[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r26559 - gnunet/src/exit
From: |
gnunet |
Subject: |
[GNUnet-SVN] r26559 - gnunet/src/exit |
Date: |
Thu, 21 Mar 2013 17:44:05 +0100 |
Author: cfuchs
Date: 2013-03-21 17:44:05 +0100 (Thu, 21 Mar 2013)
New Revision: 26559
Modified:
gnunet/src/exit/gnunet-daemon-exit.c
gnunet/src/exit/gnunet-helper-exit-windows.c
gnunet/src/exit/gnunet-helper-exit.c
Log:
* replaced no-nat delimiter which was % (reserved char on windows) with - for
exit-helper-windows and exit-helper.
* added ipv4 NAPT and removal functionality to exit-helper-windows
* moved a few variables
* next todo: ipv6 forwarding rules for netsh
Modified: gnunet/src/exit/gnunet-daemon-exit.c
===================================================================
--- gnunet/src/exit/gnunet-daemon-exit.c 2013-03-21 15:35:04 UTC (rev
26558)
+++ gnunet/src/exit/gnunet-daemon-exit.c 2013-03-21 16:44:05 UTC (rev
26559)
@@ -3459,7 +3459,7 @@
}
else
{
- exit_argv[2] = GNUNET_strdup ("%");
+ exit_argv[2] = GNUNET_strdup ("-");
}
Modified: gnunet/src/exit/gnunet-helper-exit-windows.c
===================================================================
--- gnunet/src/exit/gnunet-helper-exit-windows.c 2013-03-21 15:35:04 UTC
(rev 26558)
+++ gnunet/src/exit/gnunet-helper-exit-windows.c 2013-03-21 16:44:05 UTC
(rev 26559)
@@ -1454,7 +1454,7 @@
* @param argc must be 6
* @param argv 0: binary name ("gnunet-helper-exit")
* 1: tunnel interface name ("gnunet-exit")
- * 2: IPv4 "physical" interface name ("eth0"), or "%" to not do
IPv4 NAT
+ * 2: IPv4 "physical" interface name ("eth0"), or "-" to not do
IPv4 NAT
* 3: IPv6 address ("::1"), or "-" to skip IPv6
* 4: IPv6 netmask length in bits ("64") [ignored if #4 is "-"]
* 5: IPv4 address ("1.2.3.4"), or "-" to skip IPv4
@@ -1465,10 +1465,12 @@
{
char hwid[LINE_LEN];
HANDLE handle;
- int global_ret = 0;
+ int global_ret = 1;
+ int local_ret = EINVAL;
BOOL have_ip4 = FALSE;
BOOL have_ip6 = FALSE;
-
+ BOOL have_nat44 = FALSE;
+
if (6 != argc)
{
fprintf (stderr, "FATAL: must supply 5
arguments\nUsage:\ngnunet-helper-vpn <if name prefix> <address6 or \"-\">
<netbits6> <address4 or \"-\"> <netmask4>\n", argv[0]);
@@ -1528,31 +1530,74 @@
if (0 != (global_ret = set_address4 (address, mask)))
goto cleanup;
- // setup NAT, if possible
- if (0 != strcmp (argv[2], "%"))
- {
- /* TODO: " Windows Firewall with Advanced Security" (lol)
- *
- * MS has REMOVED the routing/nat capabilities since Vista, thus
- * we can not setup NAT like in XP. Our best bet is
- * to determine if we are running on XP, if we do, use netsh routing
- * else we need to use WFAS and do things ourselfs
- */
+ // setup NAPT, if possible
+ /* MS has REMOVED the routing/nat capabilities from Vista+, thus
+ * we can not setup NAT like in XP or on the server. Actually the
+ * the only feasible solution seems to be to use
+ * Internet Connection Sharing, which introduces a horde of problems
+ * such as sending out rogue-RAs on the external interface in an ipv6
+ * network.
+ * Thus, below stuff ONLY works on
+ * WinXP SP3
+ * Win Server 2003 SP1+
+ * Win Server 2008
+ * ...
+ * else we need to use WFAS and do things ourselfs
+ */
+ have_ip4 = TRUE;
+ if (0 != strcmp(argv[2], "-")) {
+ char command[LINE_LEN];
+
+ /* install our the windows NAT module*/
+ fprintf (stderr, "DEBUG: Adding NAPT/Masquerading between external
IF %s and mine.\n",argv[2]);
+ local_ret = execute_shellcommand("netsh routing ip nat install");
+ if (0 != local_ret){
+ fprintf(stderr, "FATAL: Could not install NAPT support via
Netsh: %s\n", strerror(local_ret));
+ goto cleanup;
+ }
+ /* external IF */
+ snprintf(command, LINE_LEN,
+ "netsh routing ip nat add interface \"%s\" full", /*full
= NAPT (addr+port)*/
+ argv[2]);
+ local_ret = execute_shellcommand (command);
+ if (0 != local_ret){
+ fprintf(stderr, "FATAL: IPv4-NAPT on external interface
failed: %s\n", strerror(local_ret));
+ goto cleanup;
+ }
+ /* private/internal/virtual IF */
+ snprintf(command, LINE_LEN,
+ "netsh routing ip nat add interface \"%s\" private",
+ device_visible_name);
+ local_ret = execute_shellcommand(command);
+ if (0 != local_ret){
+ fprintf(stderr, "FATAL: IPv4-NAPT on internal interface
failed: %s\n", strerror(local_ret));
+ goto cleanup;
+
+ have_nat44 = TRUE;
+ }
}
-
- have_ip4 = TRUE;
}
run (handle);
global_ret = 0;
cleanup:
- if (have_ip4)
- {
+ if (have_ip4) {
const char *address = argv[5];
- fprintf (stderr, "DEBUG: Removing IP4 address\n");
+ if (have_nat44) {
+ char command[LINE_LEN];
+ fprintf(stderr, "DEBUG: removing IP4 NAPT from virtual interface
\n");
+ snprintf(command, LINE_LEN,
+ "netsh routing ip nat del interface \"%s\"",
+ device_visible_name);
+ local_ret = execute_shellcommand(command);
+ if (0 != local_ret)
+ fprintf(stderr, "WARNING: Could not remove IPv4-NAPT from
internal interface, hopefully this will have no effect in future runs: %s\n",
strerror(local_ret));
+ }
+
+ fprintf(stderr, "DEBUG: Removing IP4 address\n");
remove_address4 (address);
- }
+ }
if (have_ip6)
{
const char *address = argv[3];
Modified: gnunet/src/exit/gnunet-helper-exit.c
===================================================================
--- gnunet/src/exit/gnunet-helper-exit.c 2013-03-21 15:35:04 UTC (rev
26558)
+++ gnunet/src/exit/gnunet-helper-exit.c 2013-03-21 16:44:05 UTC (rev
26559)
@@ -638,7 +638,7 @@
* @param argc must be 6
* @param argv 0: binary name ("gnunet-helper-exit")
* 1: tunnel interface name ("gnunet-exit")
- * 2: IPv4 "physical" interface name ("eth0"), or "%" to not do
IPv4 NAT
+ * 2: IPv4 "physical" interface name ("eth0"), or "-" to not do
IPv4 NAT
* 3: IPv6 address ("::1"), or "-" to skip IPv6
* 4: IPv6 netmask length in bits ("64") [ignored if #4 is "-"]
* 5: IPv4 address ("1.2.3.4"), or "-" to skip IPv4
@@ -747,7 +747,7 @@
"Failed to enable IPv4 forwarding. Will continue anyway.\n");
}
}
- if (0 != strcmp (argv[2], "%"))
+ if (0 != strcmp (argv[2], "-"))
{
char *const iptables_args[] =
{
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r26559 - gnunet/src/exit,
gnunet <=