Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
punchVPN-dansk
Search
Claus Lensbøl
May 13, 2013
Programming
1
240
punchVPN-dansk
Danish walk-through of the punchVPN program
Claus Lensbøl
May 13, 2013
Tweet
Share
Other Decks in Programming
See All in Programming
JSAI2025 RecSysChallenge2024 優勝報告
unonao
1
430
GoのWebAssembly活用パターン紹介
syumai
3
1.4k
ワンバイナリWebサービスのススメ
mackee
10
7.6k
コード書くの好きな人向けAIコーディング活用tips #orestudy
77web
3
260
統一感のある Go コードを生成 AI の力で手にいれる
otakakot
0
2.2k
つよそうにふるまい、つよい成果を出すのなら、つよいのかもしれない
irof
0
240
💎 My RubyKaigi Effect in 2025: Top Ruby Companies 🌐
yasulab
PRO
1
130
衛星の軌道をWeb地図上に表示する
sankichi92
0
260
コードに語らせよう――自己ドキュメント化が内包する楽しさについて / Let the Code Speak
nrslib
6
1.4k
Enterprise Web App. Development (2): Version Control Tool Training Ver. 5.1
knakagawa
1
110
技術懸念に立ち向かい 法改正を穏便に乗り切った話
pop_cashew
0
1.2k
Devinで実践する!AIエージェントと協働する開発組織の作り方
masahiro_nishimi
6
2.9k
Featured
See All Featured
How to Ace a Technical Interview
jacobian
276
23k
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
PRO
20
1.3k
It's Worth the Effort
3n
184
28k
A Modern Web Designer's Workflow
chriscoyier
693
190k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
35
2.3k
Six Lessons from altMBA
skipperchong
28
3.8k
Bootstrapping a Software Product
garrettdimon
PRO
307
110k
Reflections from 52 weeks, 52 projects
jeffersonlam
349
20k
Thoughts on Productivity
jonyablonski
69
4.7k
Making the Leap to Tech Lead
cromwellryan
134
9.3k
Balancing Empowerment & Direction
lara
1
110
Bash Introduction
62gerente
614
210k
Transcript
punchVPN p2p VPN tunneler bag NAT
Facts • Klient - Python3.2 • Server - Python2.7 Kommende
Win32+OSX+UNIX support
Hvad skal det til for? • Sikkerhed • Anonymitet •
Direkte forbindelse
✘ Skidt måde at snakke sammen på A B 3.
part ☠ Forbindelse via 3. part Krypteret eller ukrypteret
✔ God måde at snakke sammen på A B 3.
part ☠ Direkte krypteret forbindelse udenom 3. part
Verdensbillede A B punch VPN Server Internet FW FW
Klient A -> Server A B punch VPN Server Internet
FW FW 1.
Klient B -> Server A B punch VPN Server Internet
FW FW 1. 2.
Klient A <-> Klient B A B punch VPN Server
Internet FW FW 1. 2. 3.
Forbindelsesmetoder A B punch VPN Server Internet FW FW 1.
2. 3. NAT-PMP UPnP-IGD UDP-HolePunch
Hvem kan forbinde? NAT-PMP UPnP-IGD Direct mapping Random mapping NAT-PMP
✔ ✔ ✔ ✔ UPnP-IGD ✔ ✔ ✔ ✔ Direct mapping ✔ ✔ ✔ ✘ Random mapping ✔ ✔ ✘ ✘
[code] punchVPNd/punchVPNd.py:108
NAT-PMP Dynamisk firewall
Hvordan virker det? • Simpel protokol • Apple-Bonjour
Bed om den eksterne IP adresse Data der skal sendes:
0b0000000000000000 Modtaget data: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Vers = 0 | OP = 128 + 0 | Result Code (net byte order) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Seconds Since Start of Epoch (in network byte order) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | External IPv4 Address (a.b.c.d) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Revisionerne, det nye def create_payload(self, local_port, external_port, lifetime): return pack('>2B3HI',
0, 1, 0, local_port, external_port, lifetime)
[code] natPMP/natPMP.py:49 natPMP/natPMP.py:70
Greenlets og Gevent Micro threads og long polling
Greenlets • Micro Threading • God scheduling
Gevent • Modul på libevent • Bruger Greenlets • Monkey-patcher
Python • Webserver
Long polling • Lange HTTP(S) kald • Næsten en socket
while(1): new_request_event.wait() if me.peer: msg = {'status': 'READY'} msg = json.dumps(msg) return msg new_request_event.set() new_request_event.clear()
[code] punchVPNd/punchVPNd.py:71 punchVPNd/punchVPNd.py:132
Et eksempel
Server og klient Hvordan hænger det sammen
JSON • Nemt at udvide • Ensartet syntax { "me.VPNaddr"
: "169.254.45.221", "me.mode" : "p2p", "peer.VPNaddr" : "169.254.45.222", "peer.ip" : "130.225.204.238", "peer.lport" : 15544, "status" : "READY" }
Demonstration Ellers er det jo bare en masse ord
UDP hole punching
[demo]
Spørgsmål? • https://github.com/cmol/punchVPN/ • https://twitter.com/lensboel • https://speakerdeck.com/cmol/punchvpn- dansk