implemented connection reject

common.cpp

@@ -15,7 +15,7 @@ int about_to_exit=0;
 raw_mode_t raw_mode=mode_faketcp;
 unordered_map<int, const char*> raw_mode_tostring = {{mode_faketcp, "faketcp"}, {mode_udp, "udp"}, {mode_icmp, "icmp"}};
 
-int delay_capacity=0;
+
 //static int random_number_fd=-1;
 char iptables_rule[200]="";
 //int is_client = 0, is_server = 0;
@@ -26,6 +26,8 @@ working_mode_t working_mode=tunnel_mode;
 
 int socket_buf_size=1024*1024;
 
+
+
 struct random_fd_t
 {
 	int random_number_fd;

common.h

@@ -121,9 +121,9 @@ extern unordered_map<int, const char*> raw_mode_tostring ;
 enum working_mode_t {unset_working_mode=0,tunnel_mode,tun_dev_mode};
 extern working_mode_t working_mode;
 
-extern int delay_capacity;
 extern int socket_buf_size;
 
+
 typedef u32_t id_t;
 
 typedef u64_t iv_t;
@@ -134,8 +134,8 @@ typedef u64_t anti_replay_seq_t;
 
 typedef u64_t fd64_t;
 
-enum dest_type{none=0,type_ip_port,type_fd64,type_ip_port_conv,type_fd64_conv/*,type_fd*/};
-
+//enum dest_type{none=0,type_fd64_ip_port,type_fd64,type_fd64_ip_port_conv,type_fd64_conv/*,type_fd*/};
+enum dest_type{none=0,type_fd64_ip_port,type_fd64,type_fd,type_fd_ip_port/*,type_fd*/};
 
 struct ip_port_t
 {
@@ -146,11 +146,22 @@ struct ip_port_t
 	char * to_s();
 };
 
-union inner_t
+struct fd64_ip_port_t
+{
+	fd64_t fd64;
+	ip_port_t ip_port;
+};
+struct fd_ip_port_t
 {
+	int fd;
 	ip_port_t ip_port;
-	//int fd;
+};
+union inner_t
+{
 	fd64_t fd64;
+	int fd;
+	fd64_ip_port_t fd64_ip_port;
+	fd_ip_port_t fd_ip_port;
 };
 struct dest_t
 {

misc.cpp

@@ -37,6 +37,9 @@ fd_manager_t fd_manager;
 
 int time_mono_test=0;
 
+int delay_capacity=0;
+
+
 
 
 

misc.h

@@ -44,6 +44,8 @@ extern fd_manager_t fd_manager;
 
 extern int time_mono_test;
 
+extern int delay_capacity;
+
 
 
 

packet.cpp

@@ -27,7 +27,7 @@ int random_drop=0;
 
 char key_string[1000]= "";
 
-int local_listen_fd=-1;
+//int local_listen_fd=-1;
 
 
 void encrypt_0(char * input,int &len,char *key)
@@ -162,10 +162,11 @@ int sendto_fd_ip_port (int fd,u32_t ip,int port,char * buf, int len,int flags)
 			(struct sockaddr *) &tmp_sockaddr,
 			sizeof(tmp_sockaddr));
 }
+/*
 int sendto_ip_port (u32_t ip,int port,char * buf, int len,int flags)
 {
 	return sendto_fd_ip_port(local_listen_fd,ip,port,buf,len,flags);
-}
+}*/
 
 int send_fd (int fd,char * buf, int len,int flags)
 {
@@ -182,17 +183,22 @@ int my_send(const dest_t &dest,char *data,int len)
 	}
 	switch(dest.type)
 	{
-		case type_ip_port:
+		case type_fd_ip_port:
 		{
-			return sendto_ip_port(dest.inner.ip_port.ip,dest.inner.ip_port.port,data,len,0);
+			return sendto_fd_ip_port(dest.inner.fd,dest.inner.fd_ip_port.ip_port.ip,dest.inner.fd_ip_port.ip_port.port,data,len,0);
 			break;
 		}
-		case type_ip_port_conv:
+		case type_fd64_ip_port:
 		{
-			char *new_data;
-			int new_len;
-			put_conv(dest.conv,data,len,new_data,new_len);
-			return sendto_ip_port(dest.inner.ip_port.ip,dest.inner.ip_port.port,new_data,new_len,0);
+			if(!fd_manager.exist(dest.inner.fd64)) return -1;
+			int fd=fd_manager.to_fd(dest.inner.fd64);
+
+			return sendto_fd_ip_port(fd,dest.inner.fd64_ip_port.ip_port.ip,dest.inner.fd64_ip_port.ip_port.port,data,len,0);
+			break;
+		}
+		case type_fd:
+		{
+			return send_fd(dest.inner.fd,data,len,0);
 			break;
 		}
 		case type_fd64:
@@ -200,9 +206,25 @@ int my_send(const dest_t &dest,char *data,int len)
 
 			if(!fd_manager.exist(dest.inner.fd64)) return -1;
 			int fd=fd_manager.to_fd(dest.inner.fd64);
+
 			return send_fd(fd,data,len,0);
 			break;
 		}
+		/*
+		case type_fd64_ip_port_conv:
+		{
+			if(!fd_manager.exist(dest.inner.fd64)) return -1;
+			int fd=fd_manager.to_fd(dest.inner.fd64);
+
+			char *new_data;
+			int new_len;
+
+			put_conv(dest.conv,data,len,new_data,new_len);
+			return sendto_fd_ip_port(fd,dest.inner.fd64_ip_port.ip_port.ip,dest.inner.fd64_ip_port.ip_port.port,new_data,new_len,0);
+			break;
+		}*/
+
+		/*
 		case type_fd64_conv:
 		{
 			char *new_data;
@@ -212,7 +234,7 @@ int my_send(const dest_t &dest,char *data,int len)
 			if(!fd_manager.exist(dest.inner.fd64)) return -1;
 			int fd=fd_manager.to_fd(dest.inner.fd64);
 			return send_fd(fd,new_data,new_len,0);
-		}
+		}*/
 		/*
 		case type_fd:
 		{
@@ -362,3 +384,6 @@ int get_conv(u32_t &conv,const char *input,int len_in,char *&output,int &len_out
 	}
 	return 0;
 }
+
+
+

packet.h

@@ -21,7 +21,6 @@ extern u64_t dup_packet_recv_count;
 extern char key_string[1000];
 extern int disable_replay_filter;
 extern int random_drop;
-extern int local_listen_fd;
 extern int disable_obscure;
 extern int disable_xor;
 

tun_dev.cpp

@@ -9,6 +9,8 @@
 #include "common.h"
 #include "log.h"
 #include "misc.h"
+
+
 int get_tun_fd(char * dev_name)
 {
 	int tun_fd=open("/dev/net/tun",O_RDWR);
@@ -74,11 +76,34 @@ int set_if(char *if_name,char * local_ip,char * remote_ip,int mtu)
 	return 0;
 }
 
+//enum tun_header_t {header_reserved=0,header_normal=1,header_new=2,header_reject=3};
+const char header_normal=1;
+const char header_new_connect=2;
+const char header_reject=3;
+
+int put_header(char header,char *& data,int &len)
+{
+	assert(len>=0);
+	data=data-1;
+	data[0]=header;
+	len+=1;
+	return 0;
+}
+int get_header(char &header,char *& data,int &len)
+{
+	assert(len>=0);
+	if(len<1) return -1;
+	header=data[0];
+	data=data+1;
+	len-=1;
+	return 0;
+}
+
 
 int tun_dev_client_event_loop()
 {
-	char buf[buf_len+1];
-	//char *data=buf+1;
+	char buf0[buf_len+100];
+	char *data=buf0+100;
 	int len;
 	int i,j,k,ret;
 	int epoll_fd,tun_fd;
@@ -86,7 +111,6 @@ int tun_dev_client_event_loop()
 	int remote_fd;
 	fd64_t remote_fd64;
 
-
 	tun_fd=get_tun_fd("tun11");
 	assert(tun_fd>0);
 
@@ -128,6 +152,9 @@ int tun_dev_client_event_loop()
 	//dest.inner.ip_port=dest_ip_port;
 	//dest.cook=1;
 
+
+	int got_feed_back=0;
+
 	while(1)////////////////////////
 	{
 
@@ -151,24 +178,57 @@ int tun_dev_client_event_loop()
 		{
 			if(events[idx].data.u64==(u64_t)tun_fd)
 			{
-				len=read(tun_fd,buf,max_data_len);
+				len=read(tun_fd,data,max_data_len);
 				assert(len>=0);
 
 				mylog(log_trace,"Received packet from tun,len: %d\n",len);
 
-				delay_manager.add(0,dest,buf,len);;
+				if(got_feed_back==0)
+					put_header(header_new_connect,data,len);
+				else
+					put_header(header_normal,data,len);
+
+				delay_manager.add(0,dest,data,len);;
 			}
 			else if(events[idx].data.u64==(u64_t)remote_fd64)
 			{
 				fd64_t fd64=events[idx].data.u64;
 				int fd=fd_manager.to_fd(fd64);
 
-				len=recv(fd,buf,max_data_len,0);
+				len=recv(fd,data,max_data_len,0);
+
+				if(len<0)
+				{
+					mylog(log_warn,"recv return %d,errno=%s\n",len,strerror(errno));
+					continue;
+				}
+
+				char header=0;
+				if(get_header(header,data,len)!=0)
+				{
+					mylog(log_warn,"get_header failed\n");
+					continue;
+				}
+				if(header==header_reject)
+				{
+					mylog(log_fatal,"server switched to handle another client,exit\n");
+					myexit(-1);
+					continue;
+				}
+				else if(header==header_normal)
+				{
+					got_feed_back=1;
+				}
+				else
+				{
+					mylog(log_warn,"invalid header\n");
+					continue;
+				}
 
 				mylog(log_trace,"Received packet from udp,len: %d\n",len);
 				assert(len>=0);
 
-				assert(write(tun_fd,buf,len)>0);
+				assert(write(tun_fd,data,len)>=0);
 			}
 		}
 		delay_manager.check();
@@ -180,16 +240,20 @@ int tun_dev_client_event_loop()
 
 int tun_dev_server_event_loop()
 {
-	char buf[buf_len+1];
-	char *data=buf+1;
+	char buf0[buf_len+100];
+	char *data=buf0+100;
 	int len;
 	int i,j,k,ret;
 	int epoll_fd,tun_fd;
 
+	int local_listen_fd;
+	//fd64_t local_listen_fd64;
+
 	tun_fd=get_tun_fd("tun11");
 	assert(tun_fd>0);
 
 	assert(new_listen_socket(local_listen_fd,local_ip_uint32,local_port)==0);
+  //  local_listen_fd64=fd_manager.create(local_listen_fd);
 
 	assert(set_if("tun11","10.0.0.1","10.0.0.2",1000)==0);
 
@@ -222,9 +286,11 @@ int tun_dev_server_event_loop()
 	//ip_port_t dest_ip_port;
 
 	dest_t dest;
-	dest.type=type_ip_port;
-	dest.inner.ip_port.ip=0;
-	dest.inner.ip_port.port=0;
+	dest.type=type_fd_ip_port;
+
+	dest.inner.fd_ip_port.fd=local_listen_fd;
+	dest.inner.fd_ip_port.ip_port.ip=0;
+	dest.inner.fd_ip_port.ip_port.port=0;
 	//dest.conv=conv;
 	//dest.inner.ip_port=dest_ip_port;
 	//dest.cook=1;
@@ -255,36 +321,84 @@ int tun_dev_server_event_loop()
 			{
 				struct sockaddr_in udp_new_addr_in={0};
 				socklen_t udp_new_addr_len = sizeof(sockaddr_in);
-				if ((len = recvfrom(local_listen_fd, buf, max_data_len, 0,
+				if ((len = recvfrom(local_listen_fd, data, max_data_len, 0,
 						(struct sockaddr *) &udp_new_addr_in, &udp_new_addr_len)) == -1) {
 					mylog(log_error,"recv_from error,this shouldnt happen,err=%s,but we can try to continue\n",strerror(errno));
 					continue;
 					//myexit(1);
 				};
+				char header=0;
+				if(get_header(header,data,len)!=0)
+				{
+					mylog(log_warn,"get_header failed\n");
+					continue;
+				}
+
+				if((dest.inner.fd_ip_port.ip_port.ip==udp_new_addr_in.sin_addr.s_addr) && (dest.inner.fd_ip_port.ip_port.port=ntohs(udp_new_addr_in.sin_port)))
+				{
+					if(header!=header_new_connect&& header!=header_normal)
+					{
+						mylog(log_warn,"invalid header\n");
+						continue;
+					}
+				}
+				else
+				{
+					if(header==header_new_connect)
+					{
+						mylog(log_info,"new connection from %s:%d \n", inet_ntoa(udp_new_addr_in.sin_addr),
+												ntohs(udp_new_addr_in.sin_port));
+						dest.inner.fd_ip_port.ip_port.ip=udp_new_addr_in.sin_addr.s_addr;
+						dest.inner.fd_ip_port.ip_port.port=ntohs(udp_new_addr_in.sin_port);
+					}
+					else
+					{
+						mylog(log_info,"rejected connection from %s:%d\n", inet_ntoa(udp_new_addr_in.sin_addr),ntohs(udp_new_addr_in.sin_port));
+
+
+						len=1;
+						data[0]=header_reject;
+
+						dest_t tmp_dest;
+						tmp_dest.type=type_fd_ip_port;
+
+						tmp_dest.inner.fd_ip_port.fd=local_listen_fd;
+						tmp_dest.inner.fd_ip_port.ip_port.ip=udp_new_addr_in.sin_addr.s_addr;
+						tmp_dest.inner.fd_ip_port.ip_port.port=ntohs(udp_new_addr_in.sin_port);
+
+						delay_manager.add(0,tmp_dest,data,len);;
+						continue;
+					}
+				}
+
 
-				dest.inner.ip_port.ip=udp_new_addr_in.sin_addr.s_addr;
-				dest.inner.ip_port.port=ntohs(udp_new_addr_in.sin_port);
 
 				mylog(log_trace,"Received packet from %s:%d,len: %d\n", inet_ntoa(udp_new_addr_in.sin_addr),
 						ntohs(udp_new_addr_in.sin_port),len);
 
-				assert(write(tun_fd,buf,len)>0);
+				ret=write(tun_fd,data,len);
+				if( ret<0 )
+				{
+					mylog(log_warn,"write to tun failed len=%d ret=%d\n errno=%s\n",len,ret,strerror(errno));
+				}
 
 			}
 			else if(events[idx].data.u64==(u64_t)tun_fd)
 			{
-				len=read(tun_fd,buf,max_data_len);
+				len=read(tun_fd,data,max_data_len);
 				assert(len>=0);
 
 				mylog(log_trace,"Received packet from tun,len: %d\n",len);
 
-				if(dest.inner.ip_port.to_u64()==0)
+				if(dest.inner.fd64_ip_port.ip_port.to_u64()==0)
 				{
 					mylog(log_warn,"there is no client yet\n");
 					continue;
 				}
 
-				delay_manager.add(0,dest,buf,len);;
+				put_header(header_normal,data,len);
+
+				delay_manager.add(0,dest,data,len);;
 
 
 			}

tunnel.cpp

@@ -22,7 +22,11 @@ int tunnel_client_event_loop()
     //conn_info.conv_manager.reserve();
 	//conn_info.fec_encode_manager.re_init(fec_data_num,fec_redundant_num,fec_mtu,fec_pending_num,fec_pending_time,fec_type);
 
+
+	int local_listen_fd;
+	//fd64_t local_listen_fd64;
     new_listen_socket(local_listen_fd,local_ip_uint32,local_port);
+    //local_listen_fd64=fd_manager.create(local_listen_fd);
 
 	epoll_fd = epoll_create1(0);
 	assert(epoll_fd>0);
@@ -316,8 +320,9 @@ int tunnel_client_event_loop()
 
 					u64_t u64=conn_info.conv_manager.find_u64_by_conv(conv);
 					dest_t dest;
-					dest.inner.ip_port.from_u64(u64);
-					dest.type=type_ip_port;
+					dest.inner.fd_ip_port.fd=local_listen_fd;
+					dest.inner.fd_ip_port.ip_port.from_u64(u64);
+					dest.type=type_fd_ip_port;
 					//dest.conv=conv;
 
 					delay_send(out_delay[i],dest,new_data,new_len);
@@ -344,8 +349,10 @@ int tunnel_server_event_loop()
 	int remote_fd;
 
 //    conn_info_t conn_info;
-
-	new_listen_socket(local_listen_fd,local_ip_uint32,local_port);
+	int local_listen_fd;
+//	fd64_t local_listen_fd64;
+    new_listen_socket(local_listen_fd,local_ip_uint32,local_port);
+   // local_listen_fd64=fd_manager.create(local_listen_fd);
 
 	epoll_fd = epoll_create1(0);
 	assert(epoll_fd>0);
@@ -607,10 +614,11 @@ int tunnel_server_event_loop()
 				//conn_info.update_active_time(); //cant put it here
 
 				int  out_n=-2;char **out_arr;int *out_len;my_time_t *out_delay;
+
 				dest_t dest;
-				dest.type=type_ip_port;
-				//dest.conv=conv;
-				dest.inner.ip_port=ip_port;
+				dest.inner.fd_ip_port.fd=local_listen_fd;
+				dest.inner.fd_ip_port.ip_port=ip_port;
+				dest.type=type_fd_ip_port;
 				dest.cook=1;
 
 				if(fd64==conn_info.fec_encode_manager.get_timer_fd64())