// 13 b4 37 XX XX XX XX > (pk) - Authenticated // 13 37 > (pk) - I am <...> // e7 5a 3d ed > (gk) - Authenticate yourself // 55 44 e9 37 < (pk) - Forget me // e7 5a 3d ea > (pk) - Forget me. OK const dgram = require('dgram'); const net = require('net'); const { Tun } = require('tuntap2'); const { encrypt, decrypt } = require('../encryption'); const IP = require('ip-packet'); const conns = {}; const ips = {}; const ports = {}; const sock = dgram.createSocket('udp4'); const l = new net.BlockList(); l.addSubnet(config.subnet, config.len); const tun = new Tun(); tun.mtu = config.mtu; tun.ipv4 = `${config.addr}/${config.len}`; tun.isUp = true; tun.on('data', (buff) => { if (buff[0] >> 4 !== 4) return; const p = IP.decode(buff); //(p); const user = Object.values(config.users).find(x => x.addr == p.destinationIp); //(user); if (!user) return; const targetIp = ips[user.username]; const targetPort = ports[user.username]; //(targetIp, targetPort); if (!targetIp || !targetPort) return; sock.send(encrypt(IP.encode(p), user.key, config.iv, config.algorithm), targetPort, targetIp); }) sock.on('listening', () => { const a = sock.address(); console.log(`Listening on ${a.address}:${a.port}`); }); sock.on('message', (msg, info) => { if (!conns[info.address]) { for (const uname in config.users) { const u = config.users[uname]; const dec = decrypt(msg, u.key, config.iv, config.algorithm); if (dec.length == 2 && dec[0] == 0x13 && dec[1] == 0x37) { conns[info.address] = uname; ips[uname] = info.address; const spl = u.addr.split('.').map(s => parseInt(s)); const buff = Buffer.from([ 0x13, 0xb4, 0x37, ...spl ]); const enc = encrypt(buff, u.key, config.iv, config.algorithm); sock.send(enc, info.port, info.address); return; } } const buff = Buffer.from([ 0xe7, 0x5a, 0x3d, 0xed ]); const enc = encrypt(buff, config.globalKey, config.iv, config.algorithm); sock.send(enc, info.port, info.address); return; } else { const uname = conns[info.address]; ports[uname] = info.port; ips[uname] = info.address; const acc = config.users[uname]; const dec = decrypt(msg, acc.key, config.iv, config.algorithm); //(dec); if (dec.length == 0) { console.error(`Empty or malformed packet from ${uname}`); return; } if (dec.length == 2 && dec[0] == 0x13 && dec[1] == 0x37) { const spl = acc.addr.split('.').map(s => parseInt(s)); const buff = Buffer.from([ 0x13, 0xb4, 0x37, ...spl ]); const enc = encrypt(buff, acc.key, config.iv, config.algorithm); sock.send(enc, info.port, info.address); return; } if (dec.length == 4 && dec[0] == 0x55 && dec[1] == 0x44 && dec[2] == 0xe9 && dec[3] == 0x37) { const buff = Buffer.from([ 0xe7, 0x5a, 0x3d, 0xea ]); const enc = encrypt(buff, acc.key, config.iv, config.algorithm); sock.send(enc, info.port, info.address); delete conns[info.address]; return; } if ((dec[0] >> 4) !== 4) return; const packet = IP.decode(dec); //(packet); packet.sourceIp = acc.addr; if ((config.allow_outbound && !l.check(packet.destinationIp)) || packet.destinationIp == config.addr) { tun.write(dec); return; } const user = Object.values(config.users).find(x => x.addr == packet.destinationIp); if (!user) return; const targetIp = conns[user.username]; const targetPort = ports[user.username]; if (!targetIp || !targetPort) return; sock.send(encrypt(dec, user.key, config.iv, config.algorithm), targetPort, targetIp); } }); sock.bind(config.port);