| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | // Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved. | 
					
						
							|  |  |  | // Use of this source code is governed by a BSD-style | 
					
						
							|  |  |  | // license that can be found in the LICENSE file. | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | //lint:file-ignore U1000 in development | 
					
						
							|  |  |  | //lint:file-ignore S1000 in development | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // Package natlab lets us simulate different types of networks all | 
					
						
							|  |  |  | // in-memory without running VMs or requiring root, etc. Despite the | 
					
						
							|  |  |  | // name, it does more than just NATs. But NATs are the most | 
					
						
							|  |  |  | // interesting. | 
					
						
							|  |  |  | package natlab | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | import ( | 
					
						
							| 
									
										
										
										
											2020-07-14 21:01:52 +00:00
										 |  |  | 	"bytes" | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | 	"context" | 
					
						
							| 
									
										
										
										
											2020-07-03 02:09:54 +00:00
										 |  |  | 	"crypto/sha256" | 
					
						
							|  |  |  | 	"encoding/base64" | 
					
						
							| 
									
										
										
										
											2020-07-10 14:26:04 -07:00
										 |  |  | 	"errors" | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | 	"fmt" | 
					
						
							| 
									
										
										
										
											2020-07-10 14:26:04 -07:00
										 |  |  | 	"math/rand" | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | 	"net" | 
					
						
							| 
									
										
										
										
											2020-07-03 02:09:54 +00:00
										 |  |  | 	"os" | 
					
						
							| 
									
										
										
										
											2020-07-02 14:18:36 -07:00
										 |  |  | 	"sort" | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | 	"strconv" | 
					
						
							|  |  |  | 	"sync" | 
					
						
							|  |  |  | 	"time" | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	"inet.af/netaddr" | 
					
						
							|  |  |  | ) | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-10 14:26:04 -07:00
										 |  |  | var traceOn, _ = strconv.ParseBool(os.Getenv("NATLAB_TRACE")) | 
					
						
							| 
									
										
										
										
											2020-07-03 02:09:54 +00:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-11 06:31:46 +00:00
										 |  |  | // Packet represents a UDP packet flowing through the virtual network. | 
					
						
							|  |  |  | type Packet struct { | 
					
						
							|  |  |  | 	Src, Dst netaddr.IPPort | 
					
						
							|  |  |  | 	Payload  []byte | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	// Prefix set by various internal methods of natlab, to locate | 
					
						
							|  |  |  | 	// where in the network a trace occured. | 
					
						
							|  |  |  | 	locator string | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-14 21:01:52 +00:00
										 |  |  | // Equivalent returns true if Src, Dst and Payload are the same in p | 
					
						
							|  |  |  | // and p2. | 
					
						
							|  |  |  | func (p *Packet) Equivalent(p2 *Packet) bool { | 
					
						
							|  |  |  | 	return p.Src == p2.Src && p.Dst == p2.Dst && bytes.Equal(p.Payload, p2.Payload) | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-11 06:31:46 +00:00
										 |  |  | // Clone returns a copy of p that shares nothing with p. | 
					
						
							|  |  |  | func (p *Packet) Clone() *Packet { | 
					
						
							|  |  |  | 	return &Packet{ | 
					
						
							|  |  |  | 		Src:     p.Src, | 
					
						
							|  |  |  | 		Dst:     p.Dst, | 
					
						
							|  |  |  | 		Payload: append([]byte(nil), p.Payload...), | 
					
						
							|  |  |  | 		locator: p.locator, | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // short returns a short identifier for a packet payload, | 
					
						
							|  |  |  | // suitable for printing trace information. | 
					
						
							|  |  |  | func (p *Packet) short() string { | 
					
						
							|  |  |  | 	s := sha256.Sum256(p.Payload) | 
					
						
							|  |  |  | 	payload := base64.RawStdEncoding.EncodeToString(s[:])[:2] | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	s = sha256.Sum256([]byte(p.Src.String() + "_" + p.Dst.String())) | 
					
						
							|  |  |  | 	tuple := base64.RawStdEncoding.EncodeToString(s[:])[:2] | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	return fmt.Sprintf("%s/%s", payload, tuple) | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (p *Packet) Trace(msg string, args ...interface{}) { | 
					
						
							| 
									
										
										
										
											2020-07-10 14:26:04 -07:00
										 |  |  | 	if !traceOn { | 
					
						
							| 
									
										
										
										
											2020-07-03 02:09:54 +00:00
										 |  |  | 		return | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2020-07-11 06:31:46 +00:00
										 |  |  | 	allArgs := []interface{}{p.short(), p.locator, p.Src, p.Dst} | 
					
						
							|  |  |  | 	allArgs = append(allArgs, args...) | 
					
						
							|  |  |  | 	fmt.Fprintf(os.Stderr, "[%s]%s src=%s dst=%s "+msg+"\n", allArgs...) | 
					
						
							| 
									
										
										
										
											2020-07-03 02:09:54 +00:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-11 06:31:46 +00:00
										 |  |  | func (p *Packet) setLocator(msg string, args ...interface{}) { | 
					
						
							|  |  |  | 	p.locator = fmt.Sprintf(" "+msg, args...) | 
					
						
							| 
									
										
										
										
											2020-07-03 02:09:54 +00:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-02 13:39:41 -07:00
										 |  |  | func mustPrefix(s string) netaddr.IPPrefix { | 
					
						
							|  |  |  | 	ipp, err := netaddr.ParseIPPrefix(s) | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		panic(err) | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return ipp | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // NewInternet returns a network that simulates the internet. | 
					
						
							|  |  |  | func NewInternet() *Network { | 
					
						
							|  |  |  | 	return &Network{ | 
					
						
							| 
									
										
										
										
											2020-07-03 00:52:58 +00:00
										 |  |  | 		Name:    "internet", | 
					
						
							|  |  |  | 		Prefix4: mustPrefix("203.0.113.0/24"), // documentation netblock that looks Internet-y | 
					
						
							|  |  |  | 		Prefix6: mustPrefix("fc00:52::/64"), | 
					
						
							| 
									
										
										
										
											2020-07-02 13:39:41 -07:00
										 |  |  | 	} | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | type Network struct { | 
					
						
							| 
									
										
										
										
											2020-07-03 00:52:58 +00:00
										 |  |  | 	Name    string | 
					
						
							|  |  |  | 	Prefix4 netaddr.IPPrefix | 
					
						
							|  |  |  | 	Prefix6 netaddr.IPPrefix | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-03 02:50:39 +00:00
										 |  |  | 	mu        sync.Mutex | 
					
						
							| 
									
										
										
										
											2020-07-11 03:01:41 +00:00
										 |  |  | 	machine   map[netaddr.IP]*Interface | 
					
						
							|  |  |  | 	defaultGW *Interface // optional | 
					
						
							| 
									
										
										
										
											2020-07-03 02:50:39 +00:00
										 |  |  | 	lastV4    netaddr.IP | 
					
						
							|  |  |  | 	lastV6    netaddr.IP | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-11 03:01:41 +00:00
										 |  |  | func (n *Network) SetDefaultGateway(gwIf *Interface) { | 
					
						
							| 
									
										
										
										
											2020-07-03 02:50:39 +00:00
										 |  |  | 	n.mu.Lock() | 
					
						
							|  |  |  | 	defer n.mu.Unlock() | 
					
						
							| 
									
										
										
										
											2020-07-11 06:31:46 +00:00
										 |  |  | 	if gwIf.net != n { | 
					
						
							|  |  |  | 		panic(fmt.Sprintf("can't set if=%s as net=%s's default gw, if not connected to net", gwIf.name, gwIf.net.Name)) | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2020-07-11 03:01:41 +00:00
										 |  |  | 	n.defaultGW = gwIf | 
					
						
							| 
									
										
										
										
											2020-07-02 13:39:41 -07:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-11 03:01:41 +00:00
										 |  |  | func (n *Network) addMachineLocked(ip netaddr.IP, iface *Interface) { | 
					
						
							|  |  |  | 	if iface == nil { | 
					
						
							| 
									
										
										
										
											2020-07-02 14:18:36 -07:00
										 |  |  | 		return // for tests | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	if n.machine == nil { | 
					
						
							| 
									
										
										
										
											2020-07-11 03:01:41 +00:00
										 |  |  | 		n.machine = map[netaddr.IP]*Interface{} | 
					
						
							| 
									
										
										
										
											2020-07-02 14:18:36 -07:00
										 |  |  | 	} | 
					
						
							| 
									
										
										
										
											2020-07-11 03:01:41 +00:00
										 |  |  | 	n.machine[ip] = iface | 
					
						
							| 
									
										
										
										
											2020-07-02 14:18:36 -07:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-11 03:01:41 +00:00
										 |  |  | func (n *Network) allocIPv4(iface *Interface) netaddr.IP { | 
					
						
							| 
									
										
										
										
											2020-07-02 13:39:41 -07:00
										 |  |  | 	n.mu.Lock() | 
					
						
							|  |  |  | 	defer n.mu.Unlock() | 
					
						
							| 
									
										
										
										
											2020-07-03 00:52:58 +00:00
										 |  |  | 	if n.Prefix4.IsZero() { | 
					
						
							|  |  |  | 		return netaddr.IP{} | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2020-07-02 13:39:41 -07:00
										 |  |  | 	if n.lastV4.IsZero() { | 
					
						
							| 
									
										
										
										
											2020-07-03 00:52:58 +00:00
										 |  |  | 		n.lastV4 = n.Prefix4.IP | 
					
						
							| 
									
										
										
										
											2020-07-02 13:39:41 -07:00
										 |  |  | 	} | 
					
						
							|  |  |  | 	a := n.lastV4.As16() | 
					
						
							|  |  |  | 	addOne(&a, 15) | 
					
						
							|  |  |  | 	n.lastV4 = netaddr.IPFrom16(a) | 
					
						
							| 
									
										
										
										
											2020-07-03 00:52:58 +00:00
										 |  |  | 	if !n.Prefix4.Contains(n.lastV4) { | 
					
						
							| 
									
										
										
										
											2020-07-02 13:39:41 -07:00
										 |  |  | 		panic("pool exhausted") | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2020-07-11 03:01:41 +00:00
										 |  |  | 	n.addMachineLocked(n.lastV4, iface) | 
					
						
							| 
									
										
										
										
											2020-07-02 13:39:41 -07:00
										 |  |  | 	return n.lastV4 | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-11 03:01:41 +00:00
										 |  |  | func (n *Network) allocIPv6(iface *Interface) netaddr.IP { | 
					
						
							| 
									
										
										
										
											2020-07-02 13:39:41 -07:00
										 |  |  | 	n.mu.Lock() | 
					
						
							|  |  |  | 	defer n.mu.Unlock() | 
					
						
							| 
									
										
										
										
											2020-07-03 00:52:58 +00:00
										 |  |  | 	if n.Prefix6.IsZero() { | 
					
						
							|  |  |  | 		return netaddr.IP{} | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2020-07-02 13:39:41 -07:00
										 |  |  | 	if n.lastV6.IsZero() { | 
					
						
							| 
									
										
										
										
											2020-07-03 00:52:58 +00:00
										 |  |  | 		n.lastV6 = n.Prefix6.IP | 
					
						
							| 
									
										
										
										
											2020-07-02 13:39:41 -07:00
										 |  |  | 	} | 
					
						
							|  |  |  | 	a := n.lastV6.As16() | 
					
						
							|  |  |  | 	addOne(&a, 15) | 
					
						
							|  |  |  | 	n.lastV6 = netaddr.IPFrom16(a) | 
					
						
							| 
									
										
										
										
											2020-07-03 00:52:58 +00:00
										 |  |  | 	if !n.Prefix6.Contains(n.lastV6) { | 
					
						
							| 
									
										
										
										
											2020-07-02 13:39:41 -07:00
										 |  |  | 		panic("pool exhausted") | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2020-07-11 03:01:41 +00:00
										 |  |  | 	n.addMachineLocked(n.lastV6, iface) | 
					
						
							| 
									
										
										
										
											2020-07-02 13:39:41 -07:00
										 |  |  | 	return n.lastV6 | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func addOne(a *[16]byte, index int) { | 
					
						
							|  |  |  | 	if v := a[index]; v < 255 { | 
					
						
							|  |  |  | 		a[index]++ | 
					
						
							|  |  |  | 	} else { | 
					
						
							|  |  |  | 		a[index] = 0 | 
					
						
							|  |  |  | 		addOne(a, index-1) | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-11 06:31:46 +00:00
										 |  |  | func (n *Network) write(p *Packet) (num int, err error) { | 
					
						
							|  |  |  | 	p.setLocator("net=%s", n.Name) | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-02 14:18:36 -07:00
										 |  |  | 	n.mu.Lock() | 
					
						
							|  |  |  | 	defer n.mu.Unlock() | 
					
						
							| 
									
										
										
										
											2020-07-11 06:31:46 +00:00
										 |  |  | 	iface, ok := n.machine[p.Dst.IP] | 
					
						
							| 
									
										
										
										
											2020-07-02 14:18:36 -07:00
										 |  |  | 	if !ok { | 
					
						
							| 
									
										
										
										
											2020-07-03 02:50:39 +00:00
										 |  |  | 		if n.defaultGW == nil { | 
					
						
							| 
									
										
										
										
											2020-07-11 06:31:46 +00:00
										 |  |  | 			p.Trace("no route to %v", p.Dst.IP) | 
					
						
							|  |  |  | 			return len(p.Payload), nil | 
					
						
							| 
									
										
										
										
											2020-07-03 02:50:39 +00:00
										 |  |  | 		} | 
					
						
							| 
									
										
										
										
											2020-07-11 03:01:41 +00:00
										 |  |  | 		iface = n.defaultGW | 
					
						
							| 
									
										
										
										
											2020-07-02 14:18:36 -07:00
										 |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	// Pretend it went across the network. Make a copy so nobody | 
					
						
							|  |  |  | 	// can later mess with caller's memory. | 
					
						
							| 
									
										
										
										
											2020-07-11 06:31:46 +00:00
										 |  |  | 	p.Trace("-> mach=%s if=%s", iface.machine.Name, iface.name) | 
					
						
							|  |  |  | 	go iface.machine.deliverIncomingPacket(p, iface) | 
					
						
							|  |  |  | 	return len(p.Payload), nil | 
					
						
							| 
									
										
										
										
											2020-07-02 13:02:13 -07:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-02 13:39:41 -07:00
										 |  |  | type Interface struct { | 
					
						
							| 
									
										
										
										
											2020-07-11 03:01:41 +00:00
										 |  |  | 	machine *Machine | 
					
						
							|  |  |  | 	net     *Network | 
					
						
							|  |  |  | 	name    string       // optional | 
					
						
							|  |  |  | 	ips     []netaddr.IP // static; not mutated once created | 
					
						
							| 
									
										
										
										
											2020-07-02 13:02:13 -07:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-11 05:16:36 +00:00
										 |  |  | func (f *Interface) Machine() *Machine { | 
					
						
							|  |  |  | 	return f.machine | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (f *Interface) Network() *Network { | 
					
						
							|  |  |  | 	return f.net | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-02 13:39:41 -07:00
										 |  |  | // V4 returns the machine's first IPv4 address, or the zero value if none. | 
					
						
							|  |  |  | func (f *Interface) V4() netaddr.IP { return f.pickIP(netaddr.IP.Is4) } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // V6 returns the machine's first IPv6 address, or the zero value if none. | 
					
						
							|  |  |  | func (f *Interface) V6() netaddr.IP { return f.pickIP(netaddr.IP.Is6) } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (f *Interface) pickIP(pred func(netaddr.IP) bool) netaddr.IP { | 
					
						
							|  |  |  | 	for _, ip := range f.ips { | 
					
						
							|  |  |  | 		if pred(ip) { | 
					
						
							|  |  |  | 			return ip | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return netaddr.IP{} | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (f *Interface) String() string { | 
					
						
							| 
									
										
										
										
											2020-07-02 13:02:13 -07:00
										 |  |  | 	// TODO: make this all better | 
					
						
							|  |  |  | 	if f.name != "" { | 
					
						
							|  |  |  | 		return f.name | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return fmt.Sprintf("unamed-interface-on-network-%p", f.net) | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // Contains reports whether f contains ip as an IP. | 
					
						
							| 
									
										
										
										
											2020-07-02 13:39:41 -07:00
										 |  |  | func (f *Interface) Contains(ip netaddr.IP) bool { | 
					
						
							| 
									
										
										
										
											2020-07-02 13:02:13 -07:00
										 |  |  | 	for _, v := range f.ips { | 
					
						
							|  |  |  | 		if ip == v { | 
					
						
							|  |  |  | 			return true | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return false | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | type routeEntry struct { | 
					
						
							|  |  |  | 	prefix netaddr.IPPrefix | 
					
						
							| 
									
										
										
										
											2020-07-02 13:39:41 -07:00
										 |  |  | 	iface  *Interface | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-03 02:50:39 +00:00
										 |  |  | // A PacketVerdict is a decision of what to do with a packet. | 
					
						
							|  |  |  | type PacketVerdict int | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | const ( | 
					
						
							|  |  |  | 	// Continue means the packet should be processed by the "local | 
					
						
							|  |  |  | 	// sockets" logic of the Machine. | 
					
						
							|  |  |  | 	Continue PacketVerdict = iota | 
					
						
							|  |  |  | 	// Drop means the packet should not be handled further. | 
					
						
							|  |  |  | 	Drop | 
					
						
							|  |  |  | ) | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (v PacketVerdict) String() string { | 
					
						
							|  |  |  | 	switch v { | 
					
						
							|  |  |  | 	case Continue: | 
					
						
							|  |  |  | 		return "Continue" | 
					
						
							|  |  |  | 	case Drop: | 
					
						
							|  |  |  | 		return "Drop" | 
					
						
							|  |  |  | 	default: | 
					
						
							|  |  |  | 		return fmt.Sprintf("<unknown verdict %d>", v) | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-14 21:01:52 +00:00
										 |  |  | // A PacketHandler can look at packets arriving at, departing, and | 
					
						
							|  |  |  | // transiting a Machine, and filter or mutate them. | 
					
						
							|  |  |  | // | 
					
						
							|  |  |  | // Each method is invoked with a Packet that natlab would like to keep | 
					
						
							|  |  |  | // processing. Handlers can return that same Packet to allow | 
					
						
							|  |  |  | // processing to continue; nil to drop the Packet; or a different | 
					
						
							|  |  |  | // Packet that should be processed instead of the original. | 
					
						
							|  |  |  | // | 
					
						
							|  |  |  | // Packets passed to handlers share no state with anything else, and | 
					
						
							|  |  |  | // are therefore safe to mutate. It's safe to return the original | 
					
						
							|  |  |  | // packet mutated in-place, or a brand new packet initialized from | 
					
						
							|  |  |  | // scratch. | 
					
						
							|  |  |  | // | 
					
						
							|  |  |  | // Packets mutated by a PacketHandler are processed anew by the | 
					
						
							|  |  |  | // associated Machine, as if the packet had always been the mutated | 
					
						
							|  |  |  | // one. For example, if HandleForward is invoked with a Packet, and | 
					
						
							|  |  |  | // the handler changes the destination IP address to one of the | 
					
						
							|  |  |  | // Machine's own IPs, the Machine restarts delivery, but this time | 
					
						
							|  |  |  | // going to a local PacketConn (which in turn will invoke HandleIn, | 
					
						
							|  |  |  | // since the packet is now destined for local delivery). | 
					
						
							|  |  |  | type PacketHandler interface { | 
					
						
							|  |  |  | 	// HandleIn processes a packet arriving on iif, whose destination | 
					
						
							|  |  |  | 	// is an IP address owned by the attached Machine. If p is | 
					
						
							|  |  |  | 	// returned unmodified, the Machine will go on to deliver the | 
					
						
							|  |  |  | 	// Packet to the appropriate listening PacketConn, if one exists. | 
					
						
							|  |  |  | 	HandleIn(p *Packet, iif *Interface) *Packet | 
					
						
							|  |  |  | 	// HandleOut processes a packet about to depart on oif from a | 
					
						
							|  |  |  | 	// local PacketConn. If p is returned unmodified, the Machine will | 
					
						
							|  |  |  | 	// transmit the Packet on oif. | 
					
						
							|  |  |  | 	HandleOut(p *Packet, oif *Interface) *Packet | 
					
						
							|  |  |  | 	// HandleForward is called when the Machine wants to forward a | 
					
						
							|  |  |  | 	// packet from iif to oif. If p is returned unmodified, the | 
					
						
							|  |  |  | 	// Machine will transmit the packet on oif. | 
					
						
							|  |  |  | 	HandleForward(p *Packet, iif, oif *Interface) *Packet | 
					
						
							|  |  |  | } | 
					
						
							| 
									
										
										
										
											2020-07-03 02:50:39 +00:00
										 |  |  | 
 | 
					
						
							|  |  |  | // A Machine is a representation of an operating system's network | 
					
						
							|  |  |  | // stack. It has a network routing table and can have multiple | 
					
						
							|  |  |  | // attached networks. The zero value is valid, but lacks any | 
					
						
							|  |  |  | // networking capability until Attach is called. | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | type Machine struct { | 
					
						
							| 
									
										
										
										
											2020-07-03 02:42:25 +00:00
										 |  |  | 	// Name is a pretty name for debugging and packet tracing. It need | 
					
						
							|  |  |  | 	// not be globally unique. | 
					
						
							|  |  |  | 	Name string | 
					
						
							| 
									
										
										
										
											2020-07-02 13:39:41 -07:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-14 21:01:52 +00:00
										 |  |  | 	// PacketHandler, if not nil, is a PacketHandler implementation | 
					
						
							|  |  |  | 	// that inspects all packets arriving, departing, or transiting | 
					
						
							|  |  |  | 	// the Machine. See the definition of the PacketHandler interface | 
					
						
							|  |  |  | 	// for semantics. | 
					
						
							| 
									
										
										
										
											2020-07-03 02:50:39 +00:00
										 |  |  | 	// | 
					
						
							| 
									
										
										
										
											2020-07-14 21:01:52 +00:00
										 |  |  | 	// If PacketHandler is nil, the machine allows all inbound | 
					
						
							|  |  |  | 	// traffic, all outbound traffic, and drops forwarded packets. | 
					
						
							|  |  |  | 	PacketHandler PacketHandler | 
					
						
							| 
									
										
										
										
											2020-07-03 02:50:39 +00:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | 	mu         sync.Mutex | 
					
						
							| 
									
										
										
										
											2020-07-02 13:39:41 -07:00
										 |  |  | 	interfaces []*Interface | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | 	routes     []routeEntry // sorted by longest prefix to shortest | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-03 02:23:01 +00:00
										 |  |  | 	conns4 map[netaddr.IPPort]*conn // conns that want IPv4 packets | 
					
						
							|  |  |  | 	conns6 map[netaddr.IPPort]*conn // conns that want IPv6 packets | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-14 21:01:52 +00:00
										 |  |  | func (m *Machine) isLocalIP(ip netaddr.IP) bool { | 
					
						
							|  |  |  | 	m.mu.Lock() | 
					
						
							|  |  |  | 	defer m.mu.Unlock() | 
					
						
							|  |  |  | 	for _, intf := range m.interfaces { | 
					
						
							|  |  |  | 		for _, iip := range intf.ips { | 
					
						
							|  |  |  | 			if ip == iip { | 
					
						
							|  |  |  | 				return true | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return false | 
					
						
							| 
									
										
										
										
											2020-07-03 02:50:39 +00:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-11 06:31:46 +00:00
										 |  |  | func (m *Machine) deliverIncomingPacket(p *Packet, iface *Interface) { | 
					
						
							|  |  |  | 	p.setLocator("mach=%s if=%s", m.Name, iface.name) | 
					
						
							| 
									
										
										
										
											2020-07-14 21:01:52 +00:00
										 |  |  | 
 | 
					
						
							|  |  |  | 	if m.isLocalIP(p.Dst.IP) { | 
					
						
							|  |  |  | 		m.deliverLocalPacket(p, iface) | 
					
						
							|  |  |  | 	} else { | 
					
						
							|  |  |  | 		m.forwardPacket(p, iface) | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (m *Machine) deliverLocalPacket(p *Packet, iface *Interface) { | 
					
						
							| 
									
										
										
										
											2020-07-03 02:50:39 +00:00
										 |  |  | 	// TODO: can't hold lock while handling packet. This is safe as | 
					
						
							|  |  |  | 	// long as you set HandlePacket before traffic starts flowing. | 
					
						
							| 
									
										
										
										
											2020-07-14 21:01:52 +00:00
										 |  |  | 	if m.PacketHandler != nil { | 
					
						
							|  |  |  | 		p2 := m.PacketHandler.HandleIn(p.Clone(), iface) | 
					
						
							|  |  |  | 		if p2 == nil { | 
					
						
							|  |  |  | 			// Packet dropped, nothing left to do. | 
					
						
							|  |  |  | 			return | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 		if !p.Equivalent(p2) { | 
					
						
							|  |  |  | 			// Restart delivery, this packet might be a forward packet | 
					
						
							|  |  |  | 			// now. | 
					
						
							|  |  |  | 			m.deliverIncomingPacket(p2, iface) | 
					
						
							| 
									
										
										
										
											2020-07-03 02:50:39 +00:00
										 |  |  | 			return | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-02 14:18:36 -07:00
										 |  |  | 	m.mu.Lock() | 
					
						
							|  |  |  | 	defer m.mu.Unlock() | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-03 01:47:06 +00:00
										 |  |  | 	conns := m.conns4 | 
					
						
							| 
									
										
										
										
											2020-07-11 06:31:46 +00:00
										 |  |  | 	if p.Dst.IP.Is6() { | 
					
						
							| 
									
										
										
										
											2020-07-03 01:47:06 +00:00
										 |  |  | 		conns = m.conns6 | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	possibleDsts := []netaddr.IPPort{ | 
					
						
							| 
									
										
										
										
											2020-07-11 06:31:46 +00:00
										 |  |  | 		p.Dst, | 
					
						
							|  |  |  | 		netaddr.IPPort{IP: v6unspec, Port: p.Dst.Port}, | 
					
						
							|  |  |  | 		netaddr.IPPort{IP: v4unspec, Port: p.Dst.Port}, | 
					
						
							| 
									
										
										
										
											2020-07-03 01:47:06 +00:00
										 |  |  | 	} | 
					
						
							| 
									
										
										
										
											2020-07-03 02:09:54 +00:00
										 |  |  | 	for _, dest := range possibleDsts { | 
					
						
							|  |  |  | 		c, ok := conns[dest] | 
					
						
							| 
									
										
										
										
											2020-07-02 14:18:36 -07:00
										 |  |  | 		if !ok { | 
					
						
							| 
									
										
										
										
											2020-07-03 01:47:06 +00:00
										 |  |  | 			continue | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 		select { | 
					
						
							| 
									
										
										
										
											2020-07-11 06:31:46 +00:00
										 |  |  | 		case c.in <- p: | 
					
						
							|  |  |  | 			p.Trace("queued to conn") | 
					
						
							| 
									
										
										
										
											2020-07-03 01:47:06 +00:00
										 |  |  | 		default: | 
					
						
							| 
									
										
										
										
											2020-07-11 06:31:46 +00:00
										 |  |  | 			p.Trace("dropped, queue overflow") | 
					
						
							| 
									
										
										
										
											2020-07-03 01:47:06 +00:00
										 |  |  | 			// Queue overflow. Just drop it. | 
					
						
							| 
									
										
										
										
											2020-07-02 14:18:36 -07:00
										 |  |  | 		} | 
					
						
							| 
									
										
										
										
											2020-07-03 02:09:54 +00:00
										 |  |  | 		return | 
					
						
							| 
									
										
										
										
											2020-07-02 14:18:36 -07:00
										 |  |  | 	} | 
					
						
							| 
									
										
										
										
											2020-07-11 06:31:46 +00:00
										 |  |  | 	p.Trace("dropped, no listening conn") | 
					
						
							| 
									
										
										
										
											2020-07-02 14:18:36 -07:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-14 21:01:52 +00:00
										 |  |  | func (m *Machine) forwardPacket(p *Packet, iif *Interface) { | 
					
						
							|  |  |  | 	oif, err := m.interfaceForIP(p.Dst.IP) | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		p.Trace("%v", err) | 
					
						
							|  |  |  | 		return | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	if m.PacketHandler == nil { | 
					
						
							|  |  |  | 		// Forwarding not allowed by default | 
					
						
							|  |  |  | 		p.Trace("drop, forwarding not allowed") | 
					
						
							|  |  |  | 		return | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	p2 := m.PacketHandler.HandleForward(p.Clone(), iif, oif) | 
					
						
							|  |  |  | 	if p2 == nil { | 
					
						
							|  |  |  | 		p.Trace("drop") | 
					
						
							|  |  |  | 		// Packet dropped, done. | 
					
						
							|  |  |  | 		return | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	if !p.Equivalent(p2) { | 
					
						
							|  |  |  | 		// Packet changed, restart delivery. | 
					
						
							|  |  |  | 		p2.Trace("PacketHandler mutated packet") | 
					
						
							|  |  |  | 		m.deliverIncomingPacket(p2, iif) | 
					
						
							|  |  |  | 		return | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	p.Trace("-> net=%s oif=%s", oif.net.Name, oif) | 
					
						
							|  |  |  | 	oif.net.write(p) | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-02 14:18:36 -07:00
										 |  |  | func unspecOf(ip netaddr.IP) netaddr.IP { | 
					
						
							|  |  |  | 	if ip.Is4() { | 
					
						
							|  |  |  | 		return v4unspec | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	if ip.Is6() { | 
					
						
							|  |  |  | 		return v6unspec | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	panic(fmt.Sprintf("bogus IP %#v", ip)) | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // Attach adds an interface to a machine. | 
					
						
							| 
									
										
										
										
											2020-07-03 01:02:38 +00:00
										 |  |  | // | 
					
						
							|  |  |  | // The first interface added to a Machine becomes that machine's | 
					
						
							|  |  |  | // default route. | 
					
						
							| 
									
										
										
										
											2020-07-02 13:39:41 -07:00
										 |  |  | func (m *Machine) Attach(interfaceName string, n *Network) *Interface { | 
					
						
							|  |  |  | 	f := &Interface{ | 
					
						
							| 
									
										
										
										
											2020-07-11 03:01:41 +00:00
										 |  |  | 		machine: m, | 
					
						
							|  |  |  | 		net:     n, | 
					
						
							|  |  |  | 		name:    interfaceName, | 
					
						
							| 
									
										
										
										
											2020-07-02 13:39:41 -07:00
										 |  |  | 	} | 
					
						
							| 
									
										
										
										
											2020-07-11 03:01:41 +00:00
										 |  |  | 	if ip := n.allocIPv4(f); !ip.IsZero() { | 
					
						
							| 
									
										
										
										
											2020-07-02 14:18:36 -07:00
										 |  |  | 		f.ips = append(f.ips, ip) | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2020-07-11 03:01:41 +00:00
										 |  |  | 	if ip := n.allocIPv6(f); !ip.IsZero() { | 
					
						
							| 
									
										
										
										
											2020-07-02 14:18:36 -07:00
										 |  |  | 		f.ips = append(f.ips, ip) | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2020-07-02 13:39:41 -07:00
										 |  |  | 
 | 
					
						
							|  |  |  | 	m.mu.Lock() | 
					
						
							|  |  |  | 	defer m.mu.Unlock() | 
					
						
							| 
									
										
										
										
											2020-07-02 14:18:36 -07:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-02 13:39:41 -07:00
										 |  |  | 	m.interfaces = append(m.interfaces, f) | 
					
						
							| 
									
										
										
										
											2020-07-03 01:02:38 +00:00
										 |  |  | 	if len(m.interfaces) == 1 { | 
					
						
							|  |  |  | 		m.routes = append(m.routes, | 
					
						
							|  |  |  | 			routeEntry{ | 
					
						
							|  |  |  | 				prefix: mustPrefix("0.0.0.0/0"), | 
					
						
							|  |  |  | 				iface:  f, | 
					
						
							|  |  |  | 			}, | 
					
						
							|  |  |  | 			routeEntry{ | 
					
						
							|  |  |  | 				prefix: mustPrefix("::/0"), | 
					
						
							|  |  |  | 				iface:  f, | 
					
						
							|  |  |  | 			}) | 
					
						
							|  |  |  | 	} else { | 
					
						
							| 
									
										
										
										
											2020-07-03 00:52:58 +00:00
										 |  |  | 		if !n.Prefix4.IsZero() { | 
					
						
							| 
									
										
										
										
											2020-07-03 01:02:38 +00:00
										 |  |  | 			m.routes = append(m.routes, routeEntry{ | 
					
						
							|  |  |  | 				prefix: n.Prefix4, | 
					
						
							|  |  |  | 				iface:  f, | 
					
						
							|  |  |  | 			}) | 
					
						
							| 
									
										
										
										
											2020-07-03 00:52:58 +00:00
										 |  |  | 		} | 
					
						
							|  |  |  | 		if !n.Prefix6.IsZero() { | 
					
						
							| 
									
										
										
										
											2020-07-03 01:02:38 +00:00
										 |  |  | 			m.routes = append(m.routes, routeEntry{ | 
					
						
							|  |  |  | 				prefix: n.Prefix6, | 
					
						
							|  |  |  | 				iface:  f, | 
					
						
							|  |  |  | 			}) | 
					
						
							| 
									
										
										
										
											2020-07-03 00:52:58 +00:00
										 |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2020-07-02 14:18:36 -07:00
										 |  |  | 	sort.Slice(m.routes, func(i, j int) bool { | 
					
						
							|  |  |  | 		return m.routes[i].prefix.Bits > m.routes[j].prefix.Bits | 
					
						
							|  |  |  | 	}) | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-02 13:39:41 -07:00
										 |  |  | 	return f | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-02 13:02:13 -07:00
										 |  |  | var ( | 
					
						
							|  |  |  | 	v4unspec = netaddr.IPv4(0, 0, 0, 0) | 
					
						
							|  |  |  | 	v6unspec = netaddr.IPv6Unspecified() | 
					
						
							|  |  |  | ) | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-11 06:31:46 +00:00
										 |  |  | func (m *Machine) writePacket(p *Packet) (n int, err error) { | 
					
						
							|  |  |  | 	p.setLocator("mach=%s", m.Name) | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	iface, err := m.interfaceForIP(p.Dst.IP) | 
					
						
							| 
									
										
										
										
											2020-07-02 13:02:13 -07:00
										 |  |  | 	if err != nil { | 
					
						
							| 
									
										
										
										
											2020-07-11 06:31:46 +00:00
										 |  |  | 		p.Trace("%v", err) | 
					
						
							| 
									
										
										
										
											2020-07-02 13:02:13 -07:00
										 |  |  | 		return 0, err | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2020-07-11 06:31:46 +00:00
										 |  |  | 	origSrcIP := p.Src.IP | 
					
						
							| 
									
										
										
										
											2020-07-02 13:39:41 -07:00
										 |  |  | 	switch { | 
					
						
							| 
									
										
										
										
											2020-07-11 06:31:46 +00:00
										 |  |  | 	case p.Src.IP == v4unspec: | 
					
						
							|  |  |  | 		p.Trace("assigning srcIP=%s", iface.V4()) | 
					
						
							|  |  |  | 		p.Src.IP = iface.V4() | 
					
						
							|  |  |  | 	case p.Src.IP == v6unspec: | 
					
						
							| 
									
										
										
										
											2020-07-03 01:47:06 +00:00
										 |  |  | 		// v6unspec in Go means "any src, but match address families" | 
					
						
							| 
									
										
										
										
											2020-07-11 06:31:46 +00:00
										 |  |  | 		if p.Dst.IP.Is6() { | 
					
						
							|  |  |  | 			p.Trace("assigning srcIP=%s", iface.V6()) | 
					
						
							|  |  |  | 			p.Src.IP = iface.V6() | 
					
						
							|  |  |  | 		} else if p.Dst.IP.Is4() { | 
					
						
							|  |  |  | 			p.Trace("assigning srcIP=%s", iface.V4()) | 
					
						
							|  |  |  | 			p.Src.IP = iface.V4() | 
					
						
							| 
									
										
										
										
											2020-07-03 01:47:06 +00:00
										 |  |  | 		} | 
					
						
							| 
									
										
										
										
											2020-07-02 13:39:41 -07:00
										 |  |  | 	default: | 
					
						
							| 
									
										
										
										
											2020-07-11 06:31:46 +00:00
										 |  |  | 		if !iface.Contains(p.Src.IP) { | 
					
						
							|  |  |  | 			err := fmt.Errorf("can't send to %v with src %v on interface %v", p.Dst.IP, p.Src.IP, iface) | 
					
						
							|  |  |  | 			p.Trace("%v", err) | 
					
						
							| 
									
										
										
										
											2020-07-03 02:09:54 +00:00
										 |  |  | 			return 0, err | 
					
						
							| 
									
										
										
										
											2020-07-02 13:02:13 -07:00
										 |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2020-07-11 06:31:46 +00:00
										 |  |  | 	if p.Src.IP.IsZero() { | 
					
						
							| 
									
										
										
										
											2020-07-03 02:09:54 +00:00
										 |  |  | 		err := fmt.Errorf("no matching address for address family for %v", origSrcIP) | 
					
						
							| 
									
										
										
										
											2020-07-11 06:31:46 +00:00
										 |  |  | 		p.Trace("%v", err) | 
					
						
							| 
									
										
										
										
											2020-07-03 02:09:54 +00:00
										 |  |  | 		return 0, err | 
					
						
							| 
									
										
										
										
											2020-07-02 13:39:41 -07:00
										 |  |  | 	} | 
					
						
							| 
									
										
										
										
											2020-07-02 13:02:13 -07:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-14 21:01:52 +00:00
										 |  |  | 	if m.PacketHandler != nil { | 
					
						
							|  |  |  | 		p2 := m.PacketHandler.HandleOut(p.Clone(), iface) | 
					
						
							|  |  |  | 		if p2 == nil { | 
					
						
							|  |  |  | 			// Packet dropped, done. | 
					
						
							| 
									
										
										
										
											2020-07-11 07:03:19 +00:00
										 |  |  | 			return len(p.Payload), nil | 
					
						
							|  |  |  | 		} | 
					
						
							| 
									
										
										
										
											2020-07-14 21:01:52 +00:00
										 |  |  | 		if !p.Equivalent(p2) { | 
					
						
							|  |  |  | 			// Restart transmission, src may have changed weirdly | 
					
						
							|  |  |  | 			m.writePacket(p2) | 
					
						
							|  |  |  | 			return | 
					
						
							|  |  |  | 		} | 
					
						
							| 
									
										
										
										
											2020-07-11 07:03:19 +00:00
										 |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-11 06:31:46 +00:00
										 |  |  | 	p.Trace("-> net=%s if=%s", iface.net.Name, iface) | 
					
						
							|  |  |  | 	return iface.net.write(p) | 
					
						
							| 
									
										
										
										
											2020-07-02 13:02:13 -07:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-02 13:39:41 -07:00
										 |  |  | func (m *Machine) interfaceForIP(ip netaddr.IP) (*Interface, error) { | 
					
						
							| 
									
										
										
										
											2020-07-02 13:02:13 -07:00
										 |  |  | 	m.mu.Lock() | 
					
						
							|  |  |  | 	defer m.mu.Unlock() | 
					
						
							|  |  |  | 	for _, re := range m.routes { | 
					
						
							|  |  |  | 		if re.prefix.Contains(ip) { | 
					
						
							|  |  |  | 			return re.iface, nil | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return nil, fmt.Errorf("no route found to %v", ip) | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | func (m *Machine) hasv6() bool { | 
					
						
							|  |  |  | 	m.mu.Lock() | 
					
						
							|  |  |  | 	defer m.mu.Unlock() | 
					
						
							|  |  |  | 	for _, f := range m.interfaces { | 
					
						
							|  |  |  | 		for _, ip := range f.ips { | 
					
						
							|  |  |  | 			if ip.Is6() { | 
					
						
							|  |  |  | 				return true | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return false | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-10 14:26:04 -07:00
										 |  |  | func (m *Machine) pickEphemPort() (port uint16, err error) { | 
					
						
							|  |  |  | 	m.mu.Lock() | 
					
						
							|  |  |  | 	defer m.mu.Unlock() | 
					
						
							|  |  |  | 	for tries := 0; tries < 500; tries++ { | 
					
						
							|  |  |  | 		port := uint16(rand.Intn(32<<10) + 32<<10) | 
					
						
							|  |  |  | 		if !m.portInUseLocked(port) { | 
					
						
							|  |  |  | 			return port, nil | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return 0, errors.New("failed to find an ephemeral port") | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (m *Machine) portInUseLocked(port uint16) bool { | 
					
						
							|  |  |  | 	for ipp := range m.conns4 { | 
					
						
							|  |  |  | 		if ipp.Port == port { | 
					
						
							|  |  |  | 			return true | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	for ipp := range m.conns6 { | 
					
						
							|  |  |  | 		if ipp.Port == port { | 
					
						
							|  |  |  | 			return true | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return false | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-03 01:47:06 +00:00
										 |  |  | func (m *Machine) registerConn4(c *conn) error { | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | 	m.mu.Lock() | 
					
						
							|  |  |  | 	defer m.mu.Unlock() | 
					
						
							| 
									
										
										
										
											2020-07-03 01:47:06 +00:00
										 |  |  | 	if c.ipp.IP.Is6() && c.ipp.IP != v6unspec { | 
					
						
							|  |  |  | 		return fmt.Errorf("registerConn4 got IPv6 %s", c.ipp) | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2020-07-03 02:26:54 +00:00
										 |  |  | 	return registerConn(&m.conns4, c) | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-03 01:47:06 +00:00
										 |  |  | func (m *Machine) unregisterConn4(c *conn) { | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | 	m.mu.Lock() | 
					
						
							|  |  |  | 	defer m.mu.Unlock() | 
					
						
							| 
									
										
										
										
											2020-07-03 01:47:06 +00:00
										 |  |  | 	delete(m.conns4, c.ipp) | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (m *Machine) registerConn6(c *conn) error { | 
					
						
							|  |  |  | 	m.mu.Lock() | 
					
						
							|  |  |  | 	defer m.mu.Unlock() | 
					
						
							|  |  |  | 	if c.ipp.IP.Is4() { | 
					
						
							|  |  |  | 		return fmt.Errorf("registerConn6 got IPv4 %s", c.ipp) | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2020-07-03 02:26:54 +00:00
										 |  |  | 	return registerConn(&m.conns6, c) | 
					
						
							| 
									
										
										
										
											2020-07-03 01:47:06 +00:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (m *Machine) unregisterConn6(c *conn) { | 
					
						
							|  |  |  | 	m.mu.Lock() | 
					
						
							|  |  |  | 	defer m.mu.Unlock() | 
					
						
							|  |  |  | 	delete(m.conns6, c.ipp) | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-03 02:26:54 +00:00
										 |  |  | func registerConn(conns *map[netaddr.IPPort]*conn, c *conn) error { | 
					
						
							|  |  |  | 	if _, ok := (*conns)[c.ipp]; ok { | 
					
						
							|  |  |  | 		return fmt.Errorf("duplicate conn listening on %v", c.ipp) | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	if *conns == nil { | 
					
						
							|  |  |  | 		*conns = map[netaddr.IPPort]*conn{} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	(*conns)[c.ipp] = c | 
					
						
							|  |  |  | 	return nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | func (m *Machine) AddNetwork(n *Network) {} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-10 14:26:04 -07:00
										 |  |  | func (m *Machine) ListenPacket(ctx context.Context, network, address string) (net.PacketConn, error) { | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | 	// if udp4, udp6, etc... look at address IP vs unspec | 
					
						
							| 
									
										
										
										
											2020-07-03 01:47:06 +00:00
										 |  |  | 	var ( | 
					
						
							|  |  |  | 		fam uint8 | 
					
						
							|  |  |  | 		ip  netaddr.IP | 
					
						
							|  |  |  | 	) | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | 	switch network { | 
					
						
							|  |  |  | 	default: | 
					
						
							|  |  |  | 		return nil, fmt.Errorf("unsupported network type %q", network) | 
					
						
							|  |  |  | 	case "udp": | 
					
						
							| 
									
										
										
										
											2020-07-03 01:47:06 +00:00
										 |  |  | 		fam = 0 | 
					
						
							|  |  |  | 		ip = v6unspec | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | 	case "udp4": | 
					
						
							|  |  |  | 		fam = 4 | 
					
						
							| 
									
										
										
										
											2020-07-03 01:47:06 +00:00
										 |  |  | 		ip = v4unspec | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | 	case "udp6": | 
					
						
							|  |  |  | 		fam = 6 | 
					
						
							| 
									
										
										
										
											2020-07-03 01:47:06 +00:00
										 |  |  | 		ip = v6unspec | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	host, portStr, err := net.SplitHostPort(address) | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return nil, err | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2020-07-03 01:47:06 +00:00
										 |  |  | 	if host != "" { | 
					
						
							|  |  |  | 		ip, err = netaddr.ParseIP(host) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | 		} | 
					
						
							| 
									
										
										
										
											2020-07-14 00:27:47 +00:00
										 |  |  | 		if fam == 0 && (ip != v4unspec && ip != v6unspec) { | 
					
						
							|  |  |  | 			// We got an explicit IP address, need to switch the | 
					
						
							|  |  |  | 			// family to the right one. | 
					
						
							|  |  |  | 			if ip.Is4() { | 
					
						
							|  |  |  | 				fam = 4 | 
					
						
							|  |  |  | 			} else { | 
					
						
							|  |  |  | 				fam = 6 | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 		} | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | 	} | 
					
						
							| 
									
										
										
										
											2020-07-10 14:26:04 -07:00
										 |  |  | 	porti, err := strconv.ParseUint(portStr, 10, 16) | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return nil, err | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2020-07-10 14:26:04 -07:00
										 |  |  | 	port := uint16(porti) | 
					
						
							|  |  |  | 	if port == 0 { | 
					
						
							|  |  |  | 		port, err = m.pickEphemPort() | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, nil | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	ipp := netaddr.IPPort{IP: ip, Port: port} | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | 
 | 
					
						
							|  |  |  | 	c := &conn{ | 
					
						
							|  |  |  | 		m:   m, | 
					
						
							|  |  |  | 		fam: fam, | 
					
						
							|  |  |  | 		ipp: ipp, | 
					
						
							| 
									
										
										
										
											2020-07-11 06:31:46 +00:00
										 |  |  | 		in:  make(chan *Packet, 100), // arbitrary | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | 	} | 
					
						
							| 
									
										
										
										
											2020-07-03 01:47:06 +00:00
										 |  |  | 	switch c.fam { | 
					
						
							|  |  |  | 	case 0: | 
					
						
							|  |  |  | 		if err := m.registerConn4(c); err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 		if err := m.registerConn6(c); err != nil { | 
					
						
							| 
									
										
										
										
											2020-07-03 02:27:31 +00:00
										 |  |  | 			m.unregisterConn4(c) | 
					
						
							| 
									
										
										
										
											2020-07-03 01:47:06 +00:00
										 |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	case 4: | 
					
						
							|  |  |  | 		if err := m.registerConn4(c); err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	case 6: | 
					
						
							|  |  |  | 		if err := m.registerConn6(c); err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | 	} | 
					
						
							|  |  |  | 	return c, nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // conn is our net.PacketConn implementation | 
					
						
							|  |  |  | type conn struct { | 
					
						
							|  |  |  | 	m   *Machine | 
					
						
							|  |  |  | 	fam uint8 // 0, 4, or 6 | 
					
						
							|  |  |  | 	ipp netaddr.IPPort | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	mu           sync.Mutex | 
					
						
							|  |  |  | 	closed       bool | 
					
						
							|  |  |  | 	readDeadline time.Time | 
					
						
							|  |  |  | 	activeReads  map[*activeRead]bool | 
					
						
							| 
									
										
										
										
											2020-07-11 06:31:46 +00:00
										 |  |  | 	in           chan *Packet | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | type activeRead struct { | 
					
						
							|  |  |  | 	cancel context.CancelFunc | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-10 14:26:04 -07:00
										 |  |  | // canRead reports whether we can do a read. | 
					
						
							|  |  |  | func (c *conn) canRead() error { | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | 	c.mu.Lock() | 
					
						
							|  |  |  | 	defer c.mu.Unlock() | 
					
						
							| 
									
										
										
										
											2020-07-10 14:26:04 -07:00
										 |  |  | 	if c.closed { | 
					
						
							|  |  |  | 		return errors.New("closed network connection") // sadface: magic string used by other; don't change | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	if !c.readDeadline.IsZero() && c.readDeadline.Before(time.Now()) { | 
					
						
							|  |  |  | 		return errors.New("read deadline exceeded") | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return nil | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (c *conn) registerActiveRead(ar *activeRead, active bool) { | 
					
						
							|  |  |  | 	c.mu.Lock() | 
					
						
							|  |  |  | 	defer c.mu.Unlock() | 
					
						
							|  |  |  | 	if c.activeReads == nil { | 
					
						
							|  |  |  | 		c.activeReads = make(map[*activeRead]bool) | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	if active { | 
					
						
							|  |  |  | 		c.activeReads[ar] = true | 
					
						
							|  |  |  | 	} else { | 
					
						
							|  |  |  | 		delete(c.activeReads, ar) | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (c *conn) Close() error { | 
					
						
							|  |  |  | 	c.mu.Lock() | 
					
						
							|  |  |  | 	defer c.mu.Unlock() | 
					
						
							|  |  |  | 	if c.closed { | 
					
						
							|  |  |  | 		return nil | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	c.closed = true | 
					
						
							| 
									
										
										
										
											2020-07-03 01:47:06 +00:00
										 |  |  | 	switch c.fam { | 
					
						
							|  |  |  | 	case 0: | 
					
						
							|  |  |  | 		c.m.unregisterConn4(c) | 
					
						
							|  |  |  | 		c.m.unregisterConn6(c) | 
					
						
							|  |  |  | 	case 4: | 
					
						
							|  |  |  | 		c.m.unregisterConn4(c) | 
					
						
							|  |  |  | 	case 6: | 
					
						
							|  |  |  | 		c.m.unregisterConn6(c) | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | 	c.breakActiveReadsLocked() | 
					
						
							|  |  |  | 	return nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (c *conn) breakActiveReadsLocked() { | 
					
						
							|  |  |  | 	for ar := range c.activeReads { | 
					
						
							|  |  |  | 		ar.cancel() | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	c.activeReads = nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (c *conn) LocalAddr() net.Addr { | 
					
						
							|  |  |  | 	return c.ipp.UDPAddr() | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (c *conn) ReadFrom(p []byte) (n int, addr net.Addr, err error) { | 
					
						
							|  |  |  | 	ctx, cancel := context.WithCancel(context.Background()) | 
					
						
							|  |  |  | 	defer cancel() | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	ar := &activeRead{cancel: cancel} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-10 14:26:04 -07:00
										 |  |  | 	if err := c.canRead(); err != nil { | 
					
						
							|  |  |  | 		return 0, nil, err | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	c.registerActiveRead(ar, true) | 
					
						
							|  |  |  | 	defer c.registerActiveRead(ar, false) | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	select { | 
					
						
							| 
									
										
										
										
											2020-07-02 14:18:36 -07:00
										 |  |  | 	case pkt := <-c.in: | 
					
						
							| 
									
										
										
										
											2020-07-11 06:31:46 +00:00
										 |  |  | 		n = copy(p, pkt.Payload) | 
					
						
							|  |  |  | 		pkt.Trace("PacketConn.ReadFrom") | 
					
						
							|  |  |  | 		return n, pkt.Src.UDPAddr(), nil | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | 	case <-ctx.Done(): | 
					
						
							|  |  |  | 		return 0, nil, context.DeadlineExceeded | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (c *conn) WriteTo(p []byte, addr net.Addr) (n int, err error) { | 
					
						
							| 
									
										
										
										
											2020-07-02 13:02:13 -07:00
										 |  |  | 	ipp, err := netaddr.ParseIPPort(addr.String()) | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return 0, fmt.Errorf("bogus addr %T %q", addr, addr.String()) | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2020-07-11 06:31:46 +00:00
										 |  |  | 	pkt := &Packet{ | 
					
						
							|  |  |  | 		Src:     c.ipp, | 
					
						
							|  |  |  | 		Dst:     ipp, | 
					
						
							|  |  |  | 		Payload: append([]byte(nil), p...), | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	pkt.setLocator("mach=%s", c.m.Name) | 
					
						
							|  |  |  | 	pkt.Trace("PacketConn.WriteTo") | 
					
						
							|  |  |  | 	return c.m.writePacket(pkt) | 
					
						
							| 
									
										
										
										
											2020-07-02 12:36:12 -07:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (c *conn) SetDeadline(t time.Time) error { | 
					
						
							|  |  |  | 	panic("SetWriteDeadline unsupported; TODO when needed") | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | func (c *conn) SetWriteDeadline(t time.Time) error { | 
					
						
							|  |  |  | 	panic("SetWriteDeadline unsupported; TODO when needed") | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | func (c *conn) SetReadDeadline(t time.Time) error { | 
					
						
							|  |  |  | 	c.mu.Lock() | 
					
						
							|  |  |  | 	defer c.mu.Unlock() | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	now := time.Now() | 
					
						
							|  |  |  | 	if t.After(now) { | 
					
						
							|  |  |  | 		panic("SetReadDeadline in the future not yet supported; TODO?") | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	if !t.IsZero() && t.Before(now) { | 
					
						
							|  |  |  | 		c.breakActiveReadsLocked() | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	c.readDeadline = t | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	return nil | 
					
						
							|  |  |  | } |