Bug 12966 - socket_wrapper with support for arbitrary IP addresses
socket_wrapper with support for arbitrary IP addresses
Status: NEW
Product: cwrap
Classification: Unclassified
Component: library
unspecified
All All
: P5 normal
: ---
Assigned To: Andreas Schneider
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-08-15 11:53 UTC by Petr Špaček
Modified: 2017-08-18 08:41 UTC (History)
3 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Petr Špaček 2017-08-15 11:53:57 UTC
Hello,

and first of all, thank you for socket_wrapper! It is an excelent software and we use modified version of it [1] for the Deckard project [2].

Over time we found out that we need to simulate networks with non-private IP addresses. This need lead to our customized version of socket_wrapper. We are happy to contribute these changes back upstream.


What is your possition on this feature? Would you accept such feature upstream? Under what conditions? We can rework our version according to your instructions if necessary.

Thank you for your time.


Background:
We are capturing real-world DNS traffic and replaying it inside socket_wrapper environment. The DNS data contain IP addresses are signed by keys we do not have so we cannot change IP addresses, thus the need for binding to arbitrary IP addresses.

[1] https://gitlab.labs.nic.cz/labs/socket_wrapper
[2] https://gitlab.labs.nic.cz/knot/deckard
Comment 1 Andreas Schneider 2017-08-16 09:26:05 UTC
Hi Petr,

yes, we're interested in the changes as long as they are not breaking existing functionality and just extend socket_wrapper. All new features need to be covered with tests! We also need documentation for it.

NOTE: We are currently working on making socket_wrapper thread-safe. The current WIP branch is:

https://gitlab.com/anoopcs/socket_wrapper/commits/threadsafe-rework-wip-child-si

You should base your work on that branch or wait till it hits master (hopefully soon).

Please make small commits, they are easier to review. Also smaller commits make it easier to do changes if we need them. Put tests in their own commits.

I hope that helps :-)

Send patches to the samba-technical malinglist for discussion.

Thanks!
Comment 2 Petr Špaček 2017-08-16 11:53:50 UTC
Ok, thank you for reply. Speaking of backwards compatibility, comments in current code indicate that there might be challenges. Especially:

> #define SOCKET_FORMAT "%c%02X%04X"
> /* we need to use a very terse format here as IRIX 6.4 silently truncates names to 16 chars */

Is IRIX 6.4 still an interesting platform? It would be so much easier to just drop support for it and use longer names and allow us to encode full protocol-IPv6 address-port right into the filename.


> /* This limit is to avoid broadcast sendto() needing to stat too many
>  * files.  It may be raised (with a performance cost) to up to 254
>  * without changing the format above */
> #define MAX_WRAPPED_INTERFACES 64

Broadcast is a hard thing when it comes to classless IP addresses. I'm afraid that there is no way to way to determine if IPv4 address 192.0.2.1 belongs to network 192.0.2.0/24 or 192.0.2.0/16.

Would it be acceptable for you to assume /24 netmask for IPv4?


Also, what are performance expectations? I can imagine that making it more general could lead to slower performance with many addresses.


If we can agree on approach to these problems we could contribute code. (We will probably wait before you merge the big changes so we do not need to track a moving target.)

Thank you for your time.
Comment 3 Andreas Schneider 2017-08-18 08:41:36 UTC
I think we can remove the IRIX support from socket_wrapper. BSD and Solaris should still be supported!

Yes, we can assume /24 netmask for IPv4. However it needs to be documented!

socket_wrapper should work by default with the 127.0.0.x addresses as it is working right now.

Your changed need to be an additional way to set it up using environment variables.