11 from optparse import OptionParser
15 # Trak SIGTERM, and set global termination flag instead of dying
17 def _finalize(sig,frame):
19 TERMINATE.append(None)
20 signal.signal(signal.SIGTERM, _finalize)
22 # SIGUSR1 suspends forwading, SIGUSR2 resumes forwarding
24 def _suspend(sig,frame):
28 signal.signal(signal.SIGUSR1, _suspend)
30 def _resume(sig,frame):
34 signal.signal(signal.SIGUSR2, _resume)
36 def get_fd(socket_name):
37 # Socket to recive the file descriptor
38 fdsock = socket.socket(socket.AF_UNIX, socket.SOCK_DGRAM)
40 address = fdsock.getsockname()
42 # Socket to connect to the pl-vif-create process
43 # and send the PASSFD message
44 sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
45 sock.connect(socket_name)
46 emsg = base64.b64encode(PASSFD_MSG)
47 eargs = base64.b64encode(address)
48 encoded = "%s|%s\n" % (emsg, eargs)
52 (fd, msg) = passfd.recvfd(fdsock)
55 reply = sock.recv(1024)
56 reply = base64.b64decode(reply)
63 usage = ("usage: %prog -t <vif-type> -S <fd-socket-name> "
64 "-b <bwlimit> -c <cipher> -k <cipher-key> -q <txqueuelen> "
65 "-l <local-port-file> -r <remote-port-file> -H <remote-host> "
68 parser = OptionParser(usage = usage)
70 parser.add_option("-t", "--vif-type", dest="vif_type",
71 help = "Virtual interface type. Either IFF_TAP or IFF_TUN. "
72 "Defaults to IFF_TAP. ", type="str")
73 parser.add_option("-S", "--fd-socket-name", dest="fd_socket_name",
74 help = "Name for the unix socket to request the TAP file descriptor",
75 default = "tap.sock", type="str")
77 parser.add_option("-b", "--bwlimit", dest="bwlimit",
78 help = "Specifies the interface's emulated bandwidth in bytes ",
79 default = None, type="int")
80 parser.add_option("-q", "--txqueuelen", dest="txqueuelen",
81 help = "Specifies the interface's transmission queue length. ",
82 default = 1000, type="int")
83 parser.add_option("-c", "--cipher", dest="cipher",
84 help = "Cipher to encript communication. "
85 "One of PLAIN, AES, Blowfish, DES, DES3. ",
86 default = None, type="str")
87 parser.add_option("-k", "--cipher-key", dest="cipher_key",
88 help = "Specify a symmetric encryption key with which to protect "
89 "packets across the tunnel. python-crypto must be installed "
91 default = None, type="str")
93 parser.add_option("-l", "--local-port-file", dest="local_port_file",
94 help = "File where to store the local binded UDP port number ",
95 default = "local_port_file", type="str")
96 parser.add_option("-r", "--remote-port-file", dest="remote_port_file",
97 help = "File where to read the remote UDP port number to connect to",
98 default = "remote_port_file", type="str")
99 parser.add_option("-H", "--remote-host", dest="remote_host",
100 help = "Remote host IP",
101 default = "remote_host", type="str")
102 parser.add_option("-R", "--ret-file", dest="ret_file",
103 help = "File where to store return code (success of connection) ",
104 default = "ret_file", type="str")
106 (options, args) = parser.parse_args()
108 vif_type = vsys.IFF_TAP
109 if options.vif_type and options.vif_type == "IFF_TUN":
110 vif_type = vsys.IFF_TUN
112 return ( vif_type, options.fd_socket_name, options.local_port_file,
113 options.remote_port_file, options.remote_host, options.ret_file,
114 options.bwlimit, options.cipher, options.cipher_key,
117 if __name__ == '__main__':
119 ( vif_type, socket_name, local_port_file, remote_port_file,
120 remote_host, ret_file, bwlimit, cipher, cipher_key, txqueuelen
123 # Get the file descriptor of the TAP device from the process
125 fd = get_fd(socket_name)
126 tun = os.fdopen(int(fd), 'r+b', 0)
128 # Create a local socket to stablish the tunnel connection
129 hostaddr = socket.gethostbyname(socket.gethostname())
130 sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, 0)
131 sock.bind((hostaddr, 0))
132 (local_host, local_port) = sock.getsockname()
134 # Save local port information to file
135 f = open(local_port_file, 'w')
136 f.write("%d\n" % local_port)
139 # Wait until remote port information is available
140 while not os.path.exists(remote_port_file):
144 # Read remote port from file
145 # Try until something is read...
146 # xxx: There seems to be a weird behavior where
147 # even if the file exists and had the port number,
148 # the read operation returns empty string!
149 # Maybe a race condition?
151 f = open(remote_port_file, 'r')
152 remote_port = f.read()
160 remote_port = remote_port.strip()
161 remote_port = int(remote_port)
163 # Connect local socket to remote port
164 sock.connect((remote_host, remote_port))
165 remote = os.fdopen(sock.fileno(), 'r+b', 0)
167 # TODO: Test connectivity!
169 # Create a ret_file to indicate success
170 f = open(ret_file, 'w')
175 tunchannel.tun_fwd(tun, remote,
176 with_pi = True, # Planetlab TAP devices add PI headers
177 ether_mode = (vif_type == vsys.IFF_TAP),
179 cipher_key = cipher_key,
181 TERMINATE = TERMINATE,
183 tunqueue = txqueuelen,