diff options
| author | Toni Uhlig <matzeton@googlemail.com> | 2019-02-21 14:11:33 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-02-21 14:11:33 +0100 |
| commit | e9b9ceba14157a10fe76f7e10850e52a73cd6ea5 (patch) | |
| tree | 80b6b66fa32f80b1c418c0c53d9e3f6a2ac18288 | |
| parent | 96bae72483b68894d53ff44add87347ef1481d0b (diff) | |
| parent | 3245b7777503e1edb8e0a98d2375b3802ca29ee1 (diff) | |
Merge pull request #8 from Masaq-/extended-options
command line options for protocol tuning
| -rw-r--r-- | src/options.c | 58 | ||||
| -rw-r--r-- | src/options.h | 5 | ||||
| -rw-r--r-- | src/pconfig.h | 2 | ||||
| -rw-r--r-- | src/pdesc.c | 47 | ||||
| -rw-r--r-- | src/pdesc.h | 15 | ||||
| -rw-r--r-- | src/pkt.c | 96 | ||||
| -rw-r--r-- | src/pkt.h | 6 | ||||
| -rw-r--r-- | src/ptunnel.c | 52 |
8 files changed, 227 insertions, 54 deletions
diff --git a/src/options.c b/src/options.c index 4e3b587..66c44a6 100644 --- a/src/options.c +++ b/src/options.c @@ -136,6 +136,32 @@ static const struct option_usage usage[] = { "Unprivileged mode will only work on some systems, and is in general less reliable\n" "than running in privileged mode.\n" }, + /** --window-size */ + {"packets", 0, OPT_DEC32, {.unum = 64}, + "Tune the number of packets that can be in-flight at the same time.\n" + "Increasing the window size will improve the maximum potential bandwidth.\n" + }, + /** --ack-interval */ + {"milliseconds", 0, OPT_DEC32, {.unum = 1000}, + "Tune the explicit acknowledgement interval (in milliseconds)\n" + "Decreasing the acknowledgement interval can improve NAT stability.\n" + }, + /** --resend-interval */ + {"milliseconds", 0, OPT_DEC32, {.unum = 1500}, + "Tune the lost packet timeout (in milliseconds)\n" + "Decreasing the resend interval can compensate for frequent packet loss.\n" + }, + /** --payload-size */ + {"bytes", 0, OPT_DEC32, {.unum = 1024}, + "Tune the amount of data per packet (in bytes)\n" + "Decreasing the payload size can avoid corruption of large packets.\n" + "Increasing the payload size can compensate for out-of-order delivery.\n" + }, + /** --empty-pings */ + {"count", 0, OPT_DEC32, {.unum = 0}, + "Tune the number of empty pings to send with each explicit acknowledgement.\n" + "Empty pings can compensate for ICMP sequence number inspection.\n" + }, /** --daemon */ {"pidfile", 0, OPT_STR, {.str = "/run/ptunnel.pid"}, #ifdef WIN32 @@ -198,6 +224,11 @@ static struct option long_options[] = { {"passwd", required_argument, 0, 'P'}, {"udp", no_argument, &opts.udp, 1 }, {"unprivileged", no_argument, &opts.unprivileged, 1 }, + {"window-size", required_argument, 0, 'w'}, + {"ack-interval", required_argument, 0, 'a'}, + {"resend-interval", required_argument, 0, 't'}, + {"payload-size", required_argument, 0, 'y'}, + {"empty-pings", required_argument, 0, 'E'}, {"daemon", optional_argument, 0, 'd'}, {"syslog", no_argument, 0, 'S'}, {"user", optional_argument, 0, 'u'}, @@ -384,7 +415,7 @@ int parse_options(int argc, char **argv) { * since you have to pass long options as '--option=value'. Commonly used * '--option value' is *NOT* allowed for some libc implementations. */ - c = getopt_long(argc, argv, "m:p:l:r::R::c:v:L::o::sP:d::Su::g::C::e::h", &long_options[0], &oidx); + c = getopt_long(argc, argv, "m:p:l:r::R::c:v:L::o::sP:d::Su::g::C::e::w:a:t:y:E:h", &long_options[0], &oidx); if (c == -1) break; switch (c) { @@ -533,6 +564,31 @@ int parse_options(int argc, char **argv) { pt_log(kLog_error, "SeLinux: %s\n", "feature not supported"); exit(1); #endif + case 'w': + if (!optarg) + break; + opts.window_size = atoi(optarg); + break; + case 'a': + if (!optarg) + break; + opts.ack_interval = atoi(optarg); + break; + case 't': + if (!optarg) + break; + opts.resend_interval = atoi(optarg); + break; + case 'y': + if (!optarg) + break; + opts.payload_size = atoi(optarg); + break; + case 'E': + if (!optarg) + break; + opts.empty_pings = atoi(optarg); + break; case 'h': print_usage(argv[0]); exit(EXIT_SUCCESS); diff --git a/src/options.h b/src/options.h index 176620a..7afcfec 100644 --- a/src/options.h +++ b/src/options.h @@ -88,6 +88,11 @@ struct options { int udp; /** unpriviledged mode */ int unprivileged; + uint16_t window_size; + uint16_t ack_interval; + uint16_t resend_interval; + uint16_t payload_size; + uint16_t empty_pings; #ifndef WIN32 /** run as daemon if non zero value */ diff --git a/src/pconfig.h b/src/pconfig.h index 6be141e..e13f7ee 100644 --- a/src/pconfig.h +++ b/src/pconfig.h @@ -75,7 +75,7 @@ enum { * we send. Note that this does not include * the IP or ICMP headers! */ - kDefault_buf_size = 1024, + kDefault_buf_size = 0xFFFF, /** Type code for echo request and replies */ kICMP_echo_request = 8, kICMP_echo_reply = 0, diff --git a/src/pdesc.c b/src/pdesc.c index a754864..72f5081 100644 --- a/src/pdesc.c +++ b/src/pdesc.c @@ -111,6 +111,13 @@ proxy_desc_t *create_and_insert_proxy_desc(uint16_t id_no, uint16_t icmp_id, pthread_mutex_unlock(&chain_lock); cur->xfer.bytes_in = 0.0; cur->xfer.bytes_out = 0.0; + cur->window_size = opts.window_size ? opts.window_size : 64; + cur->ack_interval = opts.ack_interval ? opts.ack_interval / 1000.0 : 1.0; + cur->resend_interval = opts.resend_interval ? opts.resend_interval / 1000.0 : 1.5; + cur->payload_size = opts.payload_size ? opts.payload_size : 1024; + memset(cur->extended_options, 0, sizeof(cur->extended_options)); + cur->send_ring = calloc(cur->window_size, sizeof(icmp_desc_t)); + cur->recv_ring = calloc(cur->window_size, sizeof(forward_desc_t *)); return cur; } @@ -118,7 +125,6 @@ proxy_desc_t *create_and_insert_proxy_desc(uint16_t id_no, uint16_t icmp_id, * Assumes that we hold the chain_lock. */ void remove_proxy_desc(proxy_desc_t *cur, proxy_desc_t *prev) { - int i; struct timeval tt; pt_log(kLog_debug, "Removing proxy descriptor.\n"); @@ -130,14 +136,7 @@ void remove_proxy_desc(proxy_desc_t *cur, proxy_desc_t *prev) { if (cur->buf) free(cur->buf); cur->buf = 0; - for (i=0;i<kPing_window_size;i++) { - if (cur->send_ring[i].pkt) - free(cur->send_ring[i].pkt); - cur->send_ring[i].pkt = 0; - if (cur->recv_ring[i]) - free(cur->recv_ring[i]); - cur->recv_ring[i] = 0; - } + remove_proxy_desc_rings(cur); close(cur->sock); cur->sock = 0; @@ -152,6 +151,28 @@ void remove_proxy_desc(proxy_desc_t *cur, proxy_desc_t *prev) { num_tunnels--; } +void remove_proxy_desc_rings(proxy_desc_t *cur) { + int i; + for (i=0;i<cur->window_size;i++) { + if (cur->send_ring[i].pkt) + free(cur->send_ring[i].pkt); + cur->send_ring[i].pkt = 0; + if (cur->recv_ring[i]) + free(cur->recv_ring[i]); + cur->recv_ring[i] = 0; + } + free(cur->send_ring); + free(cur->recv_ring); + + cur->recv_idx = 0; + cur->recv_xfer_idx = 0; + cur->send_idx = 0; + cur->send_first_ack = 0; + cur->recv_wait_send = 0; + cur->send_wait_ack = 0; + cur->next_resend_start = 0; +} + forward_desc_t* create_fwd_desc(uint16_t seq_no, uint32_t data_len, char *data) { forward_desc_t *fwd_desc; fwd_desc = (forward_desc_t *) malloc(sizeof(forward_desc_t)+data_len); @@ -171,7 +192,7 @@ int queue_packet(int icmp_sock, uint8_t type, char *buf, int num_bytes, uint16_t id_no, uint16_t icmp_id, uint16_t *seq, icmp_desc_t ring[], int *insert_idx, int *await_send, uint32_t ip, uint32_t port, uint32_t state, struct sockaddr_in *dest_addr, uint16_t next_expected_seq, - int *first_ack, uint16_t *ping_seq) + int *first_ack, uint16_t *ping_seq, uint16_t window_size) { int pkt_len = sizeof(icmp_echo_packet_t) + sizeof(ping_tunnel_pkt_t) + num_bytes; @@ -239,7 +260,7 @@ int queue_packet(int icmp_sock, uint8_t type, char *buf, int num_bytes, *first_ack = *insert_idx; (*await_send)++; (*insert_idx)++; - if (*insert_idx >= kPing_window_size) + if (*insert_idx >= window_size) *insert_idx = 0; return 0; } @@ -247,7 +268,7 @@ int queue_packet(int icmp_sock, uint8_t type, char *buf, int num_bytes, /* send_packets: * Examines the passed-in ring, and forwards data in it over TCP. */ -uint32_t send_packets(forward_desc_t *ring[], int *xfer_idx, int *await_send, int *sock) { +uint32_t send_packets(forward_desc_t *ring[], int *xfer_idx, int *await_send, int *sock, uint16_t window_size) { forward_desc_t *fwd_desc; int bytes, total = 0; @@ -273,7 +294,7 @@ uint32_t send_packets(forward_desc_t *ring[], int *xfer_idx, int *await_send, in free(fwd_desc); (*xfer_idx)++; (*await_send)--; - if (*xfer_idx >= kPing_window_size) + if (*xfer_idx >= window_size) *xfer_idx = 0; } else diff --git a/src/pdesc.h b/src/pdesc.h index d0767aa..169c069 100644 --- a/src/pdesc.h +++ b/src/pdesc.h @@ -156,8 +156,13 @@ typedef struct proxy_desc_t { double last_ack; /** Time when a packet was last received. */ double last_activity; - icmp_desc_t send_ring[kPing_window_size]; - forward_desc_t *recv_ring[kPing_window_size]; + uint16_t window_size; + double ack_interval; + double resend_interval; + uint16_t payload_size; + uint16_t extended_options[4]; + icmp_desc_t *send_ring; + forward_desc_t **recv_ring; xfer_stats_t xfer; struct proxy_desc_t *next; } proxy_desc_t; @@ -170,14 +175,16 @@ proxy_desc_t* create_and_insert_proxy_desc(uint16_t id_no, uint16_t icmp_id, void remove_proxy_desc(proxy_desc_t *cur, proxy_desc_t *prev); +void remove_proxy_desc_rings(proxy_desc_t *cur); + forward_desc_t* create_fwd_desc(uint16_t seq_no, uint32_t data_len, char *data); int queue_packet(int icmp_sock, uint8_t type, char *buf, int num_bytes, uint16_t id_no, uint16_t icmp_id, uint16_t *seq, icmp_desc_t ring[], int *insert_idx, int *await_send, uint32_t ip, uint32_t port, uint32_t state, struct sockaddr_in *dest_addr, uint16_t next_expected_seq, - int *first_ack, uint16_t *ping_seq); + int *first_ack, uint16_t *ping_seq, uint16_t window_size); -uint32_t send_packets(forward_desc_t *ring[], int *xfer_idx, int *await_send, int *sock); +uint32_t send_packets(forward_desc_t *ring[], int *xfer_idx, int *await_send, int *sock, uint16_t window_size); #endif @@ -96,6 +96,7 @@ void handle_packet(char *buf, unsigned bytes, int is_pcap, struct sockaddr_in *a if (ntohl(pt_pkt->magic) == opts.magic) { pt_pkt->state = ntohl(pt_pkt->state); pkt->identifier = ntohs(pkt->identifier); + pkt->seq = ntohs(pkt->seq); pt_pkt->id_no = ntohs(pt_pkt->id_no); pt_pkt->seq_no = ntohs(pt_pkt->seq_no); /* Find the relevant connection, if it exists */ @@ -114,8 +115,10 @@ void handle_packet(char *buf, unsigned bytes, int is_pcap, struct sockaddr_in *a */ if (cur) { type_flag = cur->type_flag; - if (type_flag == (uint32_t)kProxy_flag) + if (type_flag == (uint32_t)kProxy_flag) { cur->icmp_id = pkt->identifier; + cur->ping_seq = pkt->seq; + } if (!is_pcap) cur->xfer.icmp_in++; } @@ -181,6 +184,12 @@ void handle_packet(char *buf, unsigned bytes, int is_pcap, struct sockaddr_in *a pt_log(kLog_error, "Failed to create proxy descriptor!\n"); return; } + if (pt_pkt->data_len > 0) { + handle_data(pkt, bytes, 0, 0, 0, 0, cur, 0); + if (!opts.password) { + handle_extended_options(cur); + } + } if (init_state == kProto_authenticate) { pt_log(kLog_debug, "Sending authentication challenge..\n"); /* Send challenge */ @@ -192,7 +201,7 @@ void handle_packet(char *buf, unsigned bytes, int is_pcap, struct sockaddr_in *a &cur->send_idx, &cur->send_wait_ack, 0, 0, kProto_authenticate | cur->type_flag, &cur->dest_addr, cur->next_remote_seq, - &cur->send_first_ack, &cur->ping_seq); + &cur->send_first_ack, &cur->ping_seq, cur->window_size); } } else if (type_flag == kUser_flag) { @@ -233,13 +242,13 @@ void handle_packet(char *buf, unsigned bytes, int is_pcap, struct sockaddr_in *a &cur->my_seq, cur->send_ring, &cur->send_idx, &cur->send_wait_ack, 0, 0, kProto_authenticate | cur->type_flag, &cur->dest_addr, - cur->next_remote_seq, &cur->send_first_ack, &cur-> ping_seq); + cur->next_remote_seq, &cur->send_first_ack, &cur-> ping_seq, cur->window_size); /* We have authenticated locally. * It's up to the proxy now if it accepts our response or not.. */ cur->authenticated = 1; handle_data(pkt, bytes, cur->recv_ring, &cur->recv_wait_send, - &cur->recv_idx, &cur->next_remote_seq); + &cur->recv_idx, &cur->next_remote_seq, 0, cur->window_size); return; } /* If proxy: Handle client's response to challenge */ @@ -249,6 +258,7 @@ void handle_packet(char *buf, unsigned bytes, int is_pcap, struct sockaddr_in *a cur->authenticated) { pt_log(kLog_verbose, "Remote end authenticated successfully.\n"); + handle_extended_options(cur); /* Authentication has succeeded, so now we can proceed * to handle incoming TCP data. */ @@ -258,7 +268,7 @@ void handle_packet(char *buf, unsigned bytes, int is_pcap, struct sockaddr_in *a * confusing the reliab ility mechanism. */ handle_data(pkt, bytes, cur->recv_ring, &cur->recv_wait_send, - &cur->recv_idx, &cur->next_remote_seq); + &cur->recv_idx, &cur->next_remote_seq, 0, cur->window_size); } else { pt_log(kLog_info, "Remote end failed authentication.\n"); @@ -290,12 +300,15 @@ void handle_packet(char *buf, unsigned bytes, int is_pcap, struct sockaddr_in *a if (pt_pkt->state == kProto_data || pt_pkt->state == kProxy_start || pt_pkt->state == kProto_ack) { + if (pt_pkt->state == kProxy_start) { + pt_pkt->data_len = 0; + } handle_data(pkt, bytes, cur->recv_ring, &cur->recv_wait_send, - &cur->recv_idx, &cur->next_remote_seq); + &cur->recv_idx, &cur->next_remote_seq, 0, cur->window_size); } handle_ack((uint16_t)pt_pkt->ack, cur->send_ring, &cur->send_wait_ack, 0, cur->send_idx, &cur->send_first_ack, &cur->remote_ack_val, - is_pcap); + is_pcap, cur->window_size); cur->last_activity = time_as_double(); } } @@ -310,7 +323,7 @@ void handle_packet(char *buf, unsigned bytes, int is_pcap, struct sockaddr_in *a * onto the passed-in receive ring. */ void handle_data(icmp_echo_packet_t *pkt, int total_len, forward_desc_t *ring[], - int *await_send, int *insert_idx, uint16_t *next_expected_seq) + int *await_send, int *insert_idx, uint16_t *next_expected_seq, void *vcur, uint16_t window_size) { ping_tunnel_pkt_t *pt_pkt = (ping_tunnel_pkt_t*)pkt->data; int expected_len = sizeof(ip_packet_t) + sizeof(icmp_echo_packet_t) + @@ -339,6 +352,23 @@ void handle_data(icmp_echo_packet_t *pkt, int total_len, forward_desc_t *ring[], */ exit(0); } + if (vcur) { + proxy_desc_t *cur = (proxy_desc_t *)vcur; + uint16_t *extended_options = (uint16_t *)pt_pkt->data; + if (pt_pkt->data_len >= 2) { + cur->extended_options[0] = ntohs(extended_options[0]); + } + if (pt_pkt->data_len >= 4) { + cur->extended_options[1] = ntohs(extended_options[1]); + } + if (pt_pkt->data_len >= 6) { + cur->extended_options[2] = ntohs(extended_options[2]); + } + if (pt_pkt->data_len >= 8) { + cur->extended_options[3] = ntohs(extended_options[3]); + } + return; + } if (pt_pkt->seq_no == *next_expected_seq) { /* hmm, what happens if this test is true? */ if (!ring[*insert_idx]) { /* && pt_pkt->state == kProto_data */ @@ -351,14 +381,14 @@ void handle_data(icmp_echo_packet_t *pkt, int total_len, forward_desc_t *ring[], pt_log(kLog_debug, "Dup packet?\n"); (*next_expected_seq)++; - if (*insert_idx >= kPing_window_size) + if (*insert_idx >= window_size) *insert_idx = 0; /* Check if we have already received some of the next packets */ while (ring[*insert_idx]) { if (ring[*insert_idx]->seq_no == *next_expected_seq) { (*next_expected_seq)++; (*insert_idx)++; - if (*insert_idx >= kPing_window_size) + if (*insert_idx >= window_size) *insert_idx = 0; } else @@ -373,13 +403,13 @@ void handle_data(icmp_echo_packet_t *pkt, int total_len, forward_desc_t *ring[], d = s - r; if (d < 0) { /* This packet _may_ be old, or seq_no may have wrapped around */ d = (s+0xFFFF) - r; - if (d < kPing_window_size) { + if (d < window_size) { /* Counter has wrapped, so we should add this packet to the recv ring */ - pos = ((*insert_idx)+d) % kPing_window_size; + pos = ((*insert_idx)+d) % window_size; } } - else if (d < kPing_window_size) - pos = ((*insert_idx)+d) % kPing_window_size; + else if (d < window_size) + pos = ((*insert_idx)+d) % window_size; if (pos != -1) { if (!ring[pos]) { @@ -396,16 +426,40 @@ void handle_data(icmp_echo_packet_t *pkt, int total_len, forward_desc_t *ring[], } } +void handle_extended_options(void *vcur) +{ + proxy_desc_t *cur = (proxy_desc_t *)vcur; + if (cur->extended_options[0] > 0) { + remove_proxy_desc_rings(cur); + cur->window_size = cur->extended_options[0]; + cur->send_ring = calloc(cur->window_size, sizeof(icmp_desc_t)); + cur->recv_ring = calloc(cur->window_size, sizeof(forward_desc_t *)); + pt_log(kLog_verbose, "Received extended option for window size %d \n", cur->window_size); + } + if (cur->extended_options[1] > 0) { + cur->ack_interval = cur->extended_options[1] / 1000.0; + pt_log(kLog_verbose, "Received extended option for ack interval %f \n", cur->ack_interval); + } + if (cur->extended_options[2] > 0) { + cur->resend_interval = cur->extended_options[2] / 1000.0; + pt_log(kLog_verbose, "Received extended option for resend interval %f \n", cur->resend_interval); + } + if (cur->extended_options[3] > 0) { + cur->payload_size = cur->extended_options[3]; + pt_log(kLog_verbose, "Received extended option for payload size %d \n", cur->payload_size); + } +} + void handle_ack(uint16_t seq_no, icmp_desc_t ring[], int *packets_awaiting_ack, int one_ack_only, int insert_idx, int *first_ack, - uint16_t *remote_ack, int is_pcap) + uint16_t *remote_ack, int is_pcap, uint16_t window_size) { int i, j, k; ping_tunnel_pkt_t *pt_pkt; if (*packets_awaiting_ack > 0) { if (one_ack_only) { - for (i = 0; i < kPing_window_size; i++) { + for (i = 0; i < window_size; i++) { if (ring[i].pkt && ring[i].seq_no == seq_no && !is_pcap) { pt_log(kLog_debug, "Received ack for only seq %d\n", seq_no); pt_pkt = (ping_tunnel_pkt_t*)ring[i].pkt->data; @@ -415,8 +469,8 @@ void handle_ack(uint16_t seq_no, icmp_desc_t ring[], int *packets_awaiting_ack, ring[i].pkt = 0; (*packets_awaiting_ack)--; if (i == *first_ack) { - for (j=1;j<kPing_window_size;j++) { - k = (i+j)%kPing_window_size; + for (j=1;j<window_size;j++) { + k = (i+j)%window_size; if (ring[k].pkt) { *first_ack = k; break; @@ -435,10 +489,10 @@ void handle_ack(uint16_t seq_no, icmp_desc_t ring[], int *packets_awaiting_ack, int i, can_ack = 0, count = 0; i = insert_idx-1; if (i < 0) - i = kPing_window_size - 1; + i = window_size - 1; pt_log(kLog_debug, "Received ack-series starting at seq %d\n", seq_no); - while (count < kPing_window_size) { + while (count < window_size) { if (!ring[i].pkt) break; @@ -454,7 +508,7 @@ void handle_ack(uint16_t seq_no, icmp_desc_t ring[], int *packets_awaiting_ack, } i--; if (i < 0) - i = kPing_window_size - 1; + i = window_size - 1; count++; } } @@ -138,10 +138,12 @@ typedef struct icmp_desc_t icmp_desc_t; void handle_packet(char *buf, unsigned bytes, int is_pcap, struct sockaddr_in *addr, int icmp_sock); void handle_data(icmp_echo_packet_t *pkt, int total_len, forward_desc_t **ring, - int *await_send, int *insert_idx, uint16_t *next_expected_seq); + int *await_send, int *insert_idx, uint16_t *next_expected_seq, void *vcur, uint16_t window_size); + +void handle_extended_options(void *vcur); void handle_ack(uint16_t seq_no, icmp_desc_t *ring, int *packets_awaiting_ack, int one_ack_only, int insert_idx, int *first_ack, - uint16_t *remote_ack, int is_pcap); + uint16_t *remote_ack, int is_pcap, uint16_t window_size); #endif diff --git a/src/ptunnel.c b/src/ptunnel.c index c409adb..640df74 100644 --- a/src/ptunnel.c +++ b/src/ptunnel.c @@ -88,7 +88,6 @@ uint32_t num_tunnels = 0; uint32_t *seq_expiry_tbl = NULL; /* Some buffer constants */ -const int tcp_receive_buf_len = kDefault_buf_size; const int icmp_receive_buf_len = kDefault_buf_size + kIP_header_size + kICMP_header_size + sizeof(ping_tunnel_pkt_t); const int pcap_buf_size = (kDefault_buf_size + kIP_header_size + @@ -536,7 +535,7 @@ void* pt_proxy(void *args) { * room in our send window AND we either don't use a password, or * have been authenticated. */ - if (cur->sock && cur->send_wait_ack < kPing_window_size && + if (cur->sock && cur->send_wait_ack < cur->window_size && (!opts.password || cur->authenticated)) { FD_SET(cur->sock, &set); @@ -558,10 +557,29 @@ void* pt_proxy(void *args) { if (cur->state == kProxy_start) { pt_log(kLog_verbose, "Sending proxy request.\n"); cur->last_ack = time_as_double(); - queue_packet(fwd_sock, cur->pkt_type, 0, 0, cur->id_no, cur->id_no, + uint16_t extended_options[4]; + size_t extended_options_size = 0; + memset(extended_options, 0, sizeof(extended_options)); + if (opts.window_size) { + extended_options_size = sizeof(uint16_t); + extended_options[0] = htons(opts.window_size); + } + if (opts.ack_interval) { + extended_options_size = 2*sizeof(uint16_t); + extended_options[1] = htons(opts.ack_interval); + } + if (opts.resend_interval) { + extended_options_size = 3*sizeof(uint16_t); + extended_options[2] = htons(opts.resend_interval); + } + if (opts.payload_size) { + extended_options_size = 4*sizeof(uint16_t); + extended_options[3] = htons(opts.payload_size); + } + queue_packet(fwd_sock, cur->pkt_type, (char *)extended_options, extended_options_size, cur->id_no, cur->id_no, &cur->my_seq, cur->send_ring, &cur->send_idx, &cur->send_wait_ack, cur->dst_ip, cur->dst_port, cur->state | cur->type_flag, - &cur->dest_addr, cur->next_remote_seq, &cur->send_first_ack, &cur->ping_seq); + &cur->dest_addr, cur->next_remote_seq, &cur->send_first_ack, &cur->ping_seq, cur->window_size); cur->xfer.icmp_out++; cur->state = kProto_data; } @@ -575,7 +593,7 @@ void* pt_proxy(void *args) { } /* Handle TCP traffic */ if (FD_ISSET(cur->sock, &set)) { - bytes = recv(cur->sock, cur->buf, tcp_receive_buf_len, 0); + bytes = recv(cur->sock, cur->buf, cur->payload_size, 0); if (bytes <= 0) { pt_log(kLog_info, "Connection closed or lost.\n"); tmp = cur->next; @@ -591,7 +609,7 @@ void* pt_proxy(void *args) { queue_packet(fwd_sock, cur->pkt_type, cur->buf, bytes, cur->id_no, cur->icmp_id, &cur->my_seq, cur->send_ring, &cur->send_idx, &cur->send_wait_ack, 0, 0, cur->state | cur->type_flag, - &cur->dest_addr, cur->next_remote_seq, &cur->send_first_ack, &cur->ping_seq); + &cur->dest_addr, cur->next_remote_seq, &cur->send_first_ack, &cur->ping_seq, cur->window_size); } prev = cur; tmp = cur->next; @@ -622,11 +640,11 @@ void* pt_proxy(void *args) { continue; } if (cur->recv_wait_send && cur->sock) - cur->xfer.bytes_in += send_packets(cur->recv_ring, &cur->recv_xfer_idx, &cur->recv_wait_send, &cur->sock); + cur->xfer.bytes_in += send_packets(cur->recv_ring, &cur->recv_xfer_idx, &cur->recv_wait_send, &cur->sock, cur->window_size); /* Check for any icmp packets requiring resend, and resend _only_ the first packet. */ idx = cur->send_first_ack; - if (cur->send_ring[idx].pkt && cur->send_ring[idx].last_resend+kResend_interval < now) { + if (cur->send_ring[idx].pkt && cur->send_ring[idx].last_resend+cur->resend_interval < now) { pt_log(kLog_debug, "Resending packet with seq-no %d.\n", cur->send_ring[idx].seq_no); cur->send_ring[idx].last_resend = now; cur->send_ring[idx].pkt->identifier = htons(cur->icmp_id); @@ -640,15 +658,25 @@ void* pt_proxy(void *args) { cur->xfer.icmp_resent++; } /* Figure out if it's time to send an explicit acknowledgement */ - if (cur->last_ack+1.0 < now && cur->send_wait_ack < kPing_window_size && + if (cur->last_ack+cur->ack_interval < now && cur->send_wait_ack < cur->window_size && cur->remote_ack_val+1 != cur->next_remote_seq) { + idx = cur->send_idx; cur->last_ack = now; queue_packet(fwd_sock, cur->pkt_type, 0, 0, cur->id_no, cur->icmp_id, &cur->my_seq, cur->send_ring, &cur->send_idx, &cur->send_wait_ack, cur->dst_ip, cur->dst_port, kProto_ack | cur->type_flag, - &cur->dest_addr, cur->next_remote_seq, &cur->send_first_ack, &cur->ping_seq); + &cur->dest_addr, cur->next_remote_seq, &cur->send_first_ack, &cur->ping_seq, cur->window_size); cur->xfer.icmp_ack_out++; + if (cur->send_ring[idx].pkt_len > sizeof(icmp_echo_packet_t) && cur->send_ring[idx].pkt->type == 8) { + for (uint16_t e = 0; e < opts.empty_pings; e++) { + cur->send_ring[idx].pkt->seq = htons(cur->ping_seq); + cur->ping_seq++; + cur->send_ring[idx].pkt->checksum = htons(calc_icmp_checksum((uint16_t*)cur->send_ring[idx].pkt, sizeof(icmp_echo_packet_t))); + sendto(fwd_sock, (const void*)cur->send_ring[idx].pkt, sizeof(icmp_echo_packet_t), + 0, (struct sockaddr*)&cur->dest_addr, sizeof(struct sockaddr)); + } + } } } pthread_mutex_unlock(&chain_lock); @@ -795,10 +823,10 @@ void send_termination_msg(proxy_desc_t *cur, int icmp_sock) { queue_packet(icmp_sock, cur->pkt_type, 0, 0, cur->id_no, cur->icmp_id, &cur->my_seq, cur->send_ring, &cur->send_idx, &cur->send_wait_ack, 0, 0, kProto_close | cur->type_flag, &cur->dest_addr, cur->next_remote_seq, - &cur->send_first_ack, &cur->ping_seq); + &cur->send_first_ack, &cur->ping_seq, cur->window_size); queue_packet(icmp_sock, cur->pkt_type, 0, 0, cur->id_no, cur->icmp_id, &cur->my_seq, cur->send_ring, &cur->send_idx, &cur->send_wait_ack, 0, 0, kProto_close | cur->type_flag, &cur->dest_addr, cur->next_remote_seq, - &cur->send_first_ack, &cur->ping_seq); + &cur->send_first_ack, &cur->ping_seq, cur->window_size); cur->xfer.icmp_out += 2; } |