#include <sys/types.h>
#include <sys/socket.h>
#include <arpa/inet.h>
#include <unistd.h>
#include <stdio.h>
#include <string.h>
#include <errno.h>
#include <stdlib.h>
#include <stdint.h>
#include <netinet/ip.h>
#include <netinet/ip_icmp.h>
#include <netinet/in.h>

Include dependency graph for gnunet-helper-nat-client.c:

Data Structures
struct	ip_header
	IPv4 header. More...

struct	icmp_ttl_exceeded_header
	Format of ICMP packet. More...

struct	icmp_echo_header

struct	udp_header
	Beginning of UDP packet. More...

Macros
#define	_GNU_SOURCE

#define	ICMP_TIME_EXCEEDED 11

#define	GNUNET_memcpy(dst, src, n)
	Call memcpy() but check for n being 0 first.

#define	DUMMY_IP "192.0.2.86"
	Must match IP given in the server.

#define	NAT_TRAV_PORT 22225

#define	PACKET_ID 256
	Must match packet ID used by gnunet-helper-nat-server.c.

Functions
static uint16_t	calc_checksum (const uint16_t *data, unsigned int bytes)
	CRC-16 for IP/ICMP headers.

static void	send_icmp_udp (const struct in_addr my_ip, const struct in_addr other)
	Send an ICMP message to the target.

static void	send_icmp (const struct in_addr my_ip, const struct in_addr other)
	Send an ICMP message to the target.

int	main (int argc, char const argv)

Variables
static int	rawsock
	Socket we use to send our fake ICMP replies.

static struct in_addr	dummy
	Target "dummy" address of the packet we pretend to respond to.

static uint16_t	port
	Our "source" port.

Macro Definition Documentation

◆ _GNU_SOURCE

#define _GNU_SOURCE

Definition at line 49 of file gnunet-helper-nat-client.c.

◆ ICMP_TIME_EXCEEDED

#define ICMP_TIME_EXCEEDED 11

Definition at line 67 of file gnunet-helper-nat-client.c.

◆ GNUNET_memcpy

#define GNUNET_memcpy	(	dst,
		src,
		n
	)

Value:

                                                                     do { if (0 != n) { (void) memcpy (dst, src, \
                                                                     n); \
                                        } } while (0)

Call memcpy() but check for n being 0 first.

In the latter case, it is now safe to pass NULL for src or dst. Unlike traditional memcpy(), returns nothing.

Parameters

dst	destination of the copy, may be NULL if n is zero
src	source of the copy, may be NULL if n is zero
n	number of bytes to copy

Definition at line 79 of file gnunet-helper-nat-client.c.

                                      { if (0 != n) { (void) memcpy (dst, src, \
                                                                     n); \
                                        } } while (0)

◆ DUMMY_IP

#define DUMMY_IP "192.0.2.86"

Must match IP given in the server.

Definition at line 86 of file gnunet-helper-nat-client.c.

◆ NAT_TRAV_PORT

#define NAT_TRAV_PORT 22225

Definition at line 88 of file gnunet-helper-nat-client.c.

◆ PACKET_ID

#define PACKET_ID 256

Must match packet ID used by gnunet-helper-nat-server.c.

Definition at line 93 of file gnunet-helper-nat-client.c.

Function Documentation

◆ calc_checksum()

static uint16_t calc_checksum	(	const uint16_t *	data,
		unsigned int	bytes
	)

static

CRC-16 for IP/ICMP headers.

Parameters

data	what to calculate the CRC over
bytes	number of bytes in data (must be multiple of 2)

Returns: the CRC 16.

Definition at line 216 of file gnunet-helper-nat-client.c.

{
  uint32_t sum;
  unsigned int i;
 
  sum = 0;
  for (i = 0; i < bytes / 2; i++)
    sum += data[i];
  sum = (sum & 0xffff) + (sum >> 16);
  sum = htons (0xffff - sum);
  return sum;
}

References data.

Referenced by send_icmp(), and send_icmp_udp().

Here is the caller graph for this function:

◆ send_icmp_udp()

static void send_icmp_udp	(	const struct in_addr *	my_ip,
		const struct in_addr *	other
	)

static

Send an ICMP message to the target.

Parameters

my_ip	source address
other	target address

Definition at line 237 of file gnunet-helper-nat-client.c.

{
  char packet[sizeof(struct ip_header) * 2
              + sizeof(struct icmp_ttl_exceeded_header)
              + sizeof(struct udp_header)];
  struct ip_header ip_pkt;
  struct icmp_ttl_exceeded_header icmp_pkt;
  struct udp_header udp_pkt;
  struct sockaddr_in dst;
  size_t off;
  int err;
 
  /* ip header: send to (known) ip address */
  off = 0;
  ip_pkt.vers_ihl = 0x45;
  ip_pkt.tos = 0;
  /* should this be BSD only? */
#if defined(BSD) && defined(__FreeBSD__) && defined(__FreeBSD_kernel__)
  ip_pkt.pkt_len = sizeof(packet);  /* Workaround PR kern/21737 */
#else
  ip_pkt.pkt_len = htons (sizeof(packet));
#endif
  ip_pkt.id = htons (PACKET_ID);
  ip_pkt.flags_frag_offset = 0;
  ip_pkt.ttl = 128;
  ip_pkt.proto = IPPROTO_ICMP;
  ip_pkt.checksum = 0;
  ip_pkt.src_ip = my_ip->s_addr;
  ip_pkt.dst_ip = other->s_addr;
  ip_pkt.checksum =
    htons (calc_checksum ((uint16_t *) &ip_pkt, sizeof(struct ip_header)));
  GNUNET_memcpy (&packet[off],
                 &ip_pkt,
                 sizeof(struct ip_header));
  off += sizeof(struct ip_header);
 
  icmp_pkt.type = ICMP_TIME_EXCEEDED;
  icmp_pkt.code = 0;
  icmp_pkt.checksum = 0;
  icmp_pkt.unused = 0;
  GNUNET_memcpy (&packet[off],
                 &icmp_pkt,
                 sizeof(struct icmp_ttl_exceeded_header));
  off += sizeof(struct icmp_ttl_exceeded_header);
 
  /* ip header of the presumably 'lost' udp packet */
  ip_pkt.vers_ihl = 0x45;
  ip_pkt.tos = 0;
  ip_pkt.pkt_len =
    htons (sizeof(struct ip_header) + sizeof(struct udp_header));
  ip_pkt.id = htons (0);
  ip_pkt.flags_frag_offset = 0;
  ip_pkt.ttl = 128;
  ip_pkt.proto = IPPROTO_UDP;
  ip_pkt.checksum = 0;
  ip_pkt.src_ip = other->s_addr;
  ip_pkt.dst_ip = dummy.s_addr;
  ip_pkt.checksum =
    htons (calc_checksum ((uint16_t *) &ip_pkt, sizeof(struct ip_header)));
  GNUNET_memcpy (&packet[off],
                 &ip_pkt,
                 sizeof(struct ip_header));
  off += sizeof(struct ip_header);
 
  /* build UDP header */
  udp_pkt.src_port = htons (NAT_TRAV_PORT);
  udp_pkt.dst_port = htons (NAT_TRAV_PORT);
  udp_pkt.length = htons (port);
  udp_pkt.crc = 0;
  GNUNET_memcpy (&packet[off],
                 &udp_pkt,
                 sizeof(struct udp_header));
  off += sizeof(struct udp_header);
 
  /* set ICMP checksum */
  icmp_pkt.checksum =
    htons (calc_checksum
             ((uint16_t *) &packet[sizeof(struct ip_header)],
             sizeof(struct icmp_ttl_exceeded_header)
             + sizeof(struct ip_header) + sizeof(struct udp_header)));
  GNUNET_memcpy (&packet[sizeof(struct ip_header)],
                 &icmp_pkt,
                 sizeof(struct icmp_ttl_exceeded_header));
 
  memset (&dst, 0, sizeof(dst));
  dst.sin_family = AF_INET;
#if HAVE_SOCKADDR_IN_SIN_LEN
  dst.sin_len = sizeof(struct sockaddr_in);
#endif
  dst.sin_addr = *other;
  err =
    sendto (rawsock, packet, sizeof(packet), 0, (struct sockaddr *) &dst,
            sizeof(dst));
  if (err < 0)
  {
    fprintf (stderr, "sendto failed: %s\n", strerror (errno));
  }
  else if (sizeof(packet) != (size_t) err)
  {
    fprintf (stderr, "Error: partial send of ICMP message with size %lu\n",
             (unsigned long) off);
  }
}

References calc_checksum(), ip_header::checksum, icmp_ttl_exceeded_header::checksum, icmp_ttl_exceeded_header::code, udp_header::crc, ip_header::dst_ip, udp_header::dst_port, dummy, ip_header::flags_frag_offset, GNUNET_memcpy, ICMP_TIME_EXCEEDED, ip_header::id, udp_header::length, NAT_TRAV_PORT, PACKET_ID, ip_header::pkt_len, port, ip_header::proto, rawsock, ip_header::src_ip, udp_header::src_port, ip_header::tos, ip_header::ttl, icmp_ttl_exceeded_header::type, icmp_ttl_exceeded_header::unused, and ip_header::vers_ihl.

Referenced by main().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ send_icmp()

static void send_icmp	(	const struct in_addr *	my_ip,
		const struct in_addr *	other
	)

static

Send an ICMP message to the target.

Parameters

my_ip	source address
other	target address

Definition at line 349 of file gnunet-helper-nat-client.c.

{
  struct ip_header ip_pkt;
  struct icmp_ttl_exceeded_header icmp_ttl;
  struct icmp_echo_header icmp_echo;
  struct sockaddr_in dst;
  char packet[sizeof(struct ip_header) * 2
              + sizeof(struct icmp_ttl_exceeded_header)
              + sizeof(struct icmp_echo_header)];
  size_t off;
  int err;
 
  /* ip header: send to (known) ip address */
  off = 0;
  ip_pkt.vers_ihl = 0x45;
  ip_pkt.tos = 0;
#if defined(BSD) && defined(__FreeBSD__) && defined(__FreeBSD_kernel__)
  ip_pkt.pkt_len = sizeof(packet);  /* Workaround PR kern/21737 */
#else
  ip_pkt.pkt_len = htons (sizeof(packet));
#endif
  ip_pkt.id = htons (PACKET_ID);
  ip_pkt.flags_frag_offset = 0;
  ip_pkt.ttl = IPDEFTTL;
  ip_pkt.proto = IPPROTO_ICMP;
  ip_pkt.checksum = 0;
  ip_pkt.src_ip = my_ip->s_addr;
  ip_pkt.dst_ip = other->s_addr;
  ip_pkt.checksum =
    htons (calc_checksum ((uint16_t *) &ip_pkt, sizeof(struct ip_header)));
  GNUNET_memcpy (&packet[off],
                 &ip_pkt,
                 sizeof(struct ip_header));
  off = sizeof(ip_pkt);
 
  /* icmp reply: time exceeded */
  icmp_ttl.type = ICMP_TIME_EXCEEDED;
  icmp_ttl.code = 0;
  icmp_ttl.checksum = 0;
  icmp_ttl.unused = 0;
  GNUNET_memcpy (&packet[off],
                 &icmp_ttl,
                 sizeof(struct icmp_ttl_exceeded_header));
  off += sizeof(struct icmp_ttl_exceeded_header);
 
  /* ip header of the presumably 'lost' udp packet */
  ip_pkt.vers_ihl = 0x45;
  ip_pkt.tos = 0;
  ip_pkt.pkt_len =
    htons (sizeof(struct ip_header) + sizeof(struct icmp_echo_header));
  ip_pkt.id = htons (PACKET_ID);
  ip_pkt.flags_frag_offset = 0;
  ip_pkt.ttl = 1;               /* real TTL would be 1 on a time exceeded packet */
  ip_pkt.proto = IPPROTO_ICMP;
  ip_pkt.src_ip = other->s_addr;
  ip_pkt.dst_ip = dummy.s_addr;
  ip_pkt.checksum = 0;
  ip_pkt.checksum =
    htons (calc_checksum ((uint16_t *) &ip_pkt, sizeof(struct ip_header)));
  GNUNET_memcpy (&packet[off],
                 &ip_pkt,
                 sizeof(struct ip_header));
  off += sizeof(struct ip_header);
 
  icmp_echo.type = ICMP_ECHO;
  icmp_echo.code = 0;
  icmp_echo.reserved = htonl (port);
  icmp_echo.checksum = 0;
  icmp_echo.checksum =
    htons (calc_checksum
             ((uint16_t *) &icmp_echo, sizeof(struct icmp_echo_header)));
  GNUNET_memcpy (&packet[off],
                 &icmp_echo,
                 sizeof(struct icmp_echo_header));
 
  /* no go back to calculate ICMP packet checksum */
  off = sizeof(struct ip_header);
  icmp_ttl.checksum =
    htons (calc_checksum
             ((uint16_t *) &packet[off],
             sizeof(struct icmp_ttl_exceeded_header)
             + sizeof(struct ip_header) + sizeof(struct icmp_echo_header)));
  GNUNET_memcpy (&packet[off],
                 &icmp_ttl,
                 sizeof(struct icmp_ttl_exceeded_header));
 
  /* prepare for transmission */
  memset (&dst, 0, sizeof(dst));
  dst.sin_family = AF_INET;
#if HAVE_SOCKADDR_IN_SIN_LEN
  dst.sin_len = sizeof(struct sockaddr_in);
#endif
  dst.sin_addr = *other;
  err =
    sendto (rawsock, packet, sizeof(packet), 0, (struct sockaddr *) &dst,
            sizeof(dst));
  if (err < 0)
  {
    fprintf (stderr, "sendto failed: %s\n", strerror (errno));
  }
  else if (sizeof(packet) != (size_t) err)
  {
    fprintf (stderr, "Error: partial send of ICMP message\n");
  }
}

References calc_checksum(), ip_header::checksum, icmp_ttl_exceeded_header::checksum, icmp_echo_header::checksum, icmp_ttl_exceeded_header::code, icmp_echo_header::code, ip_header::dst_ip, dummy, ip_header::flags_frag_offset, GNUNET_memcpy, ICMP_TIME_EXCEEDED, ip_header::id, PACKET_ID, ip_header::pkt_len, port, ip_header::proto, rawsock, icmp_echo_header::reserved, ip_header::src_ip, ip_header::tos, ip_header::ttl, icmp_ttl_exceeded_header::type, icmp_echo_header::type, icmp_ttl_exceeded_header::unused, and ip_header::vers_ihl.

Referenced by main().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ main()

int main	(	int	argc,
		char const	argv
	)

Definition at line 457 of file gnunet-helper-nat-client.c.

{
  const int one = 1;
  struct in_addr external;
  struct in_addr target;
  uid_t uid;
  unsigned int p;
  int raw_eno;
  int global_ret;
 
  /* Create an ICMP raw socket for writing (only operation that requires root) */
  rawsock = socket (AF_INET, SOCK_RAW, IPPROTO_RAW);
  raw_eno = errno; /* for later error checking */
 
  /* now drop root privileges */
  uid = getuid ();
#ifdef HAVE_SETRESUID
  if (0 != setresuid (uid, uid, uid))
  {
    fprintf (stderr, "Failed to setresuid: %s\n", strerror (errno));
    global_ret = 1;
    goto cleanup;
  }
#else
  if (0 != (setuid (uid) | seteuid (uid)))
  {
    fprintf (stderr, "Failed to setuid: %s\n", strerror (errno));
    global_ret = 2;
    goto cleanup;
  }
#endif
  if (-1 == rawsock)
  {
    fprintf (stderr, "Error opening RAW socket: %s\n", strerror (raw_eno));
    global_ret = 3;
    goto cleanup;
  }
  if (0 !=
      setsockopt (rawsock, SOL_SOCKET, SO_BROADCAST, (char *) &one,
                  sizeof(one)))
  {
    fprintf (stderr, "setsockopt failed: %s\n", strerror (errno));
    global_ret = 4;
    goto cleanup;
  }
  if (0 !=
      setsockopt (rawsock, IPPROTO_IP, IP_HDRINCL, (char *) &one, sizeof(one)))
  {
    fprintf (stderr, "setsockopt failed: %s\n", strerror (errno));
    global_ret = 5;
    goto cleanup;
  }
 
  if (4 != argc)
  {
    fprintf (stderr,
             "This program must be started with our IP, the targets external IP, and our port as arguments.\n");
    global_ret = 6;
    goto cleanup;
  }
  if ((1 != inet_pton (AF_INET, argv[1], &external)) ||
      (1 != inet_pton (AF_INET, argv[2], &target)))
  {
    fprintf (stderr, "Error parsing IPv4 address: %s\n", strerror (errno));
    global_ret = 7;
    goto cleanup;
  }
  if ((1 != sscanf (argv[3], "%u", &p)) || (0 == p) || (0xFFFF < p))
  {
    fprintf (stderr, "Error parsing port value `%s'\n", argv[3]);
    global_ret = 8;
    goto cleanup;
  }
  port = (uint16_t) p;
  if (1 != inet_pton (AF_INET, DUMMY_IP, &dummy))
  {
    fprintf (stderr, "Internal error converting dummy IP to binary.\n");
    global_ret = 9;
    goto cleanup;
  }
  send_icmp (&external, &target);
  send_icmp_udp (&external, &target);
  global_ret = 0;
cleanup:
  if (-1 != rawsock)
    (void) close (rawsock);
  return global_ret;
}