… | |
… | |
71 | } |
71 | } |
72 | |
72 | |
73 | int |
73 | int |
74 | vpn::setup () |
74 | vpn::setup () |
75 | { |
75 | { |
|
|
76 | ipv4_fd = -1; |
|
|
77 | |
|
|
78 | if (THISNODE->protocols & PROT_IPv4 && ::conf.ip_proto) |
|
|
79 | { |
|
|
80 | ipv4_fd = socket (PF_INET, SOCK_RAW, ::conf.ip_proto); |
|
|
81 | |
|
|
82 | if (ipv4_fd < 0) |
|
|
83 | return -1; |
|
|
84 | |
|
|
85 | sockinfo si (THISNODE, PROT_IPv4); |
|
|
86 | |
|
|
87 | if (bind (ipv4_fd, si.sav4 (), si.salenv4 ())) |
|
|
88 | { |
|
|
89 | slog (L_ERR, _("can't bind ipv4 socket on %s: %s"), (const char *)si, strerror (errno)); |
|
|
90 | exit (1); |
|
|
91 | } |
|
|
92 | |
|
|
93 | #ifdef IP_MTU_DISCOVER |
|
|
94 | // this I really consider a linux bug. I am neither connected |
|
|
95 | // nor do I fragment myself. Linux still sets DF and doesn't |
|
|
96 | // fragment for me sometimes. |
|
|
97 | { |
|
|
98 | int oval = IP_PMTUDISC_DONT; |
|
|
99 | setsockopt (ipv4_fd, SOL_IP, IP_MTU_DISCOVER, &oval, sizeof oval); |
|
|
100 | } |
|
|
101 | #endif |
|
|
102 | |
|
|
103 | ipv4_ev_watcher.start (ipv4_fd, POLLIN); |
|
|
104 | } |
|
|
105 | |
76 | udpv4_fd = -1; |
106 | udpv4_fd = -1; |
77 | |
107 | |
78 | if (THISNODE->protocols & PROT_UDPv4) |
108 | if (THISNODE->protocols & PROT_UDPv4 && THISNODE->udp_port) |
79 | { |
109 | { |
80 | udpv4_fd = socket (PF_INET, SOCK_DGRAM, IPPROTO_UDP); |
110 | udpv4_fd = socket (PF_INET, SOCK_DGRAM, IPPROTO_UDP); |
81 | |
111 | |
82 | if (udpv4_fd < 0) |
112 | if (udpv4_fd < 0) |
83 | return -1; |
113 | return -1; |
… | |
… | |
107 | #endif |
137 | #endif |
108 | |
138 | |
109 | udpv4_ev_watcher.start (udpv4_fd, POLLIN); |
139 | udpv4_ev_watcher.start (udpv4_fd, POLLIN); |
110 | } |
140 | } |
111 | |
141 | |
112 | ipv4_fd = -1; |
142 | tcpv4_fd = -1; |
113 | if (THISNODE->protocols & PROT_IPv4) |
|
|
114 | { |
|
|
115 | ipv4_fd = socket (PF_INET, SOCK_RAW, ::conf.ip_proto); |
|
|
116 | |
|
|
117 | if (ipv4_fd < 0) |
|
|
118 | return -1; |
|
|
119 | |
|
|
120 | sockinfo si (THISNODE, PROT_IPv4); |
|
|
121 | |
|
|
122 | if (bind (ipv4_fd, si.sav4 (), si.salenv4 ())) |
|
|
123 | { |
|
|
124 | slog (L_ERR, _("can't bind ipv4 socket on %s: %s"), (const char *)si, strerror (errno)); |
|
|
125 | exit (1); |
|
|
126 | } |
|
|
127 | |
|
|
128 | #ifdef IP_MTU_DISCOVER |
|
|
129 | // this I really consider a linux bug. I am neither connected |
|
|
130 | // nor do I fragment myself. Linux still sets DF and doesn't |
|
|
131 | // fragment for me sometimes. |
|
|
132 | { |
|
|
133 | int oval = IP_PMTUDISC_DONT; |
|
|
134 | setsockopt (ipv4_fd, SOL_IP, IP_MTU_DISCOVER, &oval, sizeof oval); |
|
|
135 | } |
|
|
136 | #endif |
|
|
137 | |
|
|
138 | ipv4_ev_watcher.start (ipv4_fd, POLLIN); |
|
|
139 | } |
|
|
140 | |
143 | |
141 | #if ENABLE_TCP |
144 | #if ENABLE_TCP |
142 | if (THISNODE->protocols & PROT_TCPv4) |
145 | if (THISNODE->protocols & PROT_TCPv4 && THISNODE->tcp_port) |
143 | { |
146 | { |
144 | tcpv4_fd = socket (PF_INET, SOCK_STREAM, IPPROTO_TCP); |
147 | tcpv4_fd = socket (PF_INET, SOCK_STREAM, IPPROTO_TCP); |
145 | |
148 | |
146 | if (tcpv4_fd < 0) |
149 | if (tcpv4_fd < 0) |
147 | return -1; |
150 | return -1; |
… | |
… | |
185 | |
188 | |
186 | return 0; |
189 | return 0; |
187 | } |
190 | } |
188 | |
191 | |
189 | // send a vpn packet out to other hosts |
192 | // send a vpn packet out to other hosts |
190 | void |
193 | bool |
191 | vpn::send_vpn_packet (vpn_packet *pkt, const sockinfo &si, int tos) |
194 | vpn::send_vpn_packet (vpn_packet *pkt, const sockinfo &si, int tos) |
192 | { |
195 | { |
193 | switch (si.prot) |
196 | switch (si.prot) |
194 | { |
197 | { |
195 | case PROT_IPv4: |
198 | case PROT_IPv4: |
196 | send_ipv4_packet (pkt, si, tos); |
199 | return send_ipv4_packet (pkt, si, tos); |
197 | break; |
|
|
198 | |
200 | |
199 | case PROT_UDPv4: |
201 | case PROT_UDPv4: |
200 | send_udpv4_packet (pkt, si, tos); |
202 | return send_udpv4_packet (pkt, si, tos); |
201 | break; |
|
|
202 | |
203 | |
203 | #if ENABLE_TCP |
204 | #if ENABLE_TCP |
204 | case PROT_TCPv4: |
205 | case PROT_TCPv4: |
205 | send_tcpv4_packet (pkt, si, tos); |
206 | return send_tcpv4_packet (pkt, si, tos); |
206 | break; |
|
|
207 | #endif |
207 | #endif |
208 | |
208 | |
209 | default: |
209 | default: |
210 | slog (L_CRIT, _("%s: FATAL: trying to send packet with unsupported protocol"), (const char *)si); |
210 | slog (L_CRIT, _("%s: FATAL: trying to send packet with unsupported protocol"), (const char *)si); |
211 | abort (); |
211 | return false; |
212 | } |
212 | } |
213 | } |
213 | } |
214 | |
214 | |
215 | void |
215 | bool |
216 | vpn::send_ipv4_packet (vpn_packet *pkt, const sockinfo &si, int tos) |
216 | vpn::send_ipv4_packet (vpn_packet *pkt, const sockinfo &si, int tos) |
217 | { |
217 | { |
218 | setsockopt (ipv4_fd, SOL_IP, IP_TOS, &tos, sizeof tos); |
218 | setsockopt (ipv4_fd, SOL_IP, IP_TOS, &tos, sizeof tos); |
219 | sendto (ipv4_fd, &((*pkt)[0]), pkt->len, 0, si.sav4 (), si.salenv4 ()); |
219 | sendto (ipv4_fd, &((*pkt)[0]), pkt->len, 0, si.sav4 (), si.salenv4 ()); |
220 | } |
|
|
221 | |
220 | |
222 | void |
221 | return true; |
|
|
222 | } |
|
|
223 | |
|
|
224 | bool |
223 | vpn::send_udpv4_packet (vpn_packet *pkt, const sockinfo &si, int tos) |
225 | vpn::send_udpv4_packet (vpn_packet *pkt, const sockinfo &si, int tos) |
224 | { |
226 | { |
225 | setsockopt (udpv4_fd, SOL_IP, IP_TOS, &tos, sizeof tos); |
227 | setsockopt (udpv4_fd, SOL_IP, IP_TOS, &tos, sizeof tos); |
226 | sendto (udpv4_fd, &((*pkt)[0]), pkt->len, 0, si.sav4 (), si.salenv4 ()); |
228 | sendto (udpv4_fd, &((*pkt)[0]), pkt->len, 0, si.sav4 (), si.salenv4 ()); |
|
|
229 | |
|
|
230 | return true; |
227 | } |
231 | } |
228 | |
232 | |
229 | void |
233 | void |
230 | vpn::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi) |
234 | vpn::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi) |
231 | { |
235 | { |
… | |
… | |
238 | if (src == 0 || src > conns.size () |
242 | if (src == 0 || src > conns.size () |
239 | || dst > conns.size () |
243 | || dst > conns.size () |
240 | || pkt->typ () >= vpn_packet::PT_MAX) |
244 | || pkt->typ () >= vpn_packet::PT_MAX) |
241 | slog (L_WARN, _("(%s): received corrupted packet type %d (src %d, dst %d)"), |
245 | slog (L_WARN, _("(%s): received corrupted packet type %d (src %d, dst %d)"), |
242 | (const char *)rsi, pkt->typ (), pkt->src (), pkt->dst ()); |
246 | (const char *)rsi, pkt->typ (), pkt->src (), pkt->dst ()); |
|
|
247 | else if (dst > conns.size ()) |
|
|
248 | slog (L_WARN, _("(%s): received corrupted packet type %d (src %d, dst %d)"), |
|
|
249 | (const char *)rsi, pkt->typ (), pkt->src (), pkt->dst ()); |
243 | else |
250 | else |
244 | { |
251 | { |
245 | connection *c = conns[src - 1]; |
252 | connection *c = conns[src - 1]; |
246 | |
253 | |
247 | if (dst == 0 && !THISNODE->routerprio) |
254 | if (dst == 0 && !THISNODE->routerprio) |
248 | slog (L_WARN, _("%s(%s): received broadcast, but we are no router"), |
255 | slog (L_WARN, _("%s(%s): received broadcast, but we are no router"), |
249 | c->conf->nodename, (const char *)rsi); |
256 | c->conf->nodename, (const char *)rsi); |
250 | else if (dst != 0 && dst != THISNODE->id) |
257 | else if (dst != 0 && dst != THISNODE->id) |
251 | // FORWARDING NEEDED ;) |
258 | { |
|
|
259 | if (THISNODE->routerprio) |
|
|
260 | // the tos setting gets lost here. who cares. |
|
|
261 | conns[dst - 1]->inject_vpn_packet (pkt); |
|
|
262 | else |
252 | slog (L_WARN, |
263 | slog (L_WARN, |
253 | _("received frame for node %d ('%s') from %s, but this is node %d ('%s')"), |
264 | _("%s(%s): forwarding request (=> %s), but we are no router"), |
|
|
265 | c->conf->nodename, (const char *)rsi, |
254 | dst, conns[dst - 1]->conf->nodename, |
266 | conns[dst - 1]->conf->nodename); |
255 | (const char *)rsi, |
267 | } |
256 | THISNODE->id, THISNODE->nodename); |
|
|
257 | else |
268 | else |
258 | c->recv_vpn_packet (pkt, rsi); |
269 | c->recv_vpn_packet (pkt, rsi); |
259 | } |
270 | } |
260 | } |
271 | } |
261 | |
272 | |
… | |
… | |
489 | } |
500 | } |
490 | |
501 | |
491 | return router; |
502 | return router; |
492 | } |
503 | } |
493 | |
504 | |
494 | void vpn::connect_request (int id) |
505 | void vpn::send_connect_request (int id) |
495 | { |
506 | { |
496 | connection *c = find_router (); |
507 | connection *c = find_router (); |
497 | |
508 | |
498 | if (c) |
509 | if (c) |
499 | c->connect_request (id); |
510 | c->send_connect_request (id); |
500 | //else // does not work, because all others must connect to the same router |
511 | else |
501 | // // no router found, aggressively connect to all routers |
512 | // no router found, aggressively connect to all routers |
502 | // for (conns_vector::iterator i = conns.begin (); i != conns.end (); ++i) |
513 | for (conns_vector::iterator i = conns.begin (); i != conns.end (); ++i) |
503 | // if ((*i)->conf->routerprio) |
514 | if ((*i)->conf->routerprio) |
504 | // (*i)->establish_connection (); |
515 | (*i)->establish_connection (); |
505 | } |
516 | } |
506 | |
517 | |
507 | void |
518 | void |
508 | connection::dump_status () |
519 | connection::dump_status () |
509 | { |
520 | { |