static int do_show(int argc, char **argv) { struct l2tp_data data; struct l2tp_parm *p = &data.config; if (parse_args(argc, argv, L2TP_GET, p) < 0) return -1; if (!p->tunnel && !p->session) missarg("tunnel or session"); if (p->session) get_session(&data); else get_tunnel(&data); return 0; }
void network_thread () { /* * We loop forever waiting on either data from the ppp drivers or from * our network socket. Control handling is no longer done here. */ struct sockaddr_in from; struct in_pktinfo to; unsigned int fromlen; int tunnel, call; /* Tunnel and call */ int recvsize; /* Length of data received */ struct buffer *buf; /* Payload buffer */ struct call *c, *sc; /* Call to send this off to */ struct tunnel *st; /* Tunnel */ fd_set readfds; /* Descriptors to watch for reading */ int max; /* Highest fd */ struct timeval tv, *ptv; /* Timeout for select */ struct msghdr msgh; struct iovec iov; char cbuf[256]; unsigned int refme, refhim; int * currentfd; int server_socket_processed; #ifdef HIGH_PRIO /* set high priority */ if (setpriority(PRIO_PROCESS, 0, -20) < 0) l2tp_log (LOG_INFO, "xl2tpd: can't set priority to high: %m"); #endif /* This one buffer can be recycled for everything except control packets */ buf = new_buf (MAX_RECV_SIZE); tunnel = 0; call = 0; for (;;) { int ret; process_signal(); max = build_fdset (&readfds); ptv = process_schedule(&tv); ret = select (max + 1, &readfds, NULL, NULL, ptv); if (ret <= 0) { #ifdef DEBUG_MORE if (ret == 0) { if (gconfig.debug_network) { l2tp_log (LOG_DEBUG, "%s: select timeout\n", __FUNCTION__); } } else { if (gconfig.debug_network) { l2tp_log (LOG_DEBUG, "%s: select returned error %d (%s)\n", __FUNCTION__, errno, strerror (errno)); } } #endif continue; } if (FD_ISSET (control_fd, &readfds)) { do_control (); } server_socket_processed = 0; currentfd = NULL; st = tunnels.head; while (st || !server_socket_processed) { if (st && (st->udp_fd == -1)) { st=st->next; continue; } if (st) { currentfd = &st->udp_fd; } else { currentfd = &server_socket; server_socket_processed = 1; } if (FD_ISSET (*currentfd, &readfds)) { /* * Okay, now we're ready for reading and processing new data. */ recycle_buf (buf); /* Reserve space for expanding payload packet headers */ buf->start += PAYLOAD_BUF; buf->len -= PAYLOAD_BUF; memset(&from, 0, sizeof(from)); memset(&to, 0, sizeof(to)); fromlen = sizeof(from); memset(&msgh, 0, sizeof(struct msghdr)); iov.iov_base = buf->start; iov.iov_len = buf->len; msgh.msg_control = cbuf; msgh.msg_controllen = sizeof(cbuf); msgh.msg_name = &from; msgh.msg_namelen = fromlen; msgh.msg_iov = &iov; msgh.msg_iovlen = 1; msgh.msg_flags = 0; /* Receive one packet. */ recvsize = recvmsg(*currentfd, &msgh, 0); if (recvsize < MIN_PAYLOAD_HDR_LEN) { if (recvsize < 0) { if (errno == ECONNREFUSED) { close(*currentfd); } if ((errno == ECONNREFUSED) || (errno == EBADF)) { *currentfd = -1; } if (errno != EAGAIN) l2tp_log (LOG_WARNING, "%s: recvfrom returned error %d (%s)\n", __FUNCTION__, errno, strerror (errno)); } else { l2tp_log (LOG_WARNING, "%s: received too small a packet\n", __FUNCTION__); } if (st) st=st->next; continue; } refme=refhim=0; struct cmsghdr *cmsg; /* Process auxiliary received data in msgh */ for (cmsg = CMSG_FIRSTHDR(&msgh); cmsg != NULL; cmsg = CMSG_NXTHDR(&msgh,cmsg)) { /* extract destination(our) addr */ if (cmsg->cmsg_level == IPPROTO_IP && cmsg->cmsg_type == IP_PKTINFO) { struct in_pktinfo* pktInfo = ((struct in_pktinfo*)CMSG_DATA(cmsg)); to = *pktInfo; } /* extract IPsec info out */ else if (gconfig.ipsecsaref && cmsg->cmsg_level == IPPROTO_IP && cmsg->cmsg_type == gconfig.sarefnum) { unsigned int *refp; refp = (unsigned int *)CMSG_DATA(cmsg); refme =refp[0]; refhim=refp[1]; } } /* * some logic could be added here to verify that we only * get L2TP packets inside of IPsec, or to provide different * classes of service to packets not inside of IPsec. */ buf->len = recvsize; fix_hdr (buf->start); extract (buf->start, &tunnel, &call); if (gconfig.debug_network) { l2tp_log(LOG_DEBUG, "%s: recv packet from %s, size = %d, " "tunnel = %d, call = %d ref=%u refhim=%u\n", __FUNCTION__, inet_ntoa (from.sin_addr), recvsize, tunnel, call, refme, refhim); } if (gconfig.packet_dump) { do_packet_dump (buf); } if (!(c = get_call (tunnel, call, from.sin_addr, from.sin_port, refme, refhim))) { if ((c = get_tunnel (tunnel, from.sin_addr.s_addr, from.sin_port))) { /* * It is theoretically possible that we could be sent * a control message (say a StopCCN) on a call that we * have already closed or some such nonsense. To * prevent this from closing the tunnel, if we get a * call on a valid tunnel, but not with a valid CID, * we'll just send a ZLB to ack receiving the packet. */ if (gconfig.debug_tunnel) l2tp_log (LOG_DEBUG, "%s: no such call %d on tunnel %d. Sending special ZLB\n", __FUNCTION__, call, tunnel); if (handle_special (buf, c, call) == 0) /* get a new buffer */ buf = new_buf (MAX_RECV_SIZE); } #ifdef DEBUG_MORE else{ l2tp_log (LOG_DEBUG, "%s: unable to find call or tunnel to handle packet. call = %d, tunnel = %d Dumping.\n", __FUNCTION__, call, tunnel); } #endif } else { if (c->container) { c->container->my_addr = to; } buf->peer = from; /* Handle the packet */ c->container->chal_us.vector = NULL; if (handle_packet (buf, c->container, c)) { if (gconfig.debug_tunnel) l2tp_log (LOG_DEBUG, "%s: bad packet\n", __FUNCTION__); } if (c->cnu) { /* Send Zero Byte Packet */ control_zlb (buf, c->container, c); c->cnu = 0; } } } if (st) st=st->next; } /* * finished obvious sources, look for data from PPP connections. */ st = tunnels.head; while (st) { sc = st->call_head; while (sc) { if ((sc->fd >= 0) && FD_ISSET (sc->fd, &readfds)) { /* Got some payload to send */ int result; while ((result = read_packet (sc)) > 0) { add_payload_hdr (sc->container, sc, sc->ppp_buf); if (gconfig.packet_dump) { do_packet_dump (sc->ppp_buf); } sc->prx = sc->data_rec_seq_num; if (sc->zlb_xmit) { deschedule (sc->zlb_xmit); sc->zlb_xmit = NULL; } sc->tx_bytes += sc->ppp_buf->len; sc->tx_pkts++; udp_xmit (sc->ppp_buf, st); recycle_payload (sc->ppp_buf, sc->container->peer); } if (result != 0) { l2tp_log (LOG_WARNING, "%s: tossing read packet, error = %s (%d). Closing call.\n", __FUNCTION__, strerror (-result), -result); strcpy (sc->errormsg, strerror (-result)); sc->needclose = -1; } } sc = sc->next; } st = st->next; } } }
int main(int argc, char **argv) { if (argc < 5) { printf("Usage: %s <tunN> <port> <secret> options...\n" "\n" "Options:\n" " -m <MTU> for the maximum transmission unit\n" " -a <address/prefix-length> for the private address\n" " -r <address/prefix-length> for the forwarding route\n" " -d <address> for the domain name server\n" " -s <domain> for the search domain\n" "\n" "Note that TUN interface needs to be configured properly\n" "BEFORE running this program. For more information, please\n" "read the comments in the source code.\n\n", argv[0]); exit(1); } strcpy(_hi_secret, argv[3]); memcpy(_ll_argv, argv, argc * sizeof(argv[0])); _ll_argc = argc; // Wait for a tunnel. int tunnel; int dirty = 0; time_t lastup = time(NULL); // Get TUN interface. int interface = get_interface(argv[1]); do { int maxfd; int count; fd_set readfds; struct timeval timeout; dirty = 0; lastup = time(NULL); tunnel = get_tunnel(argv[2]); maxfd = (tunnel > interface? tunnel: interface); for (; ; ) { FD_ZERO(&readfds); FD_SET(tunnel, &readfds); FD_SET(interface, &readfds); timeout.tv_sec = 1; timeout.tv_usec = 0; count = select(maxfd + 1, &readfds, NULL, NULL, &timeout); if (count == -1) { fprintf(stderr, "select error %s\n", strerror(errno)); exit(-1); } if (count > 0) { int length; int tunnel_prepare; int interface_prepare; struct sockaddr from; unsigned char packet[2048]; socklen_t fromlen = sizeof(from); tunnel_prepare = FD_ISSET(tunnel, &readfds); interface_prepare = FD_ISSET(interface, &readfds); do { if (tunnel_prepare) { length = recvfrom(tunnel, packet, sizeof(packet), MSG_DONTWAIT, &from, &fromlen); tunnel_prepare = 0; if (length > 0) { tunnel_prepare = 1; if (length > LEN_PADDING + (int)sizeof(struct ipv4_info) && packet[LEN_PADDING]) { int len = length - LEN_PADDING; const unsigned char *adj = packet + LEN_PADDING; if (is_same_network(adj, len)) { /* route packet to other device. */ dispatch_packet(tunnel, adj, len, &from, fromlen); } else { /* dispatch to tun device. */ write(interface, adj, len); } lastup = time(NULL); dirty = 1; } else if (length > LEN_PADDING) { int len = length - LEN_PADDING; const unsigned char *adj = packet + LEN_PADDING; fprintf(stderr, "recvfrom %d %d %d\n", length, fromlen, from.sa_family); packet[length] = 0; handshake_packet(tunnel, adj, len, &from, fromlen); lastup = time(NULL); dirty = 1; } } } if (interface_prepare) { length = read(interface, packet, sizeof(packet)); interface_prepare = 0; if (length > (int)sizeof(struct ipv4_info)) { interface_prepare = 1; dispatch_packet(tunnel, packet, length, NULL, 0); } } } while (tunnel_prepare || interface_prepare); continue; } if (dirty && lastup + 60 < time(NULL)) { fprintf(stderr, "idle for long time, try to recreate interface\n"); break; } } close(tunnel); } while (true); close(interface); return 0; }
void network_thread () { /* * We loop forever waiting on either data from the ppp drivers or from * our network socket. Control handling is no longer done here. */ struct sockaddr_in from, to; unsigned int fromlen, tolen; int tunnel, call; /* Tunnel and call */ int recvsize; /* Length of data received */ struct buffer *buf; /* Payload buffer */ struct call *c, *sc; /* Call to send this off to */ struct tunnel *st; /* Tunnel */ fd_set readfds; /* Descriptors to watch for reading */ int max; /* Highest fd */ struct timeval tv, *ptv; /* Timeout for select */ struct msghdr msgh; struct iovec iov; char cbuf[256]; unsigned int refme, refhim; /* This one buffer can be recycled for everything except control packets */ buf = new_buf (MAX_RECV_SIZE); tunnel = 0; call = 0; for (;;) { int ret; process_signal(); max = build_fdset (&readfds); ptv = process_schedule(&tv); ret = select (max + 1, &readfds, NULL, NULL, ptv); if (ret <= 0) { if (ret == 0) { if (gconfig.debug_network) { l2tp_log (LOG_DEBUG, "%s: select timeout\n", __FUNCTION__); } } else { if (gconfig.debug_network) { l2tp_log (LOG_DEBUG, "%s: select returned error %d (%s)\n", __FUNCTION__, errno, strerror (errno)); } } continue; } if (FD_ISSET (control_fd, &readfds)) { do_control (); } if (FD_ISSET (server_socket, &readfds)) { /* * Okay, now we're ready for reading and processing new data. */ recycle_buf (buf); /* Reserve space for expanding payload packet headers */ buf->start += PAYLOAD_BUF; buf->len -= PAYLOAD_BUF; memset(&from, 0, sizeof(from)); memset(&to, 0, sizeof(to)); fromlen = sizeof(from); tolen = sizeof(to); memset(&msgh, 0, sizeof(struct msghdr)); iov.iov_base = buf->start; iov.iov_len = buf->len; msgh.msg_control = cbuf; msgh.msg_controllen = sizeof(cbuf); msgh.msg_name = &from; msgh.msg_namelen = fromlen; msgh.msg_iov = &iov; msgh.msg_iovlen = 1; msgh.msg_flags = 0; /* Receive one packet. */ recvsize = recvmsg(server_socket, &msgh, 0); if (recvsize < MIN_PAYLOAD_HDR_LEN) { if (recvsize < 0) { if (errno != EAGAIN) l2tp_log (LOG_WARNING, "%s: recvfrom returned error %d (%s)\n", __FUNCTION__, errno, strerror (errno)); } else { l2tp_log (LOG_WARNING, "%s: received too small a packet\n", __FUNCTION__); } continue; } refme=refhim=0; /* extract IPsec info out */ if(gconfig.ipsecsaref) { struct cmsghdr *cmsg; /* Process auxiliary received data in msgh */ for (cmsg = CMSG_FIRSTHDR(&msgh); cmsg != NULL; cmsg = CMSG_NXTHDR(&msgh,cmsg)) { if (cmsg->cmsg_level == IPPROTO_IP && cmsg->cmsg_type == IP_IPSEC_REFINFO) { unsigned int *refp; refp = (unsigned int *)CMSG_DATA(cmsg); refme =refp[0]; refhim=refp[1]; } } } /* * some logic could be added here to verify that we only * get L2TP packets inside of IPsec, or to provide different * classes of service to packets not inside of IPsec. */ buf->len = recvsize; fix_hdr (buf->start); extract (buf->start, &tunnel, &call); if (gconfig.debug_network) { l2tp_log(LOG_DEBUG, "%s: recv packet from %s, size = %d, " "tunnel = %d, call = %d ref=%u refhim=%u\n", __FUNCTION__, inet_ntoa (from.sin_addr), recvsize, tunnel, call, refme, refhim); } if (gconfig.packet_dump) { do_packet_dump (buf); } if (! (c = get_call (tunnel, call, from.sin_addr.s_addr, from.sin_port, refme, refhim))) { if ((c = get_tunnel (tunnel, from.sin_addr.s_addr, from.sin_port))) { /* * It is theoretically possible that we could be sent * a control message (say a StopCCN) on a call that we * have already closed or some such nonsense. To * prevent this from closing the tunnel, if we get a * call on a valid tunnel, but not with a valid CID, * we'll just send a ZLB to ack receiving the packet. */ if (gconfig.debug_tunnel) l2tp_log (LOG_DEBUG, "%s: no such call %d on tunnel %d. Sending special ZLB\n", __FUNCTION__); handle_special (buf, c, call); /* get a new buffer */ buf = new_buf (MAX_RECV_SIZE); } else l2tp_log (LOG_DEBUG, "%s: unable to find call or tunnel to handle packet. call = %d, tunnel = %d Dumping.\n", __FUNCTION__, call, tunnel); } else { buf->peer = from; /* Handle the packet */ c->container->chal_us.vector = NULL; if (handle_packet (buf, c->container, c)) { if (gconfig.debug_tunnel) l2tp_log (LOG_DEBUG, "%s: bad packet\n", __FUNCTION__); }; if (c->cnu) { /* Send Zero Byte Packet */ control_zlb (buf, c->container, c); c->cnu = 0; } }; } /* * finished obvious sources, look for data from PPP connections. */ st = tunnels.head; while (st) { sc = st->call_head; while (sc) { if ((sc->fd >= 0) && FD_ISSET (sc->fd, &readfds)) { /* Got some payload to send */ int result; recycle_payload (buf, sc->container->peer); /* #ifdef DEBUG_FLOW_MORE l2tp_log (LOG_DEBUG, "%s: rws = %d, pSs = %d, pLr = %d\n", __FUNCTION__, sc->rws, sc->pSs, sc->pLr); #endif if ((sc->rws>0) && (sc->pSs > sc->pLr + sc->rws) && !sc->rbit) { #ifdef DEBUG_FLOW log(LOG_DEBUG, "%s: throttling payload (call = %d, tunnel = %d, Lr = %d, Ss = %d, rws = %d)!\n",__FUNCTION__, sc->cid, sc->container->tid, sc->pLr, sc->pSs, sc->rws); #endif sc->throttle = -1; We unthrottle in handle_packet if we get a payload packet, valid or ZLB, but we also schedule a dethrottle in which case the R-bit will be set FIXME: Rate Adaptive timeout? tv.tv_sec = 2; tv.tv_usec = 0; sc->dethrottle = schedule(tv, dethrottle, sc); } else */ /* while ((result=read_packet(buf,sc->fd,sc->frame & SYNC_FRAMING))>0) { */ while ((result = read_packet (buf, sc->fd, SYNC_FRAMING)) > 0) { add_payload_hdr (sc->container, sc, buf); if (gconfig.packet_dump) { do_packet_dump (buf); } sc->prx = sc->data_rec_seq_num; if (sc->zlb_xmit) { deschedule (sc->zlb_xmit); sc->zlb_xmit = NULL; } sc->tx_bytes += buf->len; sc->tx_pkts++; udp_xmit (buf, st); recycle_payload (buf, sc->container->peer); } if (result != 0) { l2tp_log (LOG_WARNING, "%s: tossing read packet, error = %s (%d). Closing call.\n", __FUNCTION__, strerror (-result), -result); strcpy (sc->errormsg, strerror (-result)); sc->needclose = -1; } } sc = sc->next; } st = st->next; } } }
int main(int argc, char *argv[]) { enum AICCU_MODES mode = A_NONE; struct TIC_Tunnel *hTunnel; #ifdef _WIN32 WSADATA wsadata; unsigned int i; /* Initialize Winsock so that we can do network functions */ WSAStartup(WINSOCK_VERSION, &wsadata); #endif /* Initialize Configuration */ aiccu_InitConfig(); /* Make sure we actually have an IPv6 stack */ aiccu_install(); /* Require start/stop/test */ if (argc == 2 || argc == 3) { if (strcasecmp(argv[1], "start") == 0) mode = A_START; else if (strcasecmp(argv[1], "stop") == 0) mode = A_STOP; else if (strcasecmp(argv[1], "brokers") == 0) mode = A_BROKERS; else if (strcasecmp(argv[1], "tunnels") == 0) mode = A_TUNNELS; else if (strcasecmp(argv[1], "test") == 0) mode = A_TEST; else if (strcasecmp(argv[1], "autotest")== 0) mode = A_AUTOTEST; else if (strcasecmp(argv[1], "license") == 0) mode = A_LICENSE; #ifdef _WIN32 else if (strcasecmp(argv[1], "listtaps") == 0) mode = A_LISTTAPS; #endif else if (strcasecmp(argv[1], "version") == 0) mode = A_VERSION; } /* Optionally we want a second argument: a config file */ if (( argc != 2 && argc != 3) || mode == A_NONE) { dolog(LOG_ERR, "%s", options); return -1; } if ( mode == A_LICENSE) { printf("%s\n", aiccu_license()); return 0; } if ( mode == A_VERSION) { printf("AICCU %s by Jeroen Massar\n", AICCU_VERSION); return 0; } #ifdef _WIN32 if ( mode == A_LISTTAPS) { tun_list_tap_adapters(); return 0; } #endif if ( mode == A_BROKERS) { int ret = list_brokers(); aiccu_FreeConfig(); return ret == 0 ? -1 : 0; } if (!aiccu_LoadConfig(argc <= 2 ? NULL : argv[2])) { return -1; } #ifndef _WIN32 /* start or stop? */ if ( mode != A_TEST && mode != A_AUTOTEST) { /* Already running? */ if (sigrunning(mode == A_STOP ? SIGTERM : 0) == 1) { dolog(LOG_ERR, "Already running instance HUP'ed, exiting\n"); return 0; } } #endif /* Verify required parameters */ if (!g_aiccu || !g_aiccu->username || !g_aiccu->password) { dolog(LOG_ERR, "Required parameters missing, make sure that username and password are given\n"); aiccu_FreeConfig(); return -1; } if (mode == A_TUNNELS) { int ret = list_tunnels(); aiccu_FreeConfig(); return ret == 0 ? -1 : 0; } /* Get our tunnel */ hTunnel = get_tunnel(); if (!hTunnel) { dolog(LOG_ERR, "Couldn't retrieve first tunnel for the above reason, aborting\n"); aiccu_FreeConfig(); return -1; } /* * We now have sufficient information. * Thus we can logout from the TIC server */ tic_Logout(g_aiccu->tic, NULL); g_aiccu->tic = NULL; if (g_aiccu->verbose) { printf("Tunnel Information for %s:\n",hTunnel->sId); printf("POP Id : %s\n", hTunnel->sPOP_Id); printf("IPv6 Local : %s/%u\n", hTunnel->sIPv6_Local,hTunnel->nIPv6_PrefixLength); printf("IPv6 Remote : %s/%u\n", hTunnel->sIPv6_POP,hTunnel->nIPv6_PrefixLength); printf("Tunnel Type : %s\n", hTunnel->sType); printf("Adminstate : %s\n", hTunnel->sAdminState); printf("Userstate : %s\n", hTunnel->sUserState); } /* One can always try to stop it */ if (mode == A_STOP) { aiccu_delete(hTunnel); /* Free stuff and exit */ tic_Free_Tunnel(hTunnel); aiccu_FreeConfig(); return 0; } if ( (strcmp(hTunnel->sAdminState, "enabled") != 0) || (strcmp(hTunnel->sUserState, "enabled") != 0)) { dolog(LOG_ERR, "Tunnel is not enabled (UserState: %s, AdminState: %s)\n", hTunnel->sAdminState, hTunnel->sUserState); return -1; } /* Do the test thing */ if ( mode == A_TEST || mode == A_AUTOTEST) { #ifdef _WIN32 SetConsoleCtrlHandler((PHANDLER_ROUTINE)sigterm_testing, true); #endif /* Setup the tunnel */ if (aiccu_setup(hTunnel, true)) { aiccu_test(hTunnel, strcasecmp(argv[1], "autotest") == 0 ? true : false); /* Tear the tunnel down again */ aiccu_delete(hTunnel); } else { dolog(LOG_ERR, "Tunnel Setup Failed\n"); } /* exit as all is done */ tic_Free_Tunnel(hTunnel); aiccu_FreeConfig(); return 0; } #ifndef _WIN32 if ( mode == A_START && g_aiccu->daemonize != 0) { FILE *f; /* Daemonize */ int i = fork(); if (i < 0) { fprintf(stderr, "Couldn't fork\n"); return -1; } /* Exit the mother fork */ if (i != 0) return 0; /* Child fork */ setsid(); /* Chdir to minimise disruption to FS umounts */ (void)chdir("/"); /* Cleanup stdin/out/err */ freopen("/dev/null","r",stdin); freopen("/dev/null","w",stdout); freopen("/dev/null","w",stderr); /* */ f = fopen(g_aiccu->pidfile, "w"); if (!f) { dolog(LOG_ERR, "Could not store PID in file %s\n", g_aiccu->pidfile); return 0; } fprintf(f, "%d", getpid()); fclose(f); dolog(LOG_INFO, "AICCU running as PID %d\n", getpid()); } #endif /* !_WIN32 */ /* mode == A_START */ #ifndef _WIN32 /* * Install a signal handler so that * one can disable beating with SIGUSR1 */ signal(SIGUSR1, &sigusr1); /* * Install a signal handler so that * one can stop this program with SIGTERM */ signal(SIGTERM, &sigterm); signal(SIGINT, &sigterm); #else SetConsoleCtrlHandler((PHANDLER_ROUTINE)sigterm, true); #endif /* * Setup our tunnel * This also spawns required threads for AYIYA */ if (aiccu_setup(hTunnel, true)) { /* We need to stay running when doing Heartbeat or AYIYA */ if ( strcasecmp(hTunnel->sType, "6in4-heartbeat") == 0 || strcasecmp(hTunnel->sType, "ayiya") == 0) { /* We are spawned, now just beat once in a while. */ while (g_aiccu->running) { aiccu_beat(hTunnel); #ifndef _WIN32 sleep(hTunnel->nHeartbeat_Interval); #else for (i=0; g_aiccu->running && i <= hTunnel->nHeartbeat_Interval; i++) Sleep(1000); #endif } /* Clean up the the tunnel, no beat anyway */ aiccu_delete(hTunnel); } #ifndef _WIN32 /* Remove our PID file */ if (g_aiccu) unlink(g_aiccu->pidfile); #endif } /* Free our resources */ aiccu_FreeConfig(); return 0; }
void network_thread () { /* * We loop forever waiting on either data from the ppp drivers or from * our network socket. Control handling is no longer done here. */ int fromlen; /* Length of the address */ int tunnel, call; /* Tunnel and call */ int recvsize; /* Length of data received */ struct buffer *buf; /* Payload buffer */ struct call *c, *sc; /* Call to send this off to */ struct tunnel *st; /* Tunnel */ fd_set readfds; /* Descriptors to watch for reading */ int max; /* Highest fd */ struct timeval tv; /* Timeout for select */ /* This one buffer can be recycled for everything except control packets */ buf = new_buf (MAX_RECV_SIZE); gconfig.debug_tunnel = 1; for (;;) { max = build_fdset (&readfds); tv.tv_sec = 1; tv.tv_usec = 0; schedule_unlock (); select (max + 1, &readfds, NULL, NULL, NULL); schedule_lock (); if (FD_ISSET (control_fd, &readfds)) { do_control (); } if (FD_ISSET (server_socket, &readfds)) { /* * Okay, now we're ready for reading and processing new data. */ recycle_buf (buf); /* Reserve space for expanding payload packet headers */ buf->start += PAYLOAD_BUF; buf->len -= PAYLOAD_BUF; fromlen = sizeof (from); recvsize = recvfrom (server_socket, buf->start, buf->len, 0, (struct sockaddr *) &from, &fromlen); if (recvsize < MIN_PAYLOAD_HDR_LEN) { if (recvsize < 0) { if (errno != EAGAIN) log (LOG_WARN, "%s: recvfrom returned error %d (%s)\n", __FUNCTION__, errno, strerror (errno)); } else { log (LOG_WARN, "%s: received too small a packet\n", __FUNCTION__); } } else { buf->len = recvsize; if (gconfig.debug_network) { log (LOG_DEBUG, "%s: recv packet from %s, size = %d, " "tunnel = %d, call = %d\n", __FUNCTION__, inet_ntoa (from.sin_addr), recvsize, tunnel, call); } if (gconfig.packet_dump) { do_packet_dump (buf); } fix_hdr (buf->start); extract (buf->start, &tunnel, &call); if (! (c = get_call (tunnel, call, from.sin_addr.s_addr, from.sin_port))) { log(LOG_DEBUG, "%s(%d)\n", __FUNCTION__,__LINE__); if ((c = get_tunnel (tunnel, from.sin_addr.s_addr, from.sin_port))) { /* * It is theoretically possible that we could be sent * a control message (say a StopCCN) on a call that we * have already closed or some such nonsense. To prevent * this from closing the tunnel, if we get a call on a valid * tunnel, but not with a valid CID, we'll just send a ZLB * to ack receiving the packet. */ if (gconfig.debug_tunnel) log (LOG_DEBUG, "%s: no such call %d on tunnel %d. Sending special ZLB\n", __FUNCTION__); handle_special (buf, c, call); } else log (LOG_DEBUG, "%s: unable to find call or tunnel to handle packet. call = %d, tunnel = %d Dumping.\n", __FUNCTION__, call, tunnel); } else { buf->peer = from; /* Handle the packet */ c->container->chal_us.vector = NULL; if (handle_packet (buf, c->container, c)) { if (gconfig.debug_tunnel) log (LOG_DEBUG, "%s(%d): bad packet\n", __FUNCTION__,__LINE__); }; if (c->cnu) { /* Send Zero Byte Packet */ control_zlb (buf, c->container, c); c->cnu = 0; } } } }; st = tunnels.head; while (st) { sc = st->call_head; while (sc) { if ((sc->fd >= 0) && FD_ISSET (sc->fd, &readfds)) { /* Got some payload to send */ int result; recycle_payload (buf, sc->container->peer); #ifdef DEBUG_FLOW_MORE log (LOG_DEBUG, "%s: rws = %d, pSs = %d, pLr = %d\n", __FUNCTION__, sc->rws, sc->pSs, sc->pLr); #endif /* if ((sc->rws>0) && (sc->pSs > sc->pLr + sc->rws) && !sc->rbit) { #ifdef DEBUG_FLOW log(LOG_DEBUG, "%s: throttling payload (call = %d, tunnel = %d, Lr = %d, Ss = %d, rws = %d)!\n",__FUNCTION__, sc->cid, sc->container->tid, sc->pLr, sc->pSs, sc->rws); #endif sc->throttle = -1; We unthrottle in handle_packet if we get a payload packet, valid or ZLB, but we also schedule a dethrottle in which case the R-bit will be set FIXME: Rate Adaptive timeout? tv.tv_sec = 2; tv.tv_usec = 0; sc->dethrottle = schedule(tv, dethrottle, sc); } else */ /* while ((result=read_packet(buf,sc->fd,sc->frame & SYNC_FRAMING))>0) { */ while ((result = read_packet (buf, sc->fd, SYNC_FRAMING)) > 0) { add_payload_hdr (sc->container, sc, buf); if (gconfig.packet_dump) { do_packet_dump (buf); } sc->prx = sc->data_rec_seq_num; if (sc->zlb_xmit) { deschedule (sc->zlb_xmit); sc->zlb_xmit = NULL; } sc->tx_bytes += buf->len; sc->tx_pkts++; udp_xmit (buf); recycle_payload (buf, sc->container->peer); } if (result != 0) { log (LOG_WARN, "%s: tossing read packet, error = %s (%d). Closing call.\n", __FUNCTION__, strerror (-result), -result); strcpy (sc->errormsg, strerror (-result)); sc->needclose = -1; } } sc = sc->next; } st = st->next; } } }
int main(int argc, char **argv) { struct icmp_header *icmp_header; if (argc < 5) { printf("Usage: %s <tunN> <port> <secret> server\n" "\n" "Note that TUN interface needs to be configured properly\n" "BEFORE running this program. For more information, please\n" "read the comments in the source code.\n\n", argv[0]); exit(1); } _ll_argc = argc; strcpy(_hi_secret, argv[3]); memcpy(_ll_argv, argv, argc * sizeof(argv[0])); // Wait for a tunnel. int tunnel; int dirty = 0; time_t lastup = time(NULL); // Get TUN interface. int interface = get_interface(argv[1]); do { int maxfd; int count; fd_set readfds; struct timeval timeout; dirty = 0; lastup = time(NULL); tunnel = get_tunnel(argv[2], argv[4]); maxfd = (tunnel > interface? tunnel: interface); fcntl(tunnel, F_SETFL, O_NONBLOCK); handshake_packet(tunnel, NULL, 0); for (; ; ) { FD_ZERO(&readfds); FD_SET(tunnel, &readfds); FD_SET(interface, &readfds); timeout.tv_sec = 1; timeout.tv_usec = 0; count = select(maxfd + 1, &readfds, NULL, NULL, &timeout); if (count == -1) { fprintf(stderr, "select error %s\n", strerror(errno)); exit(-1); } if (count > 0) { int length; int tunnel_prepare; int interface_prepare; struct sockaddr from; unsigned char packet[2048]; socklen_t fromlen = sizeof(from); tunnel_prepare = FD_ISSET(tunnel, &readfds); interface_prepare = FD_ISSET(interface, &readfds); do { if (tunnel_prepare) { length = recvfrom(tunnel, packet, sizeof(packet), MSG_DONTWAIT, &from, &fromlen); tunnel_prepare = 0; if (length > 0) { struct tracker_header *trak; tunnel_prepare = 1; trak = (struct tracker_header *)&packet[LEN_PADDING]; trak--; if (length > LEN_PADDING && packet[LEN_PADDING] == 0) { int len = length - LEN_PADDING; const unsigned char *adj = packet + LEN_PADDING; fprintf(stderr, "recvfrom %d %d %d\n", length, fromlen, from.sa_family); packet[length] = 0; handshake_packet(tunnel, adj, len); lastup = time(NULL); dirty = 1; } else if (length > LEN_PADDING + (int)sizeof(struct ipv4_header)) { int len = length - LEN_PADDING; const unsigned char *adj = packet + LEN_PADDING; /* dispatch to tun device. */ write(interface, adj, len); lastup = time(NULL); dirty = 1; } } } if (interface_prepare) { length = read(interface, packet, sizeof(packet)); interface_prepare = 0; if (length > (int)sizeof(struct ipv4_header)) { vpn_output(tunnel, packet, length); interface_prepare = 1; } } } while (tunnel_prepare || interface_prepare); continue; } if (dirty && lastup + 60 < time(NULL)) { fprintf(stderr, "idle for long time, try to recreate interface\n"); break; } } close(tunnel); } while (true); close(interface); return 0; }
void network_thread () { /* * We loop forever waiting on either data from the ppp drivers or from * our network socket. Control handling is no longer done here. */ int fromlen; /* Length of the address */ int tunnel, call; /* Tunnel and call */ int recvsize; /* Length of data received */ struct buffer *buf; /* Payload buffer */ struct call *c, *sc; /* Call to send this off to */ struct tunnel *st; /* Tunnel */ fd_set readfds; /* Descriptors to watch for reading */ int max; /* Highest fd */ struct timeval tv; /* Timeout for select */ /* This one buffer can be recycled for everything except control packets */ buf = new_buf (MAX_RECV_SIZE); for (;;) { /* * First, let's send out any outgoing packets that are waiting on us. * xmit_udp should only * contain control packets in the unthreaded version! */ max = 0; FD_ZERO (&readfds); st = tunnels.head; while (st) { if (st->self->needclose ^ st->self->closing) { if (debug_tunnel) log (LOG_DEBUG, "%S: closing down tunnel %d\n", __FUNCTION__, st->ourtid); call_close (st->self); /* Reset the while loop and check for NULL */ st = tunnels.head; if (!st) break; continue; } sc = st->call_head; while (sc) { if (sc->needclose ^ sc->closing) { call_close (sc); sc = st->call_head; if (!sc) break; continue; } if (sc->fd > -1) { /* if (!sc->throttle && !sc->needclose && !sc->closing) { */ if (!sc->needclose && !sc->closing) { if (sc->fd > max) max = sc->fd; FD_SET (sc->fd, &readfds); } } sc = sc->next; } st = st->next; } FD_SET (server_socket, &readfds); if (server_socket > max) max = server_socket; FD_SET (control_fd, &readfds); if (control_fd > max) max = control_fd; tv.tv_sec = 1; tv.tv_usec = 0; /*add start, by MJ.*/ extern int is_first_run; if(is_first_run) { int lac_fp; /* to get conn_id which written by acos */ char cmd[64]={0}; char conn_id[64] = "c default"; lac_fp = fopen("/tmp/l2tp/l2tpd.info", "r"); if (lac_fp != NULL){ //fscanf(lac_fp, "%s", conn_id); fgets(conn_id, sizeof(conn_id), lac_fp); fclose(lac_fp); } else log (LOG_DEBUG, "open /tmp/l2tp/l2tpd.info fialed\n"); log (LOG_DEBUG, "%s: -> the first run.\n", __FUNCTION__); sprintf(cmd, "c %s", conn_id); //do_control("c MJ."); do_control(cmd); //write(control_fd, cmd, strlen(cmd) ); is_first_run = 0; } /*add end. by MJ.*/ schedule_unlock (); select (max + 1, &readfds, NULL, NULL, NULL); schedule_lock (); if (FD_ISSET (control_fd, &readfds)) { do_control (NULL); } if (FD_ISSET (server_socket, &readfds)) { /* wklin added start, 04/12/2011 */ extern void connect_pppunit(void); connect_pppunit(); /* wklin added end, 04/12/2011 */ /* * Okay, now we're ready for reading and processing new data. */ recycle_buf (buf); /* Reserve space for expanding payload packet headers */ buf->start += PAYLOAD_BUF; buf->len -= PAYLOAD_BUF; fromlen = sizeof (from); recvsize = recvfrom (server_socket, buf->start, buf->len, 0, (struct sockaddr *) &from, &fromlen); /* , by MJ. for debugging.*/ //log (LOG_DEBUG, "receive %d bytes from server_scoket.\n", recvsize); if (recvsize < MIN_PAYLOAD_HDR_LEN) { if (recvsize < 0) { if (errno != EAGAIN) log (LOG_WARN, "%s: recvfrom returned error %d (%s)\n", __FUNCTION__, errno, strerror (errno)); } else { log (LOG_WARN, "%s: received too small a packet\n", __FUNCTION__); } } else { buf->len = recvsize; fix_hdr (buf->start); extract (buf->start, &tunnel, &call); if (debug_network) { log (LOG_DEBUG, "%s: recv packet from %s, size = %d," "tunnel = %d, call = %d\n", __FUNCTION__, inet_ntoa (from.sin_addr), recvsize, tunnel, call); } if (packet_dump) { do_packet_dump (buf); } if (! (c = get_call (tunnel, call, from.sin_addr.s_addr, from.sin_port))) { if ((c = get_tunnel (tunnel, from.sin_addr.s_addr, from.sin_port))) { /* * It is theoretically possible that we could be sent * a control message (say a StopCCN) on a call that we * have already closed or some such nonsense. To prevent * this from closing the tunnel, if we get a call on a valid * tunnel, but not with a valid CID, we'll just send a ZLB * to ack receiving the packet. */ if (debug_tunnel) log (LOG_DEBUG, "%s: no such call %d on tunnel %d. Sending special ZLB\n", __FUNCTION__); handle_special (buf, c, call); } else log (LOG_DEBUG, "%s: unable to find call or tunnel to handle packet. call = %d, tunnel = %d Dumping.\n", __FUNCTION__, call, tunnel); } else { buf->peer = from; /* Handle the packet */ c->container->chal_us.vector = NULL; if (handle_packet (buf, c->container, c)) { if (debug_tunnel) log (LOG_DEBUG, "%s: bad packet\n", __FUNCTION__); }; if (c->cnu) { /* Send Zero Byte Packet */ control_zlb (buf, c->container, c); c->cnu = 0; } } } }; st = tunnels.head; while (st) { sc = st->call_head; while (sc) { if ((sc->fd >= 0) && FD_ISSET (sc->fd, &readfds)) { /* Got some payload to send */ int result; recycle_payload (buf, sc->container->peer); #ifdef DEBUG_FLOW_MORE log (LOG_DEBUG, "%s: rws = %d, pSs = %d, pLr = %d\n", __FUNCTION__, sc->rws, sc->pSs, sc->pLr); #endif /* if ((sc->rws>0) && (sc->pSs > sc->pLr + sc->rws) && !sc->rbit) { #ifdef DEBUG_FLOW log(LOG_DEBUG, "%s: throttling payload (call = %d, tunnel = %d, Lr = %d, Ss = %d, rws = %d)!\n",__FUNCTION__, sc->cid, sc->container->tid, sc->pLr, sc->pSs, sc->rws); #endif sc->throttle = -1; We unthrottle in handle_packet if we get a payload packet, valid or ZLB, but we also schedule a dethrottle in which case the R-bit will be set FIXME: Rate Adaptive timeout? tv.tv_sec = 2; tv.tv_usec = 0; sc->dethrottle = schedule(tv, dethrottle, sc); } else */ /* while ((result=read_packet(buf,sc->fd,sc->frame & SYNC_FRAMING))>0) { */ while ((result = read_packet (buf, sc->fd, SYNC_FRAMING)) > 0) { add_payload_hdr (sc->container, sc, buf); if (packet_dump) { do_packet_dump (buf); } sc->prx = sc->data_rec_seq_num; if (sc->zlb_xmit) { deschedule (sc->zlb_xmit); sc->zlb_xmit = NULL; } sc->tx_bytes += buf->len; sc->tx_pkts++; udp_xmit (buf); recycle_payload (buf, sc->container->peer); } if (result != 0) { log (LOG_WARN, "%s: tossing read packet, error = %s (%d). Closing call.\n", __FUNCTION__, strerror (-result), -result); strcpy (sc->errormsg, strerror (-result)); sc->needclose = -1; } } sc = sc->next; } st = st->next; } } }
int main(int argc, char **argv) { if (argc < 5) { printf("Usage: %s <tunN> <port> <secret> options...\n" "\n" "Options:\n" " -m <MTU> for the maximum transmission unit\n" " -a <address> <prefix-length> for the private address\n" " -r <address> <prefix-length> for the forwarding route\n" " -d <address> for the domain name server\n" " -s <domain> for the search domain\n" "\n" "Note that TUN interface needs to be configured properly\n" "BEFORE running this program. For more information, please\n" "read the comments in the source code.\n\n", argv[0]); exit(1); } // Parse the arguments and set the parameters. char parameters[1024]; build_parameters(parameters, sizeof(parameters), argc, argv); // Get TUN interface. int interface = get_interface(argv[1]); // Wait for a tunnel. int tunnel; while ((tunnel = get_tunnel(argv[2], argv[3])) != -1) { printf("%s: Here comes a new tunnel\n", argv[1]); // On UN*X, there are many ways to deal with multiple file // descriptors, such as poll(2), select(2), epoll(7) on Linux, // kqueue(2) on FreeBSD, pthread(3), or even fork(2). Here we // mimic everything from the client, so their source code can // be easily compared side by side. // Put the tunnel into non-blocking mode. fcntl(tunnel, F_SETFL, O_NONBLOCK); // Send the parameters several times in case of packet loss. for (int i = 0; i < 3; ++i) { send(tunnel, parameters, sizeof(parameters), MSG_NOSIGNAL); } // Allocate the buffer for a single packet. char packet[32767]; // We use a timer to determine the status of the tunnel. It // works on both sides. A positive value means sending, and // any other means receiving. We start with receiving. int timer = 0; // We keep forwarding packets till something goes wrong. while (true) { // Assume that we did not make any progress in this iteration. bool idle = true; // Read the outgoing packet from the input stream. int length = read(interface, packet, sizeof(packet)); if (length > 0) { // Write the outgoing packet to the tunnel. send(tunnel, packet, length, MSG_NOSIGNAL); // There might be more outgoing packets. idle = false; // If we were receiving, switch to sending. if (timer < 1) { timer = 1; } } // Read the incoming packet from the tunnel. length = recv(tunnel, packet, sizeof(packet), 0); if (length == 0) { break; } if (length > 0) { // Ignore control messages, which start with zero. if (packet[0] != 0) { // Write the incoming packet to the output stream. write(interface, packet, length); } // There might be more incoming packets. idle = false; // If we were sending, switch to receiving. if (timer > 0) { timer = 0; } } // If we are idle or waiting for the network, sleep for a // fraction of time to avoid busy looping. if (idle) { usleep(100000); // Increase the timer. This is inaccurate but good enough, // since everything is operated in non-blocking mode. timer += (timer > 0) ? 100 : -100; // We are receiving for a long time but not sending. // Can you figure out why we use a different value? :) if (timer < -16000) { // Send empty control messages. packet[0] = 0; for (int i = 0; i < 3; ++i) { send(tunnel, packet, 1, MSG_NOSIGNAL); } // Switch to sending. timer = 1; } // We are sending for a long time but not receiving. if (timer > 20000) { break; } } } printf("%s: The tunnel is broken\n", argv[1]); close(tunnel); } perror("Cannot create tunnels"); exit(1); }