10 from optparse import OptionParser
17 TUNSETIFF = 0x400454ca
19 # Trak SIGTERM, and set global termination flag instead of dying
21 def _finalize(sig,frame):
23 TERMINATE.append(None)
24 signal.signal(signal.SIGTERM, _finalize)
26 # SIGUSR1 suspends forwading, SIGUSR2 resumes forwarding
28 def _suspend(sig,frame):
32 signal.signal(signal.SIGUSR1, _suspend)
34 def _resume(sig,frame):
38 signal.signal(signal.SIGUSR2, _resume)
40 def get_fd(socket_name):
41 # Socket to recive the file descriptor
42 fdsock = socket.socket(socket.AF_UNIX, socket.SOCK_DGRAM)
44 address = fdsock.getsockname()
46 # Socket to connect to the pl-vif-create process
47 # and send the PASSFD message
48 sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
49 sock.connect(socket_name)
50 emsg = base64.b64encode(PASSFD_MSG)
51 eargs = base64.b64encode(address)
52 encoded = "%s|%s\n" % (emsg, eargs)
56 (fd, msg) = passfd.recvfd(fdsock)
59 reply = sock.recv(1024)
60 reply = base64.b64decode(reply)
67 usage = ("usage: %prog -t <vif-type> -S <fd-socket-name> -n <pi> "
68 "-b <bwlimit> -c <cipher> -k <cipher-key> -q <txqueuelen> "
69 "-p <local-port-file> -P <remote-port-file> "
70 "-o <local-ip> -P <remote-ip> "
73 parser = OptionParser(usage = usage)
75 parser.add_option("-t", "--vif-type", dest="vif_type",
76 help = "Virtual interface type. Either IFF_TAP or IFF_TUN. "
77 "Defaults to IFF_TAP. ", type="str")
78 parser.add_option("-S", "--fd-socket-name", dest="fd_socket_name",
79 help = "Name for the unix socket to request the TAP file descriptor",
80 default = "tap.sock", type="str")
81 parser.add_option("-n", "--pi", dest="pi", action="store_true",
82 default=False, help="Enable PI header")
84 parser.add_option("-b", "--bwlimit", dest="bwlimit",
85 help = "Specifies the interface's emulated bandwidth in bytes ",
86 default = None, type="int")
87 parser.add_option("-q", "--txqueuelen", dest="txqueuelen",
88 help = "Specifies the interface's transmission queue length. ",
89 default = 1000, type="int")
90 parser.add_option("-c", "--cipher", dest="cipher",
91 help = "Cipher to encript communication. "
92 "One of PLAIN, AES, Blowfish, DES, DES3. ",
93 default = None, type="str")
94 parser.add_option("-k", "--cipher-key", dest="cipher_key",
95 help = "Specify a symmetric encryption key with which to protect "
96 "packets across the tunnel. python-crypto must be installed "
98 default = None, type="str")
100 parser.add_option("-p", "--local-port-file", dest="local_port_file",
101 help = "File where to store the local binded UDP port number ",
102 default = "local_port_file", type="str")
103 parser.add_option("-P", "--remote-port-file", dest="remote_port_file",
104 help = "File where to read the remote UDP port number to connect to",
105 default = "remote_port_file", type="str")
106 parser.add_option("-o", "--local-ip", dest="local_ip",
107 help = "Local host IP", default = "local_host", type="str")
108 parser.add_option("-O", "--remote-ip", dest="remote_ip",
109 help = "Remote host IP", default = "remote_host", type="str")
110 parser.add_option("-R", "--ret-file", dest="ret_file",
111 help = "File where to store return code (success of connection) ",
112 default = "ret_file", type="str")
114 (options, args) = parser.parse_args()
117 if options.vif_type and options.vif_type == "IFF_TUN":
120 return (vif_type, options.pi, options.fd_socket_name,
121 options.local_port_file, options.remote_port_file,
122 options.local_ip, options.remote_ip, options.ret_file,
123 options.bwlimit, options.cipher, options.cipher_key,
126 if __name__ == '__main__':
127 ( vif_type, pi, socket_name, local_port_file, remote_port_file,
128 local_ip, remote_ip, ret_file, bwlimit, cipher, cipher_key,
129 txqueuelen ) = get_options()
131 # Get the file descriptor of the TAP device from the process
133 fd = get_fd(socket_name)
134 tun = os.fdopen(fd, 'r+b', 0)
136 # Create a local socket to stablish the tunnel connection
137 sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, 0)
138 sock.bind((local_ip, 0))
139 (local_host, local_port) = sock.getsockname()
141 # Save local port information to file
142 f = open(local_port_file, 'w')
143 f.write("%d\n" % local_port)
146 # Wait until remote port information is available
147 while not os.path.exists(remote_port_file):
151 # Read remote port from file
152 # Try until something is read...
153 # xxx: There seems to be a weird behavior where
154 # even if the file exists and had the port number,
155 # the read operation returns empty string!
156 # Maybe a race condition?
158 f = open(remote_port_file, 'r')
159 remote_port = f.read()
167 remote_port = remote_port.strip()
168 remote_port = int(remote_port)
170 # Connect local socket to remote port
171 sock.connect((remote_ip, remote_port))
172 remote = os.fdopen(sock.fileno(), 'r+b', 0)
174 # TODO: Test connectivity!
176 # Create a ret_file to indicate success
177 f = open(ret_file, 'w')
182 tunchannel.tun_fwd(tun, remote,
183 with_pi = pi, # Planetlab TAP devices add PI headers
184 ether_mode = (vif_type == IFF_TAP),
186 cipher_key = cipher_key,
188 TERMINATE = TERMINATE,
190 tunqueue = txqueuelen,