diff options
44 files changed, 703 insertions, 703 deletions
diff --git a/make-linux.mk b/make-linux.mk index c4024f83..47a860bc 100644 --- a/make-linux.mk +++ b/make-linux.mk @@ -95,14 +95,24 @@ one: $(OBJS) service/OneService.o one.o osdep/LinuxEthernetTap.o ln -sf zerotier-one zerotier-idtool ln -sf zerotier-one zerotier-cli -netcon: one +netcon: $(OBJS) one.o # Need to selectively rebuild one.cpp and OneService.cpp with ZT_SERVICE_NETCON and ZT_ONE_NO_ROOT_CHECK defined, and also NetconEthernetTap - $(CXX) $(CXXFLAGS) $(LDFLAGS) -DZT_SERVICE_NETCON -DZT_ONE_NO_ROOT_CHECK -Iext/lwip/src/include -Iext/lwip/src/include/ipv4 -Iext/lwip/src/include/ipv6 -o zerotier-netcon-service one.cpp service/OneService.cpp netcon/NetconEthernetTap.cpp $(OBJS) $(LDLIBS) -ldl + $(CXX) $(CXXFLAGS) $(LDFLAGS) -DZT_SERVICE_NETCON -DZT_ONE_NO_ROOT_CHECK -o zerotier-netcon-service $(OBJS) one.o $(LDLIBS) -ldl # Build netcon/liblwip.so which must be placed in ZT home for zerotier-netcon-service to work cd netcon ; make -f make-liblwip.mk # Use gcc not clang to build standalone intercept library since gcc is typically used for libc and we want to ensure maximal ABI compatibility cd netcon ; gcc -g -O2 -Wall -std=c99 -fPIC -DVERBOSE -DDEBUG_RPC -DCHECKS -D_GNU_SOURCE -DNETCON_INTERCEPT -I. -nostdlib -shared -o ../libzerotierintercept.so Intercept.c +install-intercept: + cp libzerotierintercept.so /lib/libzerotierintercept.so + ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept + /usr/bin/install -c netcon/zerotier-intercept /usr/bin + +uninstall-intercept: + rm -r /lib/libzerotierintercept.so + rm -r /lib/libzerotierintercept + rm -r /usr/bin/zerotier-intercept + selftest: $(OBJS) selftest.o $(CXX) $(CXXFLAGS) $(LDFLAGS) -o zerotier-selftest selftest.o $(OBJS) $(LDLIBS) $(STRIP) zerotier-selftest @@ -111,9 +121,9 @@ installer: one FORCE ./ext/installfiles/linux/buildinstaller.sh clean: - rm -rf *.so *.o node/*.o controller/*.o osdep/*.o service/*.o ext/http-parser/*.o ext/lz4/*.o ext/json-parser/*.o $(OBJS) zerotier-one zerotier-idtool zerotier-cli zerotier-selftest zerotier-netcon-service build-* ZeroTierOneInstaller-* *.deb *.rpm - # Remove files from all the funny places we put them for netcon tests - find netcon -type f \( -name '*.o' -o -name '*.so' -o -name '.depend' -o -name '*.1.0' -o -name 'zerotier-one' -o -name 'zerotier-cli' \) -delete + rm -rf *.so *.o node/*.o controller/*.o osdep/*.o service/*.o ext/http-parser/*.o ext/lz4/*.o ext/json-parser/*.o $(OBJS) zerotier-one zerotier-idtool zerotier-cli zerotier-selftest build-* ZeroTierOneInstaller-* *.deb *.rpm + # Remove files from all the funny places we put them for tests + find netcon -type f \( -name '*.o' -o -name '*.so' -o -name '*.1.0' -o -name 'zerotier-one' -o -name 'zerotier-cli' -o -name 'zerotier-netcon-service' \) -delete find netcon/docker-test -name "zerotier-intercept" -type f -delete debug: FORCE diff --git a/netcon/.depend b/netcon/.depend deleted file mode 100644 index 3a298152..00000000 --- a/netcon/.depend +++ /dev/null @@ -1,418 +0,0 @@ -mem.o: ../ext/lwip/src/core/mem.c ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h -memp.o: ../ext/lwip/src/core/memp.c ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h ../ext/lwip/src/include/lwip/memp.h \ - ../ext/lwip/src/include/lwip/memp_std.h \ - ../ext/lwip/src/include/lwip/mem.h ../ext/lwip/src/include/lwip/pbuf.h \ - ../ext/lwip/src/include/lwip/err.h ../ext/lwip/src/include/lwip/udp.h \ - ../ext/lwip/src/include/lwip/netif.h \ - ../ext/lwip/src/include/ipv4/lwip/ip_addr.h \ - ../ext/lwip/src/include/lwip/def.h ../ext/lwip/src/include/lwip/ip.h \ - ../ext/lwip/src/include/lwip/raw.h \ - ../ext/lwip/src/include/lwip/tcp_impl.h \ - ../ext/lwip/src/include/lwip/tcp.h ../ext/lwip/src/include/lwip/mem.h \ - ../ext/lwip/src/include/ipv4/lwip/icmp.h \ - ../ext/lwip/src/include/ipv4/lwip/igmp.h \ - ../ext/lwip/src/include/lwip/api.h \ - ../ext/lwip/src/include/lwip/api_msg.h \ - ../ext/lwip/src/include/lwip/tcpip.h ../ext/lwip/src/include/lwip/sys.h \ - ../ext/lwip/src/include/lwip/timers.h \ - ../ext/lwip/src/include/lwip/stats.h \ - ../ext/lwip/src/include/netif/etharp.h \ - ../ext/lwip/src/include/ipv4/lwip/ip_frag.h \ - ../ext/lwip/src/include/lwip/snmp_structs.h \ - ../ext/lwip/src/include/lwip/snmp_msg.h \ - ../ext/lwip/src/include/lwip/snmp.h ../ext/lwip/src/include/lwip/dns.h \ - ../ext/lwip/src/include/netif/ppp_oe.h -netif.o: ../ext/lwip/src/core/netif.c ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h ../ext/lwip/src/include/lwip/def.h \ - ../ext/lwip/src/include/ipv4/lwip/ip_addr.h \ - ../ext/lwip/src/include/lwip/netif.h ../ext/lwip/src/include/lwip/err.h \ - ../ext/lwip/src/include/lwip/pbuf.h \ - ../ext/lwip/src/include/lwip/tcp_impl.h \ - ../ext/lwip/src/include/lwip/tcp.h ../ext/lwip/src/include/lwip/mem.h \ - ../ext/lwip/src/include/lwip/ip.h \ - ../ext/lwip/src/include/ipv4/lwip/icmp.h \ - ../ext/lwip/src/include/lwip/snmp.h \ - ../ext/lwip/src/include/ipv4/lwip/igmp.h \ - ../ext/lwip/src/include/netif/etharp.h \ - ../ext/lwip/src/include/lwip/stats.h ../ext/lwip/src/include/lwip/memp.h \ - ../ext/lwip/src/include/lwip/memp_std.h \ - ../ext/lwip/src/include/lwip/mem.h -pbuf.o: ../ext/lwip/src/core/pbuf.c ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h ../ext/lwip/src/include/lwip/stats.h \ - ../ext/lwip/src/include/lwip/mem.h ../ext/lwip/src/include/lwip/memp.h \ - ../ext/lwip/src/include/lwip/memp_std.h \ - ../ext/lwip/src/include/lwip/mem.h ../ext/lwip/src/include/lwip/def.h \ - ../ext/lwip/src/include/lwip/pbuf.h ../ext/lwip/src/include/lwip/err.h \ - ../ext/lwip/src/include/lwip/sys.h ../ext/lwip/src/include/arch/perf.h \ - ../ext/lwip/src/include/lwip/tcp_impl.h \ - ../ext/lwip/src/include/lwip/tcp.h ../ext/lwip/src/include/lwip/ip.h \ - ../ext/lwip/src/include/ipv4/lwip/ip_addr.h \ - ../ext/lwip/src/include/lwip/netif.h \ - ../ext/lwip/src/include/ipv4/lwip/icmp.h -raw.o: ../ext/lwip/src/core/raw.c ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h ../ext/lwip/src/include/lwip/def.h \ - ../ext/lwip/src/include/lwip/memp.h \ - ../ext/lwip/src/include/lwip/memp_std.h \ - ../ext/lwip/src/include/lwip/mem.h \ - ../ext/lwip/src/include/ipv4/lwip/ip_addr.h \ - ../ext/lwip/src/include/lwip/netif.h ../ext/lwip/src/include/lwip/err.h \ - ../ext/lwip/src/include/lwip/pbuf.h ../ext/lwip/src/include/lwip/raw.h \ - ../ext/lwip/src/include/lwip/ip.h ../ext/lwip/src/include/lwip/stats.h \ - ../ext/lwip/src/include/lwip/mem.h ../ext/lwip/src/include/arch/perf.h -stats.o: ../ext/lwip/src/core/stats.c ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h -sys.o: ../ext/lwip/src/core/sys.c ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h ../ext/lwip/src/include/lwip/sys.h -tcp.o: ../ext/lwip/src/core/tcp.c ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h ../ext/lwip/src/include/lwip/def.h \ - ../ext/lwip/src/include/lwip/mem.h ../ext/lwip/src/include/lwip/memp.h \ - ../ext/lwip/src/include/lwip/memp_std.h \ - ../ext/lwip/src/include/lwip/mem.h ../ext/lwip/src/include/lwip/snmp.h \ - ../ext/lwip/src/include/ipv4/lwip/ip_addr.h \ - ../ext/lwip/src/include/lwip/tcp.h ../ext/lwip/src/include/lwip/pbuf.h \ - ../ext/lwip/src/include/lwip/err.h ../ext/lwip/src/include/lwip/ip.h \ - ../ext/lwip/src/include/lwip/netif.h \ - ../ext/lwip/src/include/ipv4/lwip/icmp.h \ - ../ext/lwip/src/include/lwip/tcp_impl.h \ - ../ext/lwip/src/include/lwip/stats.h -tcp_in.o: ../ext/lwip/src/core/tcp_in.c \ - ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h \ - ../ext/lwip/src/include/lwip/tcp_impl.h \ - ../ext/lwip/src/include/lwip/tcp.h ../ext/lwip/src/include/lwip/mem.h \ - ../ext/lwip/src/include/lwip/pbuf.h ../ext/lwip/src/include/lwip/err.h \ - ../ext/lwip/src/include/lwip/ip.h ../ext/lwip/src/include/lwip/def.h \ - ../ext/lwip/src/include/ipv4/lwip/ip_addr.h \ - ../ext/lwip/src/include/lwip/netif.h \ - ../ext/lwip/src/include/ipv4/lwip/icmp.h \ - ../ext/lwip/src/include/lwip/memp.h \ - ../ext/lwip/src/include/lwip/memp_std.h \ - ../ext/lwip/src/include/lwip/mem.h \ - ../ext/lwip/src/include/ipv4/lwip/inet_chksum.h \ - ../ext/lwip/src/include/lwip/stats.h ../ext/lwip/src/include/lwip/snmp.h \ - ../ext/lwip/src/include/arch/perf.h -tcp_out.o: ../ext/lwip/src/core/tcp_out.c \ - ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h \ - ../ext/lwip/src/include/lwip/tcp_impl.h \ - ../ext/lwip/src/include/lwip/tcp.h ../ext/lwip/src/include/lwip/mem.h \ - ../ext/lwip/src/include/lwip/pbuf.h ../ext/lwip/src/include/lwip/err.h \ - ../ext/lwip/src/include/lwip/ip.h ../ext/lwip/src/include/lwip/def.h \ - ../ext/lwip/src/include/ipv4/lwip/ip_addr.h \ - ../ext/lwip/src/include/lwip/netif.h \ - ../ext/lwip/src/include/ipv4/lwip/icmp.h \ - ../ext/lwip/src/include/lwip/memp.h \ - ../ext/lwip/src/include/lwip/memp_std.h \ - ../ext/lwip/src/include/lwip/mem.h \ - ../ext/lwip/src/include/ipv4/lwip/inet_chksum.h \ - ../ext/lwip/src/include/lwip/stats.h ../ext/lwip/src/include/lwip/snmp.h -udp.o: ../ext/lwip/src/core/udp.c ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h ../ext/lwip/src/include/lwip/udp.h \ - ../ext/lwip/src/include/lwip/pbuf.h ../ext/lwip/src/include/lwip/err.h \ - ../ext/lwip/src/include/lwip/netif.h \ - ../ext/lwip/src/include/ipv4/lwip/ip_addr.h \ - ../ext/lwip/src/include/lwip/def.h ../ext/lwip/src/include/lwip/ip.h \ - ../ext/lwip/src/include/lwip/memp.h \ - ../ext/lwip/src/include/lwip/memp_std.h \ - ../ext/lwip/src/include/lwip/mem.h \ - ../ext/lwip/src/include/ipv4/lwip/inet_chksum.h \ - ../ext/lwip/src/include/ipv4/lwip/icmp.h \ - ../ext/lwip/src/include/lwip/stats.h ../ext/lwip/src/include/lwip/mem.h \ - ../ext/lwip/src/include/lwip/snmp.h ../ext/lwip/src/include/arch/perf.h \ - ../ext/lwip/src/include/lwip/dhcp.h -dhcp.o: ../ext/lwip/src/core/dhcp.c ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h -init.o: ../ext/lwip/src/core/init.c ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h ../ext/lwip/src/include/lwip/init.h \ - ../ext/lwip/src/include/lwip/stats.h ../ext/lwip/src/include/lwip/mem.h \ - ../ext/lwip/src/include/lwip/memp.h \ - ../ext/lwip/src/include/lwip/memp_std.h \ - ../ext/lwip/src/include/lwip/mem.h ../ext/lwip/src/include/lwip/sys.h \ - ../ext/lwip/src/include/lwip/pbuf.h ../ext/lwip/src/include/lwip/err.h \ - ../ext/lwip/src/include/lwip/netif.h \ - ../ext/lwip/src/include/ipv4/lwip/ip_addr.h \ - ../ext/lwip/src/include/lwip/def.h \ - ../ext/lwip/src/include/lwip/sockets.h ../ext/lwip/src/include/lwip/ip.h \ - ../ext/lwip/src/include/lwip/raw.h ../ext/lwip/src/include/lwip/udp.h \ - ../ext/lwip/src/include/lwip/tcp_impl.h \ - ../ext/lwip/src/include/lwip/tcp.h \ - ../ext/lwip/src/include/ipv4/lwip/icmp.h \ - ../ext/lwip/src/include/lwip/snmp_msg.h \ - ../ext/lwip/src/include/lwip/snmp.h \ - ../ext/lwip/src/include/lwip/snmp_structs.h \ - ../ext/lwip/src/include/ipv4/lwip/autoip.h \ - ../ext/lwip/src/include/ipv4/lwip/igmp.h \ - ../ext/lwip/src/include/lwip/dns.h ../ext/lwip/src/include/lwip/timers.h \ - ../ext/lwip/src/include/netif/etharp.h \ - ../ext/lwip/src/include/lwip/api.h -timers.o: ../ext/lwip/src/core/timers.c \ - ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h ../ext/lwip/src/include/lwip/timers.h \ - ../ext/lwip/src/include/lwip/tcp_impl.h \ - ../ext/lwip/src/include/lwip/tcp.h ../ext/lwip/src/include/lwip/mem.h \ - ../ext/lwip/src/include/lwip/pbuf.h ../ext/lwip/src/include/lwip/err.h \ - ../ext/lwip/src/include/lwip/ip.h ../ext/lwip/src/include/lwip/def.h \ - ../ext/lwip/src/include/ipv4/lwip/ip_addr.h \ - ../ext/lwip/src/include/lwip/netif.h \ - ../ext/lwip/src/include/ipv4/lwip/icmp.h -def.o: ../ext/lwip/src/core/def.c ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h ../ext/lwip/src/include/lwip/def.h -ip_frag.o: ../ext/lwip/src/core/ipv4/ip_frag.c \ - ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h \ - ../ext/lwip/src/include/ipv4/lwip/ip_frag.h \ - ../ext/lwip/src/include/lwip/err.h ../ext/lwip/src/include/lwip/pbuf.h \ - ../ext/lwip/src/include/lwip/netif.h \ - ../ext/lwip/src/include/ipv4/lwip/ip_addr.h \ - ../ext/lwip/src/include/lwip/def.h ../ext/lwip/src/include/lwip/ip.h \ - ../ext/lwip/src/include/ipv4/lwip/inet_chksum.h \ - ../ext/lwip/src/include/lwip/snmp.h ../ext/lwip/src/include/lwip/stats.h \ - ../ext/lwip/src/include/lwip/mem.h ../ext/lwip/src/include/lwip/memp.h \ - ../ext/lwip/src/include/lwip/memp_std.h \ - ../ext/lwip/src/include/lwip/mem.h \ - ../ext/lwip/src/include/ipv4/lwip/icmp.h -inet.o: ../ext/lwip/src/core/ipv4/inet.c \ - ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h \ - ../ext/lwip/src/include/ipv4/lwip/inet.h \ - ../ext/lwip/src/include/lwip/def.h \ - ../ext/lwip/src/include/ipv4/lwip/ip_addr.h -ip_addr.o: ../ext/lwip/src/core/ipv4/ip_addr.c \ - ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h \ - ../ext/lwip/src/include/ipv4/lwip/ip_addr.h \ - ../ext/lwip/src/include/lwip/def.h ../ext/lwip/src/include/lwip/netif.h \ - ../ext/lwip/src/include/lwip/err.h ../ext/lwip/src/include/lwip/pbuf.h -igmp.o: ../ext/lwip/src/core/ipv4/igmp.c \ - ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h -ip.o: ../ext/lwip/src/core/ipv4/ip.c ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h ../ext/lwip/src/include/lwip/ip.h \ - ../ext/lwip/src/include/lwip/def.h ../ext/lwip/src/include/lwip/pbuf.h \ - ../ext/lwip/src/include/lwip/err.h \ - ../ext/lwip/src/include/ipv4/lwip/ip_addr.h \ - ../ext/lwip/src/include/lwip/netif.h ../ext/lwip/src/include/lwip/mem.h \ - ../ext/lwip/src/include/ipv4/lwip/ip_frag.h \ - ../ext/lwip/src/include/ipv4/lwip/inet_chksum.h \ - ../ext/lwip/src/include/ipv4/lwip/icmp.h \ - ../ext/lwip/src/include/ipv4/lwip/igmp.h \ - ../ext/lwip/src/include/lwip/raw.h ../ext/lwip/src/include/lwip/udp.h \ - ../ext/lwip/src/include/lwip/tcp_impl.h \ - ../ext/lwip/src/include/lwip/tcp.h ../ext/lwip/src/include/lwip/snmp.h \ - ../ext/lwip/src/include/lwip/dhcp.h \ - ../ext/lwip/src/include/ipv4/lwip/autoip.h \ - ../ext/lwip/src/include/lwip/stats.h ../ext/lwip/src/include/lwip/memp.h \ - ../ext/lwip/src/include/lwip/memp_std.h \ - ../ext/lwip/src/include/lwip/mem.h ../ext/lwip/src/include/arch/perf.h -autoip.o: ../ext/lwip/src/core/ipv4/autoip.c \ - ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h -inet_chksum.o: ../ext/lwip/src/core/ipv4/inet_chksum.c \ - ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h \ - ../ext/lwip/src/include/ipv4/lwip/inet_chksum.h \ - ../ext/lwip/src/include/lwip/pbuf.h ../ext/lwip/src/include/lwip/err.h \ - ../ext/lwip/src/include/ipv4/lwip/ip_addr.h \ - ../ext/lwip/src/include/lwip/def.h -icmp.o: ../ext/lwip/src/core/ipv4/icmp.c \ - ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h \ - ../ext/lwip/src/include/ipv4/lwip/icmp.h \ - ../ext/lwip/src/include/lwip/pbuf.h ../ext/lwip/src/include/lwip/err.h \ - ../ext/lwip/src/include/ipv4/lwip/ip_addr.h \ - ../ext/lwip/src/include/lwip/def.h ../ext/lwip/src/include/lwip/netif.h \ - ../ext/lwip/src/include/ipv4/lwip/inet_chksum.h \ - ../ext/lwip/src/include/lwip/ip.h ../ext/lwip/src/include/lwip/stats.h \ - ../ext/lwip/src/include/lwip/mem.h ../ext/lwip/src/include/lwip/memp.h \ - ../ext/lwip/src/include/lwip/memp_std.h \ - ../ext/lwip/src/include/lwip/mem.h ../ext/lwip/src/include/lwip/snmp.h -asn1_dec.o: ../ext/lwip/src/core/snmp/asn1_dec.c \ - ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h -asn1_enc.o: ../ext/lwip/src/core/snmp/asn1_enc.c \ - ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h -mib2.o: ../ext/lwip/src/core/snmp/mib2.c \ - ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h -mib_structs.o: ../ext/lwip/src/core/snmp/mib_structs.c \ - ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h -msg_in.o: ../ext/lwip/src/core/snmp/msg_in.c \ - ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h -msg_out.o: ../ext/lwip/src/core/snmp/msg_out.c \ - ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h -api_lib.o: ../ext/lwip/src/api/api_lib.c \ - ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h -api_msg.o: ../ext/lwip/src/api/api_msg.c \ - ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h -tcpip.o: ../ext/lwip/src/api/tcpip.c ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h -err.o: ../ext/lwip/src/api/err.c ../ext/lwip/src/include/lwip/err.h \ - ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h -sockets.o: ../ext/lwip/src/api/sockets.c \ - ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h -netbuf.o: ../ext/lwip/src/api/netbuf.c ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h -netdb.o: ../ext/lwip/src/api/netdb.c ../ext/lwip/src/include/lwip/netdb.h \ - ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h -etharp.o: ../ext/lwip/src/netif/etharp.c \ - ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h \ - ../ext/lwip/src/include/ipv4/lwip/ip_addr.h \ - ../ext/lwip/src/include/lwip/def.h ../ext/lwip/src/include/lwip/ip.h \ - ../ext/lwip/src/include/lwip/pbuf.h ../ext/lwip/src/include/lwip/err.h \ - ../ext/lwip/src/include/lwip/netif.h \ - ../ext/lwip/src/include/lwip/stats.h ../ext/lwip/src/include/lwip/mem.h \ - ../ext/lwip/src/include/lwip/memp.h \ - ../ext/lwip/src/include/lwip/memp_std.h \ - ../ext/lwip/src/include/lwip/mem.h ../ext/lwip/src/include/lwip/snmp.h \ - ../ext/lwip/src/include/lwip/dhcp.h \ - ../ext/lwip/src/include/ipv4/lwip/autoip.h \ - ../ext/lwip/src/include/netif/etharp.h -slipif.o: ../ext/lwip/src/netif/slipif.c \ - ../ext/lwip/src/include/netif/slipif.h \ - ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h ../ext/lwip/src/include/lwip/netif.h \ - ../ext/lwip/src/include/lwip/err.h \ - ../ext/lwip/src/include/ipv4/lwip/ip_addr.h \ - ../ext/lwip/src/include/lwip/def.h ../ext/lwip/src/include/lwip/pbuf.h -auth.o: ../ext/lwip/src/netif/ppp/auth.c \ - ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h -chap.o: ../ext/lwip/src/netif/ppp/chap.c \ - ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h -chpms.o: ../ext/lwip/src/netif/ppp/chpms.c \ - ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h -fsm.o: ../ext/lwip/src/netif/ppp/fsm.c ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h -ipcp.o: ../ext/lwip/src/netif/ppp/ipcp.c \ - ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h -lcp.o: ../ext/lwip/src/netif/ppp/lcp.c ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h -magic.o: ../ext/lwip/src/netif/ppp/magic.c \ - ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h -md5.o: ../ext/lwip/src/netif/ppp/md5.c ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h -pap.o: ../ext/lwip/src/netif/ppp/pap.c ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h -ppp.o: ../ext/lwip/src/netif/ppp/ppp.c ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h -randm.o: ../ext/lwip/src/netif/ppp/randm.c \ - ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h -vj.o: ../ext/lwip/src/netif/ppp/vj.c ../ext/lwip/src/include/lwip/opt.h \ - ../ext/lwip/src/include/../../../lwipopts.h \ - ../ext/lwip/src/include/lwip/debug.h ../ext/lwip/src/include/lwip/arch.h \ - ../ext/lwip/src/include/arch/cc.h diff --git a/netcon/Intercept.c b/netcon/Intercept.c index 7f5f4d6e..3890c08b 100644 --- a/netcon/Intercept.c +++ b/netcon/Intercept.c @@ -303,7 +303,7 @@ int init_service_connection() void my_dest(void) __attribute__ ((destructor)); void my_dest(void) { dwr(MSG_DEBUG,"closing connections to service...\n"); - close(fdret_sock); + //close(fdret_sock); pthread_mutex_destroy(&lock); } @@ -824,9 +824,10 @@ int accept(ACCEPT_SIG) return -1; } - // if(opt & O_NONBLOCK) - fcntl(sockfd, F_SETFL, O_NONBLOCK); /* required by libuv in nodejs */ - + /* The following line is required for libuv/nodejs to accept connections properly, + however, this has the side effect of causing certain webservers to max out the CPU + in an accept loop */ + //fcntl(sockfd, F_SETFL, O_NONBLOCK); char c[1]; int new_conn_socket; @@ -936,7 +937,7 @@ int listen(LISTEN_SIG) memcpy(&cmd[1], &rpc_st, sizeof(struct listen_st)); pthread_mutex_lock(&lock); send_command(fdret_sock, cmd); - get_retval(); + //get_retval(); pthread_mutex_unlock(&lock); handle_error("listen", "", ERR_OK); return ERR_OK; @@ -1010,8 +1011,8 @@ int dup2(DUP2_SIG) errno = EBADF; return -1; } - if(oldfd != STDIN_FILENO && oldfd != STDOUT_FILENO && oldfd != STDERR_FILENO) - if(newfd != STDIN_FILENO && newfd != STDOUT_FILENO && newfd != STDERR_FILENO) + //if(oldfd != STDIN_FILENO && oldfd != STDOUT_FILENO && oldfd != STDERR_FILENO) + // if(newfd != STDIN_FILENO && newfd != STDOUT_FILENO && newfd != STDERR_FILENO) return realdup2(oldfd, newfd); return -1; } diff --git a/netcon/README.md b/netcon/README.md index 01e57a9b..e20d8a92 100644 --- a/netcon/README.md +++ b/netcon/README.md @@ -3,15 +3,17 @@ Network Containers (beta) ZeroTier Network Containers offers a microkernel-like networking paradigm for containerized applications and application-specific virtual networking. -Network Containers couples the ZeroTier core Ethernet virtualization engine with a user-space TCP/IP stack and a library that intercepts calls to the Posix network API. Our intercept library implements full binary compatibility with the standard network API, permitting servers and applications to be used without modification or recompilation. - -It can be used to run services on virtual networks without requiring the creation of kernel-mode virtual network ports or modification of system network settings and without special privileges. It's ideal for containerized microservices that are designed exclusively for use on an isolated virtual network and that are to be deployed on commodity container hosting infrastructure. With Network Containers such services can be deployed without special permissions and connected to arbitrary virtual networks without configuration changes to the host node. +Network Containers couples the ZeroTier core Ethernet virtualization engine with a user-space TCP/IP stack and a library that intercepts calls to the Posix network API. Our intercept library implements full binary compatibility with the standard network API, permitting servers and applications to be used without modification or recompilation. It can be used to run services on virtual networks without elevated privileges, special configuration of the physical host, kernel support, or any other application specific configuration. Network Containers is ideal for use with [Docker](http://http://www.docker.com), [LXC](https://linuxcontainers.org), or [Rkt](https://coreos.com/rkt/docs/latest/), allowing connectivity to a virtual network to be built into and deployed with containers without host awareness or configuration. It can also be used without containers to network-containerize applications on an ordinary VM or bare metal host. It works entirely at the library/application level and requires no special kernel extensions. -Our long term goal with network containers is to facilitate the total commoditization of the container host by allowing virtual networking without elevated privileges or host configuration. We think this will help ease the path toward commodity multi-tenant container hosting and total application portability across hosts, data centers, and cloud providers. +Tighter Docker integration using Docker's *libnetwork* API is planned for the future, allowing use with unmodified container images. In the end we plan to support two complimentary deployment scenarios with Docker: intra-container deployment without host involvement, and host deployment without container modification. The former is useful when building your own containers, while the latter is useful when using unmodified containers from Docker Hub. + +Our long term goal is to allow total commoditization of the container host by providing fully independent network virtualization. We think this will help ease the path toward commodity multi-tenant container hosting and total application portability across hosts, data centers, and cloud providers. -Network Containers are currently in **beta** and are suitable for testing, experimentation, and prototyping. There are still some issues with compatibility with some applications, as documented in the compatibility matrix below. There's also some remaining work to be done on performance and overall stability before this will be ready for production use. +[More discussion can be found in our original blog announcement.](https://www.zerotier.com/blog/?p=490) + +Network Containers is currently in **beta** and is suitable for testing, experimentation, and prototyping. There are still some issues with compatibility with some applications, as documented in the compatibility matrix below. There's also some remaining work to be done on performance and overall stability before this will be ready for production use. # Limitations and Compatibility @@ -23,17 +25,11 @@ The virtual TCP/IP stack will respond to *incoming* ICMP ECHO requests, which me #### Compatibility Test Results - sshd [ WORKS as of 20151112 ] - ssh [ WORKS as of 20151112 ] - sftp [ WORKS as of 20151022 ] - curl [ WORKS as of 20151021 ] - apache (debug mode) [ WORKS as of 20150810 ] - apache (prefork MPM) [ WORKS as of 20151123 ] (2.4.6-31.x86-64 on Centos 7), (2.4.16-1.x84-64 on F22), (2.4.17-3.x86-64 on F22) - nginx [ MARGINAL as of 20151123 ] Broken on Centos 7, unreliable on Fedora 23 - nodejs [ WORKS as of 20151123 ] - java [ WORKS as of 20151010 ] - MongoDB [ WORKS as of 20151028 ] - Redis-server [ WORKS as of 20151123 ] + sshd (debug mode -d) [ WORKS as of 20151208 ] Fedora 22/23, Centos 7, Ubuntu 14.04 + apache (debug mode -X) [ WORKS as of 20151208 ] 2.4.6 on Centos 7, 2.4.16 and 2.4.17 on Fedora 22/23 + nginx [ WORKS as of 20151208 ] 1.8.0 on both Fedora 22/23 and Ubuntu 14.04 + nodejs [ WORKS as of 20151208 ] 0.10.36 Fedora 22/23 (disabled, see note in accept() in netcon/Intercept.c) + redis-server [ WORKS as of 20151208 ] 3.0.4 on Fedora 22/23 It is *likely* to work with other things but there are no guarantees. UDP, ICMP/RAW, and IPv6 support are planned for the near future. @@ -42,6 +38,7 @@ It is *likely* to work with other things but there are no guarantees. UDP, ICMP/ Network Containers are currently only for Linux. To build the network container host, IP stack, and intercept library, from the base of the ZeroTier One tree run: make netcon + make install-intercept This will build a binary called *zerotier-netcon-service* and a library called *libzerotierintercept.so*. It will also build the IP stack as *netcon/liblwip.so*. @@ -88,25 +85,26 @@ What are you pinging? What is happening here? The *zerotier-netcon-service* binary has joined a *virtual* network and is running a *virtual* TCP/IP stack entirely in user space. As far as your system is concerned it's just another program exchanging UDP packets with a few other hosts on the Internet and nothing out of the ordinary is happening at all. That's why you never had to type *sudo*. It didn't change anything on the host. -Now you can run a containerized application. Open another terminal window (since you might not want these environment variables to stick elsewhere) on the same machine the netcon service is running on and install something like *darkhttpd* (a simple http server) to act as a test app: +Now you can run a containerized application. Open another terminal window (since you might not want these environment variables to stick elsewhere) on the same machine the netcon service is running on and install something like *httpd* (a simple http server) to act as a test app: On Debian and Ubuntu: - sudo apt-get install darkhttpd + sudo apt-get install apache2 Or for CentOS/EPEL or Fedora: - sudo yum install darkhttpd + sudo yum install httpd Now try: export LD_PRELOAD=/path/to/ZeroTierOne/libzerotierintercept.so - export ZT_NC_NWID=8056c2e21c000001 - darkhttpd . --port 8080 + export ZT_NC_NWID=8056c2e21c000001 + zerotier-intercept httpd -X + -Going to port 8080 on your machine won't work. Darkhttpd is listening, but only inside the network container. To reach it, go to the other system where you joined the same network with a conventional ZeroTier instance and try: +Going to port 80 on your machine won't work. Httpd is listening, but only inside the network container. To reach it, go to the other system where you joined the same network with a conventional ZeroTier instance and try: - curl http://NETCON.INSTANCE.IP:8080/README.md + curl http://NETCON.INSTANCE.IP:80/ Replace *NETCON.INSTANCE.IP* with the IP address that *zerotier-netcon-service* was assigned on the virtual network. (This is the same IP you pinged in your first test.) If everything works, you should get back a copy of ZeroTier One's main README.md file. @@ -122,3 +120,23 @@ The only bit of complexity is configuring which virtual network to join. ZeroTie Replace 8056c2e21c000001 with the network ID of the network you want your container to automaticlaly join. Now your container will automatically join the specified network on startup. Authorizing the container on a private network still requires a manual authorization step either via the ZeroTier Central web UI or the API. We're working on some ideas to automate this via bearer token auth or similar since doing this manually or with scripts for large deployments is tedious. We'll have something in this area by the time Network Containers itself is ready to be pronounced no-longer-beta. + +# Unit Tests + +Each unit test will temporarily copy all required ZeroTier binaries into its local directory, then build the *netcon_dockerfile* and *monitor_dockerfile*. Once built, each container will be run and perform tests and monitoring specified in *netcon_entrypoint.sh* and *monitor_entrypoint.sh* + +Results will be written to the *netcon/docker-test/_results/* directory which is a common shared volume between all containers involved in the test and will be a combination of raw and formatted dumps to files whose names reflect the test performed. In the event of failure, *FAIL.* will be prepended to the result file's name (e.g. *FAIL.my_application_1.0.2.x86_64*), likewise in the event of success, *OK.* will be prepended. + +To run unit tests: + +1) Set up your own network, use its network id as follows: + +2) Place a blank network config file in the *netcon/docker-test* directory (e.g. "e5cd7a9e1c5311ab.conf") + - This will be used to inform test-specific scripts what network to use for testing + +After you've created your network and placed its blank config file in *netcon/docker-test* run the following to perform unit tests for httpd: + + ./build.sh httpd + ./test.sh httpd + +It's useful to note that the keyword *httpd* in this example is merely a substring for a test name, this means that if we replaced it with *x86_64* or *fc23*, it would run all unit tests for *x86_64* systems or *Fedora 23* respectively. diff --git a/netcon/README.orig.md b/netcon/README.orig.md deleted file mode 100644 index bf6ae939..00000000 --- a/netcon/README.orig.md +++ /dev/null @@ -1,139 +0,0 @@ -ZeroTier Network Containers -====== - -### Functional Overview: - -This system exists as a dynamically-linked library, and a service/IP-stack built into ZeroTier - -If you care about the technicals, - -The intercept is compiled as a shared library and installed in some user-accessible directory. When you want to intercept -a user application you dynamically link the shared library to the application during runtime. When the application starts, the -intercept's global constructor is called which sets up a hidden pipe which is used to communicate remote procedure calls (RPC) to the host Netcon service running in the background. - -When an RPC for a socket() is received by the Netcon service from the intercepted application, the Netcon service will ask the lwIP stack for a new PCB structure (used to represent a connection), if the system permits its allocation, it will be passed to Netcon where a PCB/socket table entry will be created. The table is used for mapping [callbacks from lwIP] and [RPCs from the intercept] to the correct connections. - -Upon the first call to a intercept-overriden system call, a Unix-domain socket is opened between the Netcon service and the application's intercept. This socket provides us the ability to pass file descriptors of newly-created socketpairs to the intercept (used as the read/write buffer). More specifically, after the socketpair creation, one end is kept in a table entry in Netcon and one end is sent to the intercept. - -### Building from Source (and Installing) - -Build zerotier-intercept library: - - make -f make-intercept.mk - -Install: - - make -f make-intercept.mk install - -Build LWIP library: - - make -f make-liblwip.mk - -Run automated tests (from netcon/docker-test/ directory): - - ./build.sh - ./test.sh - - - - -### Running - -To intercept a specific application (requires an already running instance of Zerotier-One with Network Containers enabled): - - zerotier-intercept my_app - - -### Unit Tests - -To run unit tests: - -1) Set up your own network, use its network id as follows: - -2) Place a blank network config file in this directory (e.g. "e5cd7a9e1c5311ab.conf") - - This will be used to inform test-specific scripts what network to use for testing - -3) run build.sh - - Builds ZeroTier-One with Network Containers enabled - - Builds LWIP library - - Builds intercept library - - Copies all aformentioned files into unit test directory to be used for building docker files - -4) run test.sh - - Will execute each unit test's (test.sh) one at a time and populate _results/ - - -### Anatomy of a unit test - -A) Each unit test's test.sh will: - - temporarily copy all built files into local directory - - build test container - - build monitor container - - remove temporary files - - run each container and perform test and monitoring specified in netcon_entrypoint.sh and monitor_entrypoint.sh - -B) Results will be written to the 'netcon/docker-test/_results/' directory - - Results will be a combination of raw and formatted dumps to files whose names reflect the test performed - - In the event of failure, 'FAIL.' will be appended to the result file's name - - (e.g. FAIL.my_application_1.0.2.x86_64) - - In the event of success, 'OK.' will be appended - - -### Compatibility - -Network Containers have been tested with the following: - - sshd [ WORKS as of 20151112] - ssh [ WORKS as of 20151112] - sftp [ WORKS as of 20151022] - curl [ WORKS as of 20151021] - apache (debug mode) [ WORKS as of 20150810] - apache (prefork MPM) [ WORKS as of 20151123] (2.4.6-31.x86-64 on Centos 7), (2.4.16-1.x84-64 on F22), (2.4.17-3.x86-64 on F22) - nginx [ WORKS as of 20151123] Broken on Centos 7, unreliable on Fedora 23 - nodejs [ WORKS as of 20151123] - java [ WORKS as of 20151010] - MongoDB [ WORKS as of 20151028] - Redis-server [ WORKS as of 20151123] - -Future: - - GET many different files via HTTP (web stress) - LARGE continuous transfer (e.g. /dev/urandom all night) - Open and close many TCP connections constantly - Simulate packet loss (can be done with iptables) - Many parallel TCP transfers - Multithreaded software (e.g. apache in thread mode) - UDP support - - - -### Extended Version Notes - -20151028 Added MongoDB support: - - - Added logic (RPC_MAP_REQ) to check whether a given AF_LOCAL socket is mapped to anything - inside the service instance. - -20151027 Added Redis-server support: - - - Added extra logic to detect socket re-issuing and consequent service-side double mapping. - Redis appears to try to set its initial listen socket to IPV6 only, this currently fails. As - a result, Redis will close the socket and re-open it. The server will now test for closures - during mapping and will eliminate any mappings to broken pipes. - -20151021 Added Node.js support: - - - syscall(long number, ...) is now intercepted and re-directs the __NR_accept4 call to our intercepted accept4() function - - - accept() now returns -EAGAIN in the case that we cannot read a signal byte from the descriptor linked to the service. This - is because the uv__server_io() function in libuv used by Node.js looks for this return value upon failure, without it we - were observing an innfinite loop in the I/O polling code in libuv. - - - accept4() now correctly sets given flags for descriptor returned by accept() - - - setsockopt() was modified to return success on any call with the following conditions: - level == IPPROTO_TCP || (level == SOL_SOCKET && option_name == SO_KEEPALIVE) - This might be unnecessary or might need a better workaround - - - Careful attention should be given to how arguments are passed in the intercepted syscall() function, this differs for - 32/64-bit systems diff --git a/netcon/docker-test/_build_single_image.sh b/netcon/docker-test/_build_single_image.sh index a76be2ed..c11f611c 100755 --- a/netcon/docker-test/_build_single_image.sh +++ b/netcon/docker-test/_build_single_image.sh @@ -8,8 +8,9 @@ touch "$test_name".name cp ../../*.conf . cp ../../zerotier-one zerotier-one cp ../../zerotier-cli zerotier-cli +cp ../../zerotier-cli zerotier-netcon-service cp ../../zerotier-intercept zerotier-intercept -cp ../../libzerotierintercept.so.1.0 libzerotierintercept.so.1.0 +cp ../../libzerotierintercept.so libzerotierintercept.so cp ../../liblwip.so liblwip.so cp ../../netcon_identity.public netcon_identity.public cp ../../netcon_identity.secret netcon_identity.secret @@ -21,12 +22,10 @@ docker build --tag="$test_name"_monitor -f monitor_dockerfile . rm -f zerotier-one rm -f zerotier-cli +rm -f zerotier-netcon-service rm -f zerotier-intercept -rm -f libzerotierintercept.so.1.0 -rm -f liblwip.so -rm -f netcon_identity.public -rm -f netcon_identity.secret -rm -f monitor_identity.public -rm -f monitor_identity.secret +rm -f *.so +rm -f *.public +rm -f *.secret rm -f *.conf rm -f *.name
\ No newline at end of file diff --git a/netcon/docker-test/_remove_all.sh b/netcon/docker-test/_remove_all.sh new file mode 100755 index 00000000..c6090a9b --- /dev/null +++ b/netcon/docker-test/_remove_all.sh @@ -0,0 +1,5 @@ +#!/bin/bash +# Delete all containers +docker rm $(docker ps -a -q) +# Delete all images +docker rmi $(docker images -q) diff --git a/netcon/docker-test/_two_party_test.sh b/netcon/docker-test/_two_party_test.sh index 164b0b2e..8fa3b3eb 100755 --- a/netcon/docker-test/_two_party_test.sh +++ b/netcon/docker-test/_two_party_test.sh @@ -1,12 +1,9 @@ #!/bin/bash # Runs test image and monitor image as daemons - test_name=${PWD##*/} -echo 'Building dockerfiles for test: ' "$test_name" +echo 'Starting containers for: ' "$test_name" touch "$test_name".name - -# Start netcon container to be tested test_container=$(docker run -d -it -v $PWD/../../_results:/opt/results --device=/dev/net/tun "$test_name":latest) monitor_container=$(docker run -d -it -v $PWD/../../_results:/opt/results --device=/dev/net/tun "$test_name"_monitor:latest) @@ -14,4 +11,6 @@ echo "waiting $netcon_test_wait_time for test to complete." sleep $netcon_test_wait_time docker stop $(docker ps -a -q) docker rm $test_container -docker rm $monitor_container
\ No newline at end of file +docker rm $monitor_container + +rm -f *.name
\ No newline at end of file diff --git a/netcon/docker-test/build.sh b/netcon/docker-test/build.sh index 4eaa246c..bb5fd8e7 100755 --- a/netcon/docker-test/build.sh +++ b/netcon/docker-test/build.sh @@ -3,6 +3,6 @@ echo "*** Building Zerotier-One, libraries, and test/monitor images..." ./build_zt.sh -./build_tests.sh +./build_tests.sh $1 -echo "*** Done"
\ No newline at end of file +echo "*** Done" diff --git a/netcon/docker-test/build_tests.sh b/netcon/docker-test/build_tests.sh index 2da539e1..f360124b 100755 --- a/netcon/docker-test/build_tests.sh +++ b/netcon/docker-test/build_tests.sh @@ -12,6 +12,12 @@ export image_build_script=_build_single_image.sh # Iterate over all depth=2 (relatively-speaking) directories and perform each test find . -mindepth 2 -maxdepth 2 -type d | while read testdir; do + + if [[ $testdir != *$1* ]] + then + continue + fi + echo "*** Building: '$testdir'..." rm _results/*.tmp @@ -24,4 +30,4 @@ find . -mindepth 2 -maxdepth 2 -type d | while read testdir; do rm $image_build_script cd ../../ -done
\ No newline at end of file +done diff --git a/netcon/docker-test/build_zt.sh b/netcon/docker-test/build_zt.sh index 189a1e0d..11fd0316 100755 --- a/netcon/docker-test/build_zt.sh +++ b/netcon/docker-test/build_zt.sh @@ -6,19 +6,16 @@ cd ../../ make clean -make -cd netcon -make -f make-intercept.mk lib -rm *.o -rm liblwip.so -make -f make-liblwip.mk +make netcon +make one -cd docker-test +cd netcon/docker-test cp ../../zerotier-one zerotier-one cp ../../zerotier-cli zerotier-cli +cp ../../zerotier-netcon-service zerotier-netcon-service +cp ../../libzerotierintercept.so libzerotierintercept.so cp ../liblwip.so liblwip.so -cp ../libzerotierintercept.so.1.0 libzerotierintercept.so.1.0 cp ../zerotier-intercept zerotier-intercept diff --git a/netcon/docker-test/httpd/httpd-2.4.16-1.fc23.x86_64/netcon_dockerfile b/netcon/docker-test/httpd/httpd-2.4.16-1.fc23.x86_64/netcon_dockerfile index 0584107f..f0c6260d 100644 --- a/netcon/docker-test/httpd/httpd-2.4.16-1.fc23.x86_64/netcon_dockerfile +++ b/netcon/docker-test/httpd/httpd-2.4.16-1.fc23.x86_64/netcon_dockerfile @@ -22,14 +22,14 @@ ADD liblwip.so /var/lib/zerotier-one/liblwip.so # Install syscall intercept library ADD zerotier-intercept / -ADD libzerotierintercept.so.1.0 / -RUN cp libzerotierintercept.so.1.0 lib/libzerotierintercept.so.1.0 -RUN cp libzerotierintercept.so.1.0 /lib/libzerotierintercept.so.1.0 -RUN ln -sf /lib/libzerotierintercept.so.1.0 /lib/libzerotierintercept +ADD libzerotierintercept.so / +RUN cp libzerotierintercept.so lib/libzerotierintercept.so +RUN ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept RUN /usr/bin/install -c zerotier-intercept /usr/bin ADD zerotier-one / ADD zerotier-cli / +ADD zerotier-netcon-service / # Install test scripts ADD netcon_entrypoint.sh /netcon_entrypoint.sh diff --git a/netcon/docker-test/httpd/httpd-2.4.16-1.fc23.x86_64/netcon_entrypoint.sh b/netcon/docker-test/httpd/httpd-2.4.16-1.fc23.x86_64/netcon_entrypoint.sh index bf11ebfc..55ee1da3 100644 --- a/netcon/docker-test/httpd/httpd-2.4.16-1.fc23.x86_64/netcon_entrypoint.sh +++ b/netcon/docker-test/httpd/httpd-2.4.16-1.fc23.x86_64/netcon_entrypoint.sh @@ -20,7 +20,7 @@ tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" echo '*** ZeroTier Network Containers Test: ' "$test_name" chown -R daemon /var/lib/zerotier-one chgrp -R daemon /var/lib/zerotier-one -su daemon -s /bin/bash -c '/zerotier-one -d -U -p9993 >>/tmp/zerotier-one.out 2>&1' +su daemon -s /bin/bash -c '/zerotier-netcon-service -d -U -p9993 >>/tmp/zerotier-netcon-service.out 2>&1' virtip4="" while [ -z "$virtip4" ]; do sleep 0.2 @@ -43,4 +43,4 @@ echo '*** Wrote MD5 sum to ' "$tx_md5sumfile" echo '*** Starting application...' sleep 0.5 rm -rf /run/httpd/* /tmp/httpd* -zerotier-intercept /usr/sbin/httpd -D FOREGROUND >>/tmp/apache.out 2>&1 +zerotier-intercept /usr/sbin/httpd -X diff --git a/netcon/docker-test/httpd/httpd-2.4.16-1.ub14.x86_64/monitor_dockerfile b/netcon/docker-test/httpd/httpd-2.4.16-1.ub14.x86_64/monitor_dockerfile new file mode 100644 index 00000000..d2d2a0cb --- /dev/null +++ b/netcon/docker-test/httpd/httpd-2.4.16-1.ub14.x86_64/monitor_dockerfile @@ -0,0 +1,24 @@ +# ZT Network Containers Test Monitor +FROM fedora:23 +MAINTAINER https://www.zerotier.com/ + +EXPOSE 9993/udp + +# Add ZT files +RUN mkdir -p /var/lib/zerotier-one/networks.d +ADD monitor_identity.public /var/lib/zerotier-one/identity.public +ADD monitor_identity.secret /var/lib/zerotier-one/identity.secret +ADD *.conf /var/lib/zerotier-one/networks.d/ +ADD *.conf / +ADD *.name / + +# Install LWIP library used by service +ADD liblwip.so /var/lib/zerotier-one/liblwip.so + +ADD zerotier-one / +ADD zerotier-cli / + +# Start ZeroTier-One +ADD monitor_entrypoint.sh /monitor_entrypoint.sh +RUN chmod -v +x /monitor_entrypoint.sh +CMD ["./monitor_entrypoint.sh"] diff --git a/netcon/docker-test/httpd/httpd-2.4.16-1.ub14.x86_64/monitor_entrypoint.sh b/netcon/docker-test/httpd/httpd-2.4.16-1.ub14.x86_64/monitor_entrypoint.sh new file mode 100644 index 00000000..c8fca5a3 --- /dev/null +++ b/netcon/docker-test/httpd/httpd-2.4.16-1.ub14.x86_64/monitor_entrypoint.sh @@ -0,0 +1,80 @@ +#!/bin/bash + +export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/ + + +# --- Test Parameters --- +test_namefile=$(ls *.name) +test_name="${test_namefile%.*}" # test network id +nwconf=$(ls *.conf) # blank test network config file +nwid="${nwconf%.*}" # test network id +netcon_wait_time=35 # wait for test container to come online +app_timeout_time=25 # app-specific timeout +file_path=/opt/results/ # test result output file path (fs shared between host and containers) +file_base="$test_name".txt # test result output file +fail=FAIL. # appended to result file in event of failure +ok=OK. # appended to result file in event of success +tmp_ext=.tmp # temporary filetype used for sharing test data between containers +address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host and containers for sharing address (optional) +bigfile_name=bigfile # large, random test transfer file +rx_md5sumfile="$file_path"rx_"$bigfile_name"_md5sum"$tmp_ext" +tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" + + +# --- Network Config --- +echo '*** ZeroTier Network Containers Test Monitor' +chown -R daemon /var/lib/zerotier-one +chgrp -R daemon /var/lib/zerotier-one +su daemon -s /bin/bash -c '/zerotier-one -d -U -p9993 >>/tmp/zerotier-one.out 2>&1' +virtip4="" +while [ -z "$virtip4" ]; do + sleep 0.2 + virtip4=`/zerotier-cli listnetworks | grep -F $nwid | cut -d ' ' -f 9 | sed 's/,/\n/g' | grep -F '.' | cut -d / -f 1` +done +echo '*** Starting Test...' +echo '*** Up and running at' $virtip4 ' on network: ' $nwid +echo '*** Sleeping for (' "$netcon_wait_time" 's ) while we wait for the Network Container to come online...' +sleep "$netcon_wait_time"s +ncvirtip=$(<$address_file) + + +# --- Test section --- +echo '*** Curling from intercepted server at' $ncvirtip +rm -rf "$file_path"*."$file_base" +touch "$bigfile_name" + +# Perform test +# curl --connect-timeout "$app_timeout_time" -v -o "$file_path$file_base" http://"$ncvirtip"/index.html +# Large transfer test +curl --connect-timeout "$app_timeout_time" -v -o "$bigfile_name" http://"$ncvirtip"/"$bigfile_name" + +# Check md5 +md5sum < "$bigfile_name" > "$rx_md5sumfile" +rx_md5sum=$(<$rx_md5sumfile) +tx_md5sum=$(<$tx_md5sumfile) + +echo '*** Comparing md5: ' "$rx_md5sum" ' and ' "$tx_md5sum" + +if [ "$rx_md5sum" != "$tx_md5sum" ]; +then + echo 'MD5 FAIL' + touch "$file_path$fail$test_name.txt" + printf 'Test: md5 sum did not match!\n' >> "$file_path$fail$test_name.txt" +else + echo 'MD5 OK' + touch "$file_path$ok$test_name.txt" + printf 'Test: md5 sum ok!\n' >> "$file_path$ok$test_name.txt" + cat "$rx_md5sumfile" >> "$file_path$ok$test_name.txt" + cat "$tx_md5sumfile" >> "$file_path$ok$test_name.txt" +fi + + + + + + + + + + + diff --git a/netcon/docker-test/httpd/httpd-2.4.16-1.ub14.x86_64/netcon_dockerfile b/netcon/docker-test/httpd/httpd-2.4.16-1.ub14.x86_64/netcon_dockerfile new file mode 100644 index 00000000..8d9d1032 --- /dev/null +++ b/netcon/docker-test/httpd/httpd-2.4.16-1.ub14.x86_64/netcon_dockerfile @@ -0,0 +1,40 @@ +# ZT Network Containers Test +FROM ubuntu:14.04 +MAINTAINER https://www.zerotier.com/ + +RUN \ + sed -i 's/# \(.*multiverse$\)/\1/g' /etc/apt/sources.list && \ + apt-get update && \ + apt-get -y upgrade && \ + apt-get -y install apache2 + +EXPOSE 9993/udp 80/udp + +# Add ZT files +RUN mkdir -p /var/lib/zerotier-one/networks.d +ADD netcon_identity.public /var/lib/zerotier-one/identity.public +ADD netcon_identity.secret /var/lib/zerotier-one/identity.secret +ADD *.conf /var/lib/zerotier-one/networks.d/ +ADD *.conf / +ADD *.name / + +# Install LWIP library used by service +ADD liblwip.so /var/lib/zerotier-one/liblwip.so + +# Install syscall intercept library +ADD zerotier-intercept / +ADD libzerotierintercept.so / +RUN cp libzerotierintercept.so lib/libzerotierintercept.so +RUN ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept +RUN /usr/bin/install -c zerotier-intercept /usr/bin + +ADD zerotier-one / +ADD zerotier-cli / +ADD zerotier-netcon-service / + +# Install test scripts +ADD netcon_entrypoint.sh /netcon_entrypoint.sh +RUN chmod -v +x /netcon_entrypoint.sh + +# Start ZeroTier-One +CMD ["./netcon_entrypoint.sh"] diff --git a/netcon/docker-test/httpd/httpd-2.4.16-1.ub14.x86_64/netcon_entrypoint.sh b/netcon/docker-test/httpd/httpd-2.4.16-1.ub14.x86_64/netcon_entrypoint.sh new file mode 100644 index 00000000..55ee1da3 --- /dev/null +++ b/netcon/docker-test/httpd/httpd-2.4.16-1.ub14.x86_64/netcon_entrypoint.sh @@ -0,0 +1,46 @@ +#!/bin/bash + +export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/ + + +# --- Test Parameters --- +test_namefile=$(ls *.name) +test_name="${test_namefile%.*}" # test network id +nwconf=$(ls *.conf) # blank test network config file +nwid="${nwconf%.*}" # test network id +file_path=/opt/results/ # test result output file path (fs shared between host and containers) +file_base="$test_name".txt # test result output file +tmp_ext=.tmp # temporary filetype used for sharing test data between containers +address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host and containers for sharing address (optional) +bigfile_name=bigfile +bigfile_size=10M # size of file we want to use for the test +tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" + +# --- Network Config --- +echo '*** ZeroTier Network Containers Test: ' "$test_name" +chown -R daemon /var/lib/zerotier-one +chgrp -R daemon /var/lib/zerotier-one +su daemon -s /bin/bash -c '/zerotier-netcon-service -d -U -p9993 >>/tmp/zerotier-netcon-service.out 2>&1' +virtip4="" +while [ -z "$virtip4" ]; do + sleep 0.2 + virtip4=`/zerotier-cli listnetworks | grep -F $nwid | cut -d ' ' -f 9 | sed 's/,/\n/g' | grep -F '.' | cut -d / -f 1` + dev=`/zerotier-cli listnetworks | grep -F "" | cut -d ' ' -f 8 | cut -d "_" -f 2 | sed "s/^<dev>//" | tr '\n' '\0'` +done +echo '--- Up and running at' $virtip4 ' on network: ' $nwid +echo '*** Writing address to ' "$address_file" +echo $virtip4 > "$address_file" + +export ZT_NC_NWID=$dev + +# --- Test section --- +# Generate large random file for transfer test, share md5sum for monitor container to check +echo '*** Generating ' "$bigfile_size" ' file' +dd if=/dev/urandom of=/var/www/html/"$bigfile_name" bs="$bigfile_size" count=1 +md5sum < /var/www/html/"$bigfile_name" > "$tx_md5sumfile" +echo '*** Wrote MD5 sum to ' "$tx_md5sumfile" + +echo '*** Starting application...' +sleep 0.5 +rm -rf /run/httpd/* /tmp/httpd* +zerotier-intercept /usr/sbin/httpd -X diff --git a/netcon/docker-test/httpd/httpd-2.4.17-3.fc23.x86_64/netcon_dockerfile b/netcon/docker-test/httpd/httpd-2.4.17-3.fc23.x86_64/netcon_dockerfile index d8dfb989..d946e2fd 100644 --- a/netcon/docker-test/httpd/httpd-2.4.17-3.fc23.x86_64/netcon_dockerfile +++ b/netcon/docker-test/httpd/httpd-2.4.17-3.fc23.x86_64/netcon_dockerfile @@ -22,14 +22,14 @@ ADD liblwip.so /var/lib/zerotier-one/liblwip.so # Install syscall intercept library ADD zerotier-intercept / -ADD libzerotierintercept.so.1.0 / -RUN cp libzerotierintercept.so.1.0 lib/libzerotierintercept.so.1.0 -RUN cp libzerotierintercept.so.1.0 /lib/libzerotierintercept.so.1.0 -RUN ln -sf /lib/libzerotierintercept.so.1.0 /lib/libzerotierintercept +ADD libzerotierintercept.so / +RUN cp libzerotierintercept.so lib/libzerotierintercept.so +RUN ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept RUN /usr/bin/install -c zerotier-intercept /usr/bin ADD zerotier-one / ADD zerotier-cli / +ADD zerotier-netcon-service / # Install test scripts ADD netcon_entrypoint.sh /netcon_entrypoint.sh diff --git a/netcon/docker-test/httpd/httpd-2.4.17-3.fc23.x86_64/netcon_entrypoint.sh b/netcon/docker-test/httpd/httpd-2.4.17-3.fc23.x86_64/netcon_entrypoint.sh index a7c82e60..7d0ebc89 100644 --- a/netcon/docker-test/httpd/httpd-2.4.17-3.fc23.x86_64/netcon_entrypoint.sh +++ b/netcon/docker-test/httpd/httpd-2.4.17-3.fc23.x86_64/netcon_entrypoint.sh @@ -21,7 +21,7 @@ tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" echo '*** ZeroTier Network Containers Test: ' "$test_name" chown -R daemon /var/lib/zerotier-one chgrp -R daemon /var/lib/zerotier-one -su daemon -s /bin/bash -c '/zerotier-one -d -U -p9993 >>/tmp/zerotier-one.out 2>&1' +su daemon -s /bin/bash -c '/zerotier-netcon-service -d -U -p9993 >>/tmp/zerotier-netcon-service.out 2>&1' virtip4="" while [ -z "$virtip4" ]; do sleep 0.2 @@ -45,4 +45,4 @@ echo '*** Wrote MD5 sum to ' "$tx_md5sumfile" echo '*** Starting application...' sleep 0.5 rm -rf /run/httpd/* /tmp/httpd* -zerotier-intercept /usr/sbin/httpd -D FOREGROUND >>/tmp/apache.out 2>&1 +zerotier-intercept /usr/sbin/httpd -X diff --git a/netcon/docker-test/httpd/httpd_demo/netcon_dockerfile b/netcon/docker-test/httpd/httpd_demo/netcon_dockerfile index be9d3f3f..a193863f 100644 --- a/netcon/docker-test/httpd/httpd_demo/netcon_dockerfile +++ b/netcon/docker-test/httpd/httpd_demo/netcon_dockerfile @@ -17,10 +17,9 @@ RUN mv ZeroTierIcon.png /var/www/html/ZeroTierIcon.png # Install syscall intercept library ADD zerotier-intercept / -ADD libzerotierintercept.so.1.0 / -RUN cp libzerotierintercept.so.1.0 lib/libzerotierintercept.so.1.0 -RUN cp libzerotierintercept.so.1.0 /lib/libzerotierintercept.so.1.0 -RUN ln -sf /lib/libzerotierintercept.so.1.0 /lib/libzerotierintercept +ADD libzerotierintercept.so / +RUN cp libzerotierintercept.so lib/libzerotierintercept.so +RUN ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept RUN /usr/bin/install -c zerotier-intercept /usr/bin # Add ZT files diff --git a/netcon/docker-test/httpd/httpd_demo/netcon_entrypoint.sh b/netcon/docker-test/httpd/httpd_demo/netcon_entrypoint.sh index fd47cf38..5c42b6a6 100644 --- a/netcon/docker-test/httpd/httpd_demo/netcon_entrypoint.sh +++ b/netcon/docker-test/httpd/httpd_demo/netcon_entrypoint.sh @@ -51,4 +51,4 @@ echo '*** Wrote MD5 sum to ' "$tx_md5sumfile" echo '*** Starting application...' sleep 0.5 rm -rf /run/httpd/* /tmp/httpd* -zerotier-intercept /usr/sbin/httpd -D FOREGROUND >>/tmp/apache.out 2>&1 +zerotier-intercept /usr/sbin/httpd -X diff --git a/netcon/docker-test/httpd/httpd_demo/two_party_test.sh b/netcon/docker-test/httpd/httpd_demo/two_party_test.sh deleted file mode 100755 index 164b0b2e..00000000 --- a/netcon/docker-test/httpd/httpd_demo/two_party_test.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/bash - -# Runs test image and monitor image as daemons - -test_name=${PWD##*/} -echo 'Building dockerfiles for test: ' "$test_name" -touch "$test_name".name - -# Start netcon container to be tested -test_container=$(docker run -d -it -v $PWD/../../_results:/opt/results --device=/dev/net/tun "$test_name":latest) -monitor_container=$(docker run -d -it -v $PWD/../../_results:/opt/results --device=/dev/net/tun "$test_name"_monitor:latest) - -echo "waiting $netcon_test_wait_time for test to complete." -sleep $netcon_test_wait_time -docker stop $(docker ps -a -q) -docker rm $test_container -docker rm $monitor_container
\ No newline at end of file diff --git a/netcon/docker-test/nginx/nginx-1.4.6-1.ub14.x86_64/monitor_dockerfile b/netcon/docker-test/nginx/nginx-1.4.6-1.ub14.x86_64/monitor_dockerfile new file mode 100644 index 00000000..d2d2a0cb --- /dev/null +++ b/netcon/docker-test/nginx/nginx-1.4.6-1.ub14.x86_64/monitor_dockerfile @@ -0,0 +1,24 @@ +# ZT Network Containers Test Monitor +FROM fedora:23 +MAINTAINER https://www.zerotier.com/ + +EXPOSE 9993/udp + +# Add ZT files +RUN mkdir -p /var/lib/zerotier-one/networks.d +ADD monitor_identity.public /var/lib/zerotier-one/identity.public +ADD monitor_identity.secret /var/lib/zerotier-one/identity.secret +ADD *.conf /var/lib/zerotier-one/networks.d/ +ADD *.conf / +ADD *.name / + +# Install LWIP library used by service +ADD liblwip.so /var/lib/zerotier-one/liblwip.so + +ADD zerotier-one / +ADD zerotier-cli / + +# Start ZeroTier-One +ADD monitor_entrypoint.sh /monitor_entrypoint.sh +RUN chmod -v +x /monitor_entrypoint.sh +CMD ["./monitor_entrypoint.sh"] diff --git a/netcon/docker-test/nginx/nginx-1.4.6-1.ub14.x86_64/monitor_entrypoint.sh b/netcon/docker-test/nginx/nginx-1.4.6-1.ub14.x86_64/monitor_entrypoint.sh new file mode 100644 index 00000000..c8fca5a3 --- /dev/null +++ b/netcon/docker-test/nginx/nginx-1.4.6-1.ub14.x86_64/monitor_entrypoint.sh @@ -0,0 +1,80 @@ +#!/bin/bash + +export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/ + + +# --- Test Parameters --- +test_namefile=$(ls *.name) +test_name="${test_namefile%.*}" # test network id +nwconf=$(ls *.conf) # blank test network config file +nwid="${nwconf%.*}" # test network id +netcon_wait_time=35 # wait for test container to come online +app_timeout_time=25 # app-specific timeout +file_path=/opt/results/ # test result output file path (fs shared between host and containers) +file_base="$test_name".txt # test result output file +fail=FAIL. # appended to result file in event of failure +ok=OK. # appended to result file in event of success +tmp_ext=.tmp # temporary filetype used for sharing test data between containers +address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host and containers for sharing address (optional) +bigfile_name=bigfile # large, random test transfer file +rx_md5sumfile="$file_path"rx_"$bigfile_name"_md5sum"$tmp_ext" +tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" + + +# --- Network Config --- +echo '*** ZeroTier Network Containers Test Monitor' +chown -R daemon /var/lib/zerotier-one +chgrp -R daemon /var/lib/zerotier-one +su daemon -s /bin/bash -c '/zerotier-one -d -U -p9993 >>/tmp/zerotier-one.out 2>&1' +virtip4="" +while [ -z "$virtip4" ]; do + sleep 0.2 + virtip4=`/zerotier-cli listnetworks | grep -F $nwid | cut -d ' ' -f 9 | sed 's/,/\n/g' | grep -F '.' | cut -d / -f 1` +done +echo '*** Starting Test...' +echo '*** Up and running at' $virtip4 ' on network: ' $nwid +echo '*** Sleeping for (' "$netcon_wait_time" 's ) while we wait for the Network Container to come online...' +sleep "$netcon_wait_time"s +ncvirtip=$(<$address_file) + + +# --- Test section --- +echo '*** Curling from intercepted server at' $ncvirtip +rm -rf "$file_path"*."$file_base" +touch "$bigfile_name" + +# Perform test +# curl --connect-timeout "$app_timeout_time" -v -o "$file_path$file_base" http://"$ncvirtip"/index.html +# Large transfer test +curl --connect-timeout "$app_timeout_time" -v -o "$bigfile_name" http://"$ncvirtip"/"$bigfile_name" + +# Check md5 +md5sum < "$bigfile_name" > "$rx_md5sumfile" +rx_md5sum=$(<$rx_md5sumfile) +tx_md5sum=$(<$tx_md5sumfile) + +echo '*** Comparing md5: ' "$rx_md5sum" ' and ' "$tx_md5sum" + +if [ "$rx_md5sum" != "$tx_md5sum" ]; +then + echo 'MD5 FAIL' + touch "$file_path$fail$test_name.txt" + printf 'Test: md5 sum did not match!\n' >> "$file_path$fail$test_name.txt" +else + echo 'MD5 OK' + touch "$file_path$ok$test_name.txt" + printf 'Test: md5 sum ok!\n' >> "$file_path$ok$test_name.txt" + cat "$rx_md5sumfile" >> "$file_path$ok$test_name.txt" + cat "$tx_md5sumfile" >> "$file_path$ok$test_name.txt" +fi + + + + + + + + + + + diff --git a/netcon/docker-test/nginx/nginx-1.4.6-1.ub14.x86_64/netcon_dockerfile b/netcon/docker-test/nginx/nginx-1.4.6-1.ub14.x86_64/netcon_dockerfile new file mode 100644 index 00000000..25e2d90e --- /dev/null +++ b/netcon/docker-test/nginx/nginx-1.4.6-1.ub14.x86_64/netcon_dockerfile @@ -0,0 +1,44 @@ +# ZT Network Containers Test +FROM ubuntu:14.04 +MAINTAINER https://www.zerotier.com/ + + +# Install +RUN \ + sed -i 's/# \(.*multiverse$\)/\1/g' /etc/apt/sources.list && \ + apt-get update && \ + apt-get -y upgrade && \ + apt-get -y install nginx + +EXPOSE 9993/udp 80/udp + +# Add ZT files +RUN mkdir -p /var/lib/zerotier-one/networks.d +ADD netcon_identity.public /var/lib/zerotier-one/identity.public +ADD netcon_identity.secret /var/lib/zerotier-one/identity.secret +ADD *.conf /var/lib/zerotier-one/networks.d/ +ADD *.conf / +ADD *.name / + +# Install LWIP library used by service +ADD liblwip.so /var/lib/zerotier-one/liblwip.so + +# Install syscall intercept library +ADD zerotier-intercept / +ADD libzerotierintercept.so / +RUN cp libzerotierintercept.so lib/libzerotierintercept.so +RUN ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept +RUN /usr/bin/install -c zerotier-intercept /usr/bin + +ADD zerotier-one / +ADD zerotier-cli / +ADD zerotier-netcon-service / + +# Install test scripts +ADD netcon_entrypoint.sh /netcon_entrypoint.sh +RUN chmod -v +x /netcon_entrypoint.sh + +ADD nginx.conf_ / + +# Start ZeroTier-One +CMD ["./netcon_entrypoint.sh"] diff --git a/netcon/docker-test/nginx/nginx-1.4.6-1.ub14.x86_64/netcon_entrypoint.sh b/netcon/docker-test/nginx/nginx-1.4.6-1.ub14.x86_64/netcon_entrypoint.sh new file mode 100644 index 00000000..3f84f5e5 --- /dev/null +++ b/netcon/docker-test/nginx/nginx-1.4.6-1.ub14.x86_64/netcon_entrypoint.sh @@ -0,0 +1,49 @@ +#!/bin/bash + +export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/ + + +# --- Test Parameters --- +test_namefile=$(ls *.name) +test_name="${test_namefile%.*}" # test network id +nwconf=$(ls {*.conf,}) # blank test network config file +nwid="${nwconf%.*}" # test network id +file_path=/opt/results/ # test result output file path (fs shared between host and containers) +file_base="$test_name".txt # test result output file +tmp_ext=.tmp # temporary filetype used for sharing test data between containers +address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host and containers for sharing address (optional) +bigfile_name=bigfile +bigfile_size=10M # size of file we want to use for the test +tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" + + +# --- Network Config --- +echo '*** ZeroTier Network Containers Test: ' "$test_name" +chown -R daemon /var/lib/zerotier-one +chgrp -R daemon /var/lib/zerotier-one +su daemon -s /bin/bash -c '/zerotier-netcon-service -d -U -p9993 >>/tmp/zerotier-netcon-service.out 2>&1' +virtip4="" +while [ -z "$virtip4" ]; do + sleep 0.2 + virtip4=`/zerotier-cli listnetworks | grep -F $nwid | cut -d ' ' -f 9 | sed 's/,/\n/g' | grep -F '.' | cut -d / -f 1` + dev=`/zerotier-cli listnetworks | grep -F "" | cut -d ' ' -f 8 | cut -d "_" -f 2 | sed "s/^<dev>//" | tr '\n' '\0'` +done +echo '*** Up and running at' $virtip4 ' on network: ' $nwid +echo '*** Writing address to ' "$address_file" +echo $virtip4 > "$address_file" + +export ZT_NC_NWID=$dev + +# --- Test section --- +cp -f nginx.conf_ /etc/nginx/nginx.conf +nginx_html_path=/usr/share/nginx/html/ +# Generate large random file for transfer test, share md5sum for monitor container to check +echo '*** Generating ' "$bigfile_size" ' file' +dd if=/dev/urandom of="$nginx_html_path$bigfile_name" bs="$bigfile_size" count=1 +#md5sum /var/www/html/"$bigfile_name" >> "$tx_md5sumfile" +md5sum < "$nginx_html_path$bigfile_name" > "$tx_md5sumfile" +echo '*** Wrote MD5 sum to ' "$tx_md5sumfile" + +echo '*** Starting application...' +sleep 0.5 +zerotier-intercept nginx diff --git a/netcon/docker-test/nginx/nginx-1.4.6-1.ub14.x86_64/nginx.conf_ b/netcon/docker-test/nginx/nginx-1.4.6-1.ub14.x86_64/nginx.conf_ new file mode 100644 index 00000000..7069ef03 --- /dev/null +++ b/netcon/docker-test/nginx/nginx-1.4.6-1.ub14.x86_64/nginx.conf_ @@ -0,0 +1,55 @@ +# For more information on configuration, see: +# * Official English Documentation: http://nginx.org/en/docs/ +# * Official Russian Documentation: http://nginx.org/ru/docs/ + +user nginx; +worker_processes auto; +error_log /var/log/nginx/error.log; +pid /run/nginx.pid; + +events { + worker_connections 1024; +} + +http { + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + + sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + # Load modular configuration files from the /etc/nginx/conf.d directory. + # See http://nginx.org/en/docs/ngx_core_module.html#include + # for more information. + include /etc/nginx/conf.d/*.conf; + + server { + listen 80 default_server; + #listen [::]:80 default_server; + server_name _; + root /usr/share/nginx/html; + + # Load configuration files for the default server block. + include /etc/nginx/default.d/*.conf; + + location / { + } + + error_page 404 /404.html; + location = /40x.html { + } + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + } + } +} diff --git a/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/netcon_dockerfile b/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/netcon_dockerfile index 9e4f3a75..53541b3e 100644 --- a/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/netcon_dockerfile +++ b/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/netcon_dockerfile @@ -22,20 +22,20 @@ ADD liblwip.so /var/lib/zerotier-one/liblwip.so # Install syscall intercept library ADD zerotier-intercept / -ADD libzerotierintercept.so.1.0 / -RUN cp libzerotierintercept.so.1.0 lib/libzerotierintercept.so.1.0 -RUN cp libzerotierintercept.so.1.0 /lib/libzerotierintercept.so.1.0 -RUN ln -sf /lib/libzerotierintercept.so.1.0 /lib/libzerotierintercept +ADD libzerotierintercept.so / +RUN cp libzerotierintercept.so lib/libzerotierintercept.so +RUN ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept RUN /usr/bin/install -c zerotier-intercept /usr/bin ADD zerotier-one / ADD zerotier-cli / +ADD zerotier-netcon-service / # Install test scripts ADD netcon_entrypoint.sh /netcon_entrypoint.sh RUN chmod -v +x /netcon_entrypoint.sh -ADD nginx.conf / +ADD nginx.conf_ / # Start ZeroTier-One CMD ["./netcon_entrypoint.sh"] diff --git a/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/netcon_entrypoint.sh b/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/netcon_entrypoint.sh index 5ded2bb3..3f84f5e5 100644 --- a/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/netcon_entrypoint.sh +++ b/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/netcon_entrypoint.sh @@ -6,7 +6,7 @@ export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/ # --- Test Parameters --- test_namefile=$(ls *.name) test_name="${test_namefile%.*}" # test network id -nwconf=$(ls *.conf) # blank test network config file +nwconf=$(ls {*.conf,}) # blank test network config file nwid="${nwconf%.*}" # test network id file_path=/opt/results/ # test result output file path (fs shared between host and containers) file_base="$test_name".txt # test result output file @@ -21,7 +21,7 @@ tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" echo '*** ZeroTier Network Containers Test: ' "$test_name" chown -R daemon /var/lib/zerotier-one chgrp -R daemon /var/lib/zerotier-one -su daemon -s /bin/bash -c '/zerotier-one -d -U -p9993 >>/tmp/zerotier-one.out 2>&1' +su daemon -s /bin/bash -c '/zerotier-netcon-service -d -U -p9993 >>/tmp/zerotier-netcon-service.out 2>&1' virtip4="" while [ -z "$virtip4" ]; do sleep 0.2 @@ -35,7 +35,7 @@ echo $virtip4 > "$address_file" export ZT_NC_NWID=$dev # --- Test section --- -cp -f nginx.conf /etc/nginx/nginx.conf +cp -f nginx.conf_ /etc/nginx/nginx.conf nginx_html_path=/usr/share/nginx/html/ # Generate large random file for transfer test, share md5sum for monitor container to check echo '*** Generating ' "$bigfile_size" ' file' diff --git a/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/nginx-1.8.0-13.fc23.x86_64.name b/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/nginx-1.8.0-13.fc23.x86_64.name deleted file mode 100644 index e69de29b..00000000 --- a/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/nginx-1.8.0-13.fc23.x86_64.name +++ /dev/null diff --git a/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/nginx.conf_ b/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/nginx.conf_ new file mode 100644 index 00000000..7069ef03 --- /dev/null +++ b/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/nginx.conf_ @@ -0,0 +1,55 @@ +# For more information on configuration, see: +# * Official English Documentation: http://nginx.org/en/docs/ +# * Official Russian Documentation: http://nginx.org/ru/docs/ + +user nginx; +worker_processes auto; +error_log /var/log/nginx/error.log; +pid /run/nginx.pid; + +events { + worker_connections 1024; +} + +http { + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + + sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + # Load modular configuration files from the /etc/nginx/conf.d directory. + # See http://nginx.org/en/docs/ngx_core_module.html#include + # for more information. + include /etc/nginx/conf.d/*.conf; + + server { + listen 80 default_server; + #listen [::]:80 default_server; + server_name _; + root /usr/share/nginx/html; + + # Load configuration files for the default server block. + include /etc/nginx/default.d/*.conf; + + location / { + } + + error_page 404 /404.html; + location = /40x.html { + } + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + } + } +} diff --git a/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/netcon_dockerfile b/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/netcon_dockerfile index d89c4711..b6678998 100644 --- a/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/netcon_dockerfile +++ b/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/netcon_dockerfile @@ -22,20 +22,20 @@ ADD liblwip.so /var/lib/zerotier-one/liblwip.so # Install syscall intercept library ADD zerotier-intercept / -ADD libzerotierintercept.so.1.0 / -RUN cp libzerotierintercept.so.1.0 lib/libzerotierintercept.so.1.0 -RUN cp libzerotierintercept.so.1.0 /lib/libzerotierintercept.so.1.0 -RUN ln -sf /lib/libzerotierintercept.so.1.0 /lib/libzerotierintercept +ADD libzerotierintercept.so / +RUN cp libzerotierintercept.so lib/libzerotierintercept.so +RUN ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept RUN /usr/bin/install -c zerotier-intercept /usr/bin ADD zerotier-one / ADD zerotier-cli / +ADD zerotier-netcon-service / # Install test scripts ADD netcon_entrypoint.sh /netcon_entrypoint.sh RUN chmod -v +x /netcon_entrypoint.sh -ADD nginx.conf / +ADD nginx.conf_ / # Start ZeroTier-One CMD ["./netcon_entrypoint.sh"] diff --git a/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/netcon_entrypoint.sh b/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/netcon_entrypoint.sh index 5ded2bb3..3f84f5e5 100644 --- a/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/netcon_entrypoint.sh +++ b/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/netcon_entrypoint.sh @@ -6,7 +6,7 @@ export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/ # --- Test Parameters --- test_namefile=$(ls *.name) test_name="${test_namefile%.*}" # test network id -nwconf=$(ls *.conf) # blank test network config file +nwconf=$(ls {*.conf,}) # blank test network config file nwid="${nwconf%.*}" # test network id file_path=/opt/results/ # test result output file path (fs shared between host and containers) file_base="$test_name".txt # test result output file @@ -21,7 +21,7 @@ tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" echo '*** ZeroTier Network Containers Test: ' "$test_name" chown -R daemon /var/lib/zerotier-one chgrp -R daemon /var/lib/zerotier-one -su daemon -s /bin/bash -c '/zerotier-one -d -U -p9993 >>/tmp/zerotier-one.out 2>&1' +su daemon -s /bin/bash -c '/zerotier-netcon-service -d -U -p9993 >>/tmp/zerotier-netcon-service.out 2>&1' virtip4="" while [ -z "$virtip4" ]; do sleep 0.2 @@ -35,7 +35,7 @@ echo $virtip4 > "$address_file" export ZT_NC_NWID=$dev # --- Test section --- -cp -f nginx.conf /etc/nginx/nginx.conf +cp -f nginx.conf_ /etc/nginx/nginx.conf nginx_html_path=/usr/share/nginx/html/ # Generate large random file for transfer test, share md5sum for monitor container to check echo '*** Generating ' "$bigfile_size" ' file' diff --git a/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/nginx-1.8.0-14.fc23.x86_64.name b/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/nginx-1.8.0-14.fc23.x86_64.name deleted file mode 100644 index e69de29b..00000000 --- a/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/nginx-1.8.0-14.fc23.x86_64.name +++ /dev/null diff --git a/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/nginx.conf_ b/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/nginx.conf_ new file mode 100644 index 00000000..7069ef03 --- /dev/null +++ b/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/nginx.conf_ @@ -0,0 +1,55 @@ +# For more information on configuration, see: +# * Official English Documentation: http://nginx.org/en/docs/ +# * Official Russian Documentation: http://nginx.org/ru/docs/ + +user nginx; +worker_processes auto; +error_log /var/log/nginx/error.log; +pid /run/nginx.pid; + +events { + worker_connections 1024; +} + +http { + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + + sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + # Load modular configuration files from the /etc/nginx/conf.d directory. + # See http://nginx.org/en/docs/ngx_core_module.html#include + # for more information. + include /etc/nginx/conf.d/*.conf; + + server { + listen 80 default_server; + #listen [::]:80 default_server; + server_name _; + root /usr/share/nginx/html; + + # Load configuration files for the default server block. + include /etc/nginx/default.d/*.conf; + + location / { + } + + error_page 404 /404.html; + location = /40x.html { + } + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + } + } +} diff --git a/netcon/docker-test/nodejs/nodejs-0.10.36-4.fc23/netcon_dockerfile b/netcon/docker-test/nodejs/nodejs-0.10.36-4.fc23/netcon_dockerfile index 1e7e10ad..b8f9fa78 100644 --- a/netcon/docker-test/nodejs/nodejs-0.10.36-4.fc23/netcon_dockerfile +++ b/netcon/docker-test/nodejs/nodejs-0.10.36-4.fc23/netcon_dockerfile @@ -25,14 +25,14 @@ ADD httpserver.js / # Install syscall intercept library ADD zerotier-intercept / -ADD libzerotierintercept.so.1.0 / -RUN cp libzerotierintercept.so.1.0 lib/libzerotierintercept.so.1.0 -RUN cp libzerotierintercept.so.1.0 /lib/libzerotierintercept.so.1.0 -RUN ln -sf /lib/libzerotierintercept.so.1.0 /lib/libzerotierintercept +ADD libzerotierintercept.so / +RUN cp libzerotierintercept.so lib/libzerotierintercept.so +RUN ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept RUN /usr/bin/install -c zerotier-intercept /usr/bin ADD zerotier-one / ADD zerotier-cli / +ADD zerotier-netcon-service / # Install test scripts ADD netcon_entrypoint.sh /netcon_entrypoint.sh diff --git a/netcon/docker-test/nodejs/nodejs-0.10.36-4.fc23/netcon_entrypoint.sh b/netcon/docker-test/nodejs/nodejs-0.10.36-4.fc23/netcon_entrypoint.sh index a6e1b6c1..324ebc8a 100644 --- a/netcon/docker-test/nodejs/nodejs-0.10.36-4.fc23/netcon_entrypoint.sh +++ b/netcon/docker-test/nodejs/nodejs-0.10.36-4.fc23/netcon_entrypoint.sh @@ -18,7 +18,7 @@ address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host an echo '*** ZeroTier Network Containers Test: ' "$test_name" chown -R daemon /var/lib/zerotier-one chgrp -R daemon /var/lib/zerotier-one -su daemon -s /bin/bash -c '/zerotier-one -d -U -p9993 >>/tmp/zerotier-one.out 2>&1' +su daemon -s /bin/bash -c '/zerotier-netcon-service -d -U -p9993 >>/tmp/zerotier-netcon-service.out 2>&1' virtip4="" while [ -z "$virtip4" ]; do sleep 0.2 diff --git a/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/_two_party_test.sh b/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/_two_party_test.sh deleted file mode 100755 index 164b0b2e..00000000 --- a/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/_two_party_test.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/bash - -# Runs test image and monitor image as daemons - -test_name=${PWD##*/} -echo 'Building dockerfiles for test: ' "$test_name" -touch "$test_name".name - -# Start netcon container to be tested -test_container=$(docker run -d -it -v $PWD/../../_results:/opt/results --device=/dev/net/tun "$test_name":latest) -monitor_container=$(docker run -d -it -v $PWD/../../_results:/opt/results --device=/dev/net/tun "$test_name"_monitor:latest) - -echo "waiting $netcon_test_wait_time for test to complete." -sleep $netcon_test_wait_time -docker stop $(docker ps -a -q) -docker rm $test_container -docker rm $monitor_container
\ No newline at end of file diff --git a/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/netcon_dockerfile b/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/netcon_dockerfile index 395241cd..25b860b2 100644 --- a/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/netcon_dockerfile +++ b/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/netcon_dockerfile @@ -22,14 +22,14 @@ ADD liblwip.so /var/lib/zerotier-one/liblwip.so # Install syscall intercept library ADD zerotier-intercept / -ADD libzerotierintercept.so.1.0 / -RUN cp libzerotierintercept.so.1.0 lib/libzerotierintercept.so.1.0 -RUN cp libzerotierintercept.so.1.0 /lib/libzerotierintercept.so.1.0 -RUN ln -sf /lib/libzerotierintercept.so.1.0 /lib/libzerotierintercept +ADD libzerotierintercept.so / +RUN cp libzerotierintercept.so lib/libzerotierintercept.so +RUN ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept RUN /usr/bin/install -c zerotier-intercept /usr/bin ADD zerotier-one / ADD zerotier-cli / +Add zerotier-netcon-service / # Install test scripts ADD netcon_entrypoint.sh /netcon_entrypoint.sh diff --git a/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/netcon_entrypoint.sh b/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/netcon_entrypoint.sh index 8f7aefec..0b8fc7a7 100644 --- a/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/netcon_entrypoint.sh +++ b/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/netcon_entrypoint.sh @@ -18,7 +18,7 @@ address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host an echo '*** ZeroTier Network Containers Test: ' "$test_name" chown -R daemon /var/lib/zerotier-one chgrp -R daemon /var/lib/zerotier-one -su daemon -s /bin/bash -c '/zerotier-one -d -U -p9993 >>/tmp/zerotier-one.out 2>&1' +su daemon -s /bin/bash -c '/zerotier-netcon-service -d -U -p9993 >>/tmp/zerotier-netcon-service.out 2>&1' virtip4="" while [ -z "$virtip4" ]; do sleep 0.2 diff --git a/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/redis-3.0.4-1.fc23.x86_64.name b/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/redis-3.0.4-1.fc23.x86_64.name deleted file mode 100644 index e69de29b..00000000 --- a/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/redis-3.0.4-1.fc23.x86_64.name +++ /dev/null diff --git a/netcon/docker-test/sshd/openssh-server-7.1p1-3.fc23.x86_64/netcon_dockerfile b/netcon/docker-test/sshd/openssh-server-7.1p1-3.fc23.x86_64/netcon_dockerfile index e64c72bb..052d6303 100644 --- a/netcon/docker-test/sshd/openssh-server-7.1p1-3.fc23.x86_64/netcon_dockerfile +++ b/netcon/docker-test/sshd/openssh-server-7.1p1-3.fc23.x86_64/netcon_dockerfile @@ -22,10 +22,9 @@ ADD liblwip.so /var/lib/zerotier-one/liblwip.so # Install syscall intercept library ADD zerotier-intercept / -ADD libzerotierintercept.so.1.0 / -RUN cp libzerotierintercept.so.1.0 lib/libzerotierintercept.so.1.0 -RUN cp libzerotierintercept.so.1.0 /lib/libzerotierintercept.so.1.0 -RUN ln -sf /lib/libzerotierintercept.so.1.0 /lib/libzerotierintercept +ADD libzerotierintercept.so / +RUN cp libzerotierintercept.so lib/libzerotierintercept.so +RUN ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept RUN /usr/bin/install -c zerotier-intercept /usr/bin ADD zerotier-one / diff --git a/netcon/docker-test/test.sh b/netcon/docker-test/test.sh index 3b6d35de..03e86011 100755 --- a/netcon/docker-test/test.sh +++ b/netcon/docker-test/test.sh @@ -15,6 +15,12 @@ export test_script=_two_party_test.sh # Iterate over all depth=2 (relatively-speaking) directories and perform each test find . -mindepth 2 -maxdepth 2 -type d | while read testdir; do + + if [[ $testdir != *$1* ]] + then + continue + fi + echo "*** Testing: '$testdir'..." rm _results/*.tmp @@ -29,4 +35,4 @@ find . -mindepth 2 -maxdepth 2 -type d | while read testdir; do cd ../../ done -echo "*** Done"
\ No newline at end of file +echo "*** Done" diff --git a/netcon/zerotier-intercept b/netcon/zerotier-intercept index 85e9fba1..f35c9d15 100755 --- a/netcon/zerotier-intercept +++ b/netcon/zerotier-intercept @@ -11,14 +11,14 @@ case "$1" in on) if [ -z "$LD_PRELOAD" ] then - export LD_PRELOAD="/lib/libzerotierintercept.so.1.0" + export LD_PRELOAD="/lib/libzerotierintercept.so" else - echo $LD_PRELOAD | grep -q "/lib/libzerotierintercept\.so.1.0" || \ + echo $LD_PRELOAD | grep -q "/lib/libzerotierintercept\.so" || \ export LD_PRELOAD="/lib/libzerotierintercept.so $LD_PRELOAD" fi ;; off) - export LD_PRELOAD=`echo -n $LD_PRELOAD | sed 's/\/lib\/libzerotierintercept.so.1.0 \?//'` + export LD_PRELOAD=`echo -n $LD_PRELOAD | sed 's/\/lib\/libzerotierintercept.so \?//'` if [ -z "$LD_PRELOAD" ] then unset LD_PRELOAD @@ -33,10 +33,10 @@ case "$1" in *) if [ -z "$LD_PRELOAD" ] then - export LD_PRELOAD="/lib/libzerotierintercept.so.1.0" + export LD_PRELOAD="/lib/libzerotierintercept.so" else - echo $LD_PRELOAD | grep -q "/lib/libzerotierintercept\.so.1.0" || \ - export LD_PRELOAD="/lib/libzerotierintercept.so.1.0 $LD_PRELOAD" + echo $LD_PRELOAD | grep -q "/lib/libzerotierintercept\.so" || \ + export LD_PRELOAD="/lib/libzerotierintercept.so $LD_PRELOAD" fi if [ $# = 0 ] |