vtun | A simple VPN written in Go | VPN library
kandi X-RAY | vtun Summary
kandi X-RAY | vtun Summary
A simple VPN written in golang.
Support
Quality
Security
License
Reuse
Top functions reviewed by kandi - BETA
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of vtun
vtun Key Features
vtun Examples and Code Snippets
Community Discussions
Trending Discussions on vtun
QUESTION
I have an application that creates, listens on and writes to a tap interface. The software will read(tun_fd,...)
and perform some action on that data, and it will return data to the system as UDP packets via write(tun_fd,...)
.
I assign an IP to the interface, 10.10.10.10\24
so that a socket application can bind to it and so that the kernel will pass any packets for the virtual subnet to the tap interface.
The software generate frames with IP/UDP packets with the destination IP being that assigned to the interface, and a source IP existing in the same subnet. The source and dest mac address match that of the tap device. Those frames are written back to the kernel with write(tun_fd,...)
.
If I open said tap interface in wireshark I will see my frames/packets as I expect to, properly formatted, expected ports, expected macs and IPs. But if I try to read those packets with netcat -lvu 0.0.0.0 ${MY_UDP_PORT}
I don't see anything.
Is this expected behavior?
Update 1
INADDR_ANY
is a red herring. I have the problem even when explicitly binding to an interface / port as in this pseudo code:
ANSWER
Answered 2020-Sep-25 at 12:29Yes, data written into the tuntap device via write(tun_fd...)
should get passed to the kernel protocol stack and distributed to listening sockets with matching packet information just like the frame had arrived over a wire attached to a physical ethernet device.
It requires that the packets be properly formed (IP checksum is good, UDP checksum is good or 0). It requires that the kernel know how to handle the packet (is there an interface on the system with a matching destination IP?). If it's a tap device it may also require that your application is properly ARP'ing (although this might not be necessary for a 'received' packet from the perspective of a socket application listening to an address assigned to the tap device).
In my case the problem was silly. While I had turned on UDP checksum verification in wireshark I forgot to turn on IP header verification. An extra byteswap was breaking that checksum. After fixing that I was immediately able to see packets written into the TAP device in a socket application listening on the address assigned to that interface.
QUESTION
I have a Python3 application launching inside a Docker container; and when the Docker container is launched, it accepts arguments that are passed to the Python3 application. Pretty straight forward and works well.
The Dockerfile :
...ANSWER
Answered 2020-Jan-15 at 06:11the image name should be sperated from the reset of arguments :
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install vtun
Add TLS for websocket,reverse proxy server(3001) via nginx/caddy(443)
Enable IP forwarding on server
Support
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page