Inspired by hyprspace and kytan
Use a tun
device for routing packets via libp2p
.
This project is a WIP. It has no security guarantees. Please run in a VM or other machine you don't care about.
Currently capable of establishing a connection with explicit peer swarm addresses provided in config. See below for a description of how to create two tun
devices and route packets between them over the p2p transport.
# initialize the configuration file
p2p-tun init --config myconfig.yaml
# configA.yaml
# ...
listen: /ip4/127.0.0.1/tcp/9944
peers:
- peer_id: 12D3KooWBWtFDCDJqDLLd8LDDYU7EuFXEGj34HnpRQ8psfYadboW
swarm_addr: /ip4/127.0.0.1/tcp/9955
ip4_addr: 10.0.1.20
# configB.yaml
# ...
listen: /ip4/127.0.0.1/tcp/9955
peers:
- peer_id: 12D3KooWRd9wxyHnUae7fxVjYV5hDm1CuTwrAxKhYVwGd6Eu4Ssq
swarm_addr: /ip4/127.0.0.1/tcp/9944
ip4_addr: 10.0.1.10
# shell A
sudo p2p-tun run --config ./configA.yaml
# shell B
sudo p2p-tun run --config ./configB.yaml
sudo ip addr add 10.0.1.10 dev tun0
sudo ip addr add 10.0.1.20 dev tun1
sudo ip route add 10.0.1.20 dev tun0
sudo ip route add 10.0.1.10 dev tun1
sudo iptables -t nat -A POSTROUTING -o tun0 -j SNAT --to 10.0.1.10
sudo iptables -t nat -A POSTROUTING -o tun1 -j SNAT --to 10.0.1.20
# shell 1
nc -lvp 4040 10.0.1.20
# shell 2
nc 10.0.1.20 4040
- modify netfilter rules automatically
- add property based tests
- incoming and outgoing packets should not cause a
panic!
- packet sent should equal packet received with destination addr modified to match configured ip address of peer
- should drop requests from peer that does not have an associated ip4 address
- should not send packets to an ip4 address that does not have an associated peer id
- incoming and outgoing packets should not cause a
- detect packet splitting due to improperly tuned MTU
- find a better way to split stuff that needs
root
(creating tun) from stuff that doesn't