Upgrade to Pro — share decks privately, control downloads, hide ads and more …

punchVPN-dansk

Sponsored · SiteGround - Reliable hosting with speed, security, and support you can count on.
Avatar for Claus Lensbøl Claus Lensbøl
May 13, 2013
Programming
280
1

 punchVPN-dansk

Danish walk-through of the punchVPN program

Avatar for Claus Lensbøl

Claus Lensbøl

May 13, 2013

Other Decks in Programming

See All in Programming
サークル参加から学ぶ、小さな事業の回し方
Avatar for yuzneri yuzneri
0
230
Make SRE Operations Easier with Azure SRE Agent
Avatar for KAMEGAWA Kazushi kkamegawa
0
170
Sans tests, vos agents ne sont pas fiables
Avatar for Nathan Abondance nabondance
0
160
生成AI時代にこそ効くGo | Why Go Works in the Age of Generative AI
Avatar for mom0tomo mom0tomo
1
790
AWSはOSSをどのように 考えているのか?
Avatar for アキキー | Akihisa Ikeda akihisaikeda
1
140
要はバランスからの卒業 #yumemi_grow
Avatar for Takuma Kajikawa kajitack
0
190
20260514_its_the_context_window_stupid.pdf
Avatar for heita heita
0
1.1k
脅威をエンジニアリングの糧にして――現場編 / Turning Threats into Engineering Fuel — Field Edition
Avatar for nrs nrslib
0
120
CSC307 Lecture 17
Avatar for Javier Gonzalez-Sanchez javiergs
PRO
0
240
Copilot CLI の継戦能力を高める コンテキスト管理
Avatar for Nozomuts nozomutu
1
950
AIチームを指揮するOSS「TAKT」活用術 / How to Use “TAKT,” an OSS Tool for Orchestrating AI Teams
Avatar for nrs nrslib
5
630
AI駆動開発勉強会 広島支部 第一回勉強会 AI駆動開発概要とワークショップ
Avatar for smz hyt hayatoshimiu
0
360

Featured

See All Featured
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
Avatar for Dan Newman danielanewman
231
23k
The Limits of Empathy - UXLibs8
Avatar for Cassini Nazir cassininazir
1
340
Digital Ethics as a Driver of Design Innovation
Avatar for Per Axbom axbom
PRO
1
290
Mobile First: as difficult as doing things right
Avatar for Swwweet swwweet
225
10k
The Success of Rails: Ensuring Growth for the Next 100 Years
Avatar for Eileen M. Uchitelle eileencodes
47
8.1k
Building a Scalable Design System with Sketch
Avatar for Laura Van Doore lauravandoore
463
34k
Testing 201, or: Great Expectations
Avatar for Joseph Mastey jmmastey
46
8.2k
Avoiding the “Bad Training, Faster” Trap in the Age of AI
Avatar for Mike Taylor tmiket
0
160
コードの90%をAIが書く世界で何が待っているのか / What awaits us in a world where 90% of the code is written by AI
Avatar for r-kagaya rkaga
61
44k
Skip the Path - Find Your Career Trail
Avatar for Mark Kilby mkilby
1
130
WCS-LA-2024
Avatar for Leonardo Collado-Torres lcolladotor
0
600
Statistics for Hackers
Avatar for Jake VanderPlas jakevdp
799
230k

Transcript

  1. punchVPN p2p VPN tunneler bag NAT

  2. Facts • Klient - Python3.2 • Server - Python2.7 Kommende

    Win32+OSX+UNIX support

  3. Hvad skal det til for? • Sikkerhed • Anonymitet •

    Direkte forbindelse

  4. ✘ Skidt måde at snakke sammen på A B 3.

    part ☠ Forbindelse via 3. part Krypteret eller ukrypteret

  5. ✔ God måde at snakke sammen på A B 3.

    part ☠ Direkte krypteret forbindelse udenom 3. part

  6. Verdensbillede A B punch VPN Server Internet FW FW

  7. Klient A -> Server A B punch VPN Server Internet

    FW FW 1.

  8. Klient B -> Server A B punch VPN Server Internet

    FW FW 1. 2.

  9. Klient A <-> Klient B A B punch VPN Server

    Internet FW FW 1. 2. 3.

  10. Forbindelsesmetoder A B punch VPN Server Internet FW FW 1.

    2. 3. NAT-PMP UPnP-IGD UDP-HolePunch

  11. Hvem kan forbinde? NAT-PMP UPnP-IGD Direct mapping Random mapping NAT-PMP

    ✔ ✔ ✔ ✔ UPnP-IGD ✔ ✔ ✔ ✔ Direct mapping ✔ ✔ ✔ ✘ Random mapping ✔ ✔ ✘ ✘

  12. [code] punchVPNd/punchVPNd.py:108

  13. NAT-PMP Dynamisk firewall

  14. Hvordan virker det? • Simpel protokol • Apple-Bonjour

  15. Bed om den eksterne IP adresse Data der skal sendes:

    0b0000000000000000 Modtaget data: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Vers = 0 | OP = 128 + 0 | Result Code (net byte order) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Seconds Since Start of Epoch (in network byte order) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | External IPv4 Address (a.b.c.d) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

  16. Revisionerne, det nye def create_payload(self, local_port, external_port, lifetime): return pack('>2B3HI',

    0, 1, 0, local_port, external_port, lifetime)

  17. [code] natPMP/natPMP.py:49 natPMP/natPMP.py:70

  18. Greenlets og Gevent Micro threads og long polling

  19. Greenlets • Micro Threading • God scheduling

  20. Gevent • Modul på libevent • Bruger Greenlets • Monkey-patcher

    Python • Webserver

  21. Long polling • Lange HTTP(S) kald • Næsten en socket

    while(1): new_request_event.wait() if me.peer: msg = {'status': 'READY'} msg = json.dumps(msg) return msg new_request_event.set() new_request_event.clear()

  22. [code] punchVPNd/punchVPNd.py:71 punchVPNd/punchVPNd.py:132

  23. Et eksempel

  24. Server og klient Hvordan hænger det sammen

  25. JSON • Nemt at udvide • Ensartet syntax { "me.VPNaddr"

    : "169.254.45.221", "me.mode" : "p2p", "peer.VPNaddr" : "169.254.45.222", "peer.ip" : "130.225.204.238", "peer.lport" : 15544, "status" : "READY" }

  26. Demonstration Ellers er det jo bare en masse ord

  27. UDP hole punching

  28. [demo]

  29. Spørgsmål? • https://github.com/cmol/punchVPN/ • https://twitter.com/lensboel • https://speakerdeck.com/cmol/punchvpn- dansk