Upgrade to Pro — share decks privately, control downloads, hide ads and more …

punchVPN-dansk

Sponsored · Ship Features Fearlessly Turn features on and off without deploys. Used by thousands of Ruby developers.
Avatar for Claus Lensbøl Claus Lensbøl
May 13, 2013
Programming
280
1

 punchVPN-dansk

Danish walk-through of the punchVPN program

Avatar for Claus Lensbøl

Claus Lensbøl

May 13, 2013

Other Decks in Programming

See All in Programming
CLIであることを活かしたGitHub Copilot CLI活用術 / GitHub Copilot CLI Pro Tips & Tricks
Avatar for Naoya.i nao_mk2
1
980
自動レビューエンジンの実装と運用 ~レビューのない世界へ~
Avatar for Kanato kurukuru1999
2
250
Are We Really Coding 10× Faster with AI?
Avatar for Koichi Yoshida kohzas
0
230
ふつうのFeature Flag実践入門
Avatar for irof irof
2
910
開発とはなにか、Essenceカーネルで見えるもの
Avatar for ukin0k0 ukin0k0
0
210
Sans tests, vos agents ne sont pas fiables
Avatar for Nathan Abondance nabondance
0
160
ビジネスモデルから紐解く、AI+型駆動開発
Avatar for Hiroki Omote hirokiomote
2
2.1k
[BalkanRuby 2026] Drop your app/services!
Avatar for Vladimir Dementyev palkan
3
670
横断組織出身のQAEがインプロセスQAEでつまずいたこと・活かせたこと
Avatar for Taiki Yamashita ty89
0
180
色即是空、空即是色、データサイエンス
Avatar for KamoNeggi kamoneggi
1
160
脅威をエンジニアリングの糧にして――現場編 / Turning Threats into Engineering Fuel — Field Edition
Avatar for nrs nrslib
0
120
実践ハーネスエンジニアリング:ステアリングループを実例から読み解く / Practical Harness Engineering: Understanding Steering Loops Through Real-World Examples
Avatar for nrs nrslib
6
6.2k

Featured

See All Featured
A brief & incomplete history of 
UX Design for the World Wide Web: 1989–2019
Avatar for Jason CranfordTeague jct
2
380
Leadership Guide Workshop - DevTernity 2021
Avatar for David Neal reverentgeek
1
280
Lightning talk: Run Django tests with GitHub Actions
Avatar for Sarah Abderemane sabderemane
0
180
Crafting Experiences
Avatar for Bethany Jepchumba bethany
1
160
Building the Perfect Custom Keyboard
Avatar for Naoto Takai takai
2
770
The Success of Rails: Ensuring Growth for the Next 100 Years
Avatar for Eileen M. Uchitelle eileencodes
47
8.1k
Max Prin - Stacking Signals: How International SEO Comes Together (And Falls Apart)
Avatar for Tech SEO Connect techseoconnect
PRO
0
170
Data-driven link building: lessons from a $708K investment (BrightonSEO talk)
Avatar for Szymon Słowik szymonslowik
1
1.1k
Bioeconomy Workshop: Dr. Julius Ecuru, Opportunities for a Bioeconomy in West Africa
Avatar for AKADEMIYA2063 akademiya2063
PRO
1
120
Bootstrapping a Software Product
Avatar for Garrett Dimon garrettdimon
PRO
307
120k
Embracing the Ebb and Flow
Avatar for Simon Collison colly
88
5k
技術選定の審美眼(2025年版) / Understanding the Spiral of Technologies 2025 edition
Avatar for Takuto Wada twada
PRO
118
120k

Transcript

  1. punchVPN p2p VPN tunneler bag NAT

  2. Facts • Klient - Python3.2 • Server - Python2.7 Kommende

    Win32+OSX+UNIX support

  3. Hvad skal det til for? • Sikkerhed • Anonymitet •

    Direkte forbindelse

  4. ✘ Skidt måde at snakke sammen på A B 3.

    part ☠ Forbindelse via 3. part Krypteret eller ukrypteret

  5. ✔ God måde at snakke sammen på A B 3.

    part ☠ Direkte krypteret forbindelse udenom 3. part

  6. Verdensbillede A B punch VPN Server Internet FW FW

  7. Klient A -> Server A B punch VPN Server Internet

    FW FW 1.

  8. Klient B -> Server A B punch VPN Server Internet

    FW FW 1. 2.

  9. Klient A <-> Klient B A B punch VPN Server

    Internet FW FW 1. 2. 3.

  10. Forbindelsesmetoder A B punch VPN Server Internet FW FW 1.

    2. 3. NAT-PMP UPnP-IGD UDP-HolePunch

  11. Hvem kan forbinde? NAT-PMP UPnP-IGD Direct mapping Random mapping NAT-PMP

    ✔ ✔ ✔ ✔ UPnP-IGD ✔ ✔ ✔ ✔ Direct mapping ✔ ✔ ✔ ✘ Random mapping ✔ ✔ ✘ ✘

  12. [code] punchVPNd/punchVPNd.py:108

  13. NAT-PMP Dynamisk firewall

  14. Hvordan virker det? • Simpel protokol • Apple-Bonjour

  15. Bed om den eksterne IP adresse Data der skal sendes:

    0b0000000000000000 Modtaget data: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Vers = 0 | OP = 128 + 0 | Result Code (net byte order) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Seconds Since Start of Epoch (in network byte order) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | External IPv4 Address (a.b.c.d) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

  16. Revisionerne, det nye def create_payload(self, local_port, external_port, lifetime): return pack('>2B3HI',

    0, 1, 0, local_port, external_port, lifetime)

  17. [code] natPMP/natPMP.py:49 natPMP/natPMP.py:70

  18. Greenlets og Gevent Micro threads og long polling

  19. Greenlets • Micro Threading • God scheduling

  20. Gevent • Modul på libevent • Bruger Greenlets • Monkey-patcher

    Python • Webserver

  21. Long polling • Lange HTTP(S) kald • Næsten en socket

    while(1): new_request_event.wait() if me.peer: msg = {'status': 'READY'} msg = json.dumps(msg) return msg new_request_event.set() new_request_event.clear()

  22. [code] punchVPNd/punchVPNd.py:71 punchVPNd/punchVPNd.py:132

  23. Et eksempel

  24. Server og klient Hvordan hænger det sammen

  25. JSON • Nemt at udvide • Ensartet syntax { "me.VPNaddr"

    : "169.254.45.221", "me.mode" : "p2p", "peer.VPNaddr" : "169.254.45.222", "peer.ip" : "130.225.204.238", "peer.lport" : 15544, "status" : "READY" }

  26. Demonstration Ellers er det jo bare en masse ord

  27. UDP hole punching

  28. [demo]

  29. Spørgsmål? • https://github.com/cmol/punchVPN/ • https://twitter.com/lensboel • https://speakerdeck.com/cmol/punchvpn- dansk