VPNr-try

This is a first try to make a VPN service with rust. This project is just to study how socket works with rust.

Protocol

	size	msg id	flags	addr	port	msg
size	1 bytes	2 bytes	1 byte	4 bytes	2 bytes	max 500 bytes
bytes	0	00	0	0000	00	0...498...0
start pos	0	1	3	4	8	10

Protocol description

• size: Message size, starting in the flag and ending in the last message character.
• msg id: Message identification for the client.
• flags: 8 bits flags to pass extra information.
• addr: 4 bytes defining ipv4 destination address.
• port: 2 bytes defining the destination port.
• msg: The message with not more than 512 byte length.

0	1	2	3	4	5	6	7
Connection close	NA	NA	NA	NA	NA	NA	NA

iptables commands

# redirect all traffic to the application
sudo iptables -t nat -A OUTPUT -j REDIRECT -p tcp --to-port 4333 -m owner ! --uid-owner root

# redirect google traffic to the application
sudo iptables -t nat -A OUTPUT -p tcp -d google.com --dport 80 -j REDIRECT --to-port 4333 -m owner ! --uid-owner root 
sudo iptables -t nat -A OUTPUT -p tcp -d google.com --dport 443 -j REDIRECT --to-port 4333 -m owner ! --uid-owner root 

# list iptables rules created
sudo iptables -t nat -L --line-number

# remove a particular iptable rule
sudo iptables -t nat -D OUTPUT 2
sudo iptables -t nat -D OUTPUT <line-num>

# clear iptables
sudo iptables -t nat -F

ToDo

• Start client
  • Start lissening in port to get all the traffic connections
• Start communication between server and client
  • Start server
  • Connect client to server
  • Send all received trafic in the client to the server, using the protocol
  • Get addr and port from redirection information
  • Connect server to the destination addr/port and send response to the client
• Send notification to the client when a redirection connection is down, so the client can close it also with the applicationr
• Massive refactorization :P
• Handle server disconnection from the client (try to connect againg to the server).
• Handle iptables to redirect all trafic to the client app.