mirror of
https://github.com/yarrick/iodine.git
synced 2024-11-27 12:05:15 +00:00
Assign client IPs within the network (fixes #28), also limit number of users depending on netmask (for #27)
This commit is contained in:
parent
3f79d948bf
commit
f5e58e6527
@ -791,6 +791,8 @@ main(int argc, char **argv)
|
|||||||
int port;
|
int port;
|
||||||
int mtu;
|
int mtu;
|
||||||
int skipipconfig;
|
int skipipconfig;
|
||||||
|
int netmask;
|
||||||
|
int created_users;
|
||||||
|
|
||||||
username = NULL;
|
username = NULL;
|
||||||
newroot = NULL;
|
newroot = NULL;
|
||||||
@ -805,6 +807,7 @@ main(int argc, char **argv)
|
|||||||
check_ip = 1;
|
check_ip = 1;
|
||||||
skipipconfig = 0;
|
skipipconfig = 0;
|
||||||
debug = 0;
|
debug = 0;
|
||||||
|
netmask = 27;
|
||||||
|
|
||||||
b32 = get_base32_encoder();
|
b32 = get_base32_encoder();
|
||||||
|
|
||||||
@ -954,6 +957,10 @@ main(int argc, char **argv)
|
|||||||
warnx("Bad IP address to return as nameserver.\n");
|
warnx("Bad IP address to return as nameserver.\n");
|
||||||
usage();
|
usage();
|
||||||
}
|
}
|
||||||
|
if (netmask > 30 || netmask < 8) {
|
||||||
|
warnx("Bad netmask (%d bits). Use 8-30 bits.\n", netmask);
|
||||||
|
usage();
|
||||||
|
}
|
||||||
|
|
||||||
if (strlen(password) == 0)
|
if (strlen(password) == 0)
|
||||||
read_password(password, sizeof(password));
|
read_password(password, sizeof(password));
|
||||||
@ -970,8 +977,13 @@ main(int argc, char **argv)
|
|||||||
goto cleanup3;
|
goto cleanup3;
|
||||||
|
|
||||||
my_mtu = mtu;
|
my_mtu = mtu;
|
||||||
init_users(my_ip);
|
|
||||||
|
|
||||||
|
created_users = init_users(my_ip, netmask);
|
||||||
|
|
||||||
|
if (created_users < USERS) {
|
||||||
|
printf("Limiting to %d simultaneous users because of netmask /%d\n",
|
||||||
|
created_users, netmask);
|
||||||
|
}
|
||||||
printf("Listening to dns for domain %s\n", topdomain);
|
printf("Listening to dns for domain %s\n", topdomain);
|
||||||
|
|
||||||
if (foreground == 0)
|
if (foreground == 0)
|
||||||
|
53
src/user.c
53
src/user.c
@ -35,17 +35,49 @@
|
|||||||
|
|
||||||
struct user users[USERS];
|
struct user users[USERS];
|
||||||
|
|
||||||
void
|
int
|
||||||
init_users(in_addr_t my_ip)
|
init_users(in_addr_t my_ip, int netbits)
|
||||||
{
|
{
|
||||||
int i;
|
int i;
|
||||||
|
int skip = 0;
|
||||||
char newip[16];
|
char newip[16];
|
||||||
|
int created_users = 0;
|
||||||
|
|
||||||
|
int maxusers;
|
||||||
|
|
||||||
|
in_addr_t netmask = 0;
|
||||||
|
struct in_addr net;
|
||||||
|
struct in_addr ipstart;
|
||||||
|
|
||||||
|
for (i = 0; i < netbits; i++) {
|
||||||
|
netmask = (netmask << 1) | 1;
|
||||||
|
}
|
||||||
|
netmask <<= (32 - netbits);
|
||||||
|
net.s_addr = htonl(netmask);
|
||||||
|
ipstart.s_addr = my_ip & net.s_addr;
|
||||||
|
|
||||||
|
maxusers = (1 << (32-netbits)) - 3; /* 3: Net addr, broadcast addr, iodined addr */
|
||||||
|
|
||||||
memset(users, 0, USERS * sizeof(struct user));
|
memset(users, 0, USERS * sizeof(struct user));
|
||||||
for (i = 0; i < USERS; i++) {
|
for (i = 0; i < USERS; i++) {
|
||||||
|
in_addr_t ip;
|
||||||
users[i].id = i;
|
users[i].id = i;
|
||||||
snprintf(newip, sizeof(newip), "0.0.0.%d", i + 1);
|
snprintf(newip, sizeof(newip), "0.0.0.%d", i + skip + 1);
|
||||||
users[i].tun_ip = my_ip + inet_addr(newip);;
|
ip = ipstart.s_addr + inet_addr(newip);
|
||||||
|
if (ip == my_ip && skip == 0) {
|
||||||
|
/* This IP was taken by iodined */
|
||||||
|
skip++;
|
||||||
|
snprintf(newip, sizeof(newip), "0.0.0.%d", i + skip + 1);
|
||||||
|
ip = ipstart.s_addr + inet_addr(newip);
|
||||||
|
}
|
||||||
|
users[i].tun_ip = ip;
|
||||||
|
net.s_addr = ip;
|
||||||
|
if (maxusers-- < 1) {
|
||||||
|
users[i].disabled = 1;
|
||||||
|
} else {
|
||||||
|
users[i].disabled = 0;
|
||||||
|
created_users++;
|
||||||
|
}
|
||||||
users[i].inpacket.len = 0;
|
users[i].inpacket.len = 0;
|
||||||
users[i].inpacket.offset = 0;
|
users[i].inpacket.offset = 0;
|
||||||
users[i].outpacket.len = 0;
|
users[i].outpacket.len = 0;
|
||||||
@ -53,6 +85,8 @@ init_users(in_addr_t my_ip)
|
|||||||
users[i].out_acked_seqno = 0;
|
users[i].out_acked_seqno = 0;
|
||||||
users[i].out_acked_fragment = 0;
|
users[i].out_acked_fragment = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
return created_users;
|
||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
@ -63,7 +97,8 @@ users_waiting_on_reply()
|
|||||||
|
|
||||||
ret = 0;
|
ret = 0;
|
||||||
for (i = 0; i < USERS; i++) {
|
for (i = 0; i < USERS; i++) {
|
||||||
if (users[i].active && users[i].last_pkt + 60 > time(NULL) &&
|
if (users[i].active && !users[i].disabled &&
|
||||||
|
users[i].last_pkt + 60 > time(NULL) &&
|
||||||
users[i].q.id != 0) {
|
users[i].q.id != 0) {
|
||||||
ret++;
|
ret++;
|
||||||
}
|
}
|
||||||
@ -80,7 +115,8 @@ find_user_by_ip(uint32_t ip)
|
|||||||
|
|
||||||
ret = -1;
|
ret = -1;
|
||||||
for (i = 0; i < USERS; i++) {
|
for (i = 0; i < USERS; i++) {
|
||||||
if (users[i].active && users[i].last_pkt + 60 > time(NULL) &&
|
if (users[i].active && !users[i].disabled &&
|
||||||
|
users[i].last_pkt + 60 > time(NULL) &&
|
||||||
ip == users[i].tun_ip) {
|
ip == users[i].tun_ip) {
|
||||||
ret = i;
|
ret = i;
|
||||||
break;
|
break;
|
||||||
@ -99,7 +135,8 @@ all_users_waiting_to_send()
|
|||||||
ret = 1;
|
ret = 1;
|
||||||
now = time(NULL);
|
now = time(NULL);
|
||||||
for (i = 0; i < USERS; i++) {
|
for (i = 0; i < USERS; i++) {
|
||||||
if (users[i].active && users[i].last_pkt + 60 > now &&
|
if (users[i].active && !users[i].disabled &&
|
||||||
|
users[i].last_pkt + 60 > now &&
|
||||||
users[i].outpacket.len == 0) {
|
users[i].outpacket.len == 0) {
|
||||||
ret = 0;
|
ret = 0;
|
||||||
break;
|
break;
|
||||||
@ -115,7 +152,7 @@ find_available_user()
|
|||||||
int i;
|
int i;
|
||||||
for (i = 0; i < USERS; i++) {
|
for (i = 0; i < USERS; i++) {
|
||||||
/* Not used at all or not used in one minute */
|
/* Not used at all or not used in one minute */
|
||||||
if (!users[i].active || users[i].last_pkt + 60 < time(NULL)) {
|
if ((!users[i].active || users[i].last_pkt + 60 < time(NULL)) && !users[i].disabled) {
|
||||||
users[i].active = 1;
|
users[i].active = 1;
|
||||||
users[i].last_pkt = time(NULL);
|
users[i].last_pkt = time(NULL);
|
||||||
ret = i;
|
ret = i;
|
||||||
|
@ -22,6 +22,7 @@
|
|||||||
struct user {
|
struct user {
|
||||||
char id;
|
char id;
|
||||||
int active;
|
int active;
|
||||||
|
int disabled;
|
||||||
time_t last_pkt;
|
time_t last_pkt;
|
||||||
int seed;
|
int seed;
|
||||||
in_addr_t tun_ip;
|
in_addr_t tun_ip;
|
||||||
@ -36,7 +37,7 @@ struct user {
|
|||||||
|
|
||||||
extern struct user users[USERS];
|
extern struct user users[USERS];
|
||||||
|
|
||||||
void init_users(in_addr_t);
|
int init_users(in_addr_t, int);
|
||||||
int users_waiting_on_reply();
|
int users_waiting_on_reply();
|
||||||
int find_user_by_ip(uint32_t);
|
int find_user_by_ip(uint32_t);
|
||||||
int all_users_waiting_to_send();
|
int all_users_waiting_to_send();
|
||||||
|
39
tests/user.c
39
tests/user.c
@ -34,7 +34,7 @@ START_TEST(test_init_users)
|
|||||||
int i;
|
int i;
|
||||||
|
|
||||||
ip = inet_addr("127.0.0.1");
|
ip = inet_addr("127.0.0.1");
|
||||||
init_users(ip);
|
init_users(ip, 27);
|
||||||
for (i = 0; i < USERS; i++) {
|
for (i = 0; i < USERS; i++) {
|
||||||
fail_unless(users[i].id == i);
|
fail_unless(users[i].id == i);
|
||||||
fail_unless(users[i].q.id == 0);
|
fail_unless(users[i].q.id == 0);
|
||||||
@ -51,7 +51,7 @@ START_TEST(test_users_waiting)
|
|||||||
in_addr_t ip;
|
in_addr_t ip;
|
||||||
|
|
||||||
ip = inet_addr("127.0.0.1");
|
ip = inet_addr("127.0.0.1");
|
||||||
init_users(ip);
|
init_users(ip, 27);
|
||||||
|
|
||||||
fail_unless(users_waiting_on_reply() == 0);
|
fail_unless(users_waiting_on_reply() == 0);
|
||||||
|
|
||||||
@ -75,7 +75,7 @@ START_TEST(test_find_user_by_ip)
|
|||||||
unsigned int testip;
|
unsigned int testip;
|
||||||
|
|
||||||
ip = inet_addr("127.0.0.1");
|
ip = inet_addr("127.0.0.1");
|
||||||
init_users(ip);
|
init_users(ip, 27);
|
||||||
|
|
||||||
testip = (unsigned int) inet_addr("10.0.0.1");
|
testip = (unsigned int) inet_addr("10.0.0.1");
|
||||||
fail_unless(find_user_by_ip(testip) == -1);
|
fail_unless(find_user_by_ip(testip) == -1);
|
||||||
@ -100,7 +100,7 @@ START_TEST(test_all_users_waiting_to_send)
|
|||||||
in_addr_t ip;
|
in_addr_t ip;
|
||||||
|
|
||||||
ip = inet_addr("127.0.0.1");
|
ip = inet_addr("127.0.0.1");
|
||||||
init_users(ip);
|
init_users(ip, 27);
|
||||||
|
|
||||||
fail_unless(all_users_waiting_to_send() == 1);
|
fail_unless(all_users_waiting_to_send() == 1);
|
||||||
|
|
||||||
@ -124,7 +124,7 @@ START_TEST(test_find_available_user)
|
|||||||
int i;
|
int i;
|
||||||
|
|
||||||
ip = inet_addr("127.0.0.1");
|
ip = inet_addr("127.0.0.1");
|
||||||
init_users(ip);
|
init_users(ip, 27);
|
||||||
|
|
||||||
for (i = 0; i < USERS; i++) {
|
for (i = 0; i < USERS; i++) {
|
||||||
fail_unless(find_available_user() == i);
|
fail_unless(find_available_user() == i);
|
||||||
@ -146,6 +146,34 @@ START_TEST(test_find_available_user)
|
|||||||
}
|
}
|
||||||
END_TEST
|
END_TEST
|
||||||
|
|
||||||
|
START_TEST(test_find_available_user_small_net)
|
||||||
|
{
|
||||||
|
in_addr_t ip;
|
||||||
|
int i;
|
||||||
|
|
||||||
|
ip = inet_addr("127.0.0.1");
|
||||||
|
init_users(ip, 29); /* this should result in 5 enabled users */
|
||||||
|
|
||||||
|
for (i = 0; i < 5; i++) {
|
||||||
|
fail_unless(find_available_user() == i);
|
||||||
|
}
|
||||||
|
|
||||||
|
for (i = 0; i < USERS; i++) {
|
||||||
|
fail_unless(find_available_user() == -1);
|
||||||
|
}
|
||||||
|
|
||||||
|
users[3].active = 0;
|
||||||
|
|
||||||
|
fail_unless(find_available_user() == 3);
|
||||||
|
fail_unless(find_available_user() == -1);
|
||||||
|
|
||||||
|
users[3].last_pkt = 55;
|
||||||
|
|
||||||
|
fail_unless(find_available_user() == 3);
|
||||||
|
fail_unless(find_available_user() == -1);
|
||||||
|
}
|
||||||
|
END_TEST
|
||||||
|
|
||||||
TCase *
|
TCase *
|
||||||
test_user_create_tests()
|
test_user_create_tests()
|
||||||
{
|
{
|
||||||
@ -157,6 +185,7 @@ test_user_create_tests()
|
|||||||
tcase_add_test(tc, test_find_user_by_ip);
|
tcase_add_test(tc, test_find_user_by_ip);
|
||||||
tcase_add_test(tc, test_all_users_waiting_to_send);
|
tcase_add_test(tc, test_all_users_waiting_to_send);
|
||||||
tcase_add_test(tc, test_find_available_user);
|
tcase_add_test(tc, test_find_available_user);
|
||||||
|
tcase_add_test(tc, test_find_available_user_small_net);
|
||||||
|
|
||||||
return tc;
|
return tc;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user