network: support for uPnP and PMP nat traversal (#1050)

* add support for uPnP and PMP nat traversal

* update cli flags

* merge with master

* use listener address from switch

* update build script to rename version file

* fix styling issues

* update docker files

- remove Disc_ip env
- update CODE_NAT parsing logic

* code cleanup

* move nat flag parsing logic to conf.nim
This commit is contained in:
munna0908 2025-01-09 23:41:22 +05:30 committed by GitHub
parent 407f77871f
commit 74c46b3651
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
19 changed files with 689 additions and 79 deletions

View File

@ -2,10 +2,28 @@ mode = ScriptMode.Verbose
import std/os except commandLineParams
const VendorPath = "vendor/nim-nat-traversal/vendor/libnatpmp-upstream"
let
oldVersionFile = joinPath(VendorPath, "VERSION")
newVersionFile = joinPath(VendorPath, "VERSION_temp")
proc renameFile(oldName, newName: string) =
if fileExists(oldName):
mvFile(oldName, newName)
else:
echo "File ", oldName, " does not exist"
### Helper functions
proc buildBinary(name: string, srcDir = "./", params = "", lang = "c") =
# This is a quick workaround to avoid VERSION file conflict on macOS
# More details here: https://github.com/codex-storage/nim-codex/issues/1059
if defined(macosx):
renameFile(oldVersionFile, newVersionFile)
if not dirExists "build":
mkDir "build"
# allow something like "nim nimbus --verbosity:0 --hints:off nimbus.nims"
var extra_params = params
when compiles(commandLineParams):
@ -19,8 +37,11 @@ proc buildBinary(name: string, srcDir = "./", params = "", lang = "c") =
# Place build output in 'build' folder, even if name includes a longer path.
outName = os.lastPathPart(name)
cmd = "nim " & lang & " --out:build/" & outName & " " & extra_params & " " & srcDir & name & ".nim"
exec(cmd)
try:
exec(cmd)
finally:
if defined(macosx):
renameFile(newVersionFile, oldVersionFile)
proc test(name: string, srcDir = "tests/", params = "", lang = "c") =
buildBinary name, srcDir, params

View File

@ -54,13 +54,6 @@ when isMainModule:
config.setupLogging()
config.setupMetrics()
if config.nat == ValidIpAddress.init(IPv4_any()):
error "`--nat` cannot be set to the any (`0.0.0.0`) address"
quit QuitFailure
if config.nat == ValidIpAddress.init("127.0.0.1"):
warn "`--nat` is set to loopback, your node wont properly announce over the DHT"
if not(checkAndCreateDataDir((config.dataDir).string)):
# We are unable to access/create data folder or data folder's
# permissions are insecure.

View File

@ -44,6 +44,7 @@ import ./utils/addrutils
import ./namespaces
import ./codextypes
import ./logutils
import ./nat
logScope:
topics = "codex node"
@ -158,30 +159,13 @@ proc start*(s: CodexServer) {.async.} =
await s.codexNode.switch.start()
let
# TODO: Can't define these as constants, pity
natIpPart = MultiAddress.init("/ip4/" & $s.config.nat & "/")
.expect("Should create multiaddress")
anyAddrIp = MultiAddress.init("/ip4/0.0.0.0/")
.expect("Should create multiaddress")
loopBackAddrIp = MultiAddress.init("/ip4/127.0.0.1/")
.expect("Should create multiaddress")
# announce addresses should be set to bound addresses,
# but the IP should be mapped to the provided nat ip
announceAddrs = s.codexNode.switch.peerInfo.addrs.mapIt:
block:
let
listenIPPart = it[multiCodec("ip4")].expect("Should get IP")
if listenIPPart == anyAddrIp or
(listenIPPart == loopBackAddrIp and natIpPart != loopBackAddrIp):
it.remapAddr(s.config.nat.some)
else:
it
let (announceAddrs,discoveryAddrs)= nattedAddress(
s.config.nat,
s.codexNode.switch.peerInfo.addrs,
s.config.discoveryPort)
s.codexNode.discovery.updateAnnounceRecord(announceAddrs)
s.codexNode.discovery.updateDhtRecord(s.config.nat, s.config.discoveryPort)
s.codexNode.discovery.updateDhtRecord(discoveryAddrs)
await s.bootstrapInteractions()
await s.codexNode.start()
@ -243,7 +227,6 @@ proc new*(
discovery = Discovery.new(
switch.peerInfo.privateKey,
announceAddrs = config.listenAddrs,
bindIp = config.discoveryIp,
bindPort = config.discoveryPort,
bootstrapNodes = config.bootstrapNodes,
store = discoveryStore)

View File

@ -41,9 +41,11 @@ import ./logutils
import ./stores
import ./units
import ./utils
import ./nat
import ./utils/natutils
from ./validationconfig import MaxSlots, ValidationGroups
export units, net, codextypes, logutils
export units, net, codextypes, logutils, completeCmdArg, parseCmdArg, NatConfig
export ValidationGroups, MaxSlots
export
@ -142,20 +144,12 @@ type
abbr: "i"
name: "listen-addrs" }: seq[MultiAddress]
# TODO: change this once we integrate nat support
nat* {.
desc: "IP Addresses to announce behind a NAT"
defaultValue: ValidIpAddress.init("127.0.0.1")
defaultValueDesc: "127.0.0.1"
abbr: "a"
name: "nat" }: ValidIpAddress
discoveryIp* {.
desc: "Discovery listen address"
defaultValue: ValidIpAddress.init(IPv4_any())
defaultValueDesc: "0.0.0.0"
abbr: "e"
name: "disc-ip" }: ValidIpAddress
desc: "Specify method to use for determining public address. " &
"Must be one of: any, none, upnp, pmp, extip:<IP>"
defaultValue: NatConfig(hasExtIp: false, nat: NatAny)
defaultValueDesc: "any"
name: "nat" }: NatConfig
discoveryPort* {.
desc: "Discovery (UDP) port"
@ -469,6 +463,31 @@ proc parseCmdArg*(T: type SignedPeerRecord, uri: string): T =
quit QuitFailure
res
func parseCmdArg*(T: type NatConfig, p: string): T {.raises: [ValueError].} =
case p.toLowerAscii:
of "any":
NatConfig(hasExtIp: false, nat: NatStrategy.NatAny)
of "none":
NatConfig(hasExtIp: false, nat: NatStrategy.NatNone)
of "upnp":
NatConfig(hasExtIp: false, nat: NatStrategy.NatUpnp)
of "pmp":
NatConfig(hasExtIp: false, nat: NatStrategy.NatPmp)
else:
if p.startsWith("extip:"):
try:
let ip = ValidIpAddress.init(p[6..^1])
NatConfig(hasExtIp: true, extIp: ip)
except ValueError:
let error = "Not a valid IP address: " & p[6..^1]
raise newException(ValueError, error)
else:
let error = "Not a valid NAT option: " & p
raise newException(ValueError, error)
proc completeCmdArg*(T: type NatConfig; val: string): seq[string] =
return @[]
proc parseCmdArg*(T: type EthAddress, address: string): T =
EthAddress.init($address).get()
@ -531,6 +550,12 @@ proc readValue*(r: var TomlReader, val: var Duration)
quit QuitFailure
val = dur
proc readValue*(r: var TomlReader, val: var NatConfig)
{.raises: [SerializationError].} =
val = try: parseCmdArg(NatConfig, r.readValue(string))
except CatchableError as err:
raise newException(SerializationError, err.msg)
# no idea why confutils needs this:
proc completeCmdArg*(T: type EthAddress; val: string): seq[string] =
discard

View File

@ -146,17 +146,14 @@ proc updateAnnounceRecord*(d: Discovery, addrs: openArray[MultiAddress]) =
d.protocol.updateRecord(d.providerRecord)
.expect("Should update SPR")
proc updateDhtRecord*(d: Discovery, ip: ValidIpAddress, port: Port) =
proc updateDhtRecord*(d: Discovery, addrs: openArray[MultiAddress]) =
## Update providers record
##
trace "Updating Dht record", ip, port = $port
trace "Updating Dht record", addrs = addrs
d.dhtRecord = SignedPeerRecord.init(
d.key, PeerRecord.init(d.peerId, @[
MultiAddress.init(
ip,
IpTransportProtocol.udpProtocol,
port)])).expect("Should construct signed record").some
d.key, PeerRecord.init(d.peerId, @addrs))
.expect("Should construct signed record").some
if not d.protocol.isNil:
d.protocol.updateRecord(d.dhtRecord)

393
codex/nat.nim Normal file
View File

@ -0,0 +1,393 @@
# Copyright (c) 2019-2023 Status Research & Development GmbH
# Licensed under either of
# * Apache License, version 2.0, ([LICENSE-APACHE](LICENSE-APACHE))
# * MIT license ([LICENSE-MIT](LICENSE-MIT))
# at your option.
# This file may not be copied, modified, or distributed except according to
# those terms.
{.push raises: [].}
import
std/[options, os, strutils, times, net],stew/shims/net as stewNet,
stew/[objects,results], nat_traversal/[miniupnpc, natpmp],
json_serialization/std/net
import pkg/chronos
import pkg/chronicles
import pkg/libp2p
import ./utils
import ./utils/natutils
import ./utils/addrutils
const
UPNP_TIMEOUT = 200 # ms
PORT_MAPPING_INTERVAL = 20 * 60 # seconds
NATPMP_LIFETIME = 60 * 60 # in seconds, must be longer than PORT_MAPPING_INTERVAL
var
upnp {.threadvar.}: Miniupnp
npmp {.threadvar.}: NatPmp
strategy = NatStrategy.NatNone
internalTcpPort: Port
externalTcpPort: Port
internalUdpPort: Port
externalUdpPort: Port
logScope:
topics = "nat"
type
PrefSrcStatus = enum
NoRoutingInfo
PrefSrcIsPublic
PrefSrcIsPrivate
BindAddressIsPublic
BindAddressIsPrivate
## Also does threadvar initialisation.
## Must be called before redirectPorts() in each thread.
proc getExternalIP*(natStrategy: NatStrategy, quiet = false): Option[IpAddress] =
var externalIP: IpAddress
if natStrategy == NatStrategy.NatAny or natStrategy == NatStrategy.NatUpnp:
if upnp == nil:
upnp = newMiniupnp()
upnp.discoverDelay = UPNP_TIMEOUT
let dres = upnp.discover()
if dres.isErr:
debug "UPnP", msg = dres.error
else:
var
msg: cstring
canContinue = true
case upnp.selectIGD():
of IGDNotFound:
msg = "Internet Gateway Device not found. Giving up."
canContinue = false
of IGDFound:
msg = "Internet Gateway Device found."
of IGDNotConnected:
msg = "Internet Gateway Device found but it's not connected. Trying anyway."
of NotAnIGD:
msg = "Some device found, but it's not recognised as an Internet Gateway Device. Trying anyway."
if not quiet:
debug "UPnP", msg
if canContinue:
let ires = upnp.externalIPAddress()
if ires.isErr:
debug "UPnP", msg = ires.error
else:
# if we got this far, UPnP is working and we don't need to try NAT-PMP
try:
externalIP = parseIpAddress(ires.value)
strategy = NatStrategy.NatUpnp
return some(externalIP)
except ValueError as e:
error "parseIpAddress() exception", err = e.msg
return
if natStrategy == NatStrategy.NatAny or natStrategy == NatStrategy.NatPmp:
if npmp == nil:
npmp = newNatPmp()
let nres = npmp.init()
if nres.isErr:
debug "NAT-PMP", msg = nres.error
else:
let nires = npmp.externalIPAddress()
if nires.isErr:
debug "NAT-PMP", msg = nires.error
else:
try:
externalIP = parseIpAddress($(nires.value))
strategy = NatPmp
return some(externalIP)
except ValueError as e:
error "parseIpAddress() exception", err = e.msg
return
# This queries the routing table to get the "preferred source" attribute and
# checks if it's a public IP. If so, then it's our public IP.
#
# Further more, we check if the bind address (user provided, or a "0.0.0.0"
# default) is a public IP. That's a long shot, because code paths involving a
# user-provided bind address are not supposed to get here.
proc getRoutePrefSrc(
bindIp: ValidIpAddress): (Option[ValidIpAddress], PrefSrcStatus) =
let bindAddress = initTAddress(bindIp, Port(0))
if bindAddress.isAnyLocal():
let ip = getRouteIpv4()
if ip.isErr():
# No route was found, log error and continue without IP.
error "No routable IP address found, check your network connection",
error = ip.error
return (none(ValidIpAddress), NoRoutingInfo)
elif ip.get().isGlobalUnicast():
return (some(ip.get()), PrefSrcIsPublic)
else:
return (none(ValidIpAddress), PrefSrcIsPrivate)
elif bindAddress.isGlobalUnicast():
return (some(ValidIpAddress.init(bindIp)), BindAddressIsPublic)
else:
return (none(ValidIpAddress), BindAddressIsPrivate)
# Try to detect a public IP assigned to this host, before trying NAT traversal.
proc getPublicRoutePrefSrcOrExternalIP*(natStrategy: NatStrategy, bindIp: ValidIpAddress, quiet = true): Option[ValidIpAddress] =
let (prefSrcIp, prefSrcStatus) = getRoutePrefSrc(bindIp)
case prefSrcStatus:
of NoRoutingInfo, PrefSrcIsPublic, BindAddressIsPublic:
return prefSrcIp
of PrefSrcIsPrivate, BindAddressIsPrivate:
let extIp = getExternalIP(natStrategy, quiet)
if extIp.isSome:
return some(ValidIpAddress.init(extIp.get))
proc doPortMapping(tcpPort, udpPort: Port, description: string): Option[(Port, Port)] {.gcsafe.} =
var
extTcpPort: Port
extUdpPort: Port
if strategy == NatStrategy.NatUpnp:
for t in [(tcpPort, UPNPProtocol.TCP), (udpPort, UPNPProtocol.UDP)]:
let
(port, protocol) = t
pmres = upnp.addPortMapping(externalPort = $port,
protocol = protocol,
internalHost = upnp.lanAddr,
internalPort = $port,
desc = description,
leaseDuration = 0)
if pmres.isErr:
error "UPnP port mapping", msg = pmres.error, port
return
else:
# let's check it
let cres = upnp.getSpecificPortMapping(externalPort = $port,
protocol = protocol)
if cres.isErr:
warn "UPnP port mapping check failed. Assuming the check itself is broken and the port mapping was done.", msg = cres.error
info "UPnP: added port mapping", externalPort = port, internalPort = port, protocol = protocol
case protocol:
of UPNPProtocol.TCP:
extTcpPort = port
of UPNPProtocol.UDP:
extUdpPort = port
elif strategy == NatStrategy.NatPmp:
for t in [(tcpPort, NatPmpProtocol.TCP), (udpPort, NatPmpProtocol.UDP)]:
let
(port, protocol) = t
pmres = npmp.addPortMapping(eport = port.cushort,
iport = port.cushort,
protocol = protocol,
lifetime = NATPMP_LIFETIME)
if pmres.isErr:
error "NAT-PMP port mapping", msg = pmres.error, port
return
else:
let extPort = Port(pmres.value)
info "NAT-PMP: added port mapping", externalPort = extPort, internalPort = port, protocol = protocol
case protocol:
of NatPmpProtocol.TCP:
extTcpPort = extPort
of NatPmpProtocol.UDP:
extUdpPort = extPort
return some((extTcpPort, extUdpPort))
type PortMappingArgs = tuple[tcpPort, udpPort: Port, description: string]
var
natThread: Thread[PortMappingArgs]
natCloseChan: Channel[bool]
proc repeatPortMapping(args: PortMappingArgs) {.thread, raises: [ValueError].} =
ignoreSignalsInThread()
let
(tcpPort, udpPort, description) = args
interval = initDuration(seconds = PORT_MAPPING_INTERVAL)
sleepDuration = 1_000 # in ms, also the maximum delay after pressing Ctrl-C
var lastUpdate = now()
# We can't use copies of Miniupnp and NatPmp objects in this thread, because they share
# C pointers with other instances that have already been garbage collected, so
# we use threadvars instead and initialise them again with getExternalIP(),
# even though we don't need the external IP's value.
let ipres = getExternalIP(strategy, quiet = true)
if ipres.isSome:
while true:
# we're being silly here with this channel polling because we can't
# select on Nim channels like on Go ones
let (dataAvailable, _) = try: natCloseChan.tryRecv()
except Exception: (false, false)
if dataAvailable:
return
else:
let currTime = now()
if currTime >= (lastUpdate + interval):
discard doPortMapping(tcpPort, udpPort, description)
lastUpdate = currTime
sleep(sleepDuration)
proc stopNatThread() {.noconv.} =
# stop the thread
try:
natCloseChan.send(true)
natThread.joinThread()
natCloseChan.close()
except Exception as exc:
warn "Failed to stop NAT port mapping renewal thread", exc = exc.msg
# delete our port mappings
# FIXME: if the initial port mapping failed because it already existed for the
# required external port, we should not delete it. It might have been set up
# by another program.
# In Windows, a new thread is created for the signal handler, so we need to
# initialise our threadvars again.
let ipres = getExternalIP(strategy, quiet = true)
if ipres.isSome:
if strategy == NatStrategy.NatUpnp:
for t in [(externalTcpPort, internalTcpPort, UPNPProtocol.TCP), (externalUdpPort, internalUdpPort, UPNPProtocol.UDP)]:
let
(eport, iport, protocol) = t
pmres = upnp.deletePortMapping(externalPort = $eport,
protocol = protocol)
if pmres.isErr:
error "UPnP port mapping deletion", msg = pmres.error
else:
debug "UPnP: deleted port mapping", externalPort = eport, internalPort = iport, protocol = protocol
elif strategy == NatStrategy.NatPmp:
for t in [(externalTcpPort, internalTcpPort, NatPmpProtocol.TCP), (externalUdpPort, internalUdpPort, NatPmpProtocol.UDP)]:
let
(eport, iport, protocol) = t
pmres = npmp.deletePortMapping(eport = eport.cushort,
iport = iport.cushort,
protocol = protocol)
if pmres.isErr:
error "NAT-PMP port mapping deletion", msg = pmres.error
else:
debug "NAT-PMP: deleted port mapping", externalPort = eport, internalPort = iport, protocol = protocol
proc redirectPorts*(tcpPort, udpPort: Port, description: string): Option[(Port, Port)] =
result = doPortMapping(tcpPort, udpPort, description)
if result.isSome:
(externalTcpPort, externalUdpPort) = result.get()
# needed by NAT-PMP on port mapping deletion
internalTcpPort = tcpPort
internalUdpPort = udpPort
# Port mapping works. Let's launch a thread that repeats it, in case the
# NAT-PMP lease expires or the router is rebooted and forgets all about
# these mappings.
natCloseChan.open()
try:
natThread.createThread(repeatPortMapping, (externalTcpPort, externalUdpPort, description))
# atexit() in disguise
addQuitProc(stopNatThread)
except Exception as exc:
warn "Failed to create NAT port mapping renewal thread", exc = exc.msg
proc setupNat*(natStrategy: NatStrategy, tcpPort, udpPort: Port,
clientId: string):
tuple[ip: Option[ValidIpAddress], tcpPort, udpPort: Option[Port]] =
## Setup NAT port mapping and get external IP address.
## If any of this fails, we don't return any IP address but do return the
## original ports as best effort.
## TODO: Allow for tcp or udp port mapping to be optional.
let extIp = getExternalIP(natStrategy)
if extIp.isSome:
let ip = ValidIpAddress.init(extIp.get)
let extPorts = ({.gcsafe.}:
redirectPorts(tcpPort = tcpPort,
udpPort = udpPort,
description = clientId))
if extPorts.isSome:
let (extTcpPort, extUdpPort) = extPorts.get()
(ip: some(ip), tcpPort: some(extTcpPort), udpPort: some(extUdpPort))
else:
warn "UPnP/NAT-PMP available but port forwarding failed"
(ip: none(ValidIpAddress), tcpPort: some(tcpPort), udpPort: some(udpPort))
else:
warn "UPnP/NAT-PMP not available"
(ip: none(ValidIpAddress), tcpPort: some(tcpPort), udpPort: some(udpPort))
type
NatConfig* = object
case hasExtIp*: bool
of true: extIp*: ValidIpAddress
of false: nat*: NatStrategy
proc setupAddress*(natConfig: NatConfig, bindIp: ValidIpAddress,
tcpPort, udpPort: Port, clientId: string):
tuple[ip: Option[ValidIpAddress], tcpPort, udpPort: Option[Port]]
{.gcsafe.} =
## Set-up of the external address via any of the ways as configured in
## `NatConfig`. In case all fails an error is logged and the bind ports are
## selected also as external ports, as best effort and in hope that the
## external IP can be figured out by other means at a later stage.
## TODO: Allow for tcp or udp bind ports to be optional.
if natConfig.hasExtIp:
# any required port redirection must be done by hand
return (some(natConfig.extIp), some(tcpPort), some(udpPort))
case natConfig.nat:
of NatStrategy.NatAny:
let (prefSrcIp, prefSrcStatus) = getRoutePrefSrc(bindIp)
case prefSrcStatus:
of NoRoutingInfo, PrefSrcIsPublic, BindAddressIsPublic:
return (prefSrcIp, some(tcpPort), some(udpPort))
of PrefSrcIsPrivate, BindAddressIsPrivate:
return setupNat(natConfig.nat, tcpPort, udpPort, clientId)
of NatStrategy.NatNone:
let (prefSrcIp, prefSrcStatus) = getRoutePrefSrc(bindIp)
case prefSrcStatus:
of NoRoutingInfo, PrefSrcIsPublic, BindAddressIsPublic:
return (prefSrcIp, some(tcpPort), some(udpPort))
of PrefSrcIsPrivate:
error "No public IP address found. Should not use --nat:none option"
return (none(ValidIpAddress), some(tcpPort), some(udpPort))
of BindAddressIsPrivate:
error "Bind IP is not a public IP address. Should not use --nat:none option"
return (none(ValidIpAddress), some(tcpPort), some(udpPort))
of NatStrategy.NatUpnp, NatStrategy.NatPmp:
return setupNat(natConfig.nat, tcpPort, udpPort, clientId)
proc nattedAddress*(natConfig: NatConfig, addrs: seq[MultiAddress], udpPort: Port): tuple[libp2p, discovery: seq[MultiAddress]] =
## Takes a NAT configuration, sequence of multiaddresses and UDP port and returns:
## - Modified multiaddresses with NAT-mapped addresses for libp2p
## - Discovery addresses with NAT-mapped UDP ports
var discoveryAddrs = newSeq[MultiAddress](0)
let
newAddrs = addrs.mapIt:
block:
# Extract IP address and port from the multiaddress
let (ipPart, port) = getAddressAndPort(it)
if ipPart.isSome and port.isSome:
# Try to setup NAT mapping for the address
let (newIP, tcp, udp) = setupAddress(natConfig, ipPart.get, port.get, udpPort, "codex")
if newIP.isSome:
# NAT mapping successful - add discovery address with mapped UDP port
discoveryAddrs.add(getMultiAddrWithIPAndUDPPort(newIP.get, udp.get))
# Remap original address with NAT IP and TCP port
it.remapAddr(ip = newIP, port = tcp)
else:
# NAT mapping failed - use original address
echo "Failed to get external IP, using original address", it
discoveryAddrs.add(getMultiAddrWithIPAndUDPPort(ipPart.get, udpPort))
it
else:
# Invalid multiaddress format - return as is
it
(newAddrs, discoveryAddrs)

View File

@ -20,6 +20,8 @@ import ./utils/asynciter
export asyncheapqueue, fileutils, asynciter, chronos
when defined(posix):
import os, posix
func divUp*[T: SomeInteger](a, b : T): T =
## Division with result rounded up (rather than truncated as in 'div')
@ -94,3 +96,31 @@ when not declared(parseDuration): # Odd code formatting to minimize diff v. main
result = start #..is no unit to the end of `s`.
var sizeF = number * scale + 0.5 # Saturate to int64.high when too big
size = seconds(int(sizeF))
# Block all/most signals in the current thread, so we don't interfere with regular signal
# handling elsewhere.
proc ignoreSignalsInThread*() =
when defined(posix):
var signalMask, oldSignalMask: Sigset
# sigprocmask() doesn't work on macOS, for multithreaded programs
if sigfillset(signalMask) != 0:
echo osErrorMsg(osLastError())
quit(QuitFailure)
when defined(boehmgc):
# Turns out Boehm GC needs some signals to deal with threads:
# https://www.hboehm.info/gc/debugging.html
const
SIGPWR = 30
SIGXCPU = 24
SIGSEGV = 11
SIGBUS = 7
if sigdelset(signalMask, SIGPWR) != 0 or
sigdelset(signalMask, SIGXCPU) != 0 or
sigdelset(signalMask, SIGSEGV) != 0 or
sigdelset(signalMask, SIGBUS) != 0:
echo osErrorMsg(osLastError())
quit(QuitFailure)
if pthread_sigmask(SIG_BLOCK, signalMask, oldSignalMask) != 0:
echo osErrorMsg(osLastError())
quit(QuitFailure)

View File

@ -15,6 +15,7 @@ import std/options
import pkg/libp2p
import pkg/stew/shims/net
import pkg/stew/endians2
func remapAddr*(
address: MultiAddress,
@ -39,3 +40,53 @@ func remapAddr*(
MultiAddress.init(parts.join("/"))
.expect("Should construct multiaddress")
proc getMultiAddrWithIPAndUDPPort*(ip: ValidIpAddress, port: Port): MultiAddress =
## Creates a MultiAddress with the specified IP address and UDP port
##
## Parameters:
## - ip: A valid IP address (IPv4 or IPv6)
## - port: The UDP port number
##
## Returns:
## A MultiAddress in the format "/ip4/<address>/udp/<port>" or "/ip6/<address>/udp/<port>"
let ipFamily = if ip.family == IpAddressFamily.IPv4: "/ip4/" else: "/ip6/"
return MultiAddress.init(ipFamily & $ip & "/udp/" & $port).expect("valid multiaddr")
proc getAddressAndPort*(ma: MultiAddress): tuple[ip: Option[ValidIpAddress], port: Option[Port]] =
try:
# Try IPv4 first
let ipv4Result = ma[multiCodec("ip4")]
let ip = if ipv4Result.isOk:
let ipBytes = ipv4Result.get()
.protoArgument()
.expect("Invalid IPv4 format")
let ipArray = [ipBytes[0], ipBytes[1], ipBytes[2], ipBytes[3]]
some(ipv4(ipArray))
else:
# Try IPv6 if IPv4 not found
let ipv6Result = ma[multiCodec("ip6")]
if ipv6Result.isOk:
let ipBytes = ipv6Result.get()
.protoArgument()
.expect("Invalid IPv6 format")
var ipArray: array[16, byte]
for i in 0..15:
ipArray[i] = ipBytes[i]
some(ipv6(ipArray))
else:
none(ValidIpAddress)
# Get TCP Port
let portResult = ma[multiCodec("tcp")]
let port = if portResult.isOk:
let portBytes = portResult.get()
.protoArgument()
.expect("Invalid port format")
some(Port(fromBytesBE(uint16, portBytes)))
else:
none(Port)
(ip: ip, port: port)
except Exception:
(ip: none(ValidIpAddress), port: none(Port))

68
codex/utils/natutils.nim Normal file
View File

@ -0,0 +1,68 @@
{.push raises: [].}
import
std/[tables, hashes],
stew/results, stew/shims/net as stewNet, chronos, chronicles
import pkg/libp2p
type
NatStrategy* = enum
NatAny
NatUpnp
NatPmp
NatNone
type
IpLimits* = object
limit*: uint
ips: Table[ValidIpAddress, uint]
func hash*(ip: ValidIpAddress): Hash =
case ip.family
of IpAddressFamily.IPv6: hash(ip.address_v6)
of IpAddressFamily.IPv4: hash(ip.address_v4)
func inc*(ipLimits: var IpLimits, ip: ValidIpAddress): bool =
let val = ipLimits.ips.getOrDefault(ip, 0)
if val < ipLimits.limit:
ipLimits.ips[ip] = val + 1
true
else:
false
func dec*(ipLimits: var IpLimits, ip: ValidIpAddress) =
let val = ipLimits.ips.getOrDefault(ip, 0)
if val == 1:
ipLimits.ips.del(ip)
elif val > 1:
ipLimits.ips[ip] = val - 1
func isGlobalUnicast*(address: TransportAddress): bool =
if address.isGlobal() and address.isUnicast():
true
else:
false
func isGlobalUnicast*(address: IpAddress): bool =
let a = initTAddress(address, Port(0))
a.isGlobalUnicast()
proc getRouteIpv4*(): Result[ValidIpAddress, cstring] =
# Avoiding Exception with initTAddress and can't make it work with static.
# Note: `publicAddress` is only used an "example" IP to find the best route,
# no data is send over the network to this IP!
let
publicAddress = TransportAddress(family: AddressFamily.IPv4,
address_v4: [1'u8, 1, 1, 1], port: Port(0))
route = getBestRoute(publicAddress)
if route.source.isUnspecified():
err("No best ipv4 route found")
else:
let ip = try: route.source.address()
except ValueError as e:
# This should not occur really.
error "Address conversion error", exception = e.name, msg = e.msg
return err("Invalid IP address")
ok(ValidIpAddress.init(ip))

View File

@ -9,7 +9,6 @@ services:
- CODEX_DATA_DIR=${CODEX_DATA_DIR:-/datadir}
- CODEX_LISTEN_ADDRS=${CODEX_LISTEN_ADDRS:-/ip4/0.0.0.0/tcp/2345}
- CODEX_NAT=${CODEX_NAT:-10.0.0.10}
- CODEX_DISC_IP=${CODEX_DISC_IP:-0.0.0.0}
- CODEX_DISC_PORT=${CODEX_DISC_PORT:-8090}
- CODEX_NET_PRIVKEY=${CODEX_NET_PRIVKEY:-key}
# - CODEX_BOOTSTRAP_NODE=${CODEX_BOOTSTRAP_NODE}

View File

@ -12,7 +12,7 @@ fi
# Parameters
if [[ -z "${CODEX_NAT}" ]]; then
if [[ "${NAT_IP_AUTO}" == "true" && -z "${NAT_PUBLIC_IP_AUTO}" ]]; then
export CODEX_NAT=$(hostname --ip-address)
export CODEX_NAT="extip:$(hostname --ip-address)"
echo "Private: CODEX_NAT=${CODEX_NAT}"
elif [[ -n "${NAT_PUBLIC_IP_AUTO}" ]]; then
# Run for 60 seconds if fail
@ -20,9 +20,10 @@ if [[ -z "${CODEX_NAT}" ]]; then
SECONDS=0
SLEEP=5
while (( SECONDS < WAIT )); do
export CODEX_NAT=$(curl -s -f -m 5 "${NAT_PUBLIC_IP_AUTO}")
IP=$(curl -s -f -m 5 "${NAT_PUBLIC_IP_AUTO}")
# Check if exit code is 0 and returned value is not empty
if [[ $? -eq 0 && -n "${CODEX_NAT}" ]]; then
if [[ $? -eq 0 && -n "${IP}" ]]; then
export CODEX_NAT="extip:${IP}"
echo "Public: CODEX_NAT=${CODEX_NAT}"
break
else

View File

@ -47,8 +47,9 @@ suite "Test BackendFactory":
let
config = CodexConf(
cmd: StartUpCmd.persistence,
nat: ValidIpAddress.init("127.0.0.1"),
discoveryIp: ValidIpAddress.init(IPv4_any()),
nat: NatConfig(
hasExtIp: false,
nat: NatNone),
metricsAddress: ValidIpAddress.init("127.0.0.1"),
persistenceCmd: PersistenceCmd.prover,
marketplaceAddress: EthAddress.example.some,
@ -68,8 +69,9 @@ suite "Test BackendFactory":
let
config = CodexConf(
cmd: StartUpCmd.persistence,
nat: ValidIpAddress.init("127.0.0.1"),
discoveryIp: ValidIpAddress.init(IPv4_any()),
nat: NatConfig(
hasExtIp: false,
nat: NatNone),
metricsAddress: ValidIpAddress.init("127.0.0.1"),
persistenceCmd: PersistenceCmd.prover,
marketplaceAddress: EthAddress.example.some,
@ -90,8 +92,9 @@ suite "Test BackendFactory":
let
config = CodexConf(
cmd: StartUpCmd.persistence,
nat: ValidIpAddress.init("127.0.0.1"),
discoveryIp: ValidIpAddress.init(IPv4_any()),
nat: NatConfig(
hasExtIp: false,
nat: NatNone),
metricsAddress: ValidIpAddress.init("127.0.0.1"),
persistenceCmd: PersistenceCmd.prover,
marketplaceAddress: EthAddress.example.some,

View File

@ -11,7 +11,8 @@ import pkg/codex/stores
import pkg/codex/conf
import pkg/confutils/defs
import pkg/poseidon2/io
import pkg/codex/utils/poseidon2digest
import pkg/codex/nat
import ./helpers
import ../helpers
@ -34,8 +35,9 @@ suite "Test Prover":
metaDs = metaTmp.newDb()
config = CodexConf(
cmd: StartUpCmd.persistence,
nat: ValidIpAddress.init("127.0.0.1"),
discoveryIp: ValidIpAddress.init(IPv4_any()),
nat: NatConfig(
hasExtIp: false,
nat: NatNone),
metricsAddress: ValidIpAddress.init("127.0.0.1"),
persistenceCmd: PersistenceCmd.prover,
circomR1cs: InputFile("tests/circuits/fixtures/proof_main.r1cs"),

46
tests/codex/testnat.nim Normal file
View File

@ -0,0 +1,46 @@
import std/[unittest, options, net],stew/shims/net as stewNet
import pkg/chronos
import pkg/libp2p/[multiaddress, multihash, multicodec]
import pkg/stew/results
import ../../codex/nat
import ../../codex/utils/natutils
import ../../codex/utils
suite "NAT Address Tests":
test "nattedAddress with local addresses":
# Setup test data
let
udpPort = Port(1234)
natConfig = NatConfig(
hasExtIp: true,
extIp:ValidIpAddress.init("8.8.8.8"))
# Create test addresses
localAddr = MultiAddress.init("/ip4/127.0.0.1/tcp/5000").expect("valid multiaddr")
anyAddr = MultiAddress.init("/ip4/0.0.0.0/tcp/5000").expect("valid multiaddr")
publicAddr = MultiAddress.init("/ip4/192.168.1.1/tcp/5000").expect("valid multiaddr")
# Expected results
let
expectedDiscoveryAddrs = @[
MultiAddress.init("/ip4/8.8.8.8/udp/1234").expect("valid multiaddr"),
MultiAddress.init("/ip4/8.8.8.8/udp/1234").expect("valid multiaddr"),
MultiAddress.init("/ip4/8.8.8.8/udp/1234").expect("valid multiaddr")
]
expectedlibp2pAddrs = @[
MultiAddress.init("/ip4/8.8.8.8/tcp/5000").expect("valid multiaddr"),
MultiAddress.init("/ip4/8.8.8.8/tcp/5000").expect("valid multiaddr"),
MultiAddress.init("/ip4/8.8.8.8/tcp/5000").expect("valid multiaddr")
]
#ipv6Addr = MultiAddress.init("/ip6/::1/tcp/5000").expect("valid multiaddr")
addrs = @[localAddr, anyAddr, publicAddr]
# Test address remapping
let (libp2pAddrs,discoveryAddrs) = nattedAddress(natConfig, addrs, udpPort)
# Verify results
check(discoveryAddrs == expectedDiscoveryAddrs)
check(libp2pAddrs == expectedlibp2pAddrs)

View File

@ -15,15 +15,17 @@ method getChainId*(provider: MockProvider): Future[UInt256] {.async: (raises:[Pr
proc configFactory(): CodexConf =
CodexConf(
cmd: StartUpCmd.persistence,
nat: ValidIpAddress.init("127.0.0.1"),
discoveryIp: ValidIpAddress.init(IPv4_any()),
nat: NatConfig(
hasExtIp: false,
nat: NatNone),
metricsAddress: ValidIpAddress.init("127.0.0.1"))
proc configFactory(marketplace: Option[EthAddress]): CodexConf =
CodexConf(
cmd: StartUpCmd.persistence,
nat: ValidIpAddress.init("127.0.0.1"),
discoveryIp: ValidIpAddress.init(IPv4_any()),
nat: NatConfig(
hasExtIp: false,
nat: NatNone),
metricsAddress: ValidIpAddress.init("127.0.0.1"),
marketplaceAddress: marketplace)

View File

@ -166,9 +166,8 @@ template multinodesuite*(name: string, body: untyped) =
config.addCliOption("--bootstrap-node", bootstrapNode)
config.addCliOption("--api-port", $ await nextFreePort(8080 + nodeIdx))
config.addCliOption("--data-dir", datadir)
config.addCliOption("--nat", "127.0.0.1")
config.addCliOption("--nat", "none")
config.addCliOption("--listen-addrs", "/ip4/127.0.0.1/tcp/0")
config.addCliOption("--disc-ip", "127.0.0.1")
config.addCliOption("--disc-port", $ await nextFreePort(8090 + nodeIdx))
except CodexConfigError as e:

View File

@ -27,9 +27,8 @@ ethersuite "Node block expiration tests":
node = await CodexProcess.startNode(@[
"--api-port=8080",
"--data-dir=" & dataDir,
"--nat=127.0.0.1",
"--nat=none",
"--listen-addrs=/ip4/127.0.0.1/tcp/0",
"--disc-ip=127.0.0.1",
"--disc-port=8090",
"--block-ttl=" & $blockTtlSeconds,
"--block-mi=1",

View File

@ -21,8 +21,7 @@ suite "Taiko L2 Integration Tests":
node1 = startNode([
"--data-dir=" & createTempDir("", ""),
"--api-port=8080",
"--nat=127.0.0.1",
"--disc-ip=127.0.0.1",
"--nat=none",
"--disc-port=8090",
"--persistence",
"--eth-provider=https://rpc.test.taiko.xyz"
@ -34,8 +33,7 @@ suite "Taiko L2 Integration Tests":
node2 = startNode([
"--data-dir=" & createTempDir("", ""),
"--api-port=8081",
"--nat=127.0.0.1",
"--disc-ip=127.0.0.1",
"--nat=none",
"--disc-port=8091",
"--bootstrap-node=" & bootstrap,
"--persistence",

2
vendor/nim-ethers vendored

@ -1 +1 @@
Subproject commit 0f98528758c30cb7977af745854a1b95657188ec
Subproject commit 2808a05488152c8b438d947dc871445164fa1278