Hi Simon, thanks for the help. Yes this is exactly what I am trying to do. I apologize for all the confusion. When I was looking through the lwip documentation, I initially found the IP modules -- more specifically the "ip_output" and "ip_input" functions.
http://www.nongnu.org/lwip/2_0_x/group__ip.html I thought if I were to use those then I might avoid having to deal with ethernet directly, and consequently the issues with the ARP cache that you mentioned. On Mon, Mar 8, 2021 at 1:22 PM [email protected] <[email protected]> wrote: > > Am 08.03.2021 um 21:43 schrieb Jon: > > Thanks Simon for the input. After reading your response, I feel I > > might be using lwip for its unintended purpose which might result in > > an exhausting uphill battle :) > > > > As mentioned in my previous email, I was hoping to implement a local > > VPN on Android using lwip. The way the APIs work on Android is that > > when you register as a VPN service, the platform provides you a file > > descriptor which is attached to the device's TUN interface. When you > > read from this file descriptor, you get all the raw IP packets that > > are being sent by the device, and whenever you write to the file > > descriptor (which also needs to be formatted as a raw IP packet), it > > gets routed back to the application on the device that sent the data. > > The reason the Android platform provides you the raw IP packets is > > that they intend for you to use this as a "remote" VPN where you would > > encapsulate the IP packets in UDP for example, then forward it to your > > own remote VPN server, then open a raw socket and have your server > > send the packet. > > > > However, since I am trying to implement this as a local VPN, this will > > not work for me. This is where I was hoping lwip might be able to > > help me out. Since lwip is a complete tcp/ip stack implementation, I > > thought there was a way I can just feed lwip the raw IP packet, and it > > would "magically" just send it over the wire for me. I know this can > > be done using traditional socket programming by manually parsing the > > raw IP packets for the destination IP, then parsing the transport > > layer for the source/destination ports, manually create a TCP or UDP > > socket myself and then send out the data, but this seems like a lot of > > work. If it helps explain in more detail, one search term that > > commonly comes up for what I am trying to accomplish is "tun2socks". > > I still think I don't fully understand what you're doing. Do you want to > send those IP packets on to ethernet? In that case, you might just want > to extract IP information from the packet by casting it to 'struct > ip_hdr', allocat a pbuf for the packet (copy it, or by ref) and pass it > to 'etharp_output' (providing a matching netif where lowlevel_output > sens the ethernet packet). > > You'd have to ensure to keep the ARP cache working, of course, by > calling etharp_tmr() at regular intervals. > > Is that what you're looking for? > > The RX side might be a bit harder to do though... > > Regards, > Simon > > > > > Thanks again! > > > > On Mon, Mar 8, 2021 at 11:33 AM [email protected] <[email protected]> wrote: > >> > >> Am 07.03.2021 um 12:50 schrieb JonathonS: > >>> Hello, I am attempting to implement an Android VPN service which > >>> provides me raw IP packets on the TUN interface. What I'd like to do is > >>> simply send the whole IP packet (including IP header) to its > >>> destination. I know I can parse the IP packet to pull out only the > >>> TCP/UDP transport layer data and then send it over a TCP/UDP socket > >>> myself but if this is already done by lwip, then I'd prefer to use it > >>> instead. > >> > >> I'm afraid I don't really underdstand what you mean. You should be able > >> to get a whole packet out of the stack by implementing a non-ethernet > >> netif. For this, set netif->output to your own function instead of > >> etharp_output and don't set the flags NETIF_FLAG_ETHARP and > >> NETIF_FLAG_ETHERNET. This way, your netif->output functions should get > >> pbufs starting with the IP header. If that's what you wanted (as I said, > >> I'm not sure). > >> > >>> > >>> I found the raw APIs > >>> (https://www.nongnu.org/lwip/2_1_x/group__raw__raw.html > >>> <https://www.nongnu.org/lwip/2_1_x/group__raw__raw.html>), but wasn't > >>> sure if this is what I needed to use. Since I am running in user-space > >>> as a regular Android application, I am unable to run as root so not sure > >>> if the raw APIs require that I create a raw socket (which requires root). > >> > >> This question doesn't seem to have anything to do with lwIP or does it? > >> There's no such thing as 'root' in lwIP. > >> > >> Regards, > >> Simon > >> > >>> > >>> Also, if you can provide any sample code, this would be greatly > >>> appreciated. Thanks! > >>> > >>> > >>> _______________________________________________ > >>> lwip-users mailing list > >>> [email protected] > >>> https://lists.nongnu.org/mailman/listinfo/lwip-users > >>> > >> > >> > >> _______________________________________________ > >> lwip-users mailing list > >> [email protected] > >> https://lists.nongnu.org/mailman/listinfo/lwip-users > > > > _______________________________________________ > > lwip-users mailing list > > [email protected] > > https://lists.nongnu.org/mailman/listinfo/lwip-users > > > > > _______________________________________________ > lwip-users mailing list > [email protected] > https://lists.nongnu.org/mailman/listinfo/lwip-users _______________________________________________ lwip-users mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/lwip-users
