2 This file is part of GNUnet.
3 (C) 2010 Christian Grothoff (and other contributing authors)
5 GNUnet is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; either version 3, or (at your
8 option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with GNUnet; see the file COPYING. If not, write to the
17 Free Software Foundation, Inc., 59 Temple Place - Suite 330,
18 Boston, MA 02111-1307, USA.
22 * @file src/transport/gnunet-nat-server-windows.c
23 * @brief Windows tool to help bypass NATs using ICMP method
24 * This code will work under W32 only
25 * @author Christian Grothoff
27 * This program will send ONE ICMP message every 500 ms RAW sockets
28 * to a DUMMY IP address and also listens for ICMP replies. Since
29 * it uses RAW sockets, it must be run as an administrative user.
30 * In order to keep the security risk of the resulting binary
31 * minimal, the program ONLY opens the two RAW sockets with administrative
32 * privileges, then drops them and only then starts to process
33 * command line arguments. The code also does not link against
34 * any shared libraries (except libc) and is strictly minimal
35 * (except for checking for errors). The following list of people
36 * have reviewed this code and considered it safe since the last
37 * modification (if you reviewed it, please have your name added
41 * - Christian Grothoff
49 #include <sys/types.h>
59 * Should we print some debug output?
64 * Must match IP given in the client.
66 #define DUMMY_IP "192.0.2.86"
69 * TTL to use for our outgoing messages.
75 #define ICMP_TIME_EXCEEDED 11 /* Time Exceeded */
78 * How often do we send our ICMP messages to receive replies?
80 #define ICMP_SEND_FREQUENCY_MS 500
89 * Version (4 bits) + Internet header length (4 bits)
109 * Flags (3 bits) + Fragment offset (13 bits)
111 uint16_t flags_frag_offset;
134 * Destination address
140 * Format of ICMP packet.
154 * Beginning of UDP packet.
166 * Socket we use to receive "fake" ICMP replies.
168 static SOCKET icmpsock;
171 * Socket we use to send our ICMP requests.
173 static SOCKET rawsock;
176 * Socket we use to send our UDP requests.
178 static SOCKET udpsock;
181 * Target "dummy" address.
183 static struct in_addr dummy;
187 * CRC-16 for IP/ICMP headers.
189 * @param data what to calculate the CRC over
190 * @param bytes number of bytes in data (must be multiple of 2)
191 * @return the CRC 16.
194 calc_checksum(const uint16_t *data,
201 for (i=0;i<bytes/2;i++)
203 sum = (sum & 0xffff) + (sum >> 16);
204 sum = htons(0xffff - sum);
210 * Convert IPv4 address from text to binary form.
212 * @param af address family
213 * @param cp the address to print
214 * @param buf where to write the address result
215 * @return 1 on success
222 buf->s_addr = inet_addr(cp);
223 if (buf->s_addr == INADDR_NONE)
226 "Error %d handling address %s",
236 * Send an ICMP message to the dummy IP.
238 * @param my_ip source address (our ip address)
241 send_icmp_echo (const struct in_addr *my_ip)
243 struct icmp_packet icmp_echo;
244 struct sockaddr_in dst;
247 struct ip_packet ip_pkt;
248 struct icmp_packet icmp_pkt;
249 char packet[sizeof (ip_pkt) + sizeof (icmp_pkt)];
252 memset(&ip_pkt, 0, sizeof(ip_pkt));
253 ip_pkt.vers_ihl = 0x45;
255 ip_pkt.pkt_len = sizeof (packet);
256 ip_pkt.id = htons (256);
257 ip_pkt.flags_frag_offset = 0;
258 ip_pkt.ttl = IPDEFTTL;
259 ip_pkt.proto = IPPROTO_ICMP;
261 ip_pkt.src_ip = my_ip->s_addr;
262 ip_pkt.dst_ip = dummy.s_addr;
263 ip_pkt.checksum = htons(calc_checksum((uint16_t*)&ip_pkt, sizeof (ip_pkt)));
264 memcpy (&packet[off], &ip_pkt, sizeof (ip_pkt));
265 off += sizeof (ip_pkt);
267 icmp_echo.type = ICMP_ECHO;
269 icmp_echo.reserved = 0;
270 icmp_echo.checksum = 0;
271 icmp_echo.checksum = htons(calc_checksum((uint16_t*) &icmp_echo,
272 sizeof (struct icmp_packet)));
273 memcpy (&packet[off], &icmp_echo, sizeof (icmp_echo));
274 off += sizeof (icmp_echo);
276 memset (&dst, 0, sizeof (dst));
277 dst.sin_family = AF_INET;
278 dst.sin_addr = dummy;
279 err = sendto(rawsock,
281 (struct sockaddr*)&dst,
287 "sendto failed: %s\n", strerror(errno));
293 "Error: partial send of ICMP message\n");
299 * Send a UDP message to the dummy IP.
301 * @param my_ip source address (our ip address)
304 send_udp (const struct in_addr *my_ip)
306 struct sockaddr_in dst;
309 memset (&dst, 0, sizeof (dst));
310 dst.sin_family = AF_INET;
311 dst.sin_addr = dummy;
312 dst.sin_port = htons (NAT_TRAV_PORT);
313 err = sendto(udpsock,
315 (struct sockaddr*)&dst,
321 "sendto failed: %s\n", strerror(errno));
327 "Error: partial send of ICMP message\n");
333 * We've received an ICMP response. Process it.
336 process_icmp_response ()
341 struct ip_packet ip_pkt;
342 struct icmp_packet icmp_pkt;
343 struct udp_packet udp_pkt;
348 have = read (icmpsock, buf, sizeof (buf));
352 "Error reading raw socket: %s\n",
359 "Received message of %u bytes\n",
360 (unsigned int) have);
362 if (have == sizeof (struct ip_packet) *2 + sizeof (struct icmp_packet) * 2 + sizeof(uint32_t))
366 else if (have != sizeof (struct ip_packet) *2 + sizeof (struct icmp_packet) * 2)
370 "Received ICMP message of unexpected size: %u bytes\n",
371 (unsigned int) have);
376 memcpy (&ip_pkt, &buf[off], sizeof (ip_pkt));
377 off += sizeof (ip_pkt);
378 memcpy (&icmp_pkt, &buf[off], sizeof (icmp_pkt));
379 off += sizeof (icmp_pkt);
380 if ( ((ip_pkt.proto != IPPROTO_ICMP) && (ip_pkt.proto != IPPROTO_UDP)) ||
381 (icmp_pkt.type != ICMP_TIME_EXCEEDED) ||
382 (icmp_pkt.code != 0) )
384 /* maybe we got an actual reply back... */
390 memcpy (&ip_pkt, &buf[off], sizeof (ip_pkt));
391 off += sizeof (ip_pkt);
396 &buf[sizeof (struct ip_packet) *2 + sizeof (struct icmp_packet) * 2],
399 DWORD ssize = sizeof(buf);
400 WSAAddressToString((LPSOCKADDR)&sip,
410 else if (ip_pkt.proto == IPPROTO_UDP)
415 DWORD ssize = sizeof(buf);
416 WSAAddressToString((LPSOCKADDR)&sip,
424 ntohs((uint16_t)udp_pkt.length));
428 DWORD ssize = sizeof(buf);
429 WSAAddressToString((LPSOCKADDR)&sip,
443 * Create an ICMP raw socket for reading.
445 * @return INVALID_SOCKET on error
452 ret = socket (AF_INET, SOCK_RAW, IPPROTO_ICMP);
453 if (INVALID_SOCKET == ret)
456 "Error opening RAW socket: %s\n",
458 return INVALID_SOCKET;
465 * Create an ICMP raw socket for writing.
467 * @return INVALID_SOCKET on error
472 DWORD bOptVal = TRUE;
473 int bOptLen = sizeof(bOptVal);
475 rawsock = socket (AF_INET, SOCK_RAW, IPPROTO_ICMP);
476 if (INVALID_SOCKET == rawsock)
479 "Error opening RAW socket: %s\n",
481 return INVALID_SOCKET;
484 if (setsockopt(rawsock,
487 (char*)&bOptVal, bOptLen) != 0)
490 "Error setting SO_BROADCAST to ON: %s\n",
492 closesocket(rawsock);
493 return INVALID_SOCKET;
495 if (setsockopt(rawsock,
498 (char*)&bOptVal, bOptLen) != 0)
501 "Error setting IP_HDRINCL to ON: %s\n",
503 closesocket(rawsock);
504 return INVALID_SOCKET;
511 * Create a UDP socket for writinging.
513 * @return -1 on error
519 struct sockaddr_in addr;
521 ret = socket (AF_INET, SOCK_DGRAM, 0);
522 if (INVALID_SOCKET == ret)
525 "Error opening UDP socket: %s\n",
527 return INVALID_SOCKET;
529 memset (&addr, 0, sizeof (addr));
530 addr.sin_family = AF_INET;
531 /* addr.sin_addr zero == ours (hopefully...) */
532 addr.sin_port = htons (NAT_TRAV_PORT);
539 "Error binding UDP socket to port %u: %s\n",
542 /* likely problematic, but not certain, try to continue */
552 struct in_addr external;
561 "This program must be started with our (internal NAT) IP as the only argument.\n");
564 if (1 != inet_pton (AF_INET, argv[1], &external))
567 "Error parsing IPv4 address: %s, error %s\n",
568 argv[1], strerror (errno));
571 if (1 != inet_pton (AF_INET, DUMMY_IP, &dummy))
574 "Internal error converting dummy IP to binary.\n");
577 if (WSAStartup (MAKEWORD (2, 1), &wsaData) != 0)
579 fprintf (stderr, "Failed to find Winsock 2.1 or better.\n");
582 if (INVALID_SOCKET == (icmpsock = make_icmp_socket()))
586 if (INVALID_SOCKET == (make_raw_socket()))
588 closesocket (icmpsock);
591 if (INVALID_SOCKET == (udpsock = make_udp_socket()))
593 closesocket (icmpsock);
594 closesocket (rawsock);
600 FD_SET (icmpsock, &rs);
602 tv.tv_usec = ICMP_SEND_FREQUENCY_MS * 1000;
603 if (-1 == select (icmpsock + 1, &rs, NULL, NULL, &tv))
608 "select failed: %s\n",
612 if (FD_ISSET (icmpsock, &rs))
613 process_icmp_response ();
614 if (0 == (++alt % 2))
615 send_icmp_echo (&external);
617 send_udp (&external);
619 /* select failed (internal error or OS out of resources) */
620 closesocket(icmpsock);
621 closesocket(rawsock);
622 closesocket(udpsock);
628 /* end of gnunet-nat-server-windows.c */