oxen-io/lokinet
1
1
Fork 0
mirror of https://github.com/oxen-io/lokinet synced 2023-12-14 06:53:00 +01:00
Code Issues Projects Releases Wiki Activity

working netlink route poker

Browse source
This commit is contained in:
jeff 2020-08-21 19:09:13 +00:00 committed by Jeff Becker
parent 668ddf837f
commit f6f56029d3
No known key found for this signature in database
GPG key ID: F357B3B42F6F9B05
8 changed files with 61 additions and 276 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

262
daemon/lokinet-vpn.cpp
View file

@ -50,26 +50,6 @@ LMQ_Request(
return std::nullopt;
}
/// get every ip address that is a gateway that isn't owned by interface with name ifname
std::vector<std::string>
GetGatewaysNotOnInterface(std::string ifname);
/// add route to ipaddr via gateway ip
void
AddRoute(std::string ipaddr, std::string gateway);
/// delete route to ipaddr via gateway ip
void
DelRoute(std::string ipaddr, std::string gateway);
/// add default route via interface with name ifname
void
AddDefaultRouteViaInterface(std::string ifname);
/// delete default route via interface with name ifname
void
DelDefaultRouteViaInterface(std::string ifname);
int
main(int argc, char* argv[])
{
@ -239,253 +219,11 @@ main(int argc, char* argv[])
std::cout << maybe_result->at("error").get<std::string>() << std::endl;
return 1;
}
const auto gateways = GetGatewaysNotOnInterface(ifname);
if (gateways.empty())
{
std::cout << "cannot determine default gateway" << std::endl;
return 1;
}
const auto ourGateway = gateways[0];
for (const auto& ip : firstHops)
{
AddRoute(ip, ourGateway);
}
AddDefaultRouteViaInterface(ifname);
}
if (goDown)
{
DelDefaultRouteViaInterface(ifname);
const auto gateways = GetGatewaysNotOnInterface(ifname);
if (gateways.empty())
{
std::cout << "cannot determine default gateway" << std::endl;
return 1;
}
const auto ourGateway = gateways[0];
for (const auto& ip : firstHops)
{
DelRoute(ip, ourGateway);
}
LMQ_Request(lmq, connID, "llarp.exit", nlohmann::json{{"range", "0.0.0.0/0"}, {"unmap", true}});
}
return 0;
}
void
Execute(std::string cmd)
{
std::cout << cmd << std::endl;
#ifdef _WIN32
system(cmd.c_str());
#else
std::vector<std::string> parts_str;
std::vector<const char*> parts_raw;
std::stringstream in(cmd);
for (std::string part; std::getline(in, part, ' ');)
{
if (part.empty())
continue;
parts_str.push_back(part);
}
for (const auto& part : parts_str)
{
parts_raw.push_back(part.c_str());
}
parts_raw.push_back(nullptr);
const auto pid = fork();
if (pid == -1)
{
throw std::runtime_error("failed to fork");
}
else if (pid == 0)
{
char* const* args = (char* const*)parts_raw.data();
const auto result = execv(parts_raw[0], args);
if (result)
{
std::cout << "failed: " << result << std::endl;
}
else
{
std::cout << "ok" << std::endl;
}
exit(result);
}
else
{
waitpid(pid, 0, 0);
}
#endif
}
void
AddRoute(std::string ip, std::string gateway)
{
std::stringstream ss;
#ifdef __linux__
ss << "/sbin/ip route add " << ip << "/32 via " << gateway;
#elif _WIN32
ss << "route ADD " << ip << " MASK 255.255.255.255 " << gateway << " METRIC 2";
#elif __APPLE__
ss << "route -n add -host " << ip << " " << gateway;
#else
#error unsupported platform
#endif
Execute(ss.str());
}
void
DelRoute(std::string ip, std::string gateway)
{
std::stringstream ss;
#ifdef __linux__
ss << "/sbin/ip route del " << ip << "/32 via " << gateway;
#elif _WIN32
ss << "route DELETE " << ip << " MASK 255.255.255.255 " << gateway << " METRIC 2";
#elif __APPLE__
ss << "route -n delete -host " << ip << " " << gateway;
#else
#error unsupported platform
#endif
Execute(ss.str());
}
void
AddDefaultRouteViaInterface(std::string ifname)
{
#ifdef __linux__
Execute("/sbin/ip route add default dev " + ifname);
#elif _WIN32
ifname.back()++;
Execute("route ADD 0.0.0.0 MASK 128.0.0.0 " + ifname);
Execute("route ADD 128.0.0.0 MASK 128.0.0.0 " + ifname);
#elif __APPLE__
Execute("route -cloning add -net 0.0.0.0 -netmask 0.0.0.0 -interface " + ifname);
#else
#error unsupported platform
#endif
}
void
DelDefaultRouteViaInterface(std::string ifname)
{
#ifdef __linux__
Execute("/sbin/ip route del default dev " + ifname);
#elif _WIN32
ifname.back()++;
Execute("route DELETE 0.0.0.0 MASK 128.0.0.0 " + ifname);
Execute("route DELETE 128.0.0.0 MASK 128.0.0.0 " + ifname);
#elif __APPLE__
Execute("route -cloning delete -net 0.0.0.0 -netmask 0.0.0.0 -interface " + ifname);
#else
#error unsupported platform
#endif
}
std::vector<std::string>
GetGatewaysNotOnInterface(std::string ifname)
{
std::vector<std::string> gateways;
#ifdef __linux__
FILE* p = popen("ip route", "r");
if (p == nullptr)
return gateways;
char* line = nullptr;
size_t len = 0;
ssize_t read = 0;
while ((read = getline(&line, &len, p)) != -1)
{
std::string line_str(line, len);
std::vector<std::string> words;
std::istringstream instr(line_str);
for (std::string word; std::getline(instr, word, ' ');)
{
words.emplace_back(std::move(word));
}
if (words[0] == "default" and words[1] == "via" and words[3] == "dev" and words[4] != ifname)
{
gateways.emplace_back(std::move(words[2]));
}
}
pclose(p);
return gateways;
#elif _WIN32
#define MALLOC(x) HeapAlloc(GetProcessHeap(), 0, (x))
#define FREE(x) HeapFree(GetProcessHeap(), 0, (x))
PMIB_IPFORWARDTABLE pIpForwardTable;
DWORD dwSize = 0;
DWORD dwRetVal = 0;
pIpForwardTable = (MIB_IPFORWARDTABLE*)MALLOC(sizeof(MIB_IPFORWARDTABLE));
if (pIpForwardTable == nullptr)
return gateways;
if (GetIpForwardTable(pIpForwardTable, &dwSize, 0) == ERROR_INSUFFICIENT_BUFFER)
{
FREE(pIpForwardTable);
pIpForwardTable = (MIB_IPFORWARDTABLE*)MALLOC(dwSize);
if (pIpForwardTable == nullptr)
{
return gateways;
}
}
if ((dwRetVal = GetIpForwardTable(pIpForwardTable, &dwSize, 0)) == NO_ERROR)
{
for (int i = 0; i < (int)pIpForwardTable->dwNumEntries; i++)
{
struct in_addr gateway, interface_addr;
gateway.S_un.S_addr = (u_long)pIpForwardTable->table[i].dwForwardDest;
interface_addr.S_un.S_addr = (u_long)pIpForwardTable->table[i].dwForwardNextHop;
std::array<char, 128> interface_str{};
StringCchCopy(interface_str.data(), interface_str.size(), inet_ntoa(interface_addr));
std::string interface_name{interface_str.data()};
if ((!gateway.S_un.S_addr) and interface_name != ifname)
{
gateways.push_back(std::move(interface_name));
}
}
}
FREE(pIpForwardTable);
#undef MALLOC
#undef FREE
return gateways;
#elif __APPLE__
const auto maybe = llarp::GetIFAddr(ifname);
if (not maybe.has_value())
return gateways;
const auto interface = maybe->toString();
// mac os is so godawful man
FILE* p = popen("netstat -rn -f inet", "r");
if (p == nullptr)
return gateways;
char* line = nullptr;
size_t len = 0;
ssize_t read = 0;
while ((read = getline(&line, &len, p)) != -1)
{
std::string line_str(line, len);
if (line_str.find("default") == 0)
{
line_str = line_str.substr(7);
while (line_str[0] == ' ')
{
line_str = line_str.substr(1);
}
const auto pos = line_str.find(" ");
if (pos != std::string::npos)
{
auto gateway = line_str.substr(0, pos);
if (gateway != interface)
gateways.emplace_back(std::move(gateway));
}
}
}
pclose(p);
return gateways;
#else
#error unsupported platform
#endif
}

17
llarp/net/ip_address.cpp
View file

@ -137,18 +137,23 @@ namespace llarp
return m_ipAddress; // TODO: port
}
std::string
IpAddress::getIpAddr() const
{
return m_ipAddress;
}
bool
IpAddress::hasPort() const
{
return m_port.has_value();
}
std::string
IpAddress::toHost() const
{
const auto pos = m_ipAddress.find(":");
if (pos != std::string::npos)
{
return m_ipAddress.substr(0, pos);
}
return m_ipAddress;
}
bool
IpAddress::operator<(const IpAddress& other) const
{

5
llarp/net/ip_address.hpp
View file

@ -119,10 +119,7 @@ namespace llarp
toString() const;
std::string
toHost() const
{
return m_ipAddress;
}
toHost() const;
// TODO: other utility functions left over from Addr which may be useful
// IsBogon() const;

26
llarp/net/route.cpp
View file

@ -8,9 +8,12 @@
#include <arpa/inet.h>
#include <sys/socket.h>
#include <linux/rtnetlink.h>
#include <net/net.hpp>
#include <exception>
#endif
#include <sstream>
#include <util/logging/logger.hpp>
namespace llarp::net
{
@ -134,10 +137,17 @@ namespace llarp::net
nl_request.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct rtmsg));
nl_request.n.nlmsg_flags = NLM_F_REQUEST | flags;
nl_request.n.nlmsg_type = cmd;
nl_request.n.nlmsg_pid = getpid();
nl_request.r.rtm_family = dst->family;
nl_request.r.rtm_table = RT_TABLE_MAIN;
nl_request.r.rtm_scope = RT_SCOPE_NOWHERE;
if (if_idx)
{
nl_request.r.rtm_scope = RT_SCOPE_LINK;
}
else
{
nl_request.r.rtm_scope = RT_SCOPE_NOWHERE;
}
/* Set additional flags if NOT deleting route */
if (cmd != RTM_DELROUTE)
{
@ -212,6 +222,7 @@ namespace llarp::net
int nl_flags = NLM_F_CREATE | NLM_F_EXCL;
read_addr(gateway.c_str(), &gw_addr);
read_addr(ip.c_str(), &to_addr);
LogInfo("add route: ", ip, " via ", gateway);
do_route(sock.fd, nl_cmd, nl_flags, &to_addr, &gw_addr, default_gw, if_idx);
#else
std::stringstream ss;
@ -262,8 +273,14 @@ namespace llarp::net
int if_idx = if_nametoindex(ifname.c_str());
_inet_addr to_addr{};
_inet_addr gw_addr{};
const auto maybe = GetIFAddr(ifname);
if (not maybe.has_value())
throw std::runtime_error("we dont have our own net interface?");
int nl_cmd = RTM_NEWROUTE;
int nl_flags = NLM_F_CREATE | NLM_F_EXCL;
read_addr(maybe->toHost().c_str(), &gw_addr);
LogInfo("default route via ", ifname, " (", if_idx, ")");
do_route(sock.fd, nl_cmd, nl_flags, &to_addr, &gw_addr, default_gw, if_idx);
#elif _WIN32
ifname.back()++;
@ -286,8 +303,13 @@ namespace llarp::net
int if_idx = if_nametoindex(ifname.c_str());
_inet_addr to_addr{};
_inet_addr gw_addr{};
const auto maybe = GetIFAddr(ifname);
if (not maybe.has_value())
throw std::runtime_error("we dont have our own net interface?");
int nl_cmd = RTM_DELROUTE;
int nl_flags = 0;
read_addr(maybe->toHost().c_str(), &gw_addr);
do_route(sock.fd, nl_cmd, nl_flags, &to_addr, &gw_addr, default_gw, if_idx);
#elif _WIN32
ifname.back()++;

2
llarp/router/abstractrouter.hpp
View file

@ -241,6 +241,8 @@ namespace llarp
virtual void
HandleDHTLookupForExplore(RouterID remote, const std::vector<RouterContact>& results) = 0;
virtual void SetDownHook(std::function<void(void)>){};
/// lookup router by pubkey
/// if we are a service node this is done direct otherwise it's done via
/// path

2
llarp/router/router.cpp
View file

@ -330,6 +330,8 @@ namespace llarp
void
Router::Close()
{
if (_onDown)
_onDown();
LogInfo("closing router");
llarp_ev_loop_stop(_netloop);
_running.store(false);

8
llarp/router/router.hpp
View file

@ -228,6 +228,14 @@ namespace llarp
llarp_time_t _lastTick = 0s;
std::function<void(void)> _onDown;
void
SetDownHook(std::function<void(void)> hook) override
{
_onDown = hook;
}
bool
LooksAlive() const override
{

15
llarp/rpc/rpc_server.cpp
View file

@ -189,12 +189,23 @@ namespace llarp::rpc
reply(CreateJSONError("could not find exit"));
return;
}
std::vector<std::string> firsthops;
r->ForEachPeer(
[gateway](const auto* link, bool) {
net::AddRoute(link->GetRemoteEndpoint().toHost(), gateway);
[&firsthops](const auto* link, bool) {
firsthops.emplace_back(link->GetRemoteEndpoint().toHost());
},
false);
for (const auto& hop : firsthops)
{
net::AddRoute(hop, gateway);
}
net::AddDefaultRouteViaInterface(ep->GetIfName());
r->SetDownHook([firsthops, gateway]() {
for (const auto& hop : firsthops)
{
net::DelRoute(hop, gateway);
}
});
reply(CreateJSONResponse("OK"));
},
5s);