Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Updating MPTCP configurations to integrate with SLAAC #471

Open
wants to merge 6 commits into
base: develop
Choose a base branch
from
Open

Updating MPTCP configurations to integrate with SLAAC #471

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
6f876b2
Merge pull request #478 from tiiuae/2.3.0-candidate1
joenpera Sep 19, 2024
d3424cf
Merge pull request #487 from tiiuae/MS2.4.0_to_main
joenpera Nov 5, 2024
13271f1
Updating MPTCP configurations to integrate with SLAAC
Monika-Research Aug 5, 2024
835ca0d
Dynamic MPTCP subflows creation with SLAAC addressing
subhobasu Sep 26, 2024
29a5a7f
dynamic_MPTCP_SLAAC.c not required. Deleted.
Monika-Research Dec 20, 2024
9589b6f
MPTCP scripts updated
Monika-Research Dec 20, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 5 additions & 19 deletions common/scripts/mesh-11s_nats.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -451,29 +451,15 @@ main () {
# todo this needs to be moved
if [ "$mptcp" == "enable" ]; then
echo "MPTCP enabled"
if ! [ -f /var/run/mptcp.conf ]; then
echo "SUBFLOWS=-1" > /var/run/mptcp.conf
fi
[ ! -f /var/run/mptcp.conf ] && echo "INTERFACE_br=br-lan" > /var/run/mptcp.conf
if [ $(grep -ic "INTERFACE_${INDEX}" /var/run/mptcp.conf) -eq 1 ]; then
source /var/run/mptcp.conf
sed -i "/INTERFACE_${INDEX}/d" /var/run/mptcp.conf
else
source /var/run/mptcp.conf
subflows=$((SUBFLOWS+1))
sed_param=s/SUBFLOWS=.*/SUBFLOWS=${subflows}/
sed -i "$sed_param" /var/run/mptcp.conf
fi
if [[ -n $bridge_name ]]; then
if [ $(grep -ic "BRIDGE_IFACE" /var/run/mptcp.conf) -eq 1 ]; then
sed -i "/BRIDGE_IFACE/d" /var/run/mptcp.conf
fi
echo "BRIDGE_IFACE=${bridge_name}" >> /var/run/mptcp.conf
echo "INTERFACE_${INDEX}=${bridge_name}" >> /var/run/mptcp.conf
source /var/run/mptcp.conf
else
echo "index="$INDEX
echo "INTERFACE_${INDEX}=${batman_iface}" >> /var/run/mptcp.conf
sed -i "/SLAAC_${INDEX}/d" /var/run/mptcp.conf
fi
echo "index="$INDEX
echo "INTERFACE_${INDEX}=${wifidev}" >> /var/run/mptcp.conf
echo "SLAAC_${INDEX}=${slaac}" >> /var/run/mptcp.conf
fi
mode_execute "$mode"

Expand Down
97 changes: 37 additions & 60 deletions modules/sc-mesh-secure-deployment/src/2_0/features/mptcp/mptcp.sh
100644 → 100755
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,73 +1,50 @@
#!/bin/bash
source /var/run/mptcp.conf

### MPTCP ###
_slaac=$(grep "SLAAC" /var/run/mptcp.conf | awk -F '=' '{print $2}')
_slaac_interfaces=$(echo $_slaac | tr ' ' '\n' | sort | uniq | tr '\n' ' ' | sed -e 's/[[:space:]]*$//')

iface_list=$(grep 'INTERFACE' /var/run/mptcp.conf)
i=1;
i=0;
while read n;
do
iface=$(echo $n | awk -F "=" 'NR==1{print $2}');
echo $iface;
IP=$(ifconfig $iface | grep 'inet' | cut -d: -f2 | awk '{print $2}')
NM=$(ifconfig $iface | grep 'netmask' | cut -d: -f2 | awk '{print $4}')
IFS=. read -r i1 i2 i3 i4 <<< $IP
IFS=. read -r m1 m2 m3 m4 <<< $NM
NP=$(printf "%d.%d.%d.%d\n" "$((i1 & m1))" "$((i2 & m2))" "$((i3 & m3))" "$((i4 & m4))")
MASK=$(ip addr show $iface | grep 'inet'| cut -d: -f2 | awk '{print $2}' | awk -F "/" '{print $2}')

ip rule add from $IP table $i
ip route add $NP/$MASK dev $iface scope link table $i

ip mptcp endpoint add $IP signal

if [[ $iface == $BRIDGE_IFACE ]]; then
BR_NP=$NP
BR_MASK=$MASK
echo "iface: $iface"
if [ "$iface" == "wlp2s0" ]; then
IPv6_prefix="fd1d::"
elif [ "$iface" == "halow1" ]; then
IPv6_prefix="fdbd::"
elif [ "$iface" == "br-lan" ]; then
IPv6_prefix="fdcd::"
fi
i=$(($i+1));

echo "_slaac_interfaces: $_slaac_interfaces"
for _slaac_interface in $_slaac_interfaces; do
MAC_ADDRESS_FILE="/sys/class/net/$_slaac_interface/address"
MAC_ADDRESS=`cat "$MAC_ADDRESS_FILE"`
echo "MAC_ADDRESS: $MAC_ADDRESS"
# Split the MAC address into its components
mac_parts=(${MAC_ADDRESS//:/ })
# Invert the 7th bit of the first byte
first_byte=$(printf "%02x" $((0x${mac_parts[0]} ^ 0x02)))
# Assemble the EUI-64 address
eui64="${first_byte}${mac_parts[1]}:${mac_parts[2]}ff:fe${mac_parts[3]}:${mac_parts[4]}${mac_parts[5]}"
# Combine the IPv6 prefix with the EUI-64 address
IPv6_address="${IPv6_prefix}${eui64}/64"
echo "IPv6_address:$IPv6_address"
i=$(($i+1));
ip -6 addr add $IPv6_address dev $iface
ip -6 rule add from $IPv6_address table $i
ip route add $IPv6_prefix/64 dev $iface scope link table $i
ip mptcp endpoint add $IPv6_prefix$eui64 signal
done
done <<< "$iface_list"
ip mptcp limits set subflow $SUBFLOWS add_addr_accepted $SUBFLOWS

BR_PHY=$(brctl show | grep $BRIDGE_IFACE | awk -F " " '{printf $4}')
iptables -A FORWARD ! -p tcp -m physdev --physdev-in $BR_PHY -j ACCEPT

### PROXY ###
###iptables ss-redir rules###
iptables -t nat -N SSREDIR

iptables -t nat -A PREROUTING -p tcp -j SSREDIR

iptables -t nat -A SSREDIR -p tcp -d 127.0.0.0/8 -j RETURN
iptables -t nat -A SSREDIR -p tcp -d 10.0.0.0/8 -j RETURN

iptables -t nat -A SSREDIR -p tcp -s $BR_NP/$BR_MASK -j REDIRECT --to-ports 1080

##currently the server ips (end system's ip) are hardcoded here. However with SLAAC this should be fixed
cat <<EOF > /var/run/ss-redir.json
{
"server" : ["192.168.2.20"],
"server_port" : 8388,
"local_address" : "0.0.0.0",
"local_port" : 1080,
"password" : "mptcp",
"timeout" : 300,
"method" : "aes-256-cfb",
}
EOF

cat <<EOF > /var/run/ss-server.json
{
"server" : ["[::0]", "0.0.0.0"],
"server_port" : 8388,
"local_port" : 1080,
"password" : "mptcp",
"timeout" : 300,
"method" : "aes-256-cfb",
}
EOF
mptcpize run ss-redir -c /var/run/ss-redir.json &
mptcpize run ss-server -c /var/run/ss-server.json &


ip mptcp limits set subflow $i add_addr_accepted $i
echo "SUBFLOWS=$i" >> /var/run/mptcp.conf


olsrd -ipv6 > /opt/olsrd.log &

mptcpize run ss-server -c /opt/mesh_com/modules/sc-mesh-secure-deployment/src/2_0/features/mptcp/ss-server_config.json > /opt/ss_server.log &
10 changes: 10 additions & 0 deletions modules/sc-mesh-secure-deployment/src/2_0/features/mptcp/ss-server_config.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
{
"server" : ["[::0]", "0.0.0.0"],
"mode":"tcp",
"server_port" : 8388,
"local_address":"::0",
"local_port" : 1080,
"password" : "sai",
"timeout" : 300,
"method" : "aes-256-cfb"
}
7 changes: 3 additions & 4 deletions modules/sc-mesh-secure-deployment/src/nats/initd/S90mptcp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,18 +28,17 @@ stop() {
printf 'Stopping %s: ' "$DAEMON"
source /var/run/mptcp.conf
for (( i=0; i<=$SUBFLOWS; i++ )) do
while ip rule delete from 0/0 to 0/0 table $((i+1)) 2>/dev/null; do true; done
ip route flush table $((i+1))
while ip -6 rule delete $((i+1)) 2>/dev/null; do true; done
done
ip mptcp endpoint flush
BR_PHY=$(brctl show | grep $BRIDGE_IFACE | awk -F " " '{printf $4}')
iptables -D FORWARD ! -p tcp -m physdev --physdev-in $BR_PHY -j ACCEPT
kill -9 "$(ps ax | grep -E "ss-redir" | awk 'NR==1{print $1'})"
rm -fr /var/run/ss-redir.json 2>/dev/null
kill -9 "$(ps ax | grep -E "ss-server" | awk 'NR==1{print $1'})"
rm -fr /var/run/ss-server.json 2>/dev/null
iptables -t nat -F

ip mptcp endpoint flush
ip mptcp limits set add_addr_accepted 0 subflows 0
start-stop-daemon -K -o -q -p "$PIDFILE"
status=$?
if [ "$status" -eq 0 ]; then
Expand Down
Loading