diff options
Diffstat (limited to 'ptunnel.h')
| -rw-r--r-- | ptunnel.h | 205 |
1 files changed, 2 insertions, 203 deletions
@@ -71,93 +71,8 @@ #include <pcap.h> #include "pkt.h" - -enum { - kMode_forward = 0, // Ping tunnel's operating mode (client) - kMode_proxy, // Ping tunnel's operating mode (server) - - /** Set this constant to the number of - * concurrent connections you wish to handle by default. - */ - kMax_tunnels = 10, - - kNo_log = -1, // Different verbosity levels. - kLog_error = 0, - kLog_info, - kLog_event, - kLog_verbose, - kLog_debug, - kLog_sendrecv, - - kMajor_version = 0, // Major (0.xx) and minor (x.70) version - kMinor_version = 72, // numbers. - - kIP_packet_max_size = 576, - kIP_header_size = 20, // In bytes, mind you - kIP_actual_size = (kIP_packet_max_size - kIP_header_size) - ((kIP_packet_max_size - kIP_header_size) % 8), - kICMP_header_size = 8, // Also in bytes - - /** This constant control the maximum size of - * the payload-portion of the ICMP packets - * we send. Note that this does not include - * the IP or ICMP headers! - */ - kDefault_buf_size = 1024, - - kICMP_echo_request = 8, // Type code for echo request and replies - kICMP_echo_reply = 0, - - kPing_window_size = 64, // number of packets we can have in our send/receive ring - - /** Tunnels are automatically closed after one minute of inactivity. Since - * we continously send acknowledgements between the two peers, this mechanism - * won't disconnect "valid" connections. - */ - kAutomatic_close_timeout = 60, // Seconds! - - kMD5_digest_size = 16, // size of md5 digest in bytes - - /* These constants are used to indicate the protocol state. The protocol - works as follows: - - The identifier is used by both the proxy and the forwarder - to identify the session (and thus the relevant sockets). - - The seq-no of the ping packet is used in a sliding-window-esque - way, and to identify the order of data. - - The protocol can be in any of the following states: - kProxy_start Causes the proxy to open a connection to the given - host and port, associating the ID with the socket, - before the data on the socket are transmitted. - kProxy_data Indicates that the packet contains data from the proxy. - Data ordering is indicated by the seq-no, which will start - at 0. (The proxy and forwarder maintain different seq-nos.) - kUser_data This packet contains user data. - kConnection_close Indicates that the connection is being closed. - kProxy_ack and Acknowledges the packet (and all packets before it) with seq_no = ack. - kUser_ack This is used if there are no implicit acknowledgements due to data - being sent. - - Acknowledgements work by the remote peer acknowledging the last - continuous seq no it has received. - - Note: A proxy receiving a kProxy_data packet, or a user receiving a - kUser_data packet, should ignore it, as it is the host operating system - actually returning the ping. This is mostly relevant for users, and for - proxies running in unprivileged mode. - */ - kProxy_start = 0, - kProto_ack, - kProto_data, - kProto_close, - kProto_authenticate, - kNum_proto_types, - - kUser_flag = 1 << 30, // set when packet comes from a user - kProxy_flag = 1 << 31, // set when packet comes from the proxy - kFlag_mask = kUser_flag | kProxy_flag, - - kDNS_port = 53, -}; +#include "pdesc.h" +#include "challenge.h" /* pt_thread_info_t: A simple (very simple, in fact) structure that allows us to pass an arbitrary number of params to the threads we create. Currently, @@ -169,122 +84,6 @@ typedef struct { sock; } pt_thread_info_t; - -/* forward_desc_t: Describes a piece of that needs to be forwarded. This - structure is used for receiving data from the network, and for subsequent - forwarding over TCP: - - 1. Client sends data to proxy over ICMP - 2. Proxy receives the data, and puts it into a forward_desc_t - 3. The proxy starts send()-ing the data over the TCP socket to the destination, - decreasing forward_desc_t->remaining with the number of bytes transferred. - 4. Once remaining reaches 0, the forward_desc_t is removed from the receive - ring. - - The same procedure is followed in proxy-to-client communication. Just replace - proxy with client and vice versa in the list above. -*/ -typedef struct { - int - seq_no, // ping_tunnel_pkt_t seq_no - length, // length of data - remaining; // amount of data not yet transferred - char - data[0]; -} forward_desc_t; - - -/* icmp_desc_t: This structure is used to track the ICMP packets sent by either - the client or proxy. The last_resend variable is used to prevent resending - the packet too often. Once the packet is acknowledged by the remote end, - it will be removed from the send-ring, freeing up space for more outgoing - ICMP packets. -*/ -typedef struct { - int pkt_len; // total length of ICMP packet, including ICMP header and ptunnel data. - double last_resend; - int resend_count; - uint16_t - seq_no, - icmp_id; - icmp_echo_packet_t *pkt; -} icmp_desc_t; - - -/* challenge_t: This structure contains the pseudo-random challenge used for - authentication. -*/ -typedef struct challenge_t { - uint32_t - sec, // tv_sec as returned by gettimeofday - usec_rnd, // tv_usec as returned by gettimeofday + random value - random[6]; // random values -} __attribute__ ((packed)) challenge_t; - - -/* xfer_stats_t: Various transfer statistics, such as bytes sent and received, - number of ping packets sent/received, etc. -*/ -typedef struct xfer_stats_t { - double - bytes_in, - bytes_out; - uint32_t - icmp_in, - icmp_out, - icmp_resent, - icmp_ack_out; -} xfer_stats_t; - - -/* proxy_desc_t: This massive structure describes a tunnel instance. -*/ -typedef struct proxy_desc_t { - int - sock, // ICMP or UDP socket - bytes, // number of bytes in receive buffer - should_remove; // set to true once this instance should be removed - char *buf; // data buffer, used to receive ping and pong packets - uint16_t - id_no, - my_seq, - ping_seq, - next_remote_seq, - pkt_type, - remote_ack_val, - icmp_id; - int - recv_idx, // first available slot in recv ring - recv_xfer_idx, // current slot in recv ring being transferred - send_idx, // first available slot in send ring - send_first_ack, // first packet in send ring not yet acked - recv_wait_send, // number of items in recv ring awaiting send - send_wait_ack, // number of items in send ring awaiting ack - next_resend_start, - authenticated; - challenge_t - *challenge; // Contains the challenge, if used. - uint32_t - state, // Protocol state - type_flag, // Either kProxy_flag or kUser_flag - dst_ip, // IP and port to which data should be forwarded. - dst_port; - struct sockaddr_in - dest_addr; // Same as above - double - last_ack, // Time when last ack packet was sent. - last_activity; // Time when a packet was last received. - icmp_desc_t - send_ring[kPing_window_size]; - forward_desc_t - *recv_ring[kPing_window_size]; - xfer_stats_t - xfer; - struct proxy_desc_t - *next; -} proxy_desc_t; - - /* pqueue_elem_t: An queue element in the pqueue structure (below). */ typedef struct pqueue_elem_t { |