Show HN: Nat traversal using ICMP Destination Unreachable packets

hajoon221 pts0 comments

GitHub - hajoon22/icmp-nat-traversal: NAT traversal using ICMP Destination Unreachable packets. · GitHub

/" data-turbo-transient="true" />

Skip to content

Search or jump to...

Search code, repositories, users, issues, pull requests...

-->

Search

Clear

Search syntax tips

Provide feedback

--><br>We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Cancel

Submit feedback

Saved searches

Use saved searches to filter your results more quickly

-->

Name

Query

To see all available qualifiers, see our documentation.

Cancel

Create saved search

Sign in

/;ref_cta:Sign up;ref_loc:header logged out"}"<br>Sign up

Appearance settings

Resetting focus

You signed in with another tab or window. Reload to refresh your session.<br>You signed out in another tab or window. Reload to refresh your session.<br>You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

{{ message }}

hajoon22

icmp-nat-traversal

Public

Notifications<br>You must be signed in to change notification settings

Fork

Star

main

BranchesTags

Go to file

CodeOpen more actions menu

Folders and files<br>NameNameLast commit message<br>Last commit date<br>Latest commit

History<br>44 Commits<br>44 Commits

src

src

LICENSE

LICENSE

Makefile

Makefile

README.md

README.md

View all files

Repository files navigation

ICMP NAT Traversal

NAT traversal using ICMP Destination Unreachable packets.

Overview

Creates and maintains a UDP mapping.

Sends ICMP Destination Unreachable packets referencing the mapped UDP flow.

Delivers data through the ICMP payload.

Receives data through the NAT mapping.

Packet Format

ICMP Destination Unreachable

[ICMP Header (8 bytes)][IPv4 Header (20 bytes)][UDP Header (8 bytes)][Data (n bytes)]

Workflow

Server creates a UDP mapping.

Server keeps the mapping alive.

Client crafts an ICMP Destination Unreachable packet referencing the mapped UDP flow.

The ICMP payload contains the original IPv4 header, UDP header, and data.

The ICMP packet appears to describe an error for the mapped UDP flow.

Server receives the data.

How to use another project

server:

#include<br>#include

#include "../../traversal/icmp/icmp.h" // include icmp header for using icmp_unreach structure<br>#include "../../traversal/traversal.h" // include traversal header for using traversal api

int main() {<br>// stun server<br>uint32_t stun_address = ntohl(inet_addr("74.125.250.129"));<br>uint16_t stun_port = 19302;

// create a new traversal session<br>struct traversal_session ts;<br>if (new_traversal_session(&ts, stun_address, stun_port) data_len, rp->data);<br>deinit_icmp_unreach(rp);

break;<br>deinit_traversal_session(&ts);

return 0;<br>}">#include<br>#include<br>#include

#include "../../traversal/icmp/icmp.h" // include icmp header for using icmp_unreach structure<br>#include "../../traversal/traversal.h" // include traversal header for using traversal api

int main() {<br>// stun server<br>uint32_t stun_address = ntohl(inet_addr("74.125.250.129"));<br>uint16_t stun_port = 19302;

// create a new traversal session<br>struct traversal_session ts;<br>if (new_traversal_session(&ts, stun_address, stun_port) 0) {<br>return -1;

// debug<br>struct in_addr a;<br>a.s_addr = htonl(ts.public_address);<br>printf("udp mapped: public addr=%s, public sport=%d\n", inet_ntoa(a), ts.mapped_port);

while (1) {<br>// read icmp destination unreachable packets (timeout: 1000ms)<br>struct icmp_unreach *rp = traversal_read(&ts, 1000);<br>if (!rp) continue;

printf("%.*s\n", (int)rp->data_len, rp->data);<br>deinit_icmp_unreach(rp);

break;<br>deinit_traversal_session(&ts);

return 0;

client:

#include

#include "../../traversal/icmp/icmp.h" // include icmp header for using icmp_unreach structure<br>#include "../../traversal/traversal.h" // include traversal header for using traversal api

int main() {<br>// stun server<br>uint32_t stun_address = ntohl(inet_addr("74.125.250.129"));<br>uint16_t stun_port = 19302;

// create a new traversal session<br>struct traversal_session ts;<br>if (new_traversal_session(&ts, stun_address, stun_port) #include<br>#include

#include "../../traversal/icmp/icmp.h" // include icmp header for using icmp_unreach structure<br>#include "../../traversal/traversal.h" // include traversal header for using traversal api

int main() {<br>// stun server<br>uint32_t stun_address = ntohl(inet_addr("74.125.250.129"));<br>uint16_t stun_port = 19302;

// create a new traversal session<br>struct traversal_session ts;<br>if (new_traversal_session(&ts, stun_address, stun_port) 0) {<br>return -1;

// destination info<br>uint32_t dst = ntohl(inet_addr("1.1.1.1")); // target's public ip<br>uint16_t dst_port = 33836; // target's mapped public port

// send data<br>traversal_send(&ts, dst, dst_port, "helloicmp", 9);<br>deinit_traversal_session(&ts);

How to Test

Build and run the server on the device behind the NAT:

Build server:

make example

Run the server on the device behind the NAT:

sudo ./server

The server prints:<br>udp mapped: public addr=PUBLIC_IP, public sport=MAPPED_PORT

Edit...

traversal icmp include header server using

Related Articles