Beispiel #1
0
 /**
  * assigns the protocol + the triple of srcPort, destIP, destPort to the tunnel toward the
  * ANAddress over the ifName
  *
  * @param proto
  * @param srcPort
  * @param destIp
  * @param destPort
  * @param ANAddress
  * @param ifname
  */
 public void assignSocketToTunnelRME(
     String proto, int srcPort, String destIp, int destPort, int tid) {
   String[] param =
       new String[] {
         "-a",
         "rule",
         "-p",
         proto,
         "-s",
         Module.getVipaFix(),
         "-d",
         destIp,
         "-l",
         "" + srcPort,
         "-r",
         destPort + "",
         "-n",
         "" + tid
       };
   printLog(
       "Socket handover on local tunnel "
           + tid
           + " requested for src port "
           + srcPort
           + " dest port "
           + destPort
           + " and dest address: "
           + destIp,
       Log.LEVEL_MEDIUM);
   result = Module.upmtconf(param);
 }
Beispiel #2
0
  /**
   * assigns the protocol + the triple of srcPort, destIP, destPort to the tunnel toward the
   * ANAddress over the ifName
   *
   * @param proto
   * @param srcPort
   * @param destIp
   * @param destPort
   * @param ANAddress
   * @param ifName
   */
  public void assignSocketToTunnel(
      String proto, int srcPort, String destIp, int destPort, String ANAddress, String ifName) {
    Integer tidObj = localTidTable.get(ifName + ":" + ANAddress);
    if (tidObj == null) {
      printLog("ERROR: no Tunnel for " + ifName + ":" + ANAddress, Log.LEVEL_HIGH);
      return;
    }

    int tid = tidObj;
    String[] param =
        new String[] {
          "-a",
          "rule",
          "-p",
          proto,
          "-s",
          Module.getVipaFix(),
          "-d",
          destIp,
          "-l",
          "" + srcPort,
          "-r",
          destPort + "",
          "-n",
          "" + tid
        };

    //
    //	System.err.println("-a"+"rule"+"-p"+proto+"-s"+Module.getVipaFix()+"-d"+destIp+"-l"+""+srcPort+"-r"+destPort+""+"-n"+""+tid);
    printLog(
        "Socket handover on local tunnel "
            + tid
            + " (AN:"
            + ANAddress
            + "-if:"
            + ifName
            + ") requested for src port "
            + srcPort
            + " dest "
            + ANAddress
            + ":"
            + destPort,
        Log.LEVEL_MEDIUM);
    // TODO PROVA
    //		param[0] = "upmtconf " + param[0];
    //		result = Shell.executeRootCommand(param);
    result = Module.upmtconf(param);

    // Response from kernel:
    // System.out.println(result);
    // System.out.println(Module.upmtconf(new String[]{"-l", "rule"}));

    anTable.put(proto + srcPort + destIp + destPort, ANAddress);
  }
Beispiel #3
0
  public int addTunnel(String vipa, String ifName, String ANAddress, int AnTsa) {
    int port = realPortManager.getport(ifName + ANAddress);

    String[] par =
        new String[] {
          "-a",
          "tun",
          "-S",
          vipa,
          "-D",
          Module.getVipaFix(),
          "-i",
          ifName,
          "-d",
          ANAddress,
          "-l",
          "" + port,
          "-r",
          "" + AnTsa
        };

    //		System.err.println("YYYYYY__" + "-a"+ " " +"tun"+ " " +"-S" + " " + vipa+ " " +"-D"+ " "
    // +Module.getVipaFix()+ " " +"-i"+ " " +ifName+ " " +"-d"+ " " +ANAddress+ " " +"-l"+ " "
    // +""+port+ " " +"-r"+ " " +""+AnTsa);

    // TODO PROVA
    //		par[0] = "upmtconf " + par[0];
    //		result = Shell.executeRootCommand(par);

    //		result = Module.upmtconf(par); // chiamata tramite JNI
    result =
        Module.upmtconf(
            par, false); // se impostata a true chiamata a JNI altrimenti chiamata di sistema

    //		System.err.println(result);

    int localTid = Module.getUpmtParameter(result, "TID");
    if (localTid == 0) {
      printLog("TUNNEL NON CREATO", Log.LEVEL_HIGH);
      return 0;
    }

    localTidTable.put(ifName + ":" + ANAddress, new Integer(localTid));
    UPMTClient.addRMETunnelsToGUI(ANAddress);
    tidToANTable.put(new Integer(localTid), ANAddress);

    return localTid;
  }
Beispiel #4
0
  public TunnelManager(UPMTClient upmtClient) {
    TunnelManager.upmtClient = upmtClient;

    // XXX put this somewhere in the GUI or in the conf file
    extendedFilter = cfg.extendedFilter;

    // Settings from file (or from default)
    startPort = cfg.startPort;
    portRange = cfg.portRange;
    noUpmtMark = cfg.noUpmtMark;
    rtTablesIndex = cfg.rtTablesIndex;

    rtTablesIndexStart = rtTablesIndex;
    realPortManager = new LocalPortmgr(startPort, portRange);
    localTidTable = new Hashtable<String, Integer>();
    anTable = new Hashtable<String, String>();
    markTable = new HashMap<String, String>();
    tidToANTable = new HashMap<Integer, String>();

    // #ifndef ANDROID
    result = Shell.executeCommand(new String[] {"sh", "-c", "ifconfig -a | grep upmt0"});
    // #else
    //				result = Shell.executeCommand(new String[]{"sh", "-c", "netcfg | grep upmt0"});
    // #endif

    if (result.length() > 0) {
      if (!UPMTClient.getRME()) { // in rme il modulo viene caricato lato server
        // #ifndef ANDROID
        /*versione prima del kernel 3.8*/
        //				result = Shell.executeCommand(new String[]{"modprobe", "-r", "xt_UPMT_ex"});
        //				result = Shell.executeCommand(new String[]{"modprobe", "-r", "xt_UPMT"});
        //				result = Shell.executeCommand(new String[]{"modprobe", "-r", "upmt"});

        /*versione con kernel 3.8*/
        try {
          result =
              Shell.executeCommand(
                  new String[] {
                    "modprobe", "-r", "upmt_" + InetAddress.getLocalHost().getHostName()
                  });
        } catch (UnknownHostException e) {
          // TODO Auto-generated catch block
          e.printStackTrace();
        }
        // #else
        //						result = Shell.executeRootCommand(new String[]{"rmmod", "xt_UPMT_ex"});
        //						result = Shell.executeRootCommand(new String[]{"rmmod", "xt_UPMT"});
        //						result = Shell.executeRootCommand(new String[]{"rmmod", "upmt"});
        // #endif
      }

      if (cfg.keepaliveKernel) {
        // set keepalive interval and timeout in kernel
        String[] par =
            new String[] {"-k", "" + cfg.keepalivePeriod, "-T", "" + cfg.keepaliveTimeout};
        String moduleResult = Module.upmtconf(par);
      }
    }

    // #ifndef ANDROID
    if (extendedFilter == 0) {
      //			 xt_UPMT modules have been merged into upmt.ko (Sander)
      //			result = Shell.executeCommand(new String[]{"modprobe", "xt_UPMT"});
    } else {
      //			 xt_UPMT modules have been merged into upmt.ko (Sander)
      //			result = Shell.executeCommand(new String[]{"modprobe", "xt_UPMT_ex"});
      try {
        result =
            Shell.executeCommand(
                new String[] {"modprobe", "upmt_" + InetAddress.getLocalHost().getHostName()});
      } catch (UnknownHostException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
      }
    }
    result = Shell.executeCommand(new String[] {"ifconfig", "upmt0", Module.getVipaFix()});
    // #else
    //				result = Shell.executeRootCommand(new String[]{"insmod", "/system/lib/modules/upmt.ko"});
    //				result = Shell.executeRootCommand(new String[]{"insmod",
    // "/system/lib/modules/compat_xtables.ko"});
    //				if (extendedFilter == 0) {
    //					result = Shell.executeRootCommand(new String[]{"insmod",
    // "/system/lib/modules/xt_UPMT.ko"});
    //				} else {
    //					result = Shell.executeRootCommand(new String[]{"insmod",
    // "/system/lib/modules/xt_UPMT_ex.ko"});
    //				}
    //				result = Shell.executeRootCommand(new String[]{"ifconfig", "upmt0", Module.getVipaFix()});
    // #endif

    if (cfg.mtuOverride != 0) {
      printLog(
          "overriding upmt0 mtu, new value: " + Integer.toString((cfg.mtuOverride)),
          Log.LEVEL_HIGH);
      result =
          Shell.executeCommand(
              new String[] {"ifconfig", "upmt0", "mtu", Integer.toString(cfg.mtuOverride)});
    }

    Module.upmtconf(new String[] {"-V", "off"}); // Modalita' verbosa

    // #ifndef ANDROID
    result =
        Shell.executeCommand(
            new String[] {
              "iptables",
              "-t",
              "mangle",
              "-D",
              "OUTPUT",
              "-p",
              "udp",
              "--source-port",
              "5060",
              "-j",
              "MARK",
              "--set-mark",
              noUpmtMark
            });
    result =
        Shell.executeCommand(
            new String[] {
              "iptables",
              "-t",
              "mangle",
              "-A",
              "OUTPUT",
              "-p",
              "udp",
              "--source-port",
              "5060",
              "-j",
              "MARK",
              "--set-mark",
              noUpmtMark
            });

    result =
        Shell.executeCommand(
            new String[] {
              "iptables",
              "-t",
              "mangle",
              "-D",
              "OUTPUT",
              "--destination",
              "127.0.0.1",
              "-j",
              "MARK",
              "--set-mark",
              noUpmtMark
            });
    result =
        Shell.executeCommand(
            new String[] {
              "iptables",
              "-t",
              "mangle",
              "-A",
              "OUTPUT",
              "--destination",
              "127.0.0.1",
              "-j",
              "MARK",
              "--set-mark",
              noUpmtMark
            });

    result =
        Shell.executeCommand(
            new String[] {
              "iptables",
              "-D",
              "OUTPUT",
              "-p",
              "udp",
              "-o",
              "upmt0",
              "-m",
              "conntrack",
              "--ctstate",
              "NEW",
              "-j",
              "UPMT"
            });
    result =
        Shell.executeCommand(
            new String[] {
              "iptables",
              "-A",
              "OUTPUT",
              "-p",
              "udp",
              "-o",
              "upmt0",
              "-m",
              "conntrack",
              "--ctstate",
              "NEW",
              "-j",
              "UPMT"
            });

    result =
        Shell.executeCommand(
            new String[] {
              "iptables",
              "-D",
              "OUTPUT",
              "-p",
              "tcp",
              "-o",
              "upmt0",
              "-m",
              "conntrack",
              "--ctstate",
              "NEW",
              "-j",
              "UPMT"
            });
    result =
        Shell.executeCommand(
            new String[] {
              "iptables",
              "-A",
              "OUTPUT",
              "-p",
              "tcp",
              "-o",
              "upmt0",
              "-m",
              "conntrack",
              "--ctstate",
              "NEW",
              "-j",
              "UPMT"
            });
    // #else
    //				result = Shell.executeRootCommand(new String[]{"iptables", "-t", "mangle", "-D", "OUTPUT",
    // "-p", "udp", "--source-port", "5060", "-j", "MARK", "--set-mark", noUpmtMark});
    //				result = Shell.executeRootCommand(new String[]{"iptables", "-t", "mangle", "-A", "OUTPUT",
    // "-p", "udp", "--source-port", "5060", "-j", "MARK", "--set-mark", noUpmtMark});
    //
    //				result = Shell.executeRootCommand(new String[]{"iptables", "-t", "mangle", "-D", "OUTPUT",
    // "--destination", "127.0.0.1", "-j", "MARK", "--set-mark", noUpmtMark});
    //				result = Shell.executeRootCommand(new String[]{"iptables", "-t", "mangle", "-A", "OUTPUT",
    // "--destination", "127.0.0.1", "-j", "MARK", "--set-mark", noUpmtMark});
    //
    //				result = Shell.executeRootCommand(new String[]{"iptables", "-D", "OUTPUT", "-p", "udp",
    // "-o", "upmt0", "-m", "conntrack", "--ctstate", "NEW", "-j", "UPMT"});
    //				result = Shell.executeRootCommand(new String[]{"iptables", "-A", "OUTPUT", "-p", "udp",
    // "-o", "upmt0", "-m", "conntrack", "--ctstate", "NEW", "-j", "UPMT"});
    //
    //				result = Shell.executeRootCommand(new String[]{"iptables", "-D", "OUTPUT", "-p", "tcp",
    // "-o", "upmt0", "-m", "conntrack", "--ctstate", "NEW", "-j", "UPMT"});
    //				result = Shell.executeRootCommand(new String[]{"iptables", "-A", "OUTPUT", "-p", "tcp",
    // "-o", "upmt0", "-m", "conntrack", "--ctstate", "NEW", "-j", "UPMT"});
    // #endif

    if (!addTable("upmt0")) printLog("upmt0 already present in rt_tables", Log.LEVEL_HIGH);

    result = Shell.executeCommand(new String[] {"sh", "-c", "ip rule | grep 30000:"});
    // #ifndef ANDROID
    if (result.length() == 0)
      result =
          Shell.executeCommand(
              new String[] {"ip", "rule", "add", "priority", "30000", "table", "upmt0_table"});
    // #else
    //				if(result.length()==0) result = Shell.executeRootCommand(new String[]{"ip", "rule", "add",
    // "priority", "30000", "table", "upmt0_table"});
    // #endif
    else printLog("ip rule already present (prio:30000)", Log.LEVEL_HIGH);

    // #ifndef ANDROID
    result = Shell.executeCommand(new String[] {"ip", "route", "flush", "table", "upmt0_table"});
    result =
        Shell.executeCommand(
            new String[] {"ip", "route", "add", "default", "dev", "upmt0", "table", "upmt0_table"});
    // #else
    //				result = Shell.executeRootCommand(new String[]{"ip", "route", "flush", "table",
    // "upmt0_table"});
    //				result = Shell.executeRootCommand(new String[]{"ip", "route", "add", "default", "dev",
    // "upmt0", "table", "upmt0_table"});
    // #endif

    result = Shell.executeCommand(new String[] {"sh", "-c", "ip rule | grep 29999:"});
    // #ifndef ANDROID
    if (result.length() == 0)
      result =
          Shell.executeCommand(
              new String[] {
                "ip", "rule", "add", "fwmark", noUpmtMark, "priority", "29999", "table", "main"
              });
    // #else
    //				if(result.length()==0) result = Shell.executeRootCommand(new String[]{"ip", "rule", "add",
    // "fwmark", noUpmtMark, "priority", "29999", "table", "main"});
    // #endif
    else printLog("ip rule already present (prio:29999)", Log.LEVEL_HIGH);

    // #ifndef ANDROID
    result =
        Shell.executeCommand(
            new String[] {"iptables", "-t", "nat", "-D", "POSTROUTING", "-j", "MASQUERADE"});
    if (!UPMTClient.getRME()) {
      result =
          Shell.executeCommand(
              new String[] {"iptables", "-t", "nat", "-A", "POSTROUTING", "-j", "MASQUERADE"});
    }
    // #else
    //				result = Shell.executeRootCommand(new String[]{"iptables", "-t", "nat", "-D",
    // "POSTROUTING", "-j", "MASQUERADE"});
    //				result = Shell.executeRootCommand(new String[]{"iptables", "-t", "nat", "-A",
    // "POSTROUTING", "-j", "MASQUERADE"});
    // #endif

    // #ifndef ANDROID
    result =
        Shell.executeCommand(
            new String[] {"sh", "-c", "echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter"});
    if (UPMTClient.getRME())
      result =
          Shell.executeCommand(new String[] {"sh", "-c", "echo 1 > /proc/sys/net/ipv4/ip_forward"});
    // #else
    //				result = Shell.executeRootCommand(new String[]{"echo 0 >
    // /proc/sys/net/ipv4/conf/all/rp_filter"});
    // #endif
  }