &(hdr->sequence_id), buf ); unmarshall_uint32( &(hdr->sequence_id), &offset, buf );
buf += unmarshall_uint32( &(hdr->crc), buf ); unmarshall_uint32( &(hdr->crc), &offset, buf );
print_header( "Unmarshalled ", hdr ); print_header( "Unmarshalled ", hdr );
return (buf - bufStart); return offset;
} }
/* ************************************** */ /* ************************************** */
@ -292,7 +302,9 @@ void traceEvent(int eventTraceLevel, char* file, int line, char * format, ...) {
char theDate[N2N_TRACE_DATESIZE]; char theDate[N2N_TRACE_DATESIZE];
char *extra_msg = ""; char *extra_msg = "";
time_t theTime = time(NULL); time_t theTime = time(NULL);
#ifdef WIN32
int i;
#endif
/* We have two paths - one if we're logging, one if we aren't /* We have two paths - one if we're logging, one if we aren't
* Note that the no-log case is those systems which don't support it (WIN32), * Note that the no-log case is those systems which don't support it (WIN32),
@ -330,7 +342,8 @@ void traceEvent(int eventTraceLevel, char* file, int line, char * format, ...) {
} }
#else #else
/* this is the WIN32 code */ /* this is the WIN32 code */
snprintf(out_buf, sizeof(out_buf), "%s [%11s:%4d] %s%s", theDate, file, line, extra_msg, buf); for(i=strlen(file)-1; i>0; i--) if(file[i] == '\\') { i++; break; };
snprintf(out_buf, sizeof(out_buf), "%s [%11s:%4d] %s%s", theDate, &file[i], line, extra_msg, buf);
printf("%s\n", out_buf); printf("%s\n", out_buf);
fflush(stdout); fflush(stdout);
#endif #endif
@ -385,7 +398,7 @@ void fill_standard_header_fields(n2n_sock_info_t * sinfo,
struct n2n_packet_header *hdr, char *src_mac) { struct n2n_packet_header *hdr, char *src_mac) {
socklen_t len = sizeof(hdr->private_ip); socklen_t len = sizeof(hdr->private_ip);
memset(hdr, 0, N2N_PKT_HDR_SIZE); memset(hdr, 0, N2N_PKT_HDR_SIZE);
hdr->version = N2N_VERSION; hdr->version = N2N_PKT_VERSION;
hdr->crc = 0; // FIX hdr->crc = 0; // FIX
if(src_mac != NULL) memcpy(hdr->src_mac, src_mac, 6); if(src_mac != NULL) memcpy(hdr->src_mac, src_mac, 6);
getsockname(sinfo->sock, (struct sockaddr*)&hdr->private_ip, &len); getsockname(sinfo->sock, (struct sockaddr*)&hdr->private_ip, &len);
@ -405,6 +418,7 @@ void send_ack(n2n_sock_info_t * sinfo,
u_int8_t pkt[ N2N_PKT_HDR_SIZE ]; u_int8_t pkt[ N2N_PKT_HDR_SIZE ];
size_t len = sizeof(hdr); size_t len = sizeof(hdr);
size_t len2; size_t len2;
int compress_data = N2N_COMPRESSION_ENABLED;
fill_standard_header_fields(sinfo, &hdr, src_mac); fill_standard_header_fields(sinfo, &hdr, src_mac);
hdr.msg_type = MSG_TYPE_ACK_RESPONSE; hdr.msg_type = MSG_TYPE_ACK_RESPONSE;
@ -414,7 +428,7 @@ void send_ack(n2n_sock_info_t * sinfo,
len2=marshall_n2n_packet_header( pkt, &hdr ); len2=marshall_n2n_packet_header( pkt, &hdr );
assert( len2 == len ); assert( len2 == len );
send_packet(sinfo, (char*)pkt, &len, remote_peer, 1); send_packet(sinfo, (char*)pkt, &len, remote_peer, compress_data);
} }
/* *********************************************** */ /* *********************************************** */
@ -469,17 +483,26 @@ u_int receive_data(n2n_sock_info_t * sinfo,
#endif #endif
return(0); return(0);
} else if(len > MIN_COMPRESSED_PKT_LEN) { } else if(len > MIN_COMPRESSED_PKT_LEN) {
char decompressed[2048]; #define N2N_DECOMPRESS_BUFSIZE 2048
char decompressed[N2N_DECOMPRESS_BUFSIZE];
int rc; int rc;
lzo_uint decompressed_len; lzo_uint decompressed_len=N2N_DECOMPRESS_BUFSIZE;
size_t insize = len-N2N_PKT_HDR_SIZE;
if(decompress_data) { if(decompress_data) {
rc = lzo1x_decompress((u_char*)&packet[N2N_PKT_HDR_SIZE], rc = lzo1x_decompress_safe((u_char*)&packet[N2N_PKT_HDR_SIZE],
len-N2N_PKT_HDR_SIZE, insize,
(u_char*)decompressed, &decompressed_len, NULL); (u_char*)decompressed, &decompressed_len, NULL);
if(rc == LZO_E_OK) if(rc == LZO_E_OK)
traceEvent(TRACE_INFO, "%u bytes decompressed into %u", len, decompressed_len); {
traceEvent(TRACE_INFO, "%u bytes decompressed into %u", insize, decompressed_len);
}
else
{
traceEvent(TRACE_WARNING, "Failed to decompress %u byte packet. LZO error=%d", insize, rc );
return -1;
}
if(packet_len > decompressed_len) { if(packet_len > decompressed_len) {
memcpy(&packet[N2N_PKT_HDR_SIZE], decompressed, decompressed_len); memcpy(&packet[N2N_PKT_HDR_SIZE], decompressed, decompressed_len);
@ -584,9 +607,9 @@ static HEAP_ALLOC(wrkmem,LZO1X_1_MEM_COMPRESS);
u_int send_data(n2n_sock_info_t * sinfo, u_int send_data(n2n_sock_info_t * sinfo,
char *packet, size_t *packet_len, char *packet, size_t *packet_len,
const struct peer_addr *to, u_int8_t compress_data) { const struct peer_addr *to, u_int8_t compress_data) {
char compressed[1600]; char compressed[1650];
int rc; int rc;
lzo_uint compressed_len; lzo_uint compressed_len=0;
struct sockaddr_in destsock; struct sockaddr_in destsock;
if(*packet_len < N2N_PKT_HDR_SIZE) { if(*packet_len < N2N_PKT_HDR_SIZE) {
@ -603,6 +626,13 @@ u_int send_data(n2n_sock_info_t * sinfo,
*packet_len - N2N_PKT_HDR_SIZE, *packet_len - N2N_PKT_HDR_SIZE,
(u_char*)&compressed[N2N_PKT_HDR_SIZE], (u_char*)&compressed[N2N_PKT_HDR_SIZE],
&compressed_len, wrkmem); &compressed_len, wrkmem);
if ( 0 == compressed_len )
{
traceEvent(TRACE_WARNING, "failed to compress %u bytes.", (*packet_len - N2N_PKT_HDR_SIZE) );
return -1;
}
compressed_len += N2N_PKT_HDR_SIZE; compressed_len += N2N_PKT_HDR_SIZE;
traceEvent(TRACE_INFO, "%u bytes compressed into %u", *packet_len, compressed_len); traceEvent(TRACE_INFO, "%u bytes compressed into %u", *packet_len, compressed_len);

17
n2n.h
View file

@ -1,5 +1,6 @@
/* /*
* (C) 2007-08 - Luca Deri <deri@ntop.org> * (C) 2007-09 - Luca Deri <deri@ntop.org>
* Richard Andrews <andrews@ntop.org>
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
@ -15,7 +16,6 @@
* along with this program; if not, see <http://www.gnu.org/licenses/> * along with this program; if not, see <http://www.gnu.org/licenses/>
* *
* Code contributions courtesy of: * Code contributions courtesy of:
* Richard Andrews <bbmaj7@yahoo.com.au>
* Babak Farrokhi <babak@farrokhi.net> [FreeBSD port] * Babak Farrokhi <babak@farrokhi.net> [FreeBSD port]
* *
*/ */
@ -113,7 +113,7 @@ typedef struct tuntap_dev {
#endif /* #ifndef WIN32 */ #endif /* #ifndef WIN32 */
#define QUICKLZ 1 #define QUICKLZ 1
#define N2N_VERSION 1 #define N2N_PKT_VERSION 1
#define MSG_TYPE_REGISTER 1 /* FIX invece di usare il sender del pacchetto scriverlo nel pacchetto stesso */ #define MSG_TYPE_REGISTER 1 /* FIX invece di usare il sender del pacchetto scriverlo nel pacchetto stesso */
#define MSG_TYPE_DEREGISTER 2 #define MSG_TYPE_DEREGISTER 2
@ -124,6 +124,14 @@ typedef struct tuntap_dev {
#define COMMUNITY_LEN 16 #define COMMUNITY_LEN 16
#define MIN_COMPRESSED_PKT_LEN 32 #define MIN_COMPRESSED_PKT_LEN 32
/* Set N2N_COMPRESSION_ENABLED to 0 to disable lzo1x compression of ethernet
* frames. Doing this will break compatibility with the standard n2n packet
* format so do it only for experimentation. All edges must be built with the
* same value if they are to understand each other. */
#define N2N_COMPRESSION_ENABLED 1
#define DEFAULT_MTU 1400
/* Maximum enum value is 255 due to marshalling into 1 byte */ /* Maximum enum value is 255 due to marshalling into 1 byte */
enum packet_type { enum packet_type {
packet_unreliable_data = 0, /* no ACK needed */ packet_unreliable_data = 0, /* no ACK needed */
@ -234,7 +242,8 @@ extern void send_ack(n2n_sock_info_t * sinfo,
char *src_mac); char *src_mac);
extern void traceEvent(int eventTraceLevel, char* file, int line, char * format, ...); extern void traceEvent(int eventTraceLevel, char* file, int line, char * format, ...);
extern int tuntap_open(tuntap_dev *device, char *dev, char *device_ip, char *device_mask, const char * device_mac ); extern int tuntap_open(tuntap_dev *device, char *dev, char *device_ip,
char *device_mask, const char * device_mac, int mtu);
extern int tuntap_read(struct tuntap_dev *tuntap, unsigned char *buf, int len); extern int tuntap_read(struct tuntap_dev *tuntap, unsigned char *buf, int len);
extern int tuntap_write(struct tuntap_dev *tuntap, unsigned char *buf, int len); extern int tuntap_write(struct tuntap_dev *tuntap, unsigned char *buf, int len);
extern void tuntap_close(struct tuntap_dev *tuntap); extern void tuntap_close(struct tuntap_dev *tuntap);

2
n2n.spec
View file

@ -1,6 +1,6 @@
Summary: N2N peer-to-peer virtual private network system. Summary: N2N peer-to-peer virtual private network system.
Name: n2n Name: n2n
Version: 1.2 Version: 1.3
Release: 1 Release: 1
License: GPLv3 License: GPLv3
Vendor: ntop.org Vendor: ntop.org

5
scripts/mk_tar.sh
View file

@ -22,7 +22,7 @@ function exit_fail()
} }
PACKAGE="n2n" PACKAGE="n2n"
PKG_VERSION="1.2" PKG_VERSION="1.3"
PKG_AND_VERSION="${PACKAGE}-${PKG_VERSION}" PKG_AND_VERSION="${PACKAGE}-${PKG_VERSION}"
TEMPDIR="tmp" TEMPDIR="tmp"
@ -50,7 +50,6 @@ debian/changelog
debian/compat debian/compat
debian/control debian/control
debian/copyright debian/copyright
debian/files
debian/n2n.dirs debian/n2n.dirs
debian/n2n.docs debian/n2n.docs
debian/n2n.install debian/n2n.install
@ -62,7 +61,7 @@ debian/rules
BASE=`pwd` BASE=`pwd`
for F in ${SOURCE_MANIFEST}; do for F in ${SOURCE_MANIFEST}; do
test -e $F || exit_fail "Wrong directory. Please execute from n2n directory."; >&2 test -e $F || exit_fail "Cannot find $F. Maybe you're in the wrong directory. Please execute from n2n directory."; >&2
done done
echo "Found critical files. Proceeding." >&2 echo "Found critical files. Proceeding." >&2

16
supernode.1
View file

@ -1,4 +1,4 @@
.TH supernode 1 "May 3, 2008" "revision 3472" "USER COMMANDS" .TH supernode 1 "Jan 3, 2009" "revision 3679" "USER COMMANDS"
.SH NAME .SH NAME
supernode \- n2n supernode daemon supernode \- n2n supernode daemon
.SH SYNOPSIS .SH SYNOPSIS
@ -12,11 +12,15 @@ packets only between members of the same community. The supernode does not hold
the community encryption key and so cannot snoop or inject packets into the the community encryption key and so cannot snoop or inject packets into the
community. community.
.PP .PP
Supernode can service a number of n2n communities concurrently. Traffic does not
cross between communities.
.PP
All logging goes to stdout. All logging goes to stdout.
.SH OPTIONS .SH OPTIONS
.TP .TP
\-l \-l <port>
listen on the given UDP port listen on the given UDP port
.TP
\-v \-v
use verbose logging use verbose logging
.SH EXAMPLES .SH EXAMPLES
@ -24,9 +28,13 @@ use verbose logging
.B supernode -l 7654 -v .B supernode -l 7654 -v
Start supernode listening on UDP port 7654 with verbose output. Start supernode listening on UDP port 7654 with verbose output.
.PP .PP
.SH RESTART
When suprenode restarts it loses all registration information from associated
edge nodes. It can take up to five minutes for the edge nodes to re-register and
normal traffic flow to resume.
.SH EXIT STATUS .SH EXIT STATUS
edge is a daemon and any exit is an error supernode is a daemon and any exit is an error
.SH AUTHOR .SH AUTHOR
Luca Deri ( deri (at) ntop.org ), Richard Andrews ( andrews (at) ntop.org ), Don Bindner Luca Deri ( deri (at) ntop.org ), Richard Andrews ( andrews (at) ntop.org ), Don Bindner
.SH SEE ALSO .SH SEE ALSO
ifconfig(1) edge(1) ifconfig(8) edge(8)

26
supernode.c
View file

@ -1,5 +1,6 @@
/* /*
* (C) 2007-08 - Luca Deri <deri@ntop.org> * (C) 2007-09 - Luca Deri <deri@ntop.org>
* Richard Andrews <andrews@ntop.org>
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
@ -14,9 +15,6 @@
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program; if not, see <http://www.gnu.org/licenses/> * along with this program; if not, see <http://www.gnu.org/licenses/>
* *
* Code contributions courtesy of:
* Richard Andrews <bbmaj7@yahoo.com.au>
*
*/ */
#include "n2n.h" #include "n2n.h"
@ -65,7 +63,7 @@ static void send_register_ack( n2n_sock_info_t * sinfo,
/* leave IP sockets unfilled. */ /* leave IP sockets unfilled. */
marshall_n2n_packet_header( pkt, &hdr ); marshall_n2n_packet_header( pkt, &hdr );
send_packet(sinfo, (char *)pkt, &len, destination_peer, 1); send_packet(sinfo, (char *)pkt, &len, destination_peer, N2N_COMPRESSION_ENABLED);
} }
static void register_peer(struct n2n_packet_header *hdr, static void register_peer(struct n2n_packet_header *hdr,
@ -90,7 +88,7 @@ static void register_peer(struct n2n_packet_header *hdr,
memcpy(&scan->private_ip, &hdr->private_ip, sizeof(struct peer_addr)); memcpy(&scan->private_ip, &hdr->private_ip, sizeof(struct peer_addr));
/* Overwrite existing peer */ /* Overwrite existing peer */
traceEvent(TRACE_NORMAL, "Re-registered node [public_ip=(%d)%s:%d][private_ip=%s:%d][mac=%s][community=%s]", traceEvent(TRACE_NORMAL, "Re-registered node [public_ip=(%d)%s:%hd][private_ip=%s:%hd][mac=%s][community=%s]",
scan->public_ip.family, scan->public_ip.family,
intoa(ntohl(scan->public_ip.addr_type.v4_addr), buf, sizeof(buf)), intoa(ntohl(scan->public_ip.addr_type.v4_addr), buf, sizeof(buf)),
ntohs(scan->public_ip.port), ntohs(scan->public_ip.port),
@ -144,7 +142,7 @@ static void deregister_peer(struct n2n_packet_header *hdr,
else else
prev->next = scan->next; prev->next = scan->next;
traceEvent(TRACE_INFO, "Degistered node [public_ip=%s:%d][private_ip=%s:%d]", traceEvent(TRACE_INFO, "Degistered node [public_ip=%s:%hd][private_ip=%s:%hd]",
intoa(ntohl(scan->public_ip.addr_type.v4_addr), buf, sizeof(buf)), intoa(ntohl(scan->public_ip.addr_type.v4_addr), buf, sizeof(buf)),
ntohs(scan->public_ip.port), ntohs(scan->public_ip.port),
intoa(ntohl(scan->private_ip.addr_type.v4_addr), buf1, sizeof(buf1)), intoa(ntohl(scan->private_ip.addr_type.v4_addr), buf1, sizeof(buf1)),
@ -157,7 +155,7 @@ static void deregister_peer(struct n2n_packet_header *hdr,
scan = scan->next; scan = scan->next;
} }
traceEvent(TRACE_WARNING, "Unable to delete specified peer [%s:%d]", traceEvent(TRACE_WARNING, "Unable to delete specified peer [%s:%hd]",
intoa(ntohl(sender->addr_type.v4_addr), buf, sizeof(buf)), intoa(ntohl(sender->addr_type.v4_addr), buf, sizeof(buf)),
ntohs(sender->port)); ntohs(sender->port));
} }
@ -213,7 +211,7 @@ static size_t broadcast_packet(char *packet, u_int packet_len,
++numsent; ++numsent;
++(supernode_stats.pkts); ++(supernode_stats.pkts);
traceEvent(TRACE_INFO, "Sent multicast message to remote node [%s:%d][mac=%s]", traceEvent(TRACE_INFO, "Sent multicast message to remote node [%s:%hd][mac=%s]",
intoa(ntohl(scan->public_ip.addr_type.v4_addr), buf, sizeof(buf)), intoa(ntohl(scan->public_ip.addr_type.v4_addr), buf, sizeof(buf)),
ntohs(scan->public_ip.port), ntohs(scan->public_ip.port),
macaddr_str(scan->mac_addr, buf1, sizeof(buf1))); macaddr_str(scan->mac_addr, buf1, sizeof(buf1)));
@ -287,7 +285,7 @@ static size_t forward_packet(char *packet, u_int packet_len,
} }
else { else {
++(supernode_stats.pkts); ++(supernode_stats.pkts);
traceEvent(TRACE_INFO, "Sent message to remote node [%s:%d][mac=%s]", traceEvent(TRACE_INFO, "Sent message to remote node [%s:%hd][mac=%s]",
intoa(ntohl(scan->public_ip.addr_type.v4_addr), buf, sizeof(buf)), intoa(ntohl(scan->public_ip.addr_type.v4_addr), buf, sizeof(buf)),
ntohs(scan->public_ip.port), ntohs(scan->public_ip.port),
macaddr_str(scan->mac_addr, buf1, sizeof(buf1))); macaddr_str(scan->mac_addr, buf1, sizeof(buf1)));
@ -311,7 +309,7 @@ static void handle_packet(char *packet, u_int packet_len,
n2n_sock_info_t * sinfo) { n2n_sock_info_t * sinfo) {
ipstr_t buf; ipstr_t buf;
traceEvent(TRACE_INFO, "Received message from node [%s:%d]", traceEvent(TRACE_INFO, "Received message from node [%s:%hd]",
intoa(ntohl(sender->addr_type.v4_addr), buf, sizeof(buf)), intoa(ntohl(sender->addr_type.v4_addr), buf, sizeof(buf)),
ntohs(sender->port)); ntohs(sender->port));
@ -323,7 +321,7 @@ static void handle_packet(char *packet, u_int packet_len,
unmarshall_n2n_packet_header( hdr, (u_int8_t *)packet ); unmarshall_n2n_packet_header( hdr, (u_int8_t *)packet );
if(hdr->version != N2N_VERSION) { if(hdr->version != N2N_PKT_VERSION) {
traceEvent(TRACE_WARNING, traceEvent(TRACE_WARNING,
"Received packet with unknown protocol version (%d): discarded\n", "Received packet with unknown protocol version (%d): discarded\n",
hdr->version); hdr->version);
@ -445,6 +443,10 @@ int main(int argc, char* argv[]) {
n2n_sock_info_t udp_sinfo; n2n_sock_info_t udp_sinfo;
n2n_sock_info_t tcp_sinfo; n2n_sock_info_t tcp_sinfo;
#ifdef WIN32
initWin32();
#endif
optarg = NULL; optarg = NULL;
while((opt = getopt_long(argc, argv, "l:vh", long_options, NULL)) != EOF) { while((opt = getopt_long(argc, argv, "l:vh", long_options, NULL)) != EOF) {
switch (opt) { switch (opt) {

9
tuntap_freebsd.c
View file

@ -1,5 +1,5 @@
/* /*
* (C) 2007-08 - Luca Deri <deri@ntop.org> * (C) 2007-09 - Luca Deri <deri@ntop.org>
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
@ -28,7 +28,8 @@ int tuntap_open(tuntap_dev *device /* ignored */,
char *dev, char *dev,
char *device_ip, char *device_ip,
char *device_mask, char *device_mask,
const char * device_mac ) { const char * device_mac,
int mtu) {
int i; int i;
char tap_device[N2N_FREEBSD_TAPDEVICE_SIZE]; char tap_device[N2N_FREEBSD_TAPDEVICE_SIZE];
@ -61,8 +62,8 @@ int tuntap_open(tuntap_dev *device /* ignored */,
system(buf); system(buf);
} }
snprintf(buf, sizeof(buf), "ifconfig tap%d %s netmask %s mtu 1400 up", snprintf(buf, sizeof(buf), "ifconfig tap%d %s netmask %s mtu %d up",
i, device_ip, device_mask); i, device_ip, device_mask, mtu);
system(buf); system(buf);
traceEvent(TRACE_NORMAL, "Interface tap%d up and running (%s/%s)", traceEvent(TRACE_NORMAL, "Interface tap%d up and running (%s/%s)",

18
tuntap_linux.c
View file

@ -1,5 +1,5 @@
/* /*
* (C) 2007-08 - Luca Deri <deri@ntop.org> * (C) 2007-09 - Luca Deri <deri@ntop.org>
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
@ -42,6 +42,7 @@ static void read_mac(char *ifname, char *mac_addr) {
} }
/* ********************************** */ /* ********************************** */
/** @brief Open and configure the TAP device for packet read/write. /** @brief Open and configure the TAP device for packet read/write.
* *
* This routine creates the interface via the tuntap driver then uses ifconfig * This routine creates the interface via the tuntap driver then uses ifconfig
@ -52,6 +53,7 @@ static void read_mac(char *ifname, char *mac_addr) {
* if NULL system will assign a name * if NULL system will assign a name
* @param device_ip - address of iface * @param device_ip - address of iface
* @param device_mask - netmask for device_ip * @param device_mask - netmask for device_ip
* @param mtu - MTU for device_ip
* *
* @return - negative value on error * @return - negative value on error
* - non-negative file-descriptor on success * - non-negative file-descriptor on success
@ -60,7 +62,8 @@ int tuntap_open(tuntap_dev *device,
char *dev, /* user-definable interface name, eg. edge0 */ char *dev, /* user-definable interface name, eg. edge0 */
char *device_ip, char *device_ip,
char *device_mask, char *device_mask,
const char * device_mac ) { const char * device_mac,
int mtu) {
char *tuntap_device = "/dev/net/tun"; char *tuntap_device = "/dev/net/tun";
#define N2N_LINUX_SYSTEMCMD_SIZE 128 #define N2N_LINUX_SYSTEMCMD_SIZE 128
char buf[N2N_LINUX_SYSTEMCMD_SIZE]; char buf[N2N_LINUX_SYSTEMCMD_SIZE];
@ -69,7 +72,7 @@ int tuntap_open(tuntap_dev *device,
device->fd = open(tuntap_device, O_RDWR); device->fd = open(tuntap_device, O_RDWR);
if(device->fd < 0) { if(device->fd < 0) {
printf("ERROR: ioctl() [%s][%d]\n", strerror(errno), rc); printf("ERROR: ioctl() [%s][%d]\n", strerror(errno), errno);
return -1; return -1;
} }
@ -84,10 +87,6 @@ int tuntap_open(tuntap_dev *device,
return -1; return -1;
} }
/* REVISIT: BbMja7: MTU should be related to MTU of the interface the tuntap
* is built on. The value 1400 assumes an eth iface with MTU 1500, but would
* fail for ppp at mtu=576.
*/
if ( device_mac ) if ( device_mac )
{ {
/* Set the hw address before bringing the if up. */ /* Set the hw address before bringing the if up. */
@ -97,12 +96,13 @@ int tuntap_open(tuntap_dev *device,
traceEvent(TRACE_INFO, "Setting MAC: %s", buf); traceEvent(TRACE_INFO, "Setting MAC: %s", buf);
} }
snprintf(buf, sizeof(buf), "/sbin/ifconfig %s %s netmask %s mtu 1400 up", snprintf(buf, sizeof(buf), "/sbin/ifconfig %s %s netmask %s mtu %d up",
ifr.ifr_name, device_ip, device_mask); ifr.ifr_name, device_ip, device_mask, mtu);
system(buf); system(buf);
traceEvent(TRACE_INFO, "Bringing up: %s", buf); traceEvent(TRACE_INFO, "Bringing up: %s", buf);
device->ip_addr = inet_addr(device_ip); device->ip_addr = inet_addr(device_ip);
device->device_mask = inet_addr(device_mask);
read_mac(dev, (char*)device->mac_addr); read_mac(dev, (char*)device->mac_addr);
return(device->fd); return(device->fd);
} }

11
tuntap_osx.c
View file

@ -1,5 +1,5 @@
/* /*
* (C) 2007-08 - Luca Deri <deri@ntop.org> * (C) 2007-09 - Luca Deri <deri@ntop.org>
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
@ -28,7 +28,8 @@ int tuntap_open(tuntap_dev *device /* ignored */,
char *dev, char *dev,
char *device_ip, char *device_ip,
char *device_mask, char *device_mask,
const char * device_mac ) { const char * device_mac,
int mtu) {
int i; int i;
char tap_device[N2N_OSX_TAPDEVICE_SIZE]; char tap_device[N2N_OSX_TAPDEVICE_SIZE];
@ -61,8 +62,8 @@ int tuntap_open(tuntap_dev *device /* ignored */,
system(buf); system(buf);
} }
snprintf(buf, sizeof(buf), "ifconfig tap%d %s netmask %s mtu 1400 up", snprintf(buf, sizeof(buf), "ifconfig tap%d %s netmask %s mtu %d up",
i, device_ip, device_mask); i, device_ip, device_mask, mtu);
system(buf); system(buf);
traceEvent(TRACE_NORMAL, "Interface tap%d up and running (%s/%s)", traceEvent(TRACE_NORMAL, "Interface tap%d up and running (%s/%s)",
@ -89,7 +90,7 @@ int tuntap_open(tuntap_dev *device /* ignored */,
exit(0); exit(0);
} }
traceEvent(TRACE_NORMAL, "Interface tap%d mac %s", i, buf); traceEvent(TRACE_NORMAL, "Interface tap%d [MTU %d] mac %s", i, mtu, buf);
if(sscanf(buf, "%02x:%02x:%02x:%02x:%02x:%02x", &a, &b, &c, &d, &e, &f) == 6) { if(sscanf(buf, "%02x:%02x:%02x:%02x:%02x:%02x", &a, &b, &c, &d, &e, &f) == 6) {
device->mac_addr[0] = a, device->mac_addr[1] = b; device->mac_addr[0] = a, device->mac_addr[1] = b;
device->mac_addr[2] = c, device->mac_addr[3] = d; device->mac_addr[2] = c, device->mac_addr[3] = d;