In a previous post, I wrote about how to create virtual network interfaces on Linux by using TUN interface facility. We created a simple use program which opened the file descriptors of the TUN interface from the back-end so that any packet directed to the TUN interface will be read by the back-end program through the file descriptor. Similarly, we can write to the file descriptor from the back-end program so that any application listening to the TUN network interface will receive it.
In this article, I'm demonstrating a simple setup based on TUN network interfaces which we can use to deliver our IP packets from one host to another inside a TCP socket connection. This is a simple but an interesting system to demonstrate that we can capture IP packets and then deliver them through any medium we want including TCP sockets. In this particular example, since we are using TCP sockets, we need two programs; a TCP server and a TCP client to run on the two hosts. As IP packets what we are actually sending are ICMP payloads so we should have named this post as ICMP over TCP to be more precise. Let's start the description.
 |
| High-level overview of the setup |
1. First of all, obtain the required source files from the following git repository.
git clone https://github.com/asanka-code/tun-tcp-socket.git
2. In the first computer, run following commands to setup a TUN interface called asa0,
sudo ip tuntap add dev asa0 mode tun
sudo ip addr add 10.0.1.1/24 dev asa0
sudo ip link set dev asa0 up
sudo ip addr show
sudo ip addr add 10.0.1.1/24 dev asa0
sudo ip link set dev asa0 up
sudo ip addr show
3. In the second computer, run following commands to setup a TUN interface called asa0,
sudo ip tuntap add dev asa0 mode tun
sudo ip addr add 10.0.1.2/24 dev asa0
sudo ip link set dev asa0 up
sudo ip addr show
sudo ip addr add 10.0.1.2/24 dev asa0
sudo ip link set dev asa0 up
sudo ip addr show
4. Compile and run TUN controller program which is also a TCP server on host 2,
gcc tun-server.c -o tun-server
./tun-server
./tun-server
5. Compile and run TUN controller program which is also a TCP client on host 1,
gcc tun-client.c -o tun-client
./tun-client
./tun-client
6. Ping from host 1 to host 2 where our ping packets will be delivered through the TCP client and TCP server in the TCP socket connection (connection x),
ping -I 10.0.1.1 10.0.1.2
If everything is properly setup. We should be able to see the ping responses from the remote host.
Hi my friend
ReplyDeleteThis tutorial is very good
Thank you