1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
|
package virtualnetwork
import (
"net"
"net/http"
"strings"
"sync"
"github.com/containers/gvisor-tap-vsock/pkg/services/dhcp"
"github.com/containers/gvisor-tap-vsock/pkg/services/dns"
"github.com/containers/gvisor-tap-vsock/pkg/services/forwarder"
"github.com/containers/gvisor-tap-vsock/pkg/tap"
"github.com/containers/gvisor-tap-vsock/pkg/types"
log "github.com/sirupsen/logrus"
"gvisor.dev/gvisor/pkg/tcpip"
"gvisor.dev/gvisor/pkg/tcpip/adapters/gonet"
"gvisor.dev/gvisor/pkg/tcpip/network/ipv4"
"gvisor.dev/gvisor/pkg/tcpip/stack"
"gvisor.dev/gvisor/pkg/tcpip/transport/tcp"
"gvisor.dev/gvisor/pkg/tcpip/transport/udp"
)
func addServices(configuration *types.Configuration, s *stack.Stack, ipPool *tap.IPPool) (http.Handler, error) {
var natLock sync.Mutex
translation := parseNATTable(configuration)
tcpForwarder := forwarder.TCP(s, translation, &natLock)
s.SetTransportProtocolHandler(tcp.ProtocolNumber, tcpForwarder.HandlePacket)
udpForwarder := forwarder.UDP(s, translation, &natLock)
s.SetTransportProtocolHandler(udp.ProtocolNumber, udpForwarder.HandlePacket)
dnsMux, err := dnsServer(configuration, s)
if err != nil {
return nil, err
}
dhcpMux, err := dhcpServer(configuration, s, ipPool)
if err != nil {
return nil, err
}
forwarderMux, err := forwardHostVM(configuration, s)
if err != nil {
return nil, err
}
mux := http.NewServeMux()
mux.Handle("/forwarder/", http.StripPrefix("/forwarder", forwarderMux))
mux.Handle("/dhcp/", http.StripPrefix("/dhcp", dhcpMux))
mux.Handle("/dns/", http.StripPrefix("/dns", dnsMux))
return mux, nil
}
func parseNATTable(configuration *types.Configuration) map[tcpip.Address]tcpip.Address {
translation := make(map[tcpip.Address]tcpip.Address)
for source, destination := range configuration.NAT {
translation[tcpip.AddrFrom4Slice(net.ParseIP(source).To4())] = tcpip.AddrFrom4Slice(net.ParseIP(destination).To4())
}
return translation
}
func dnsServer(configuration *types.Configuration, s *stack.Stack) (http.Handler, error) {
udpConn, err := gonet.DialUDP(s, &tcpip.FullAddress{
NIC: 1,
Addr: tcpip.AddrFrom4Slice(net.ParseIP(configuration.GatewayIP).To4()),
Port: uint16(53),
}, nil, ipv4.ProtocolNumber)
if err != nil {
return nil, err
}
tcpLn, err := gonet.ListenTCP(s, tcpip.FullAddress{
NIC: 1,
Addr: tcpip.AddrFrom4Slice(net.ParseIP(configuration.GatewayIP).To4()),
Port: uint16(53),
}, ipv4.ProtocolNumber)
if err != nil {
return nil, err
}
server, err := dns.New(udpConn, tcpLn, configuration.DNS)
if err != nil {
return nil, err
}
go func() {
if err := server.Serve(); err != nil {
log.Error(err)
}
}()
go func() {
if err := server.ServeTCP(); err != nil {
log.Error(err)
}
}()
return server.Mux(), nil
}
func dhcpServer(configuration *types.Configuration, s *stack.Stack, ipPool *tap.IPPool) (http.Handler, error) {
server, err := dhcp.New(configuration, s, ipPool)
if err != nil {
return nil, err
}
go func() {
log.Error(server.Serve())
}()
return server.Mux(), nil
}
func forwardHostVM(configuration *types.Configuration, s *stack.Stack) (http.Handler, error) {
fw := forwarder.NewPortsForwarder(s)
for local, remote := range configuration.Forwards {
if strings.HasPrefix(local, "udp:") {
if err := fw.Expose(types.UDP, strings.TrimPrefix(local, "udp:"), remote); err != nil {
return nil, err
}
} else {
if err := fw.Expose(types.TCP, local, remote); err != nil {
return nil, err
}
}
}
return fw.Mux(), nil
}
|
