implement icmpv6 on ipv4

Author: Arian8j2

forwarder-cli/src/icmp_rev/health_check.rs

@@ -2,7 +2,7 @@ use crate::Args;
 use forwarder::{
     create_socket_buffer,
     socket::{
-        icmp::{create_bfp_filter, IcmpEchoType, IcmpSocket},
+        icmp::{create_bfp_filter, IcmpConfig, IcmpEchoType, IcmpSocket},
         SocketTrait,
     },
 };
@@ -30,7 +30,11 @@ const PACKET_COUNTER_LEN: usize = 100;
 
 pub fn initiate_server(cli: &Args) -> anyhow::Result<Arc<AtomicBool>> {
     let listen_addr = SocketAddr::new(cli.listen_uri.addr.ip(), cli.remote_uri.addr.port());
-    let mut socket = IcmpSocket::bind(&listen_addr, IcmpEchoType::Request, false)?;
+    let config = IcmpConfig {
+        echo_type: IcmpEchoType::Request,
+        force_icmpv6: cli.force_icmpv6,
+    };
+    let mut socket = IcmpSocket::bind(&listen_addr, config, false)?;
     socket.set_read_timeout(Some(HELLO_TIMEOUT))?;
 
     log::info!("waiting for client handshake...");
@@ -101,7 +105,11 @@ fn spawn_server_health_check(
 }
 
 pub fn initiate_client(cli: &Args, reverse_addr: IpAddr) -> anyhow::Result<Arc<AtomicBool>> {
-    let mut socket = IcmpSocket::bind(&cli.listen_uri.addr, IcmpEchoType::Reply, false)?;
+    let config = IcmpConfig {
+        echo_type: IcmpEchoType::Reply,
+        force_icmpv6: cli.force_icmpv6,
+    };
+    let mut socket = IcmpSocket::bind(&cli.listen_uri.addr, config, false)?;
     socket.set_read_timeout(Some(HELLO_TIMEOUT))?;
     socket.inner_socket().attach_filter(&create_bfp_filter(
         false,

forwarder-cli/src/main.rs

@@ -28,6 +28,10 @@ pub struct Args {
     #[arg(short = 'R', long)]
     pub reverse: bool,
 
+    /// When having one icmp uri this will force using icmpv6 protocol on ipv4
+    #[arg(short = '6', long)]
+    pub force_icmpv6: bool,
+
     /// Ip of server you wanna connect to and start the icmp connection in reverse mode
     #[arg(long)]
     pub reverse_addr: Option<IpAddr>,
@@ -49,7 +53,11 @@ fn main() -> anyhow::Result<()> {
     pushack::prepare_firewall(&cli)?;
 
     if cli.child || !cli.reverse {
-        forwarder::run(cli.listen_uri, cli.remote_uri, cli.passphrase, cli.reverse)?;
+        let args = forwarder::Args {
+            reverse_icmp: cli.reverse,
+            force_icmpv6: cli.force_icmpv6,
+        };
+        forwarder::run(cli.listen_uri, cli.remote_uri, cli.passphrase, args)?;
     } else {
         icmp_rev::run_reverse(cli)?;
     }

forwarder/src/lib.rs

@@ -5,7 +5,7 @@ pub mod socket;
 pub mod uri;
 pub(crate) mod utils;
 
-use crate::socket::icmp::IcmpEchoType;
+use crate::socket::icmp::{IcmpConfig, IcmpEchoType};
 use anyhow::Context;
 use parking_lot::{RwLock, RwLockUpgradableReadGuard, RwLockWriteGuard};
 use poll::Poll;
@@ -22,6 +22,12 @@ const MAX_PACKET_SIZE: usize = 65535;
 /// interval that cleanup happens, lowering this result in lower allowed unused time
 const CLEANUP_INTERVAL: Duration = Duration::from_secs(7 * 60);
 
+#[derive(Default, Clone)]
+pub struct Args {
+    pub reverse_icmp: bool,
+    pub force_icmpv6: bool,
+}
+
 /// blocks current thread and runs a forwarder server that listens on `listen_uri` and forwards
 /// all incoming packets to `remote_uri` and also forwards all packets returned by `remote_uri`
 /// to the client that initiated the connection
@@ -33,19 +39,28 @@ pub fn run(
     listen_uri: Uri,
     remote_uri: Uri,
     passphrase: Option<String>,
-    reverse_icmp: bool,
+    args: Args,
 ) -> anyhow::Result<()> {
     let listen_addr = &listen_uri.addr;
-    let icmp_type = if reverse_icmp {
+    let force_icmpv6 = args.force_icmpv6;
+    let icmp_type = if args.reverse_icmp {
         IcmpEchoType::Reply
     } else {
         IcmpEchoType::Request
     };
-    let socket = Socket::bind(listen_uri.protocol, listen_addr, icmp_type)
+    let icmp_config = IcmpConfig {
+        echo_type: icmp_type,
+        force_icmpv6,
+    };
+    let socket = Socket::bind(listen_uri.protocol, listen_addr, icmp_config)
         .with_context(|| "couldn't create server")?;
     log::info!("listen on '{listen_addr}'");
 
-    let poll = poll::new(remote_uri.protocol, remote_uri.addr, icmp_type.opposite())
+    let icmp_config = IcmpConfig {
+        echo_type: icmp_type.opposite(),
+        force_icmpv6: args.force_icmpv6,
+    };
+    let poll = poll::new(remote_uri.protocol, remote_uri.addr, icmp_config)
         .with_context(|| "couldn't create poll")?;
     let registry = poll
         .get_registry()
@@ -65,6 +80,7 @@ pub fn run(
         passphrase,
         remote_uri,
         icmp_type.opposite(),
+        force_icmpv6,
         listen_uri.addr.port(),
     );
     Ok(())
@@ -86,6 +102,7 @@ fn run_server(
     passphrase: Option<String>,
     remote_uri: Uri,
     peer_icmp_type: IcmpEchoType,
+    force_icmpv6: bool,
     listening_port: u16,
 ) {
     let buffer = create_socket_buffer!(MAX_PACKET_SIZE);
@@ -112,7 +129,11 @@ fn run_server(
             None => {
                 log::info!("new client '{from_addr}'");
                 let peers = RwLockUpgradableReadGuard::upgrade(peers);
-                let peer = match add_new_peer(&remote_uri, from_addr, peers, peer_icmp_type) {
+                let icmp_config = IcmpConfig {
+                    echo_type: peer_icmp_type,
+                    force_icmpv6,
+                };
+                let peer = match add_new_peer(&remote_uri, from_addr, peers, icmp_config) {
                     Ok(peer) => peer,
                     Err(error) => {
                         log::error!("couldn't add new peer: {error:?}");
@@ -132,9 +153,9 @@ fn add_new_peer(
     remote_uri: &Uri,
     from_addr: SocketAddr,
     mut peers: RwLockWriteGuard<PeerManager>,
-    icmp_echo_type: IcmpEchoType,
+    icmp_config: IcmpConfig,
 ) -> anyhow::Result<Arc<Peer>> {
-    let new_peer = Peer::new(remote_uri, from_addr, icmp_echo_type)?;
+    let new_peer = Peer::new(remote_uri, from_addr, icmp_config)?;
     let peer = peers.add_peer(new_peer)?;
     Ok(peer)
 }

forwarder/src/peer.rs

@@ -1,5 +1,5 @@
 use crate::poll::Registry;
-use crate::socket::icmp::IcmpEchoType;
+use crate::socket::icmp::IcmpConfig;
 use crate::socket::NonBlockingSocket;
 use crate::uri::Uri;
 use std::fmt::Debug;
@@ -22,10 +22,10 @@ impl Peer {
     pub fn new(
         remote_uri: &Uri,
         client_addr: SocketAddr,
-        icmp_echo_type: IcmpEchoType,
+        icmp_config: IcmpConfig,
     ) -> anyhow::Result<Self> {
         let addr = create_any_addr(remote_uri.addr.is_ipv6());
-        let mut socket = NonBlockingSocket::bind(remote_uri.protocol, &addr, icmp_echo_type)?;
+        let mut socket = NonBlockingSocket::bind(remote_uri.protocol, &addr, icmp_config)?;
         socket.connect(&remote_uri.addr)?;
         let peer = Self {
             socket,

forwarder/src/poll.rs

@@ -1,7 +1,7 @@
 use crate::{
     peer::{Peer, PeerManager},
     poll::pushack::PushackPoll,
-    socket::{icmp::IcmpEchoType, NonBlockingSocket},
+    socket::{icmp::IcmpConfig, NonBlockingSocket},
     uri::Protocol,
 };
 use icmp::IcmpPoll;
@@ -39,13 +39,13 @@ mod udp;
 pub fn new(
     protocol: Protocol,
     remote_addr: SocketAddr,
-    icmp_echo_type: IcmpEchoType,
+    icmp_config: IcmpConfig,
 ) -> anyhow::Result<Box<dyn Poll>> {
     Ok(match protocol {
         Protocol::Udp => Box::new(UdpPoll::new()?),
         Protocol::Icmp => Box::new(IcmpPoll {
             remote_addr,
-            echo_type: icmp_echo_type,
+            config: icmp_config,
         }),
         Protocol::Pushack => Box::new(PushackPoll { remote_addr }),
     })

forwarder/src/poll/icmp.rs

@@ -1,7 +1,7 @@
 use super::Poll;
 use crate::{
     peer::{Peer, PeerManager},
-    socket::icmp::{header_offset, parse_icmp_packet, IcmpEchoType, IcmpSocket, ICMP_HEADER_LEN},
+    socket::icmp::{header_offset, parse_icmp_packet, IcmpConfig, IcmpSocket, ICMP_HEADER_LEN},
     utils::cast_maybe_uninit,
     MAX_PACKET_SIZE,
 };
@@ -11,7 +11,7 @@ use std::{net::SocketAddr, sync::Arc};
 #[derive(Debug)]
 pub struct IcmpPoll {
     pub remote_addr: SocketAddr,
-    pub echo_type: IcmpEchoType,
+    pub config: IcmpConfig,
 }
 
 impl Poll for IcmpPoll {
@@ -26,13 +26,14 @@ impl Poll for IcmpPoll {
     ) -> anyhow::Result<()> {
         let is_ipv6 = self.remote_addr.is_ipv6();
         let listen_addr = crate::peer::create_any_addr(is_ipv6);
-        let socket: socket2::Socket = IcmpSocket::inner_bind(listen_addr)?;
+        let socket: socket2::Socket =
+            IcmpSocket::inner_bind(listen_addr, self.config.force_icmpv6)?;
 
         #[cfg(target_os = "linux")]
         {
             let filter = crate::socket::icmp::create_bfp_filter(
                 is_ipv6,
-                self.echo_type,
+                self.config.echo_type,
                 self.remote_addr.port(),
             );
             if let Err(error) = socket.attach_filter(&filter) {
@@ -48,7 +49,7 @@ impl Poll for IcmpPoll {
                 continue;
             };
             let Some(icmp_packet) =
-                parse_icmp_packet(&buffer[header_offset..size], is_ipv6, self.echo_type)
+                parse_icmp_packet(&buffer[header_offset..size], is_ipv6, self.config.echo_type)
             else {
                 continue;
             };

forwarder/src/socket.rs

@@ -1,4 +1,4 @@
-use crate::{socket::icmp::IcmpEchoType, uri::Protocol};
+use crate::{socket::icmp::IcmpConfig, uri::Protocol};
 use std::{
     io,
     net::SocketAddr,
@@ -42,11 +42,11 @@ impl Socket {
     pub fn bind(
         protocol: Protocol,
         addr: &SocketAddr,
-        icmp_type: IcmpEchoType,
+        icmp_config: IcmpConfig,
     ) -> io::Result<Self> {
         let socket = match protocol {
             Protocol::Udp => Socket::Udp(udp::UdpSocket::bind(addr)?),
-            Protocol::Icmp => Socket::Icmp(icmp::IcmpSocket::bind(addr, icmp_type, true)?),
+            Protocol::Icmp => Socket::Icmp(icmp::IcmpSocket::bind(addr, icmp_config, true)?),
             Protocol::Pushack => Socket::Pushack(pushack::PushackSocket::bind(addr)?),
         };
         Ok(socket)
@@ -72,11 +72,11 @@ impl NonBlockingSocket {
     pub fn bind(
         protocol: Protocol,
         addr: &SocketAddr,
-        icmp_echo_type: IcmpEchoType,
+        icmp_config: IcmpConfig,
     ) -> io::Result<Self> {
         let socket = match protocol {
             Protocol::Udp => Self::Udp(udp::NonBlockingUdpSocket::bind(addr)?),
-            Protocol::Icmp => Self::Icmp(icmp::NonBlockingIcmpSocket::bind(addr, icmp_echo_type)?),
+            Protocol::Icmp => Self::Icmp(icmp::NonBlockingIcmpSocket::bind(addr, icmp_config)?),
             Protocol::Pushack => Self::Pushack(pushack::NonBlockingPushackSocket::bind(addr)?),
         };
         Ok(socket)

forwarder/src/socket/icmp.rs

@@ -26,6 +26,12 @@ pub struct IcmpSocket {
     read_timeout: Option<Duration>,
 }
 
+#[derive(Debug)]
+pub struct IcmpConfig {
+    pub echo_type: IcmpEchoType,
+    pub force_icmpv6: bool,
+}
+
 #[derive(Debug, PartialEq, Eq, Clone, Copy)]
 #[repr(u8)]
 pub enum IcmpEchoType {
@@ -43,34 +49,35 @@ impl IcmpEchoType {
 }
 
 impl IcmpSocket {
-    pub fn bind(
-        addr: &SocketAddr,
-        icmp_echo_type: IcmpEchoType,
-        check_port: bool,
-    ) -> io::Result<Self> {
+    pub fn bind(addr: &SocketAddr, config: IcmpConfig, check_port: bool) -> io::Result<Self> {
         let (udp_socket, udp_socket_addr) = if check_port {
             let udp_socket = UdpSocket::bind(addr)?;
             let addr = udp_socket.local_addr()?;
             (Some(udp_socket), addr)
         } else {
             (None, *addr)
         };
-        let socket = IcmpSocket::inner_bind(*addr)?;
+        let socket = IcmpSocket::inner_bind(*addr, config.force_icmpv6)?;
 
         // TODO: maybe attach a bpf filter here
 
         Ok(IcmpSocket {
             _udp_socket: udp_socket,
             addr: udp_socket_addr,
             socket,
-            icmp_echo_type,
+            icmp_echo_type: config.echo_type,
             read_timeout: None,
         })
     }
 
-    pub fn inner_bind(addr: SocketAddr) -> io::Result<socket2::Socket> {
+    pub fn inner_bind(addr: SocketAddr, force_icmpv6: bool) -> io::Result<socket2::Socket> {
         let socket = if addr.is_ipv4() {
-            socket2::Socket::new(Domain::IPV4, Type::RAW, Some(Protocol::ICMPV4))
+            let protocol = if force_icmpv6 {
+                Protocol::ICMPV6
+            } else {
+                Protocol::ICMPV4
+            };
+            socket2::Socket::new(Domain::IPV4, Type::RAW, Some(protocol))
         } else {
             socket2::Socket::new(Domain::IPV6, Type::RAW, Some(Protocol::ICMPV6))
         }?;
@@ -153,17 +160,17 @@ pub struct NonBlockingIcmpSocket {
 }
 
 impl NonBlockingIcmpSocket {
-    pub fn bind(addr: &SocketAddr, echo_type: IcmpEchoType) -> io::Result<Self> {
+    pub fn bind(addr: &SocketAddr, config: IcmpConfig) -> io::Result<Self> {
         let udp_socket = UdpSocket::bind(addr)?;
         let addr = udp_socket.local_addr()?;
-        let socket = IcmpSocket::inner_bind(addr)?;
+        let socket = IcmpSocket::inner_bind(addr, config.force_icmpv6)?;
         socket.set_nonblocking(true)?;
         Ok(Self {
             socket,
             connected_addr: None,
             _udp_socket: udp_socket,
             addr,
-            echo_type,
+            echo_type: config.echo_type,
         })
     }
 }