Re: [lwip-users] Sending raw IP packets

[Jon]

Thanks Simon for the input.  After reading your response, I feel I
might be using lwip for its unintended purpose which might result in
an exhausting uphill battle :)

As mentioned in my previous email, I was hoping to implement a local
VPN on Android using lwip.  The way the APIs work on Android is that
when you register as a VPN service, the platform provides you a file
descriptor which is attached to the device's TUN interface.  When you
read from this file descriptor, you get all the raw IP packets that
are being sent by the device, and whenever you write to the file
descriptor (which also needs to be formatted as a raw IP packet), it
gets routed back to the application on the device that sent the data.
The reason the Android platform provides you the raw IP packets is
that they intend for you to use this as a "remote" VPN where you would
encapsulate the IP packets in UDP for example, then forward it to your
own remote VPN server, then open a raw socket and have your server
send the packet.

However, since I am trying to implement this as a local VPN, this will
not work for me.  This is where I was hoping lwip might be able to
help me out.  Since lwip is a complete tcp/ip stack implementation, I
thought there was a way I can just feed lwip the raw IP packet, and it
would "magically" just send it over the wire for me.  I know this can
be done using traditional socket programming by manually parsing the
raw IP packets for the destination IP, then parsing the transport
layer for the source/destination ports, manually create a TCP or UDP
socket myself and then send out the data, but this seems like a lot of
work.   If it helps explain in more detail, one search term that
commonly comes up for what I am trying to accomplish is "tun2socks".

Thanks again!

On Mon, Mar 8, 2021 at 11:33 AM goldsimon@gmx.de <goldsimon@gmx.de> wrote:
>
> Am 07.03.2021 um 12:50 schrieb JonathonS:
> > Hello, I am attempting to implement an Android VPN service which
> > provides me raw IP packets on the TUN interface.  What I'd like to do is
> > simply send the whole IP packet (including IP header) to its
> > destination.  I know I can parse the IP packet to pull out only the
> > TCP/UDP transport layer data and then send it over a TCP/UDP socket
> > myself but if this is already done by lwip, then I'd prefer to use it
> > instead.
>
> I'm afraid I don't really underdstand what you mean. You should be able
> to get a whole packet out of the stack by implementing a non-ethernet
> netif. For this, set netif->output to your own function instead of
> etharp_output and don't set the flags NETIF_FLAG_ETHARP and
> NETIF_FLAG_ETHERNET. This way, your netif->output functions should get
> pbufs starting with the IP header. If that's what you wanted (as I said,
> I'm not sure).
>
> >
> > I found the raw APIs
> > (https://www.nongnu.org/lwip/2_1_x/group__raw__raw.html
> > <https://www.nongnu.org/lwip/2_1_x/group__raw__raw.html>), but wasn't
> > sure if this is what I needed to use.  Since I am running in user-space
> > as a regular Android application, I am unable to run as root so not sure
> > if the raw APIs require that I create a raw socket (which requires root).
>
> This question doesn't seem to have anything to do with lwIP or does it?
> There's no such thing as 'root' in lwIP.
>
> Regards,
> Simon
>
> >
> > Also, if you can provide any sample code, this would be greatly
> > appreciated. Thanks!
> >
> >
> > _______________________________________________
> > lwip-users mailing list
> > lwip-users@nongnu.org
> > https://lists.nongnu.org/mailman/listinfo/lwip-users
> >
>
>
> _______________________________________________
> lwip-users mailing list
> lwip-users@nongnu.org
> https://lists.nongnu.org/mailman/listinfo/lwip-users