mirror of
https://github.com/oxen-io/lokinet.git
synced 2024-10-31 09:20:21 +00:00
0f21eeccb0
* rework net code for ip ranges to be cleaner * clean up endpoint auth code * refactor config to validate network configs before setting up endpoints * remove buildone from path/pathbuilder.cpp so we don't spam connection attempts
181 lines
6.3 KiB
Python
Executable File
181 lines
6.3 KiB
Python
Executable File
#!/usr/bin/env python3
|
|
import argparse
|
|
import json
|
|
import sys
|
|
import os
|
|
|
|
from socket import AF_INET
|
|
|
|
import zmq
|
|
from pyroute2 import IPRoute
|
|
|
|
class LokinetRPC:
|
|
|
|
def __init__(self, url):
|
|
self._rpc_context = zmq.Context()
|
|
self._rpc_socket = self._rpc_context.socket(zmq.DEALER)
|
|
self._rpc_socket.setsockopt(zmq.CONNECT_TIMEOUT, 5000)
|
|
self._rpc_socket.setsockopt(zmq.HANDSHAKE_IVL, 5000)
|
|
self._rpc_socket.connect(url)
|
|
|
|
def rpc(self, method, data=None):
|
|
tag = os.urandom(16)
|
|
req = [method.encode(), tag]
|
|
if data is not None:
|
|
req.append(json.dumps(data).encode('utf-8'))
|
|
self._rpc_socket.send_multipart(req)
|
|
if not self._rpc_socket.poll(timeout=50):
|
|
return
|
|
reply = self._rpc_socket.recv_multipart()
|
|
if len(reply) >= 3 and reply[0:2] == [b'REPLY', tag]:
|
|
try:
|
|
return json.loads(reply[2].decode())
|
|
except:
|
|
return None
|
|
|
|
def map_exit(self, addr, maprange, token=None):
|
|
"""
|
|
map an exit range to a loki address and use token for auth if desires
|
|
"""
|
|
if token is None:
|
|
data = self.rpc("llarp.exit", {'exit': addr, 'range': maprange})
|
|
else:
|
|
data = self.rpc("llarp.exit", {'exit': addr, 'token': token, 'range': maprange})
|
|
if data is None:
|
|
print("no response from rpc")
|
|
return False
|
|
if data['error'] is not None:
|
|
print('failed to map exit range: {}'.format(data['error']))
|
|
return False
|
|
print('mapped {} to {}: {}'.format(maprange, addr, data['result']))
|
|
return True
|
|
|
|
def unmap_exit(self, maprange):
|
|
"""
|
|
unmap an ip range from exit
|
|
"""
|
|
data = self.rpc("llarp.exit", {'range': maprange, 'unmap': True})
|
|
if data is None:
|
|
print("no response from rpc")
|
|
return False
|
|
if data['error'] is not None:
|
|
print('failed to unmap exit range: {}'.format(data['error']))
|
|
return False
|
|
print('unmapped {}: {}'.format(maprange, data['result']))
|
|
return True
|
|
|
|
def get_endpoint_ifname(self, endpoint):
|
|
"""
|
|
get the network interface name belongint to the endpoint called endpoint
|
|
"""
|
|
data = self.rpc("llarp.status")
|
|
if data is None or data['error'] is not None:
|
|
return
|
|
services = data['result']['services']
|
|
if endpoint not in services:
|
|
return
|
|
return services[endpoint]['ifname']
|
|
|
|
def get_first_hops(self):
|
|
data = self.rpc("llarp.status")
|
|
if data is None:
|
|
print("no response from rpc")
|
|
elif data['error'] is not None:
|
|
print('error detecting first hops: {}'.format(data['error']))
|
|
else:
|
|
for link in data['result']['links']['outbound']:
|
|
for session in link["sessions"]['established']:
|
|
yield session['remoteAddr']
|
|
|
|
def close(self):
|
|
self._rpc_socket.close(linger=0)
|
|
|
|
|
|
def main():
|
|
ap = argparse.ArgumentParser()
|
|
ap.add_argument("--rpc", type=str, default='tcp://127.0.0.1:1190', help='rpc endpoint url for local lokinet')
|
|
ap.add_argument("--exit", type=str, required=True, help='loki address of exit to use')
|
|
ap.add_argument('--token', type=str, default=None, help='optional auth token to use when talking to exit')
|
|
ap.add_argument('--range', type=str, default='0.0.0.0/0', help='optional ip range to map to exit')
|
|
ap.add_argument("--endpoint", type=str, default='default', help='lokinet endpoint name to use')
|
|
ap.add_argument("--up", action='store_const', dest='action', const='up')
|
|
ap.add_argument("--down", action='store_const', dest='action', const='down')
|
|
args = ap.parse_args()
|
|
rpc = LokinetRPC(args.rpc)
|
|
|
|
hops = dict()
|
|
for hop in rpc.get_first_hops():
|
|
ip = hop.split(':')[0]
|
|
hops[ip] = 0
|
|
if len(hops) == 0:
|
|
print("lokinet is not connected yet")
|
|
rpc.close()
|
|
return 1
|
|
ifname = rpc.get_endpoint_ifname(args.endpoint)
|
|
if ifname is None:
|
|
print("cannot determine lokinet network interface name")
|
|
rpc.close()
|
|
return 1
|
|
with IPRoute() as ip:
|
|
ip.bind()
|
|
try:
|
|
idx = ip.link_lookup(ifname=ifname)[0]
|
|
except Exception as ex:
|
|
print("cannot find {}: {}".format(ifname, ex))
|
|
rpc.close()
|
|
return 1
|
|
# set up exit after binding routing socket
|
|
if args.action == 'up':
|
|
if not rpc.map_exit(args.exit, args.range, args.token):
|
|
rpc.close()
|
|
print('cannot map exit')
|
|
return
|
|
elif args.action == 'down':
|
|
if not rpc.unmap_exit(args.range):
|
|
rpc.close()
|
|
print('cannot unmap exit')
|
|
return
|
|
rpc.close()
|
|
gateways = ip.get_default_routes(family=AF_INET)
|
|
gateway = None
|
|
for g in gateways:
|
|
useThisGateway = True
|
|
for name, val in g['attrs']:
|
|
if name == 'RTA_OIF' and val == idx:
|
|
useThisGateway = False
|
|
if not useThisGateway:
|
|
continue
|
|
for name, val in g['attrs']:
|
|
if name == 'RTA_GATEWAY':
|
|
gateway = val
|
|
if gateway:
|
|
for address in hops:
|
|
try:
|
|
if args.action == 'up':
|
|
ip.route("add", dst="{}/32".format(address), gateway=gateway)
|
|
elif args.action == 'down':
|
|
ip.route("del", dst="{}/32".format(address), gateway=gateway)
|
|
except:
|
|
pass
|
|
|
|
if args.action == 'up':
|
|
try:
|
|
ip.route('add', dst='0.0.0.0/0', oif=idx)
|
|
except:
|
|
print('failed to add default route')
|
|
return 1
|
|
elif args.action == 'down':
|
|
try:
|
|
ip.route('del', dst='0.0.0.0/0', oif=idx)
|
|
except:
|
|
print('failed to remove default route')
|
|
return 1
|
|
else:
|
|
print("could not find gateway")
|
|
return 1
|
|
return 0
|
|
|
|
|
|
if __name__ == '__main__':
|
|
sys.exit(main())
|