Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
R
re6stnet
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Nicolas Wavrant
re6stnet
Commits
84e01d2c
Commit
84e01d2c
authored
Jul 17, 2012
by
Ulysse Beaugnon
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
config has now be moved to utils. Still a lot of hack with config to be removed
parent
af915652
Changes
4
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
78 additions
and
76 deletions
+78
-76
TODO
TODO
+4
-6
tunnelmanager.py
tunnelmanager.py
+1
-0
utils.py
utils.py
+66
-1
vifibnet.py
vifibnet.py
+7
-69
No files found.
TODO
View file @
84e01d2c
Bugs :
Bugs :
When no peer is avalaible without the --no-boot option, it crash
When no peer is avalaible without the --no-boot option, it crash
To be done :
Do a clean-up in the import
To be discuss:
To be discuss:
Remove the --no-boot option since we know when no node is avalaible
Remove the --no-boot option since we know when no node is avalaible
Maybe we should notify the server of our existence earlier
Find a better solution for config than utils.config = config, openv.config = config, ...
Find a better solution for config than utils.config = config, openv.config = config, ...
When I created PeersDB, I thought only be used to access the DB and not do some logic.
When I created PeersDB, I thought only be used to access the DB and not do some logic.
...
@@ -16,13 +17,10 @@ To be discuss:
...
@@ -16,13 +17,10 @@ To be discuss:
The organisation of the code
The organisation of the code
vifibnet.py Just contain the main loop and the init
vifibnet.py Just contain the main loop and the init
openpvn.py To launch openvpn processes
openpvn.py To launch openvpn processes
utils.py Small functions to do some usefull job
utils.py Small functions to do some usefull job
, also contains the config
db.py Function to access the DB (merge with utils ?)
db.py Function to access the DB (merge with utils ?)
tunnelmanager.py To choose wich connection delete/keep/...
tunnelmanager.py To choose wich connection delete/keep/...
upnpigd.py To open a port and find the external IP
upnpigd.py To open a port and find the external IP
config.py If we find a way to be able to juste have to import config evrywhere,
call config.init() from main and then have the config evrywhere,
it would be great
How we choose which protocol we use :
How we choose which protocol we use :
IMO, we should use UDP. I've read many times than TCP other TCP can be catastrophic in terme of performance
IMO, we should use UDP. I've read many times than TCP other TCP can be catastrophic in terme of performance
...
...
tunnelmanager.py
View file @
84e01d2c
...
@@ -2,6 +2,7 @@ import os, random
...
@@ -2,6 +2,7 @@ import os, random
import
openvpn
import
openvpn
import
utils
import
utils
import
db
import
db
from
config
import
*
connection_dict
=
{}
# to remember current connections we made
connection_dict
=
{}
# to remember current connections we made
free_interface_set
=
set
((
'client1'
,
'client2'
,
'client3'
,
'client4'
,
'client5'
,
free_interface_set
=
set
((
'client1'
,
'client2'
,
'client3'
,
'client4'
,
'client5'
,
...
...
utils.py
View file @
84e01d2c
import
time
import
time
import
argparse
from
OpenSSL
import
crypto
def
log
(
message
,
verbose_level
):
def
log
(
message
,
verbose_level
):
if
verbose
>=
verbose_level
:
if
config
.
verbose
>=
verbose_level
:
print
time
.
strftime
(
"%d-%m-%Y %H:%M:%S : "
+
message
)
print
time
.
strftime
(
"%d-%m-%Y %H:%M:%S : "
+
message
)
def
ipFromBin
(
prefix
):
def
ipFromBin
(
prefix
):
...
@@ -15,3 +17,66 @@ def ipFromPrefix(vifibnet, prefix, prefix_len):
...
@@ -15,3 +17,66 @@ def ipFromPrefix(vifibnet, prefix, prefix_len):
prefix
=
bin
(
int
(
prefix
))[
2
:].
rjust
(
prefix_len
,
'0'
)
prefix
=
bin
(
int
(
prefix
))[
2
:].
rjust
(
prefix_len
,
'0'
)
ip_t
=
(
vifibnet
+
prefix
).
ljust
(
128
,
'0'
)
ip_t
=
(
vifibnet
+
prefix
).
ljust
(
128
,
'0'
)
return
ipFromBin
(
ip_t
)
return
ipFromBin
(
ip_t
)
def
getConfig
():
global
config
parser
=
argparse
.
ArgumentParser
(
description
=
'Resilient virtual private network application'
)
_
=
parser
.
add_argument
# Server address MUST be a vifib address ( else requests will be denied )
_
(
'--server'
,
required
=
True
,
help
=
'Address for peer discovery server'
)
_
(
'--server-port'
,
required
=
True
,
type
=
int
,
help
=
'Peer discovery server port'
)
_
(
'-l'
,
'--log'
,
default
=
'/var/log'
,
help
=
'Path to vifibnet logs directory'
)
_
(
'--client-count'
,
default
=
2
,
type
=
int
,
help
=
'Number of client connections'
)
# TODO: use maxpeer
_
(
'--max-clients'
,
default
=
10
,
type
=
int
,
help
=
'the number of peers that can connect to the server'
)
_
(
'--refresh-time'
,
default
=
300
,
type
=
int
,
help
=
'the time (seconds) to wait before changing the connections'
)
_
(
'--refresh-count'
,
default
=
1
,
type
=
int
,
help
=
'The number of connections to drop when refreshing the connections'
)
_
(
'--db'
,
default
=
'/var/lib/vifibnet/peers.db'
,
help
=
'Path to peers database'
)
_
(
'--dh'
,
required
=
True
,
help
=
'Path to dh file'
)
_
(
'--babel-state'
,
default
=
'/var/lib/vifibnet/babel_state'
,
help
=
'Path to babeld state-file'
)
_
(
'--verbose'
,
'-v'
,
default
=
0
,
type
=
int
,
help
=
'Defines the verbose level'
)
_
(
'--ca'
,
required
=
True
,
help
=
'Path to the certificate authority file'
)
_
(
'--cert'
,
required
=
True
,
help
=
'Path to the certificate file'
)
_
(
'--ip'
,
required
=
True
,
dest
=
'external_ip'
,
help
=
'Ip address of the machine on the internet'
)
# Openvpn options
_
(
'openvpn_args'
,
nargs
=
argparse
.
REMAINDER
,
help
=
"Common OpenVPN options (e.g. certificates)"
)
config
=
parser
.
parse_args
()
# Get network prefix from ca.crt
with
open
(
config
.
ca
,
'r'
)
as
f
:
ca
=
crypto
.
load_certificate
(
crypto
.
FILETYPE_PEM
,
f
.
read
())
config
.
vifibnet
=
bin
(
ca
.
get_serial_number
())[
3
:]
# Get ip from cert.crt
with
open
(
config
.
cert
,
'r'
)
as
f
:
cert
=
crypto
.
load_certificate
(
crypto
.
FILETYPE_PEM
,
f
.
read
())
subject
=
cert
.
get_subject
()
prefix
,
prefix_len
=
subject
.
CN
.
split
(
'/'
)
config
.
internal_ip
=
ipFromPrefix
(
config
.
vifibnet
,
prefix
,
int
(
prefix_len
))
log
(
'Intranet ip : %s'
%
(
config
.
internal_ip
,),
3
)
# Treat openvpn arguments
if
config
.
openvpn_args
[
0
]
==
"--"
:
del
config
.
openvpn_args
[
0
]
config
.
openvpn_args
.
append
(
'--ca'
)
config
.
openvpn_args
.
append
(
config
.
ca
)
config
.
openvpn_args
.
append
(
'--cert'
)
config
.
openvpn_args
.
append
(
config
.
cert
)
log
(
"Configuration completed"
,
1
)
vifibnet.py
View file @
84e01d2c
...
@@ -30,72 +30,6 @@ def startBabel(**kw):
...
@@ -30,72 +30,6 @@ def startBabel(**kw):
print
args
print
args
return
subprocess
.
Popen
(
args
,
**
kw
)
return
subprocess
.
Popen
(
args
,
**
kw
)
def
getConfig
():
global
config
parser
=
argparse
.
ArgumentParser
(
description
=
'Resilient virtual private network application'
)
_
=
parser
.
add_argument
# Server address MUST be a vifib address ( else requests will be denied )
_
(
'--server'
,
required
=
True
,
help
=
'Address for peer discovery server'
)
_
(
'--server-port'
,
required
=
True
,
type
=
int
,
help
=
'Peer discovery server port'
)
_
(
'-l'
,
'--log'
,
default
=
'/var/log'
,
help
=
'Path to vifibnet logs directory'
)
_
(
'--client-count'
,
default
=
2
,
type
=
int
,
help
=
'Number of client connections'
)
# TODO: use maxpeer
_
(
'--max-clients'
,
default
=
10
,
type
=
int
,
help
=
'the number of peers that can connect to the server'
)
_
(
'--refresh-time'
,
default
=
300
,
type
=
int
,
help
=
'the time (seconds) to wait before changing the connections'
)
_
(
'--refresh-count'
,
default
=
1
,
type
=
int
,
help
=
'The number of connections to drop when refreshing the connections'
)
_
(
'--db'
,
default
=
'/var/lib/vifibnet/peers.db'
,
help
=
'Path to peers database'
)
_
(
'--dh'
,
required
=
True
,
help
=
'Path to dh file'
)
_
(
'--babel-state'
,
default
=
'/var/lib/vifibnet/babel_state'
,
help
=
'Path to babeld state-file'
)
_
(
'--verbose'
,
'-v'
,
default
=
0
,
type
=
int
,
help
=
'Defines the verbose level'
)
_
(
'--ca'
,
required
=
True
,
help
=
'Path to the certificate authority file'
)
_
(
'--cert'
,
required
=
True
,
help
=
'Path to the certificate file'
)
_
(
'--ip'
,
required
=
True
,
dest
=
'external_ip'
,
help
=
'Ip address of the machine on the internet'
)
# Openvpn options
_
(
'openvpn_args'
,
nargs
=
argparse
.
REMAINDER
,
help
=
"Common OpenVPN options (e.g. certificates)"
)
openvpn
.
config
=
config
=
parser
.
parse_args
()
tunnelmanager
.
config
=
config
db
.
config
=
config
utils
.
verbose
=
config
.
verbose
# Get network prefix from ca.crt
with
open
(
config
.
ca
,
'r'
)
as
f
:
ca
=
crypto
.
load_certificate
(
crypto
.
FILETYPE_PEM
,
f
.
read
())
config
.
vifibnet
=
bin
(
ca
.
get_serial_number
())[
3
:]
# Get ip from cert.crt
with
open
(
config
.
cert
,
'r'
)
as
f
:
cert
=
crypto
.
load_certificate
(
crypto
.
FILETYPE_PEM
,
f
.
read
())
subject
=
cert
.
get_subject
()
prefix
,
prefix_len
=
subject
.
CN
.
split
(
'/'
)
config
.
internal_ip
=
utils
.
ipFromPrefix
(
config
.
vifibnet
,
prefix
,
int
(
prefix_len
))
utils
.
log
(
'Intranet ip : %s'
%
(
config
.
internal_ip
,),
3
)
# Treat openvpn arguments
if
config
.
openvpn_args
[
0
]
==
"--"
:
del
config
.
openvpn_args
[
0
]
config
.
openvpn_args
.
append
(
'--ca'
)
config
.
openvpn_args
.
append
(
config
.
ca
)
config
.
openvpn_args
.
append
(
'--cert'
)
config
.
openvpn_args
.
append
(
config
.
cert
)
utils
.
log
(
"Configuration completed"
,
1
)
def
handle_message
(
msg
):
def
handle_message
(
msg
):
script_type
,
arg
=
msg
.
split
()
script_type
,
arg
=
msg
.
split
()
if
script_type
==
'client-connect'
:
if
script_type
==
'client-connect'
:
...
@@ -111,8 +45,12 @@ def handle_message(msg):
...
@@ -111,8 +45,12 @@ def handle_message(msg):
def
main
():
def
main
():
# Get arguments
# Get arguments
getConfig
()
utils
.
getConfig
()
global
config
from
utils
import
config
openvpn
.
config
=
config
tunnelmanager
.
config
=
config
db
.
config
=
config
# Setup database
# Setup database
tunnelmanager
.
peers_db
=
db
.
PeersDB
(
config
.
db
)
tunnelmanager
.
peers_db
=
db
.
PeersDB
(
config
.
db
)
...
@@ -144,7 +82,7 @@ def main():
...
@@ -144,7 +82,7 @@ def main():
handle_message
(
read_pipe
.
readline
())
handle_message
(
read_pipe
.
readline
())
if
time
.
time
()
>=
next_refresh
:
if
time
.
time
()
>=
next_refresh
:
tunnelmanager
.
peers_db
.
populate
(
10
)
tunnelmanager
.
peers_db
.
populate
(
10
)
refreshConnections
(
write_pipe
)
tunnelmanager
.
refreshConnections
(
write_pipe
)
next_refresh
=
time
.
time
()
+
config
.
refresh_time
next_refresh
=
time
.
time
()
+
config
.
refresh_time
except
KeyboardInterrupt
:
except
KeyboardInterrupt
:
return
0
return
0
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment