[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [lwip-users] Sending raw IP packets
|
From: |
Jon |
|
Subject: |
Re: [lwip-users] Sending raw IP packets |
|
Date: |
Sat, 13 Mar 2021 14:04:32 -0800 |
Hi Simon, thanks for the help. Yes this is exactly what I am trying to
do. I apologize for all the confusion. When I was looking through the
lwip documentation, I initially found the IP modules -- more
specifically the "ip_output" and "ip_input" functions.
http://www.nongnu.org/lwip/2_0_x/group__ip.html
I thought if I were to use those then I might avoid having to deal
with ethernet directly, and consequently the issues with the ARP cache
that you mentioned.
On Mon, Mar 8, 2021 at 1:22 PM goldsimon@gmx.de <goldsimon@gmx.de> wrote:
>
> Am 08.03.2021 um 21:43 schrieb Jon:
> > Thanks Simon for the input. After reading your response, I feel I
> > might be using lwip for its unintended purpose which might result in
> > an exhausting uphill battle :)
> >
> > As mentioned in my previous email, I was hoping to implement a local
> > VPN on Android using lwip. The way the APIs work on Android is that
> > when you register as a VPN service, the platform provides you a file
> > descriptor which is attached to the device's TUN interface. When you
> > read from this file descriptor, you get all the raw IP packets that
> > are being sent by the device, and whenever you write to the file
> > descriptor (which also needs to be formatted as a raw IP packet), it
> > gets routed back to the application on the device that sent the data.
> > The reason the Android platform provides you the raw IP packets is
> > that they intend for you to use this as a "remote" VPN where you would
> > encapsulate the IP packets in UDP for example, then forward it to your
> > own remote VPN server, then open a raw socket and have your server
> > send the packet.
> >
> > However, since I am trying to implement this as a local VPN, this will
> > not work for me. This is where I was hoping lwip might be able to
> > help me out. Since lwip is a complete tcp/ip stack implementation, I
> > thought there was a way I can just feed lwip the raw IP packet, and it
> > would "magically" just send it over the wire for me. I know this can
> > be done using traditional socket programming by manually parsing the
> > raw IP packets for the destination IP, then parsing the transport
> > layer for the source/destination ports, manually create a TCP or UDP
> > socket myself and then send out the data, but this seems like a lot of
> > work. If it helps explain in more detail, one search term that
> > commonly comes up for what I am trying to accomplish is "tun2socks".
>
> I still think I don't fully understand what you're doing. Do you want to
> send those IP packets on to ethernet? In that case, you might just want
> to extract IP information from the packet by casting it to 'struct
> ip_hdr', allocat a pbuf for the packet (copy it, or by ref) and pass it
> to 'etharp_output' (providing a matching netif where lowlevel_output
> sens the ethernet packet).
>
> You'd have to ensure to keep the ARP cache working, of course, by
> calling etharp_tmr() at regular intervals.
>
> Is that what you're looking for?
>
> The RX side might be a bit harder to do though...
>
> Regards,
> Simon
>
> >
> > Thanks again!
> >
> > On Mon, Mar 8, 2021 at 11:33 AM goldsimon@gmx.de <goldsimon@gmx.de> wrote:
> >>
> >> Am 07.03.2021 um 12:50 schrieb JonathonS:
> >>> Hello, I am attempting to implement an Android VPN service which
> >>> provides me raw IP packets on the TUN interface. What I'd like to do is
> >>> simply send the whole IP packet (including IP header) to its
> >>> destination. I know I can parse the IP packet to pull out only the
> >>> TCP/UDP transport layer data and then send it over a TCP/UDP socket
> >>> myself but if this is already done by lwip, then I'd prefer to use it
> >>> instead.
> >>
> >> I'm afraid I don't really underdstand what you mean. You should be able
> >> to get a whole packet out of the stack by implementing a non-ethernet
> >> netif. For this, set netif->output to your own function instead of
> >> etharp_output and don't set the flags NETIF_FLAG_ETHARP and
> >> NETIF_FLAG_ETHERNET. This way, your netif->output functions should get
> >> pbufs starting with the IP header. If that's what you wanted (as I said,
> >> I'm not sure).
> >>
> >>>
> >>> I found the raw APIs
> >>> (https://www.nongnu.org/lwip/2_1_x/group__raw__raw.html
> >>> <https://www.nongnu.org/lwip/2_1_x/group__raw__raw.html>), but wasn't
> >>> sure if this is what I needed to use. Since I am running in user-space
> >>> as a regular Android application, I am unable to run as root so not sure
> >>> if the raw APIs require that I create a raw socket (which requires root).
> >>
> >> This question doesn't seem to have anything to do with lwIP or does it?
> >> There's no such thing as 'root' in lwIP.
> >>
> >> Regards,
> >> Simon
> >>
> >>>
> >>> Also, if you can provide any sample code, this would be greatly
> >>> appreciated. Thanks!
> >>>
> >>>
> >>> _______________________________________________
> >>> lwip-users mailing list
> >>> lwip-users@nongnu.org
> >>> https://lists.nongnu.org/mailman/listinfo/lwip-users
> >>>
> >>
> >>
> >> _______________________________________________
> >> lwip-users mailing list
> >> lwip-users@nongnu.org
> >> https://lists.nongnu.org/mailman/listinfo/lwip-users
> >
> > _______________________________________________
> > lwip-users mailing list
> > lwip-users@nongnu.org
> > https://lists.nongnu.org/mailman/listinfo/lwip-users
> >
>
>
> _______________________________________________
> lwip-users mailing list
> lwip-users@nongnu.org
> https://lists.nongnu.org/mailman/listinfo/lwip-users