Merge pull request #5 from ivanilves/macosx-support

MacOSX support (basic one)

README.md

@@ -1,2 +1,2 @@
 # xiringuito
-Obscene SSH VPN wrapper
+Obscene SSH-based VPN for poors ;)

scripts/darwin/client-route.sh

@@ -0,0 +1,12 @@
+#!/usr/bin/env bash
+#
+# Add client route [after setting up client] (MacOSX version)
+#
+set -e
+
+if [[ ${#} -ne 2 ]]; then
+  echo "Usage: ${0} LOCAL_TUNNEL_ID NETWORK"
+  exit 1
+fi
+
+sudo route add -net ${2} -interface tun${1}

scripts/darwin/client-setup.sh

@@ -0,0 +1,22 @@
+#!/usr/bin/env bash
+#
+# Setup client before establishing connection (MacOSX version)
+#
+set -e
+
+if [[ ${#} -ne 3 ]]; then
+  echo "Usage: ${0} TUNNEL_ID LOCAL_TUNNEL_ID IP_BASE"
+  exit 1
+fi
+
+declare -r TUNNEL_ID=${1}
+declare -r LOCAL_TUNNEL_ID=${2}
+declare -r IP_BASE=${3}
+
+declare -r NETWORK_DEVICE=tun${LOCAL_TUNNEL_ID}
+let CLIENT_LAST_IP_ADDR_OCTET="4*(${TUNNEL_ID}-1)+1"
+let SERVER_LAST_IP_ADDR_OCTET="4*(${TUNNEL_ID}-1)+2"
+declare -r CLIENT_IP_ADDR=${IP_BASE}.${CLIENT_LAST_IP_ADDR_OCTET}
+declare -r SERVER_IP_ADDR=${IP_BASE}.${SERVER_LAST_IP_ADDR_OCTET}
+
+sudo ifconfig ${NETWORK_DEVICE} ${CLIENT_IP_ADDR} ${SERVER_IP_ADDR} netmask 255.255.255.255

scripts/darwin/get-local-tunnel-id.sh

@@ -0,0 +1,16 @@
+#!/usr/bin/env bash
+#
+# Get local tunnel ID (MacOSX-only hack)
+#
+LOCAL_TUNNEL_ID=0
+while [[ ${LOCAL_TUNNEL_ID} -le 15 ]]; do
+  if [[ $(ifconfig | grep "^tun${LOCAL_TUNNEL_ID}: " | wc -l) -eq 0 ]]; then
+    echo ${LOCAL_TUNNEL_ID}
+    exit 0
+  fi
+
+  let LOCAL_TUNNEL_ID+=1
+done
+
+echo "No free local tunX device found."
+exit 1

scripts/linux/client-setup.sh

@@ -14,11 +14,13 @@ declare -r IP_BASE=${2}
 
 declare -r NETWORK_DEVICE=tun${TUNNEL_ID}
 let CLIENT_LAST_IP_ADDR_OCTET="4*(${TUNNEL_ID}-1)+1"
+let SERVER_LAST_IP_ADDR_OCTET="4*(${TUNNEL_ID}-1)+2"
 declare -r CLIENT_IP_ADDR=${IP_BASE}.${CLIENT_LAST_IP_ADDR_OCTET}
+declare -r SERVER_IP_ADDR=${IP_BASE}.${SERVER_LAST_IP_ADDR_OCTET}
 
 if [[ ! $(sudo ip link | grep " ${NETWORK_DEVICE}: ") ]]; then
   sudo modprobe tun
   sudo ip tuntap add mode tun user ${USER} ${NETWORK_DEVICE}
   sudo ip link set ${NETWORK_DEVICE} up
-  sudo ip addr add ${CLIENT_IP_ADDR}/30 dev ${NETWORK_DEVICE}
+  sudo ip addr add ${CLIENT_IP_ADDR}/32 peer ${SERVER_IP_ADDR} dev ${NETWORK_DEVICE}
 fi

scripts/server-setup.sh

@@ -31,7 +31,7 @@ if [[ ! $(sudo ip link | grep " ${NETWORK_DEVICE}: ") ]]; then
   sudo modprobe tun
   sudo ip tuntap add mode tun user ${USER} ${NETWORK_DEVICE}
   sudo ip link set ${NETWORK_DEVICE} up
-  sudo ip addr add ${SERVER_IP_ADDR}/30 dev ${NETWORK_DEVICE}
+  sudo ip addr add ${SERVER_IP_ADDR}/32 peer ${CLIENT_IP_ADDR} dev ${NETWORK_DEVICE}
 fi
 
 # Set up SSH server for tunneling

xiringuito

@@ -1,14 +1,30 @@
 #!/usr/bin/env bash
 #
-# Bash SSH VPN wrapper
+# Obscene SSH-based VPN for poors ;)
 #
 set -e
 
+declare -r KERNEL=$(uname -s | tr [A-Z] [a-z])
+if [[ ${KERNEL} != linux && ${KERNEL} != darwin ]]; then
+  echo "Unsupported system: ${KERNEL}"
+  exit 2
+fi
+
+if [[ ${KERNEL} == darwin ]]; then
+  if [[ ! $(ls -1 /dev/tun[0-9]) ]]; then
+    echo "MacOSX Virtual Network Interface not installed!"
+    echo "Get it here: http://tuntaposx.sourceforge.net/"
+    exit 3
+  fi
+fi
+
 if [[ ${#} -lt 1 ]]; then
   echo "Usage: ${0} [SSH_USER@]SSH_SERVER [NETWORK1, NETWORK2, ... NETWORKx]"
   exit 1
 fi
 
+echo -n "[ sudo check ] "; sudo true; echo
+
 declare -r SSH_SERVER=${1}; shift
 
 if [[ ${#} -gt 0 ]]; then
@@ -34,6 +50,12 @@ declare -r SSH_OPTS="-oLogLevel=${SSH_LOG_LEVEL:-ERROR} -oConnectTimeout=10"
 
 cd $(dirname ${0})
 
+if [[ ${KERNEL} == linux ]]; then
+  declare -r LOCAL_TUNNEL_ID=${TUNNEL_ID}
+else
+  declare -r LOCAL_TUNNEL_ID=$(./scripts/${KERNEL}/get-local-tunnel-id.sh)
+fi
+
 trap teardown EXIT
 
 function teardown() {
@@ -43,32 +65,55 @@ function teardown() {
     sudo cp /etc/resolv.conf.orig /etc/resolv.conf
   fi
   if [[ ${SSH_PID} ]]; then
-    kill ${SSH_PID}
+    if [[ ${KERNEL} == linux ]]; then
+      kill ${SSH_PID}
+    else
+      sudo kill ${SSH_PID}
+    fi
+  fi
+  if [[ ${KERNEL} == linux ]]; then
+    ./scripts/${KERNEL}/client-teardown.sh ${TUNNEL_ID}
   fi
-  ./scripts/client-teardown.sh ${TUNNEL_ID}
   ssh ${SSH_OPTS} ${SSH_SERVER} pkill -f ${REMOTE_PATH}/server-execute.sh
   echo "DONE"
 }
 
-echo "TUNNEL ID: ${TUNNEL_ID}"
+echo "TUNNEL ID: ${TUNNEL_ID} (local: ${LOCAL_TUNNEL_ID})"
 
-./scripts/client-setup.sh ${TUNNEL_ID} ${IP_BASE}
-
-set +e
-for NETWORK in ${NETWORKS}; do
-   echo "> ROUTE: ${NETWORK}"
-  ./scripts/client-route.sh ${TUNNEL_ID} ${NETWORK}
-done
-set -e
+if [[ ${KERNEL} == linux ]]; then
+  ./scripts/${KERNEL}/client-setup.sh ${TUNNEL_ID} ${IP_BASE}
+fi
 
 ssh ${SSH_OPTS} ${SSH_SERVER} mkdir -p ${REMOTE_PATH}
 scp ${SSH_OPTS} ./scripts/server-*.sh ${SSH_SERVER}:${REMOTE_PATH} >/dev/null
 
 ssh ${SSH_OPTS} ${SSH_SERVER} ${REMOTE_PATH}/server-setup.sh ${TUNNEL_ID} ${IP_BASE}
+
 sleep 1; echo -n "SERVER: ${SSH_SERVER} ... "
-ssh ${SSH_OPTS} -w ${TUNNEL_ID}:${TUNNEL_ID} ${SSH_SERVER} ${REMOTE_PATH}/server-execute.sh ${TUNNEL_ID} ${IP_BASE} &
+if [[ ${KERNEL} == linux ]]; then
+  SSH_TUNNEL_CMD="ssh"
+else
+  SSH_TUNNEL_CMD="sudo -E ssh"
+fi
+${SSH_TUNNEL_CMD} ${SSH_OPTS} -oStrictHostKeyChecking=no -w ${LOCAL_TUNNEL_ID}:${TUNNEL_ID} ${SSH_SERVER} ${REMOTE_PATH}/server-execute.sh ${TUNNEL_ID} ${IP_BASE} &
 SSH_PID=${!}
-sleep 3
+
+if [[ ${KERNEL} == linux ]]; then
+  sleep 3
+else
+  sleep 5 # slow bitch!
+fi
+
+if [[ ${KERNEL} == darwin ]]; then
+  ./scripts/${KERNEL}/client-setup.sh ${TUNNEL_ID} ${LOCAL_TUNNEL_ID} ${IP_BASE}
+fi
+
+set +e
+for NETWORK in ${NETWORKS}; do
+   echo "> ROUTE: ${NETWORK}"
+  ./scripts/${KERNEL}/client-route.sh ${LOCAL_TUNNEL_ID} ${NETWORK}
+done
+set -e
 
 if [[ ! ${NO_DNS} && ! -z "${NETWORKS}" && ! "$(grep xiringuito /etc/resolv.conf)" ]]; then
   echo