Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
punchVPN-dansk
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
Claus Lensbøl
May 13, 2013
Programming
270
1
Share
punchVPN-dansk
Danish walk-through of the punchVPN program
Claus Lensbøl
May 13, 2013
Other Decks in Programming
See All in Programming
Smarter Angular mit Transformers.js & Prompt API
christianliebel
PRO
1
120
Redox OS でのネームスペース管理と chroot の実現
isanethen
0
550
事業会社でのセキュリティ長期インターンについて
masachikaura
0
230
条件判定に名前、つけてますか? #phperkaigi #c
77web
2
980
存在論的プログラミング: 時間と存在を記述する
koriym
5
840
AI活用のコスパを最大化する方法
ochtum
0
380
テレメトリーシグナルが導くパフォーマンス最適化 / Performance Optimization Driven by Telemetry Signals
seike460
PRO
2
220
へんな働き方
yusukebe
6
2.9k
AI時代のPhpStorm最新事情 #phpcon_odawara
yusuke
0
130
ドメインイベントでビジネスロジックを解きほぐす #phpcon_odawara
kajitack
2
120
2026-03-27 #terminalnight 変数展開とコマンド展開でターミナル作業をスマートにする方法
masasuzu
0
310
実践ハーネスエンジニアリング #MOSHTech
kajitack
7
6k
Featured
See All Featured
The AI Search Optimization Roadmap by Aleyda Solis
aleyda
1
5.6k
Design of three-dimensional binary manipulators for pick-and-place task avoiding obstacles (IECON2024)
konakalab
0
400
Building Adaptive Systems
keathley
44
3k
Paper Plane
katiecoart
PRO
1
49k
No one is an island. Learnings from fostering a developers community.
thoeni
21
3.7k
The Web Performance Landscape in 2024 [PerfNow 2024]
tammyeverts
12
1.1k
The browser strikes back
jonoalderson
0
930
For a Future-Friendly Web
brad_frost
183
10k
Rebuilding a faster, lazier Slack
samanthasiow
85
9.4k
Color Theory Basics | Prateek | Gurzu
gurzu
0
280
The Cost Of JavaScript in 2023
addyosmani
55
9.8k
Java REST API Framework Comparison - PWX 2021
mraible
34
9.2k
Transcript
punchVPN p2p VPN tunneler bag NAT
Facts • Klient - Python3.2 • Server - Python2.7 Kommende
Win32+OSX+UNIX support
Hvad skal det til for? • Sikkerhed • Anonymitet •
Direkte forbindelse
✘ Skidt måde at snakke sammen på A B 3.
part ☠ Forbindelse via 3. part Krypteret eller ukrypteret
✔ God måde at snakke sammen på A B 3.
part ☠ Direkte krypteret forbindelse udenom 3. part
Verdensbillede A B punch VPN Server Internet FW FW
Klient A -> Server A B punch VPN Server Internet
FW FW 1.
Klient B -> Server A B punch VPN Server Internet
FW FW 1. 2.
Klient A <-> Klient B A B punch VPN Server
Internet FW FW 1. 2. 3.
Forbindelsesmetoder A B punch VPN Server Internet FW FW 1.
2. 3. NAT-PMP UPnP-IGD UDP-HolePunch
Hvem kan forbinde? NAT-PMP UPnP-IGD Direct mapping Random mapping NAT-PMP
✔ ✔ ✔ ✔ UPnP-IGD ✔ ✔ ✔ ✔ Direct mapping ✔ ✔ ✔ ✘ Random mapping ✔ ✔ ✘ ✘
[code] punchVPNd/punchVPNd.py:108
NAT-PMP Dynamisk firewall
Hvordan virker det? • Simpel protokol • Apple-Bonjour
Bed om den eksterne IP adresse Data der skal sendes:
0b0000000000000000 Modtaget data: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Vers = 0 | OP = 128 + 0 | Result Code (net byte order) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Seconds Since Start of Epoch (in network byte order) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | External IPv4 Address (a.b.c.d) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Revisionerne, det nye def create_payload(self, local_port, external_port, lifetime): return pack('>2B3HI',
0, 1, 0, local_port, external_port, lifetime)
[code] natPMP/natPMP.py:49 natPMP/natPMP.py:70
Greenlets og Gevent Micro threads og long polling
Greenlets • Micro Threading • God scheduling
Gevent • Modul på libevent • Bruger Greenlets • Monkey-patcher
Python • Webserver
Long polling • Lange HTTP(S) kald • Næsten en socket
while(1): new_request_event.wait() if me.peer: msg = {'status': 'READY'} msg = json.dumps(msg) return msg new_request_event.set() new_request_event.clear()
[code] punchVPNd/punchVPNd.py:71 punchVPNd/punchVPNd.py:132
Et eksempel
Server og klient Hvordan hænger det sammen
JSON • Nemt at udvide • Ensartet syntax { "me.VPNaddr"
: "169.254.45.221", "me.mode" : "p2p", "peer.VPNaddr" : "169.254.45.222", "peer.ip" : "130.225.204.238", "peer.lport" : 15544, "status" : "READY" }
Demonstration Ellers er det jo bare en masse ord
UDP hole punching
[demo]
Spørgsmål? • https://github.com/cmol/punchVPN/ • https://twitter.com/lensboel • https://speakerdeck.com/cmol/punchvpn- dansk
christianliebel
isanethen
masachikaura
77web
koriym
ochtum
seike460
yusukebe
yusuke
kajitack
masasuzu
aleyda
konakalab
keathley
katiecoart
thoeni
tammyeverts
jonoalderson
brad_frost
samanthasiow
gurzu
addyosmani
mraible
![[code] punchVPNd/punchVPNd.py:108](https://files.speakerdeck.com/presentations/31c705509afe01306b724ab2bdc0c3b5/slide_11.jpg){kind=link}
![[code] natPMP/natPMP.py:49 natPMP/natPMP.py:70](https://files.speakerdeck.com/presentations/31c705509afe01306b724ab2bdc0c3b5/slide_16.jpg){kind=link}
![[code] punchVPNd/punchVPNd.py:71 punchVPNd/punchVPNd.py:132](https://files.speakerdeck.com/presentations/31c705509afe01306b724ab2bdc0c3b5/slide_21.jpg){kind=link}
![[demo]](https://files.speakerdeck.com/presentations/31c705509afe01306b724ab2bdc0c3b5/slide_27.jpg){kind=link}
