Support for binding to a specific IP, group of interfaces or blacklisting local

IPs we don't want to use.

Author: chripell

gather.go

@@ -114,16 +114,48 @@ func setPriorities(c []candidate) {
 	}
 }
 
-func GatherCandidates(sock *net.UDPConn) ([]candidate, error) {
+func pruneCandidates(cands []candidate, blacklist []*net.IPNet) []candidate {
+	ret := []candidate{}
+skipCandidate:
+	for _, c := range cands {
+		for _, avoid := range blacklist {
+			if avoid.Contains(c.Addr.IP) {
+				continue skipCandidate
+			}
+		}
+		ret = append(ret, c)
+	}
+	return ret
+}
+
+func GatherCandidates(sock *net.UDPConn, ifaces []string, blacklist []*net.IPNet) ([]candidate, error) {
 	laddr := sock.LocalAddr().(*net.UDPAddr)
 	ret := []candidate{}
 	switch {
 	case laddr.IP.IsLoopback():
 		return nil, errors.New("Connecting over loopback not supported")
 	case laddr.IP.IsUnspecified():
-		addrs, err := net.InterfaceAddrs()
-		if err != nil {
-			return nil, err
+		var (
+			addrs []net.Addr
+			err   error
+		)
+		if len(ifaces) == 0 {
+			addrs, err = net.InterfaceAddrs()
+			if err != nil {
+				return nil, err
+			}
+		} else {
+			for _, iface := range ifaces {
+				ifi, err := net.InterfaceByName(iface)
+				if err != nil {
+					return nil, err
+				}
+				iAddrs, err := ifi.Addrs()
+				if err != nil {
+					return nil, err
+				}
+				addrs = append(addrs, iAddrs...)
+			}
 		}
 
 		for _, addr := range addrs {
@@ -143,5 +175,5 @@ func GatherCandidates(sock *net.UDPConn) ([]candidate, error) {
 	}
 
 	setPriorities(ret)
-	return ret, nil
+	return pruneCandidates(ret, blacklist), nil
 }

nat.go

@@ -15,11 +15,14 @@ import (
 type ExchangeCandidatesFun func([]byte) []byte
 
 type Config struct {
-	ProbeTimeout  time.Duration
-	ProbeInterval time.Duration
-	DecisionTime  time.Duration
-	PeerDeadline  time.Duration
-	Verbose       bool
+	ProbeTimeout       time.Duration
+	ProbeInterval      time.Duration
+	DecisionTime       time.Duration
+	PeerDeadline       time.Duration
+	Verbose            bool
+	BindAddress        *net.UDPAddr
+	UseInterfaces      []string
+	BlacklistAddresses []*net.IPNet
 }
 
 func DefaultConfig() *Config {
@@ -28,11 +31,12 @@ func DefaultConfig() *Config {
 		ProbeInterval: 100 * time.Millisecond,
 		DecisionTime:  2 * time.Second,
 		PeerDeadline:  5 * time.Second,
+		BindAddress:   &net.UDPAddr{},
 	}
 }
 
 func ConnectOpt(xchg ExchangeCandidatesFun, initiator bool, cfg *Config) (net.Conn, error) {
-	sock, err := net.ListenUDP("udp", &net.UDPAddr{})
+	sock, err := net.ListenUDP("udp", cfg.BindAddress)
 	if err != nil {
 		return nil, err
 	}
@@ -76,7 +80,7 @@ type attemptEngine struct {
 }
 
 func (e *attemptEngine) init() error {
-	candidates, err := GatherCandidates(e.sock)
+	candidates, err := GatherCandidates(e.sock, e.cfg.UseInterfaces, e.cfg.BlacklistAddresses)
 	if err != nil {
 		return err
 	}
@@ -189,6 +193,7 @@ func (e *attemptEngine) read() error {
 		if e.cfg.Verbose {
 			log.Printf("RX %v from %v", packet.Tid[:], from)
 		}
+	skipAddress:
 		for i := range e.attempts {
 			if !bytes.Equal(packet.Tid[:], e.attempts[i].tid) {
 				continue
@@ -203,6 +208,11 @@ func (e *attemptEngine) read() error {
 				e.p2pconn = newConn(e.sock, e.attempts[i].localaddr, e.attempts[i].Addr)
 				return nil
 			}
+			for _, avoid := range e.cfg.BlacklistAddresses {
+				if avoid.Contains(packet.Addr.IP) {
+					continue skipAddress
+				}
+			}
 			e.attempts[i].success = true
 			e.attempts[i].localaddr = packet.Addr
 			e.attempts[i].timeout = time.Now().Add(e.cfg.ProbeInterval)

nattester/nattester.go

@@ -12,6 +12,7 @@ import (
 	"fmt"
 	"io"
 	"log"
+	"net"
 	"os"
 	"os/exec"
 	"strings"
@@ -25,6 +26,11 @@ var (
 	testString = flag.String("test_string",
 		"The quick UDP packet jumped over the lazy TCP stream",
 		"String to test echo on")
+	bindAddress   = flag.String("bind_address", "", "Bind to a local IP address")
+	useInterfaces = flag.String("use_interfaces", "", "Comma separated list of interfaces to use. "+
+		"If not defined use all the suitable ones")
+	blacklistAddresses = flag.String("blacklist_addresses", "", "Comma separated list of IP ranges "+
+		"(in CIDR format) to avoid using as possible candidates")
 	cmd *exec.Cmd
 )
 
@@ -66,11 +72,41 @@ func xchangeCandidates(mine []byte) []byte {
 	return nil
 }
 
+func listize(str string) []string {
+	var ret []string
+	for _, s := range strings.Split(str, ",") {
+		ret = append(ret, strings.TrimSpace(s))
+	}
+	return ret
+}
+
 func main() {
 	log.SetOutput(os.Stdout)
 	flag.Parse()
 	cfg := nat.DefaultConfig()
 	cfg.Verbose = true
+	if *bindAddress != "" {
+		addr, err := net.ResolveUDPAddr("udp", *bindAddress)
+		if err != nil {
+			log.Fatalf("Cannot resolve %q as an UDP address: %v", *bindAddress, err)
+		}
+		cfg.BindAddress = addr
+	}
+	if *useInterfaces != "" {
+		cfg.UseInterfaces = listize(*useInterfaces)
+	}
+	if *blacklistAddresses != "" {
+		stringAddrs := listize(*blacklistAddresses)
+		var addrs []*net.IPNet
+		for _, a := range stringAddrs {
+			_, ipNet, err := net.ParseCIDR(a)
+			if err != nil {
+				log.Fatalf("Malformed addess %q : %v", a, err)
+			}
+			addrs = append(addrs, ipNet)
+		}
+		cfg.BlacklistAddresses = addrs
+	}
 	conn, err := nat.ConnectOpt(xchangeCandidates, *initiator != "", cfg)
 	if err != nil {
 		log.Fatalf("NO CARRIER: %v\n", err)