Created
April 22, 2018 00:35
-
-
Save OneOfOne/5368f638f7df1035862659a7bec6ca2f to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package main | |
import ( | |
"log" | |
"os" | |
"os/exec" | |
"golang.org/x/net/ipv4" | |
"github.com/songgao/water" | |
) | |
const ( | |
// I use TUN interface, so only plain IP packet, no ethernet header + mtu is set to 1300 | |
BUFFERSIZE = 1600 | |
MTU = "1300" | |
) | |
func main() { | |
iface, err := water.New(water.Config{}) | |
fatalIf(err) | |
log.Printf("tun interface: %s", iface.Name()) | |
runBin("/bin/ip", "link", "set", "dev", iface.Name(), "mtu", MTU) | |
runBin("/bin/ip", "addr", "add", "10.2.0.10/24", "dev", iface.Name()) | |
runBin("/bin/ip", "link", "set", "dev", iface.Name(), "up") | |
buf := make([]byte, BUFFERSIZE) | |
for { | |
n, err := iface.Read(buf) | |
if err != nil { | |
log.Fatal(err) | |
} | |
header, _ := ipv4.ParseHeader(buf[:n]) | |
log.Printf("isTCP: %v, header: %s", header.Protocol == 6, header) | |
} | |
} | |
func fatalIf(err error) { | |
if err != nil { | |
log.Fatal(err) | |
} | |
} | |
func runBin(bin string, args ...string) { | |
cmd := exec.Command(bin, args...) | |
cmd.Stderr = os.Stderr | |
cmd.Stdout = os.Stdout | |
cmd.Stdin = os.Stdin | |
fatalIf(cmd.Run()) | |
} |
Author
OneOfOne
commented
Dec 3, 2019
via email
Sadly no :(
…On Mon, Dec 2, 2019 at 10:42 PM Aofei Sheng ***@***.***> wrote:
Hi @OneOfOne <https://github.com/OneOfOne>
Have you solved this problem? I encountered the same situation, I couldn't
read any packets from the TUN interface (here
<https://gist.github.com/OneOfOne/5368f638f7df1035862659a7bec6ca2f#file-tun-go-L31>),
all the packets written in seemed to enter the black hole (all
disappeared). I have totally no idea what I have missed. 😢
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<https://gist.github.com/5368f638f7df1035862659a7bec6ca2f?email_source=notifications&email_token=AAIHY67NGGQOZ7G7JTBHQCDQWXPSZA5CNFSM4JUR2IUKYY3PNVWWK3TUL52HS4DFVNDWS43UINXW23LFNZ2KUY3PNVWWK3TUL5UWJTQAF5EXU#gistcomment-3099002>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAIHY6YPUTWDNKMBKQBZI2DQWXPSZANCNFSM4JUR2IUA>
.
Maybe you can try the following steps (worked on my side), I learned from here:
- Created a TUN named
tun0
ifconfig tun0 10.2.0.1 pointopoint 10.2.2 netmask 255.255.255.0 mtu 1500 up
iptables -I FORWARD -i tun0 -o eth0 -s 10.2.0.0/24 -m conntrack --ctstate NEW -j ACCEPT
iptables -I FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
iptables -t nat -I POSTROUTING -o eth0 -s 10.2.0.0/24 -j MASQUERADE
I just wrote a VPN (Tunneling over WebSocket) and it finally worked today. Its server is written in Go, and its client is an iOS app.
Thank you very much for the tip!
I'd be very interested into seeing your VPN if you wanna share.
…On Tue, Dec 3, 2019 at 8:45 AM Aofei Sheng ***@***.***> wrote:
Maybe you can try the following steps (worked on my side), I learned from
here <https://community.openvpn.net/openvpn/wiki/BridgingAndRouting>:
1. Created a TUN named tun0
2. ifconfig tun0 10.2.0.1 pointopoint 10.2.2 netmask 255.255.255.0 mtu
1500 up
3. iptables -I FORWARD -i tun0 -o eth0 -s 10.2.0.0/24 -m conntrack
--ctstate NEW -j ACCEPT
4. iptables -I FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j
ACCEPT
5. iptables -t nat -I POSTROUTING -o eth0 -s 10.2.0.0/24 -j MASQUERADE
I just wrote a VPN (Tunneling over WebSocket) and it finally worked today.
Its server is written in Go, and its client is an iOS app.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<https://gist.github.com/5368f638f7df1035862659a7bec6ca2f?email_source=notifications&email_token=AAIHY67Q3BQAZ7V4FKXWH7LQWZWIVA5CNFSM4JUR2IUKYY3PNVWWK3TUL52HS4DFVNDWS43UINXW23LFNZ2KUY3PNVWWK3TUL5UWJTQAF5FRY#gistcomment-3099420>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAIHY66WQJITZWWOIITBQVTQWZWIVANCNFSM4JUR2IUA>
.
Of course, there's nothing confidential. I can simplify the server code and send it to you, but you have to wait a few hours because I'm busy with something else now. 😊
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment