2 This file is part of GNUnet.
3 Copyright (C) 2007-2016 GNUnet e.V.
5 GNUnet is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; either version 3, or (at your
8 option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with GNUnet; see the file COPYING. If not, write to the
17 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
18 Boston, MA 02110-1301, USA.
22 * @author Christian Grothoff
23 * @author Milan Bouchet-Valat
26 * Service for handling UPnP and NAT-PMP port forwarding
27 * and external IP address retrieval
29 * @defgroup nat NAT library
30 * Service for handling UPnP and NAT-PMP port forwarding
31 * and external IP address retrieval
36 #ifndef GNUNET_NAT_SERVICE_H
37 #define GNUNET_NAT_SERVICE_H
39 #include "gnunet_util_lib.h"
43 * Some addresses contain sensitive information or are
44 * not suitable for global distribution. We use address
45 * classes to filter addresses by which domain they make
46 * sense to be used in. These are used in a bitmask.
48 * FIXME: might want to define this elsewhere; we have
49 * an equivalent enum in gnunet_transport_hello_service.h;
50 * might ultimately belong with the new HELLO definition.
52 enum GNUNET_NAT_AddressClass
58 GNUNET_NAT_AC_NONE = 0,
61 * Addresses that fall into no other category
62 * (i.e. incoming which we cannot use elsewhere).
64 GNUNET_NAT_AC_OTHER = 1,
67 * Addresses that are highly sensitive
68 * (i.e. IPv6 with our MAC).
70 GNUNET_NAT_AC_PRIVATE = 2,
73 * Addresses that are global (i.e. IPv4).
75 GNUNET_NAT_AC_GLOBAL = 4,
78 * Addresses that are global and are sensitive
79 * (i.e. IPv6 with our MAC).
81 GNUNET_NAT_AC_GLOBAL_PRIVATE = 6,
84 * Addresses useful in the local wired network,
85 * i.e. a MAC. Sensitive, but obvious to people nearby.
86 * Useful for broadcasts.
88 GNUNET_NAT_AC_LAN = 8,
91 * Addresses useful in the local wired network,
92 * i.e. a MAC. Sensitive, but obvious to people nearby.
93 * Useful for broadcasts.
95 GNUNET_NAT_AC_LAN_PRIVATE = 10,
98 * Addresses useful in the local wireless network,
99 * i.e. a MAC. Sensitive, but obvious to people nearby.
100 * Useful for broadcasts.
102 GNUNET_NAT_AC_WLAN = 16,
105 * Addresses useful in the local bluetooth network. Sensitive, but
106 * obvious to people nearby. Useful for broadcasts.
108 GNUNET_NAT_AC_BT = 32,
111 * Loopback addresses, only useful under special cirumstances.
113 GNUNET_NAT_AC_LOOPBACK = 64,
116 * Bitmask for "any" address.
118 GNUNET_NAT_AC_ANY = 65535
124 * Signature of the callback passed to #GNUNET_NAT_register() for
125 * a function to call whenever our set of 'valid' addresses changes.
128 * @param add_remove #GNUNET_YES to add a new public IP address,
129 * #GNUNET_NO to remove a previous (now invalid) one
130 * @param ac address class the address belongs to
131 * @param addr either the previous or the new public IP address
132 * @param addrlen actual length of the @a addr
135 (*GNUNET_NAT_AddressCallback) (void *cls,
137 enum GNUNET_NAT_AddressClass ac,
138 const struct sockaddr *addr,
143 * Signature of the callback passed to #GNUNET_NAT_register().
144 * for a function to call whenever someone asks us to do connection
148 * @param local_addr address where we received the request
149 * @param local_addrlen actual length of the @a local_addr
150 * @param remote_addr public IP address of the other peer
151 * @param remote_addrlen actual length of the @a remote_addr
154 (*GNUNET_NAT_ReversalCallback) (void *cls,
155 const struct sockaddr *local_addr,
156 socklen_t local_addrlen,
157 const struct sockaddr *remote_addr,
158 socklen_t remote_addrlen);
162 * Handle for active NAT registrations.
164 struct GNUNET_NAT_Handle;
168 * Attempt to enable port redirection and detect public IP address
169 * contacting UPnP or NAT-PMP routers on the local network. Use @a
170 * addr to specify to which of the local host's addresses should the
171 * external port be mapped. The port is taken from the corresponding
172 * sockaddr_in[6] field. The NAT module should call the given @a
173 * address_callback for any 'plausible' external address.
175 * @param cfg configuration to use
176 * @param proto protocol this is about, IPPROTO_TCP or IPPROTO_UDP
177 * @param adv_port advertised port (port we are either bound to or that our OS
178 * locally performs redirection from to our bound port).
179 * @param num_addrs number of addresses in @a addrs
180 * @param addrs list of local addresses packets should be redirected to
181 * @param addrlens actual lengths of the addresses in @a addrs
182 * @param address_callback function to call everytime the public IP address changes
183 * @param reversal_callback function to call if someone wants connection reversal from us,
184 * NULL if connection reversal is not supported
185 * @param callback_cls closure for callbacks
186 * @return NULL on error, otherwise handle that can be used to unregister
188 struct GNUNET_NAT_Handle *
189 GNUNET_NAT_register (const struct GNUNET_CONFIGURATION_Handle *cfg,
192 unsigned int num_addrs,
193 const struct sockaddr **addrs,
194 const socklen_t *addrlens,
195 GNUNET_NAT_AddressCallback address_callback,
196 GNUNET_NAT_ReversalCallback reversal_callback,
201 * Test if the given address is (currently) a plausible IP address for
202 * this peer. Mostly a convenience function so that clients do not
203 * have to explicitly track all IPs that the #GNUNET_NAT_AddressCallback
204 * has returned so far.
206 * @param nh the handle returned by register
207 * @param addr IP address to test (IPv4 or IPv6)
208 * @param addrlen number of bytes in @a addr
209 * @return #GNUNET_YES if the address is plausible,
210 * #GNUNET_NO if the address is not plausible,
211 * #GNUNET_SYSERR if the address is malformed
214 GNUNET_NAT_test_address (struct GNUNET_NAT_Handle *nh,
220 * We learned about a peer (possibly behind NAT) so run the
221 * gnunet-nat-client to send dummy ICMP responses to cause
222 * that peer to connect to us (connection reversal).
224 * @param nh handle (used for configuration)
225 * @param local_sa our local address of the peer (IPv4-only)
226 * @param remote_sa the remote address of the peer (IPv4-only)
227 * @return #GNUNET_SYSERR on error,
228 * #GNUNET_NO if connection reversal is unavailable,
229 * #GNUNET_OK otherwise (presumably in progress)
232 GNUNET_NAT_request_reversal (struct GNUNET_NAT_Handle *nh,
233 const struct sockaddr_in *local_sa,
234 const struct sockaddr_in *remote_sa);
238 * Stop port redirection and public IP address detection for the given
239 * handle. This frees the handle, after having sent the needed
240 * commands to close open ports.
242 * @param nh the handle to unregister
245 GNUNET_NAT_unregister (struct GNUNET_NAT_Handle *nh);
249 * Handle to a NAT test.
251 struct GNUNET_NAT_Test;
255 * Error Types for the NAT subsystem (which can then later be converted/resolved to a string)
257 enum GNUNET_NAT_StatusCode
262 GNUNET_NAT_ERROR_SUCCESS = GNUNET_OK,
267 GNUNET_NAT_ERROR_IPC_FAILURE,
270 * Failure in network subsystem, check permissions
272 GNUNET_NAT_ERROR_INTERNAL_NETWORK_ERROR,
277 GNUNET_NAT_ERROR_TIMEOUT,
280 * detected that we are offline
282 GNUNET_NAT_ERROR_NOT_ONLINE,
285 * `upnpc` command not found
287 GNUNET_NAT_ERROR_UPNPC_NOT_FOUND,
290 * Failed to run `upnpc` command
292 GNUNET_NAT_ERROR_UPNPC_FAILED,
295 * `upnpc' command took too long, process killed
297 GNUNET_NAT_ERROR_UPNPC_TIMEOUT,
300 * `upnpc' command failed to establish port mapping
302 GNUNET_NAT_ERROR_UPNPC_PORTMAP_FAILED,
305 * `external-ip' command not found
307 GNUNET_NAT_ERROR_EXTERNAL_IP_UTILITY_NOT_FOUND,
310 * Failed to run `external-ip` command
312 GNUNET_NAT_ERROR_EXTERNAL_IP_UTILITY_FAILED,
315 * `external-ip' command output invalid
317 GNUNET_NAT_ERROR_EXTERNAL_IP_UTILITY_OUTPUT_INVALID,
320 * "no valid address was returned by `external-ip'"
322 GNUNET_NAT_ERROR_EXTERNAL_IP_ADDRESS_INVALID,
325 * Could not determine interface with internal/local network address
327 GNUNET_NAT_ERROR_NO_VALID_IF_IP_COMBO,
330 * No working gnunet-helper-nat-server found
332 GNUNET_NAT_ERROR_HELPER_NAT_SERVER_NOT_FOUND,
335 * NAT test could not be initialized
337 GNUNET_NAT_ERROR_NAT_TEST_START_FAILED,
342 GNUNET_NAT_ERROR_NAT_TEST_TIMEOUT,
345 * NAT test failed to initiate
347 GNUNET_NAT_ERROR_NAT_REGISTER_FAILED,
352 GNUNET_NAT_ERROR_HELPER_NAT_CLIENT_NOT_FOUND
358 * Function called to report success or failure for
359 * NAT configuration test.
362 * @param result #GNUNET_NAT_ERROR_SUCCESS on success, otherwise the specific error code
365 (*GNUNET_NAT_TestCallback) (void *cls,
366 enum GNUNET_NAT_StatusCode result);
370 * Handle an incoming STUN message. This function is useful as
371 * some GNUnet service may be listening on a UDP port and might
372 * thus receive STUN messages while trying to receive other data.
373 * In this case, this function can be used to process replies
376 * The function does some basic sanity checks on packet size and
377 * content, try to extract a bit of information.
379 * At the moment this only processes BIND requests, and returns the
380 * externally visible address of the request to the rest of the
383 * @param nh handle to the NAT service
384 * @param sender_addr address from which we got @a data
385 * @param sender_addr_len number of bytes in @a sender_addr
386 * @param data the packet
387 * @param data_size number of bytes in @a data
388 * @return #GNUNET_OK on success
389 * #GNUNET_NO if the packet is not a STUN packet
390 * #GNUNET_SYSERR on internal error handling the packet
393 GNUNET_NAT_stun_handle_packet (struct GNUNET_NAT_Handle *nh,
394 const struct sockaddr *sender_addr,
395 size_t sender_addr_len,
401 * Handle to a request given to the resolver. Can be used to cancel
402 * the request prior to the timeout or successful execution. Also
403 * used to track our internal state for the request.
405 struct GNUNET_NAT_STUN_Handle;
409 * Make Generic STUN request. Sends a generic stun request to the
410 * server specified using the specified socket. If we do this,
411 * we need to watch for possible responses and call
412 * #GNUNET_NAT_stun_handle_packet() on incoming packets.
414 * @param server the address of the stun server
415 * @param port port of the stun server, in host byte order
416 * @param sock the socket used to send the request, must be a
418 * @param cb callback in case of error
419 * @param cb_cls closure for @a cb
420 * @return NULL on error
422 struct GNUNET_NAT_STUN_Handle *
423 GNUNET_NAT_stun_make_request (const char *server,
425 struct GNUNET_NETWORK_Handle *sock,
426 GNUNET_NAT_TestCallback cb,
431 * Cancel active STUN request. Frees associated resources
432 * and ensures that the callback is no longer invoked.
434 * @param rh request to cancel
437 GNUNET_NAT_stun_make_request_cancel (struct GNUNET_NAT_STUN_Handle *rh);
441 * Start testing if NAT traversal works using the given configuration
442 * (IPv4-only). The transport adapters should be down while using
445 * @param cfg configuration for the NAT traversal
446 * @param proto protocol to test, i.e. IPPROTO_TCP or IPPROTO_UDP
447 * @param bind_ip IPv4 address to bind to
448 * @param bnd_port port to bind to, 0 to test connection reversal
449 * @param extern_ip IPv4 address to externally advertise
450 * @param extern_port externally advertised port to use
451 * @param report function to call with the result of the test
452 * @param report_cls closure for @a report
453 * @return handle to cancel NAT test
455 struct GNUNET_NAT_Test *
456 GNUNET_NAT_test_start (const struct GNUNET_CONFIGURATION_Handle *cfg,
458 struct in_addr bind_ip,
460 struct in_addr extern_ip,
461 uint16_t extern_port,
462 GNUNET_NAT_TestCallback report,
467 * Stop an active NAT test.
469 * @param tst test to stop.
472 GNUNET_NAT_test_stop (struct GNUNET_NAT_Test *tst);
476 * Handle to auto-configuration in progress.
478 struct GNUNET_NAT_AutoHandle;
482 * What the situation of the NAT connectivity
487 * We have a direct connection
489 GNUNET_NAT_TYPE_NO_NAT = GNUNET_OK,
492 * We are under a NAT but cannot traverse it
494 GNUNET_NAT_TYPE_UNREACHABLE_NAT,
497 * We can traverse using STUN
499 GNUNET_NAT_TYPE_STUN_PUNCHED_NAT,
502 * We can traverse using UPNP
504 GNUNET_NAT_TYPE_UPNP_NAT,
507 * We know nothing about the NAT.
509 GNUNET_NAT_TYPE_UNKNOWN
515 * Converts `enum GNUNET_NAT_StatusCode` to string
517 * @param err error code to resolve to a string
518 * @return point to a static string containing the error code
521 GNUNET_NAT_status2string (enum GNUNET_NAT_StatusCode err);
525 * Function called with the result from the autoconfiguration.
528 * @param diff minimal suggested changes to the original configuration
529 * to make it work (as best as we can)
530 * @param result #GNUNET_NAT_ERROR_SUCCESS on success, otherwise the specific error code
531 * @param type what the situation of the NAT
534 (*GNUNET_NAT_AutoResultCallback)(void *cls,
535 const struct GNUNET_CONFIGURATION_Handle *diff,
536 enum GNUNET_NAT_StatusCode result,
537 enum GNUNET_NAT_Type type);
541 * Start auto-configuration routine. The transport adapters should
542 * be stopped while this function is called.
544 * @param cfg initial configuration
545 * @param cb function to call with autoconfiguration result
546 * @param cb_cls closure for @a cb
547 * @return handle to cancel operation
549 struct GNUNET_NAT_AutoHandle *
550 GNUNET_NAT_autoconfig_start (const struct GNUNET_CONFIGURATION_Handle *cfg,
551 GNUNET_NAT_AutoResultCallback cb,
556 * Abort autoconfiguration.
558 * @param ah handle for operation to abort
561 GNUNET_NAT_autoconfig_cancel (struct GNUNET_NAT_AutoHandle *ah);
566 /** @} */ /* end of group */
568 /* end of gnunet_nat_service.h */