4 signal.signal(signal.SIGINT, signal.SIG_DFL)
10 import twisted.internet
11 import twisted.internet.endpoints
12 from twisted.internet import reactor
13 from twisted.web.server import NOT_DONE_YET
14 from twisted.logger import LogLevel
17 from ipaddress import AddressValueError
19 #import twisted.web.server import Site
20 #from twisted.web.resource import Resource
22 from optparse import OptionParser
23 from configparser import ConfigParser
24 from configparser import NoOptionError
34 r = ipaddress.IPv4Address(input)
35 except AddressValueError:
36 r = ipaddress.IPv6Address(input)
41 r = ipaddress.IPv4Network(input)
42 except NetworkValueError:
43 r = ipaddress.IPv6Network(input)
48 max_batch_down = 65536
59 ipif = userv root ipif %(host)s,%(relay)s,%(mtu)s,slip %(network)s
64 max_batch_down = 262144
66 max_request_time = 121
69 #---------- error handling ----------
72 print('CRASH ', err, file=sys.stderr)
74 except twisted.internet.error.ReactorNotRunning: pass
76 def crash_on_defer(defer):
77 defer.addErrback(lambda err: crash(err))
79 def crash_on_critical(event):
80 if event.get('log_level') >= LogLevel.critical:
81 crash(twisted.logger.formatEvent(event))
83 #---------- "router" ----------
85 def route(packet, saddr, daddr):
86 print('TRACE ', saddr, daddr, packet)
87 try: client = clients[daddr]
88 except KeyError: dclient = None
89 if dclient is not None:
90 dclient.queue_outbound(packet)
91 elif saddr.is_link_local or daddr.is_link_local:
92 log_discard(packet, saddr, daddr, 'link-local')
93 elif daddr == host or daddr not in network:
94 print('TRACE INBOUND ', saddr, daddr, packet)
97 log_discard(packet, saddr, daddr, 'relay')
99 log_discard(packet, saddr, daddr, 'no client')
101 def log_discard(packet, saddr, daddr, why):
102 print('DROP ', saddr, daddr, why)
103 # syslog.syslog(syslog.LOG_DEBUG,
104 # 'discarded packet %s -> %s (%s)' % (saddr, daddr, why))
106 #---------- ipif (slip subprocess) ----------
108 class IpifProcessProtocol(twisted.internet.protocol.ProcessProtocol):
111 def connectionMade(self): pass
112 def outReceived(self, data):
113 #print('RECV ', repr(data))
115 packets = slip_decode(self._buffer)
116 self._buffer = packets.pop()
117 for packet in packets:
118 if not len(packet): continue
119 (saddr, daddr) = packet_addrs(packet)
120 route(packet, saddr, daddr)
121 def processEnded(self, status):
122 status.raiseException()
126 ipif = IpifProcessProtocol()
127 reactor.spawnProcess(ipif,
128 '/bin/sh',['sh','-xc', ipif_command],
129 childFDs={0:'w', 1:'r', 2:2})
131 def queue_inbound(packet):
132 ipif.transport.write(slip_delimiter)
133 ipif.transport.write(slip_encode(packet))
134 ipif.transport.write(slip_delimiter)
136 #---------- SLIP handling ----------
140 slip_esc_end = b'\334'
141 slip_esc_esc = b'\335'
142 slip_delimiter = slip_end
144 def slip_encode(packet):
146 .replace(slip_esc, slip_esc + slip_esc_esc)
147 .replace(slip_end, slip_esc + slip_esc_end))
149 def slip_decode(data):
150 print('DECODE ', repr(data))
152 for packet in data.split(slip_end):
155 eix = packet.find(slip_esc)
159 #print('ESC ', repr((pdata, packet, eix)))
160 pdata += packet[0 : eix]
162 if ck == slip_esc_esc: pdata += slip_esc
163 elif ck == slip_esc_end: pdata += slip_end
164 else: raise ValueError('invalid SLIP escape')
165 packet = packet[eix+2 : ]
167 print('DECODED ', repr(out))
170 #---------- packet parsing ----------
172 def packet_addrs(packet):
173 version = packet[0] >> 4
177 factory = ipaddress.IPv4Address
181 factory = ipaddress.IPv6Address
183 raise ValueError('unsupported IP version %d' % version)
184 saddr = factory(packet[ saddroff : saddroff + addrlen ])
185 daddr = factory(packet[ saddroff + addrlen : saddroff + addrlen*2 ])
186 return (saddr, daddr)
188 #---------- client ----------
191 def __init__(self, ip, cs):
192 # instance data members
195 self.pw = cfg.get(cs, 'password')
196 self._rq = collections.deque() # requests
197 self._pq = collections.deque() # packets
202 for k in ('max_batch_down','max_queue_time','max_request_time'):
203 req = cfg.getint(cs, k)
204 limit = cfg.getint('limits',k)
205 self.__dict__[k] = min(req, limit)
207 def process_arriving_data(self, d):
208 for packet in slip_decode(d):
209 (saddr, daddr) = packet_addrs(packet)
210 if saddr != self._ip:
211 raise ValueError('wrong source address %s' % saddr)
212 route(packet, saddr, daddr)
214 def _req_cancel(self, request):
217 def _req_error(self, err, request):
218 self._req_cancel(request)
220 def queue_outbound(self, packet):
221 self._pq.append((time.monotonic(), packet))
223 def http_request(self, request):
224 request.setHeader('Content-Type','application/octet-stream')
225 reactor.callLater(self.max_request_time, self._req_cancel, request)
226 request.notifyFinish().addErrback(self._req_error, request)
227 self._rq.append(request)
228 self._check_outbound()
230 def _check_outbound(self):
232 try: request = self._rq[0]
233 except IndexError: request = None
234 if request and request.finished:
238 # now request is an unfinished request, or None
239 try: (queuetime, packet) = self._pq[0]
241 # no packets, oh well
244 age = time.monotonic() - queuetime
245 if age > self.max_queue_time:
253 # request, and also some non-expired packets
255 try: (dummy, packet) = self._pq[0]
256 except IndexError: break
258 encoded = slip_encode(packet)
260 if request.sentLength > 0:
261 if (request.sentLength + len(slip_delimiter)
262 + len(encoded) > self.max_batch_down):
264 request.write(slip_delimiter)
266 request.write(encoded)
269 assert(request.sentLength)
272 # round again, looking for more to do
274 class IphttpResource(twisted.web.resource.Resource):
275 def render_POST(self, request):
276 # find client, update config, etc.
277 ci = ipaddr(request.args['i'])
279 pw = request.args['pw']
280 if pw != c.pw: raise ValueError('bad password')
283 for r, w in (('mbd', 'max_batch_down'),
284 ('mqt', 'max_queue_time'),
285 ('mrt', 'max_request_time')):
286 try: v = request.args[r]
287 except KeyError: continue
291 try: d = request.args['d']
292 except KeyError: d = ''
294 c.process_arriving_data(d)
295 c.new_request(request)
298 resource = IphttpResource()
299 sitefactory = twisted.web.server.Site(resource)
300 for addrspec in cfg.get('server','addrs').split():
302 addr = ipaddress.IPv4Address(addrspec)
303 endpointfactory = twisted.internet.endpoints.TCP4ServerEndpoint
304 except AddressValueError:
305 addr = ipaddress.IPv6Address(addrspec)
306 endpointfactory = twisted.internet.endpoints.TCP6ServerEndpoint
307 ep = endpointfactory(reactor, cfg.getint('server','port'), addr)
308 crash_on_defer(ep.listen(sitefactory))
310 #---------- config and setup ----------
318 network = ipnetwork(cfg.get('virtual','network'))
319 if network.num_addresses < 3 + 2:
320 raise ValueError('network needs at least 2^3 addresses')
323 host = cfg.get('virtual','host')
324 except NoOptionError:
325 host = next(network.hosts())
328 relay = cfg.get('virtual','relay')
329 except NoOptionError:
330 for search in network.hosts():
331 if search == host: continue
335 for cs in cfg.sections():
336 if not (':' in cs or '.' in cs): continue
338 if ci not in network:
339 raise ValueError('client %s not in network' % ci)
341 raise ValueError('multiple client cfg sections for %s' % ci)
342 clients[ci] = Client(ci, cs)
345 mtu = cfg.get('virtual','mtu')
348 for k in ('host','relay','mtu','network'):
349 iic_vars[k] = globals()[k]
351 ipif_command = cfg.get('server','ipif', vars=iic_vars)
357 op.add_option('-c', '--config', dest='configfile',
358 default='/etc/hippottd/server.conf')
360 (opts, args) = op.parse_args()
361 if len(args): op.error('no non-option arguments please')
363 twisted.logger.globalLogPublisher.addObserver(crash_on_critical)
366 cfg.read_string(defcfg)
367 cfg.read(opts.configfile)
375 print('CRASHED (end)', file=sys.stderr)