2 This file is part of GNUnet.
3 Copyright (C) 2007-2017 GNUnet e.V.
5 GNUnet is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; either version 3, or (at your
8 option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with GNUnet; see the file COPYING. If not, write to the
17 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
18 Boston, MA 02110-1301, USA.
22 * @author Christian Grothoff
23 * @author Milan Bouchet-Valat
26 * Service for handling UPnP and NAT-PMP port forwarding
27 * and external IP address retrieval
29 * @defgroup nat NAT library
30 * Service for handling UPnP and NAT-PMP port forwarding
31 * and external IP address retrieval
36 #ifndef GNUNET_NAT_SERVICE_H
37 #define GNUNET_NAT_SERVICE_H
39 #include "gnunet_util_lib.h"
43 * Some addresses contain sensitive information or are
44 * not suitable for global distribution. We use address
45 * classes to filter addresses by which domain they make
46 * sense to be used in. These are used in a bitmask.
48 * FIXME: might want to define this elsewhere; we have
49 * an equivalent enum in gnunet_transport_hello_service.h;
50 * might ultimately belong with the new HELLO definition.
52 enum GNUNET_NAT_AddressClass
58 GNUNET_NAT_AC_NONE = 0,
61 * Addresses that fall into no other category
62 * (i.e. incoming which we cannot use elsewhere).
64 GNUNET_NAT_AC_OTHER = 1,
67 * Flag for addresses that are highly sensitive
68 * (i.e. IPv6 with our MAC).
70 GNUNET_NAT_AC_PRIVATE = 2,
73 * Addresses that are global (i.e. IPv4).
75 GNUNET_NAT_AC_GLOBAL = 4,
78 * Addresses that are global and are sensitive
79 * (i.e. IPv6 with our MAC).
81 GNUNET_NAT_AC_GLOBAL_PRIVATE = 6,
84 * Addresses useful in the local wired network,
85 * i.e. a MAC. Sensitive, but obvious to people nearby.
87 * Useful for broadcasts.
89 GNUNET_NAT_AC_LAN = 8,
92 * Addresses useful in the local wired network,
93 * i.e. a MAC. Sensitive, but obvious to people nearby.
94 * Useful for broadcasts.
96 GNUNET_NAT_AC_LAN_PRIVATE = 10,
99 * Addresses useful in the local wireless network,
100 * i.e. a MAC. Sensitive, but obvious to people nearby.
101 * Useful for broadcasts.
103 GNUNET_NAT_AC_WLAN = 16,
106 * Addresses useful in the local bluetooth network. Sensitive, but
107 * obvious to people nearby. Useful for broadcasts.
109 GNUNET_NAT_AC_BT = 32,
112 * Loopback addresses, only useful under special cirumstances.
114 GNUNET_NAT_AC_LOOPBACK = 64,
117 * Addresses that should be our external IP address
118 * on the outside of a NAT. Might be incorrectly determined.
119 * Used as a bit in combination with #GNUNET_NAT_AC_GLOBAL,
120 * or in case of double-NAT with
121 * #GNUNET_NAT_AC_LAN.
123 GNUNET_NAT_AC_EXTERN = 128,
126 * Addresses that were manually configured by the user.
127 * Used as a bit in combination with #GNUNET_NAT_AC_GLOBAL.
129 GNUNET_NAT_AC_MANUAL = 256,
132 * Bitmask for "any" address.
134 GNUNET_NAT_AC_ANY = 65535
140 * Error Types for the NAT subsystem (which can then later be converted/resolved to a string)
142 enum GNUNET_NAT_StatusCode
147 GNUNET_NAT_ERROR_SUCCESS = GNUNET_OK,
152 GNUNET_NAT_ERROR_IPC_FAILURE,
155 * Failure in network subsystem, check permissions
157 GNUNET_NAT_ERROR_INTERNAL_NETWORK_ERROR,
162 GNUNET_NAT_ERROR_TIMEOUT,
165 * detected that we are offline
167 GNUNET_NAT_ERROR_NOT_ONLINE,
170 * `upnpc` command not found
172 GNUNET_NAT_ERROR_UPNPC_NOT_FOUND,
175 * Failed to run `upnpc` command
177 GNUNET_NAT_ERROR_UPNPC_FAILED,
180 * `upnpc' command took too long, process killed
182 GNUNET_NAT_ERROR_UPNPC_TIMEOUT,
185 * `upnpc' command failed to establish port mapping
187 GNUNET_NAT_ERROR_UPNPC_PORTMAP_FAILED,
190 * `external-ip' command not found
192 GNUNET_NAT_ERROR_EXTERNAL_IP_UTILITY_NOT_FOUND,
195 * Failed to run `external-ip` command
197 GNUNET_NAT_ERROR_EXTERNAL_IP_UTILITY_FAILED,
200 * `external-ip' command output invalid
202 GNUNET_NAT_ERROR_EXTERNAL_IP_UTILITY_OUTPUT_INVALID,
205 * "no valid address was returned by `external-ip'"
207 GNUNET_NAT_ERROR_EXTERNAL_IP_ADDRESS_INVALID,
210 * Could not determine interface with internal/local network address
212 GNUNET_NAT_ERROR_NO_VALID_IF_IP_COMBO,
215 * No working gnunet-helper-nat-server found
217 GNUNET_NAT_ERROR_HELPER_NAT_SERVER_NOT_FOUND,
220 * NAT test could not be initialized
222 GNUNET_NAT_ERROR_NAT_TEST_START_FAILED,
227 GNUNET_NAT_ERROR_NAT_TEST_TIMEOUT,
230 * NAT test failed to initiate
232 GNUNET_NAT_ERROR_NAT_REGISTER_FAILED,
237 GNUNET_NAT_ERROR_HELPER_NAT_CLIENT_NOT_FOUND
244 * What the situation of the NAT connectivity
249 * We have a direct connection
251 GNUNET_NAT_TYPE_NO_NAT = GNUNET_OK,
254 * We are under a NAT but cannot traverse it
256 GNUNET_NAT_TYPE_UNREACHABLE_NAT,
259 * We can traverse using STUN
261 GNUNET_NAT_TYPE_STUN_PUNCHED_NAT,
264 * We can traverse using UPNP
266 GNUNET_NAT_TYPE_UPNP_NAT,
269 * We know nothing about the NAT.
271 GNUNET_NAT_TYPE_UNKNOWN
278 * Signature of the callback passed to #GNUNET_NAT_register() for
279 * a function to call whenever our set of 'valid' addresses changes.
282 * @param add_remove #GNUNET_YES to add a new public IP address,
283 * #GNUNET_NO to remove a previous (now invalid) one
284 * @param ac address class the address belongs to
285 * @param addr either the previous or the new public IP address
286 * @param addrlen actual length of the @a addr
289 (*GNUNET_NAT_AddressCallback) (void *cls,
291 enum GNUNET_NAT_AddressClass ac,
292 const struct sockaddr *addr,
297 * Signature of the callback passed to #GNUNET_NAT_register().
298 * for a function to call whenever someone asks us to do connection
302 * @param remote_addr public IP address of the other peer
303 * @param remote_addrlen actual length of the @a remote_addr
306 (*GNUNET_NAT_ReversalCallback) (void *cls,
307 const struct sockaddr *remote_addr,
308 socklen_t remote_addrlen);
312 * Handle for active NAT registrations.
314 struct GNUNET_NAT_Handle;
318 * Attempt to enable port redirection and detect public IP address
319 * contacting UPnP or NAT-PMP routers on the local network. Use @a
320 * addr to specify to which of the local host's addresses should the
321 * external port be mapped. The port is taken from the corresponding
322 * sockaddr_in[6] field. The NAT module should call the given @a
323 * address_callback for any 'plausible' external address.
325 * @param cfg configuration to use
326 * @param config_section name of the configuration section for options
327 * @param proto protocol this is about, IPPROTO_TCP or IPPROTO_UDP
328 * @param num_addrs number of addresses in @a addrs
329 * @param addrs list of local addresses packets should be redirected to
330 * @param addrlens actual lengths of the addresses in @a addrs
331 * @param address_callback function to call everytime the public IP address changes
332 * @param reversal_callback function to call if someone wants connection reversal from us,
333 * NULL if connection reversal is not supported
334 * @param callback_cls closure for callbacks
335 * @return NULL on error, otherwise handle that can be used to unregister
337 struct GNUNET_NAT_Handle *
338 GNUNET_NAT_register (const struct GNUNET_CONFIGURATION_Handle *cfg,
339 const char *config_section,
341 unsigned int num_addrs,
342 const struct sockaddr **addrs,
343 const socklen_t *addrlens,
344 GNUNET_NAT_AddressCallback address_callback,
345 GNUNET_NAT_ReversalCallback reversal_callback,
350 * Test if the given address is (currently) a plausible IP address for
351 * this peer. Mostly a convenience function so that clients do not
352 * have to explicitly track all IPs that the #GNUNET_NAT_AddressCallback
353 * has returned so far.
355 * @param nh the handle returned by register
356 * @param addr IP address to test (IPv4 or IPv6)
357 * @param addrlen number of bytes in @a addr
358 * @return #GNUNET_YES if the address is plausible,
359 * #GNUNET_NO if the address is not plausible,
360 * #GNUNET_SYSERR if the address is malformed
363 GNUNET_NAT_test_address (struct GNUNET_NAT_Handle *nh,
369 * We learned about a peer (possibly behind NAT) so run the
370 * gnunet-nat-client to send dummy ICMP responses to cause
371 * that peer to connect to us (connection reversal).
373 * @param nh handle (used for configuration)
374 * @param local_sa our local address of the peer (IPv4-only)
375 * @param remote_sa the remote address of the peer (IPv4-only)
376 * @return #GNUNET_SYSERR on error,
377 * #GNUNET_NO if connection reversal is unavailable,
378 * #GNUNET_OK otherwise (presumably in progress)
381 GNUNET_NAT_request_reversal (struct GNUNET_NAT_Handle *nh,
382 const struct sockaddr_in *local_sa,
383 const struct sockaddr_in *remote_sa);
387 * Stop port redirection and public IP address detection for the given
388 * handle. This frees the handle, after having sent the needed
389 * commands to close open ports.
391 * @param nh the handle to unregister
394 GNUNET_NAT_unregister (struct GNUNET_NAT_Handle *nh);
398 * Handle an incoming STUN message. This function is useful as
399 * some GNUnet service may be listening on a UDP port and might
400 * thus receive STUN messages while trying to receive other data.
401 * In this case, this function can be used to process replies
404 * The function does some basic sanity checks on packet size and
405 * content, try to extract a bit of information.
407 * At the moment this only processes BIND requests, and returns the
408 * externally visible address of the request to the rest of the
411 * @param nh handle to the NAT service
412 * @param sender_addr address from which we got @a data
413 * @param sender_addr_len number of bytes in @a sender_addr
414 * @param data the packet
415 * @param data_size number of bytes in @a data
416 * @return #GNUNET_OK on success
417 * #GNUNET_NO if the packet is not a STUN packet
418 * #GNUNET_SYSERR on internal error handling the packet
421 GNUNET_NAT_stun_handle_packet (struct GNUNET_NAT_Handle *nh,
422 const struct sockaddr *sender_addr,
423 size_t sender_addr_len,
430 /** @} */ /* end of group */
432 /* end of gnunet_nat_service.h */