Tool to help bypass NATs using ICMP method; must run as root (SUID will do) This code will work under GNU/Linux only (or maybe BSDs, but never W32) More...
#include <sys/types.h>
#include <sys/socket.h>
#include <arpa/inet.h>
#include <sys/select.h>
#include <sys/time.h>
#include <unistd.h>
#include <stdio.h>
#include <string.h>
#include <errno.h>
#include <stdlib.h>
#include <stdint.h>
#include <time.h>
#include <netinet/ip.h>
#include <netinet/ip_icmp.h>
#include <netinet/in.h>
Go to the source code of this file.
Data Structures | |
struct | ip_header |
IPv4 header. More... | |
struct | icmp_ttl_exceeded_header |
Format of ICMP packet. More... | |
struct | icmp_echo_header |
struct | udp_header |
Beginning of UDP packet. More... | |
Macros | |
#define | _GNU_SOURCE |
#define | ICMP_TIME_EXCEEDED 11 |
#define | GNUNET_memcpy(dst, src, n) |
Call memcpy() but check for n being 0 first. More... | |
#define | VERBOSE 0 |
Should we print some debug output? More... | |
#define | PACKET_ID 256 |
Must match packet ID used by gnunet-helper-nat-client.c. More... | |
#define | DUMMY_IP "192.0.2.86" |
Must match IP given in the client. More... | |
#define | NAT_TRAV_PORT 22225 |
Port for UDP. More... | |
#define | ICMP_SEND_FREQUENCY_MS 500 |
How often do we send our ICMP messages to receive replies? More... | |
Functions | |
static uint16_t | calc_checksum (const uint16_t *data, unsigned int bytes) |
CRC-16 for IP/ICMP headers. More... | |
static void | send_icmp_echo (const struct in_addr *my_ip) |
Send an ICMP message to the dummy IP. More... | |
static void | send_udp () |
Send a UDP message to the dummy IP. More... | |
static void | process_icmp_response () |
We've received an ICMP response. More... | |
static int | setup_raw_socket () |
Fully initialize the raw socket. More... | |
static int | make_udp_socket (const struct in_addr *my_ip) |
Create a UDP socket for writing. More... | |
int | main (int argc, char *const *argv) |
Variables | |
static int | icmpsock |
Socket we use to receive "fake" ICMP replies. More... | |
static int | rawsock |
Socket we use to send our ICMP requests. More... | |
static int | udpsock |
Socket we use to send our UDP requests. More... | |
static struct in_addr | dummy |
Target "dummy" address. More... | |
Tool to help bypass NATs using ICMP method; must run as root (SUID will do) This code will work under GNU/Linux only (or maybe BSDs, but never W32)
This program will send ONE ICMP message every 500 ms RAW sockets to a DUMMY IP address and also listens for ICMP replies. Since it uses RAW sockets, it must be installed SUID or run as 'root'. In order to keep the security risk of the resulting SUID binary minimal, the program ONLY opens the two RAW sockets with root privileges, then drops them and only then starts to process command line arguments. The code also does not link against any shared libraries (except libc) and is strictly minimal (except for checking for errors). The following list of people have reviewed this code and considered it safe since the last modification (if you reviewed it, please have your name added to the list):
Definition in file gnunet-helper-nat-server.c.
#define _GNU_SOURCE |
Definition at line 50 of file gnunet-helper-nat-server.c.
#define ICMP_TIME_EXCEEDED 11 |
Definition at line 71 of file gnunet-helper-nat-server.c.
#define GNUNET_memcpy | ( | dst, | |
src, | |||
n | |||
) |
Call memcpy() but check for n being 0 first.
In the latter case, it is now safe to pass NULL for src or dst. Unlike traditional memcpy(), returns nothing.
dst | destination of the copy, may be NULL if n is zero |
src | source of the copy, may be NULL if n is zero |
n | number of bytes to copy |
Definition at line 83 of file gnunet-helper-nat-server.c.
#define VERBOSE 0 |
Should we print some debug output?
Definition at line 90 of file gnunet-helper-nat-server.c.
#define PACKET_ID 256 |
Must match packet ID used by gnunet-helper-nat-client.c.
Definition at line 95 of file gnunet-helper-nat-server.c.
#define DUMMY_IP "192.0.2.86" |
Must match IP given in the client.
Definition at line 100 of file gnunet-helper-nat-server.c.
#define NAT_TRAV_PORT 22225 |
Port for UDP.
Definition at line 105 of file gnunet-helper-nat-server.c.
#define ICMP_SEND_FREQUENCY_MS 500 |
How often do we send our ICMP messages to receive replies?
Definition at line 110 of file gnunet-helper-nat-server.c.
|
static |
CRC-16 for IP/ICMP headers.
data | what to calculate the CRC over |
bytes | number of bytes in data (must be multiple of 2) |
Definition at line 239 of file gnunet-helper-nat-server.c.
References data, and consensus-simulation::sum.
Referenced by send_icmp_echo().
|
static |
Send an ICMP message to the dummy IP.
my_ip | source address (our ip address) |
Definition at line 259 of file gnunet-helper-nat-server.c.
References calc_checksum(), ip_header::checksum, icmp_echo_header::checksum, icmp_echo_header::code, ip_header::dst_ip, dummy, ip_header::flags_frag_offset, GNUNET_memcpy, ip_header::id, PACKET_ID, ip_header::pkt_len, ip_header::proto, rawsock, icmp_echo_header::reserved, ip_header::src_ip, ip_header::tos, ip_header::ttl, icmp_echo_header::type, and ip_header::vers_ihl.
Referenced by main().
|
static |
Send a UDP message to the dummy IP.
Definition at line 332 of file gnunet-helper-nat-server.c.
References dummy, NAT_TRAV_PORT, and udpsock.
Referenced by main().
|
static |
We've received an ICMP response.
Process it.
Definition at line 370 of file gnunet-helper-nat-server.c.
References buf, icmp_ttl_exceeded_header::code, GNUNET_memcpy, ICMP_TIME_EXCEEDED, icmpsock, udp_header::length, port, ip_header::proto, icmp_echo_header::reserved, ip_header::src_ip, and icmp_ttl_exceeded_header::type.
Referenced by main().
|
static |
Fully initialize the raw socket.
Definition at line 481 of file gnunet-helper-nat-server.c.
References rawsock.
Referenced by main().
|
static |
Create a UDP socket for writing.
my_ip | source address (our ip address) |
Definition at line 520 of file gnunet-helper-nat-server.c.
References NAT_TRAV_PORT, and ret.
Referenced by main().
int main | ( | int | argc, |
char *const * | argv | ||
) |
Definition at line 557 of file gnunet-helper-nat-server.c.
References dummy, DUMMY_IP, global_ret, ICMP_SEND_FREQUENCY_MS, icmpsock, make_udp_socket(), process_icmp_response(), rawsock, send_icmp_echo(), send_udp(), setup_raw_socket(), and udpsock.
|
static |
Socket we use to receive "fake" ICMP replies.
Definition at line 213 of file gnunet-helper-nat-server.c.
Referenced by main(), and process_icmp_response().
|
static |
Socket we use to send our ICMP requests.
Definition at line 218 of file gnunet-helper-nat-server.c.
Referenced by main(), send_icmp_echo(), and setup_raw_socket().
|
static |
Socket we use to send our UDP requests.
Definition at line 223 of file gnunet-helper-nat-server.c.
Referenced by main(), and send_udp().
|
static |
Target "dummy" address.
Definition at line 223 of file gnunet-helper-nat-server.c.
Referenced by main(), send_icmp_echo(), and send_udp().