Upgrade to Pro — share decks privately, control downloads, hide ads and more …

punchVPN-dansk

Sponsored · Your Podcast. Everywhere. Effortlessly. Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
Avatar for Claus Lensbøl Claus Lensbøl
May 13, 2013
Programming
1
260

 punchVPN-dansk

Danish walk-through of the punchVPN program

Avatar for Claus Lensbøl

Claus Lensbøl

May 13, 2013
Tweet

Other Decks in Programming

See All in Programming
コマンドとリード間の連携に対する脅威分析フレームワーク
Avatar for Aja9tochin pandayumi
1
450
それ、本当に安全? ファイルアップロードで見落としがちなセキュリティリスクと対策
Avatar for ikechi penpeen
7
3.9k
CSC307 Lecture 05
Avatar for Javier Gonzalez-Sanchez javiergs
PRO
0
500
例外処理とどう使い分ける?Result型を使ったエラー設計 #burikaigi
Avatar for Takuma Kajikawa kajitack
16
6.1k
CSC307 Lecture 04
Avatar for Javier Gonzalez-Sanchez javiergs
PRO
0
660
AIで開発はどれくらい加速したのか?AIエージェントによるコード生成を、現場の評価と研究開発の評価の両面からdeep diveしてみる
Avatar for どすこい daisuketakeda
1
2.5k
SourceGeneratorのススメ
Avatar for tkym htkym
0
190
CSC307 Lecture 08
Avatar for Javier Gonzalez-Sanchez javiergs
PRO
0
670
MDN Web Docs に日本語翻訳でコントリビュート
Avatar for uutan1108 ohmori_yusuke
0
650
高速開発のためのコード整理術
Avatar for sutetotanuki sutetotanuki
1
400
Basic Architectures
Avatar for Denys Poltorak denyspoltorak
0
670
AIエージェント、”どう作るか”で差は出るか? / AI Agents: Does the "How" Make a Difference?
Avatar for r-kagaya rkaga
4
2k

Featured

See All Featured
Measuring & Analyzing Core Web Vitals
Avatar for Philip Tellis bluesmoon
9
750
Easily Structure & Communicate Ideas using Wireframe
Avatar for Afnizar Nur Ghifari afnizarnur
194
17k
From π to Pie charts
Avatar for Rasagy Sharma rasagy
0
120
Making the Leap to Tech Lead
Avatar for Ryan Cromwell cromwellryan
135
9.7k
Prompt Engineering for Job Search
Avatar for Mfonobong Umondia mfonobong
0
160
The Art of Delivering Value - GDevCon NA Keynote
Avatar for David Neal reverentgeek
16
1.8k
Mind Mapping
Avatar for Hélio Medeiros helmedeiros
PRO
0
81
SEO for Brand Visibility & Recognition
Avatar for Aleyda Solis aleyda
0
4.2k
Music & Morning Musume
Avatar for Bryan Veloso bryan
47
7.1k
Crafting Experiences
Avatar for Bethany Jepchumba bethany
1
48
Put a Button on it: Removing Barriers to Going Fast.
Avatar for kastner kastner
60
4.2k
Optimizing for Happiness
Avatar for Tom Preston-Werner mojombo
379
71k

Transcript

  1. punchVPN p2p VPN tunneler bag NAT

  2. Facts • Klient - Python3.2 • Server - Python2.7 Kommende

    Win32+OSX+UNIX support

  3. Hvad skal det til for? • Sikkerhed • Anonymitet •

    Direkte forbindelse

  4. ✘ Skidt måde at snakke sammen på A B 3.

    part ☠ Forbindelse via 3. part Krypteret eller ukrypteret

  5. ✔ God måde at snakke sammen på A B 3.

    part ☠ Direkte krypteret forbindelse udenom 3. part

  6. Verdensbillede A B punch VPN Server Internet FW FW

  7. Klient A -> Server A B punch VPN Server Internet

    FW FW 1.

  8. Klient B -> Server A B punch VPN Server Internet

    FW FW 1. 2.

  9. Klient A <-> Klient B A B punch VPN Server

    Internet FW FW 1. 2. 3.

  10. Forbindelsesmetoder A B punch VPN Server Internet FW FW 1.

    2. 3. NAT-PMP UPnP-IGD UDP-HolePunch

  11. Hvem kan forbinde? NAT-PMP UPnP-IGD Direct mapping Random mapping NAT-PMP

    ✔ ✔ ✔ ✔ UPnP-IGD ✔ ✔ ✔ ✔ Direct mapping ✔ ✔ ✔ ✘ Random mapping ✔ ✔ ✘ ✘

  12. [code] punchVPNd/punchVPNd.py:108

  13. NAT-PMP Dynamisk firewall

  14. Hvordan virker det? • Simpel protokol • Apple-Bonjour

  15. Bed om den eksterne IP adresse Data der skal sendes:

    0b0000000000000000 Modtaget data: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Vers = 0 | OP = 128 + 0 | Result Code (net byte order) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Seconds Since Start of Epoch (in network byte order) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | External IPv4 Address (a.b.c.d) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

  16. Revisionerne, det nye def create_payload(self, local_port, external_port, lifetime): return pack('>2B3HI',

    0, 1, 0, local_port, external_port, lifetime)

  17. [code] natPMP/natPMP.py:49 natPMP/natPMP.py:70

  18. Greenlets og Gevent Micro threads og long polling

  19. Greenlets • Micro Threading • God scheduling

  20. Gevent • Modul på libevent • Bruger Greenlets • Monkey-patcher

    Python • Webserver

  21. Long polling • Lange HTTP(S) kald • Næsten en socket

    while(1): new_request_event.wait() if me.peer: msg = {'status': 'READY'} msg = json.dumps(msg) return msg new_request_event.set() new_request_event.clear()

  22. [code] punchVPNd/punchVPNd.py:71 punchVPNd/punchVPNd.py:132

  23. Et eksempel

  24. Server og klient Hvordan hænger det sammen

  25. JSON • Nemt at udvide • Ensartet syntax { "me.VPNaddr"

    : "169.254.45.221", "me.mode" : "p2p", "peer.VPNaddr" : "169.254.45.222", "peer.ip" : "130.225.204.238", "peer.lport" : 15544, "status" : "READY" }

  26. Demonstration Ellers er det jo bare en masse ord

  27. UDP hole punching

  28. [demo]

  29. Spørgsmål? • https://github.com/cmol/punchVPN/ • https://twitter.com/lensboel • https://speakerdeck.com/cmol/punchvpn- dansk