| … | |
… | |
| 71 | } |
71 | } |
| 72 | |
72 | |
| 73 | int |
73 | int |
| 74 | vpn::setup () |
74 | vpn::setup () |
| 75 | { |
75 | { |
|
|
76 | ipv4_fd = -1; |
|
|
77 | |
|
|
78 | if (THISNODE->protocols & PROT_IPv4 && ::conf.ip_proto) |
|
|
79 | { |
|
|
80 | ipv4_fd = socket (PF_INET, SOCK_RAW, ::conf.ip_proto); |
|
|
81 | |
|
|
82 | if (ipv4_fd < 0) |
|
|
83 | return -1; |
|
|
84 | |
|
|
85 | sockinfo si (THISNODE, PROT_IPv4); |
|
|
86 | |
|
|
87 | if (bind (ipv4_fd, si.sav4 (), si.salenv4 ())) |
|
|
88 | { |
|
|
89 | slog (L_ERR, _("can't bind ipv4 socket on %s: %s"), (const char *)si, strerror (errno)); |
|
|
90 | exit (1); |
|
|
91 | } |
|
|
92 | |
|
|
93 | #ifdef IP_MTU_DISCOVER |
|
|
94 | // this I really consider a linux bug. I am neither connected |
|
|
95 | // nor do I fragment myself. Linux still sets DF and doesn't |
|
|
96 | // fragment for me sometimes. |
|
|
97 | { |
|
|
98 | int oval = IP_PMTUDISC_DONT; |
|
|
99 | setsockopt (ipv4_fd, SOL_IP, IP_MTU_DISCOVER, &oval, sizeof oval); |
|
|
100 | } |
|
|
101 | #endif |
|
|
102 | |
|
|
103 | ipv4_ev_watcher.start (ipv4_fd, POLLIN); |
|
|
104 | } |
|
|
105 | |
| 76 | udpv4_fd = -1; |
106 | udpv4_fd = -1; |
| 77 | |
107 | |
| 78 | if (THISNODE->protocols & PROT_UDPv4) |
108 | if (THISNODE->protocols & PROT_UDPv4 && THISNODE->udp_port) |
| 79 | { |
109 | { |
| 80 | udpv4_fd = socket (PF_INET, SOCK_DGRAM, IPPROTO_UDP); |
110 | udpv4_fd = socket (PF_INET, SOCK_DGRAM, IPPROTO_UDP); |
| 81 | |
111 | |
| 82 | if (udpv4_fd < 0) |
112 | if (udpv4_fd < 0) |
| 83 | return -1; |
113 | return -1; |
| … | |
… | |
| 107 | #endif |
137 | #endif |
| 108 | |
138 | |
| 109 | udpv4_ev_watcher.start (udpv4_fd, POLLIN); |
139 | udpv4_ev_watcher.start (udpv4_fd, POLLIN); |
| 110 | } |
140 | } |
| 111 | |
141 | |
| 112 | ipv4_fd = -1; |
142 | tcpv4_fd = -1; |
| 113 | if (THISNODE->protocols & PROT_IPv4) |
|
|
| 114 | { |
|
|
| 115 | ipv4_fd = socket (PF_INET, SOCK_RAW, ::conf.ip_proto); |
|
|
| 116 | |
|
|
| 117 | if (ipv4_fd < 0) |
|
|
| 118 | return -1; |
|
|
| 119 | |
|
|
| 120 | sockinfo si (THISNODE, PROT_IPv4); |
|
|
| 121 | |
|
|
| 122 | if (bind (ipv4_fd, si.sav4 (), si.salenv4 ())) |
|
|
| 123 | { |
|
|
| 124 | slog (L_ERR, _("can't bind ipv4 socket on %s: %s"), (const char *)si, strerror (errno)); |
|
|
| 125 | exit (1); |
|
|
| 126 | } |
|
|
| 127 | |
|
|
| 128 | #ifdef IP_MTU_DISCOVER |
|
|
| 129 | // this I really consider a linux bug. I am neither connected |
|
|
| 130 | // nor do I fragment myself. Linux still sets DF and doesn't |
|
|
| 131 | // fragment for me sometimes. |
|
|
| 132 | { |
|
|
| 133 | int oval = IP_PMTUDISC_DONT; |
|
|
| 134 | setsockopt (ipv4_fd, SOL_IP, IP_MTU_DISCOVER, &oval, sizeof oval); |
|
|
| 135 | } |
|
|
| 136 | #endif |
|
|
| 137 | |
|
|
| 138 | ipv4_ev_watcher.start (ipv4_fd, POLLIN); |
|
|
| 139 | } |
|
|
| 140 | |
143 | |
| 141 | #if ENABLE_TCP |
144 | #if ENABLE_TCP |
| 142 | if (THISNODE->protocols & PROT_TCPv4) |
145 | if (THISNODE->protocols & PROT_TCPv4 && THISNODE->tcp_port) |
| 143 | { |
146 | { |
| 144 | tcpv4_fd = socket (PF_INET, SOCK_STREAM, IPPROTO_TCP); |
147 | tcpv4_fd = socket (PF_INET, SOCK_STREAM, IPPROTO_TCP); |
| 145 | |
148 | |
| 146 | if (tcpv4_fd < 0) |
149 | if (tcpv4_fd < 0) |
| 147 | return -1; |
150 | return -1; |
| … | |
… | |
| 185 | |
188 | |
| 186 | return 0; |
189 | return 0; |
| 187 | } |
190 | } |
| 188 | |
191 | |
| 189 | // send a vpn packet out to other hosts |
192 | // send a vpn packet out to other hosts |
| 190 | void |
193 | bool |
| 191 | vpn::send_vpn_packet (vpn_packet *pkt, const sockinfo &si, int tos) |
194 | vpn::send_vpn_packet (vpn_packet *pkt, const sockinfo &si, int tos) |
| 192 | { |
195 | { |
| 193 | switch (si.prot) |
196 | switch (si.prot) |
| 194 | { |
197 | { |
| 195 | case PROT_IPv4: |
198 | case PROT_IPv4: |
| 196 | send_ipv4_packet (pkt, si, tos); |
199 | return send_ipv4_packet (pkt, si, tos); |
| 197 | break; |
|
|
| 198 | |
200 | |
| 199 | case PROT_UDPv4: |
201 | case PROT_UDPv4: |
| 200 | send_udpv4_packet (pkt, si, tos); |
202 | return send_udpv4_packet (pkt, si, tos); |
| 201 | break; |
|
|
| 202 | |
203 | |
| 203 | #if ENABLE_TCP |
204 | #if ENABLE_TCP |
| 204 | case PROT_TCPv4: |
205 | case PROT_TCPv4: |
| 205 | send_tcpv4_packet (pkt, si, tos); |
206 | return send_tcpv4_packet (pkt, si, tos); |
| 206 | break; |
|
|
| 207 | #endif |
207 | #endif |
| 208 | |
208 | |
| 209 | default: |
209 | default: |
| 210 | slog (L_CRIT, _("%s: FATAL: trying to send packet with unsupported protocol"), (const char *)si); |
210 | slog (L_CRIT, _("%s: FATAL: trying to send packet with unsupported protocol"), (const char *)si); |
| 211 | abort (); |
211 | return false; |
| 212 | } |
212 | } |
| 213 | } |
213 | } |
| 214 | |
214 | |
| 215 | void |
215 | bool |
| 216 | vpn::send_ipv4_packet (vpn_packet *pkt, const sockinfo &si, int tos) |
216 | vpn::send_ipv4_packet (vpn_packet *pkt, const sockinfo &si, int tos) |
| 217 | { |
217 | { |
| 218 | setsockopt (ipv4_fd, SOL_IP, IP_TOS, &tos, sizeof tos); |
218 | setsockopt (ipv4_fd, SOL_IP, IP_TOS, &tos, sizeof tos); |
| 219 | sendto (ipv4_fd, &((*pkt)[0]), pkt->len, 0, si.sav4 (), si.salenv4 ()); |
219 | sendto (ipv4_fd, &((*pkt)[0]), pkt->len, 0, si.sav4 (), si.salenv4 ()); |
| 220 | } |
|
|
| 221 | |
220 | |
| 222 | void |
221 | return true; |
|
|
222 | } |
|
|
223 | |
|
|
224 | bool |
| 223 | vpn::send_udpv4_packet (vpn_packet *pkt, const sockinfo &si, int tos) |
225 | vpn::send_udpv4_packet (vpn_packet *pkt, const sockinfo &si, int tos) |
| 224 | { |
226 | { |
| 225 | setsockopt (udpv4_fd, SOL_IP, IP_TOS, &tos, sizeof tos); |
227 | setsockopt (udpv4_fd, SOL_IP, IP_TOS, &tos, sizeof tos); |
| 226 | sendto (udpv4_fd, &((*pkt)[0]), pkt->len, 0, si.sav4 (), si.salenv4 ()); |
228 | sendto (udpv4_fd, &((*pkt)[0]), pkt->len, 0, si.sav4 (), si.salenv4 ()); |
|
|
229 | |
|
|
230 | return true; |
| 227 | } |
231 | } |
| 228 | |
232 | |
| 229 | void |
233 | void |
| 230 | vpn::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi) |
234 | vpn::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi) |
| 231 | { |
235 | { |
| … | |
… | |
| 496 | } |
500 | } |
| 497 | |
501 | |
| 498 | return router; |
502 | return router; |
| 499 | } |
503 | } |
| 500 | |
504 | |
| 501 | void vpn::connect_request (int id) |
505 | void vpn::send_connect_request (int id) |
| 502 | { |
506 | { |
| 503 | connection *c = find_router (); |
507 | connection *c = find_router (); |
| 504 | |
508 | |
| 505 | if (c) |
509 | if (c) |
| 506 | c->connect_request (id); |
510 | c->send_connect_request (id); |
| 507 | //else // does not work, because all others must connect to the same router |
511 | else |
| 508 | // // no router found, aggressively connect to all routers |
512 | // no router found, aggressively connect to all routers |
| 509 | // for (conns_vector::iterator i = conns.begin (); i != conns.end (); ++i) |
513 | for (conns_vector::iterator i = conns.begin (); i != conns.end (); ++i) |
| 510 | // if ((*i)->conf->routerprio) |
514 | if ((*i)->conf->routerprio) |
| 511 | // (*i)->establish_connection (); |
515 | (*i)->establish_connection (); |
| 512 | } |
516 | } |
| 513 | |
517 | |
| 514 | void |
518 | void |
| 515 | connection::dump_status () |
519 | connection::dump_status () |
| 516 | { |
520 | { |
