Upgrade to Pro — share decks privately, control downloads, hide ads and more …

punchVPN-dansk

Sponsored · Ship Features Fearlessly Turn features on and off without deploys. Used by thousands of Ruby developers.
Avatar for Claus Lensbøl Claus Lensbøl
May 13, 2013
Programming
1
260

 punchVPN-dansk

Danish walk-through of the punchVPN program

Avatar for Claus Lensbøl

Claus Lensbøl

May 13, 2013
Tweet

Other Decks in Programming

See All in Programming
CSC307 Lecture 03
Avatar for Javier Gonzalez-Sanchez javiergs
PRO
1
490
カスタマーサクセス業務を変革したヘルススコアの実現と学び
Avatar for Tomoyuki Hamaguchi _hummer0724
0
690
Oxlint JS plugins
Avatar for kazupon kazupon
1
900
The Past, Present, and Future of Enterprise Java
Avatar for ivargrimstad ivargrimstad
0
560
AgentCoreとHuman in the Loop
Avatar for Har1101 har1101
5
230
16年目のピクシブ百科事典を支える最新の技術基盤 / The Modern Tech Stack Powering Pixiv Encyclopedia in its 16th Year
Avatar for ahu ahuglajbclajep
5
1k
0→1 フロントエンド開発 Tips🚀 #レバテックMeetup
Avatar for 弁護士ドットコム bengo4com
0
560
AI & Enginnering
Avatar for codelynx codelynx
0
110
CSC307 Lecture 09
Avatar for Javier Gonzalez-Sanchez javiergs
PRO
1
830
humanlayerのブログから学ぶ、良いCLAUDE.mdの書き方
Avatar for Yuto tsukamoto1783
0
190
IFSによる形状設計/デモシーンの魅力 @ 慶應大学SFC
Avatar for がむ gam0022
1
300
AWS re:Invent 2025参加 直前 Seattle-Tacoma Airport(SEA)におけるハードウェア紛失インシデントLT
Avatar for tetutetu214 tetutetu214
2
110

Featured

See All Featured
Amusing Abliteration
Avatar for ianozsvald ianozsvald
0
100
What’s in a name? Adding method to the madness
Avatar for The Alliance productmarketing
PRO
24
3.9k
Fashionably flexible responsive web design (full day workshop)
Avatar for Andy Clarke malarkey
408
66k
Marketing Yourself as an Engineer | Alaka | Gurzu
Avatar for Gurzu gurzu
0
130
Exploring anti-patterns in Rails
Avatar for Elle Meredith aemeredith
2
250
AI Search:
Where Are We & What Can We Do About It?
Avatar for Aleyda Solis aleyda
0
6.9k
SEO Brein meetup: CTRL+C is not how to scale international SEO
Avatar for Linda Hogenes lindahogenes
0
2.3k
Building Flexible Design Systems
Avatar for Yesenia Perez-Cruz yeseniaperezcruz
330
40k
Max Prin - Stacking Signals: How International SEO Comes Together (And Falls Apart)
Avatar for Tech SEO Connect techseoconnect
PRO
0
84
Navigating the moral maze — ethical principles for Al-driven product design
Avatar for Skipper Chong Warson skipperchong
2
240
A better future with KSS
Avatar for Kyle Neath kneath
240
18k
The Psychology of Web Performance [Beyond Tellerrand 2023]
Avatar for Tammy Everts tammyeverts
49
3.3k

Transcript

  1. punchVPN p2p VPN tunneler bag NAT

  2. Facts • Klient - Python3.2 • Server - Python2.7 Kommende

    Win32+OSX+UNIX support

  3. Hvad skal det til for? • Sikkerhed • Anonymitet •

    Direkte forbindelse

  4. ✘ Skidt måde at snakke sammen på A B 3.

    part ☠ Forbindelse via 3. part Krypteret eller ukrypteret

  5. ✔ God måde at snakke sammen på A B 3.

    part ☠ Direkte krypteret forbindelse udenom 3. part

  6. Verdensbillede A B punch VPN Server Internet FW FW

  7. Klient A -> Server A B punch VPN Server Internet

    FW FW 1.

  8. Klient B -> Server A B punch VPN Server Internet

    FW FW 1. 2.

  9. Klient A <-> Klient B A B punch VPN Server

    Internet FW FW 1. 2. 3.

  10. Forbindelsesmetoder A B punch VPN Server Internet FW FW 1.

    2. 3. NAT-PMP UPnP-IGD UDP-HolePunch

  11. Hvem kan forbinde? NAT-PMP UPnP-IGD Direct mapping Random mapping NAT-PMP

    ✔ ✔ ✔ ✔ UPnP-IGD ✔ ✔ ✔ ✔ Direct mapping ✔ ✔ ✔ ✘ Random mapping ✔ ✔ ✘ ✘

  12. [code] punchVPNd/punchVPNd.py:108

  13. NAT-PMP Dynamisk firewall

  14. Hvordan virker det? • Simpel protokol • Apple-Bonjour

  15. Bed om den eksterne IP adresse Data der skal sendes:

    0b0000000000000000 Modtaget data: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Vers = 0 | OP = 128 + 0 | Result Code (net byte order) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Seconds Since Start of Epoch (in network byte order) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | External IPv4 Address (a.b.c.d) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

  16. Revisionerne, det nye def create_payload(self, local_port, external_port, lifetime): return pack('>2B3HI',

    0, 1, 0, local_port, external_port, lifetime)

  17. [code] natPMP/natPMP.py:49 natPMP/natPMP.py:70

  18. Greenlets og Gevent Micro threads og long polling

  19. Greenlets • Micro Threading • God scheduling

  20. Gevent • Modul på libevent • Bruger Greenlets • Monkey-patcher

    Python • Webserver

  21. Long polling • Lange HTTP(S) kald • Næsten en socket

    while(1): new_request_event.wait() if me.peer: msg = {'status': 'READY'} msg = json.dumps(msg) return msg new_request_event.set() new_request_event.clear()

  22. [code] punchVPNd/punchVPNd.py:71 punchVPNd/punchVPNd.py:132

  23. Et eksempel

  24. Server og klient Hvordan hænger det sammen

  25. JSON • Nemt at udvide • Ensartet syntax { "me.VPNaddr"

    : "169.254.45.221", "me.mode" : "p2p", "peer.VPNaddr" : "169.254.45.222", "peer.ip" : "130.225.204.238", "peer.lport" : 15544, "status" : "READY" }

  26. Demonstration Ellers er det jo bare en masse ord

  27. UDP hole punching

  28. [demo]

  29. Spørgsmål? • https://github.com/cmol/punchVPN/ • https://twitter.com/lensboel • https://speakerdeck.com/cmol/punchvpn- dansk