diff --git a/netcon/Intercept.c b/netcon/Intercept.c index 78b0af2d2..3890c08bb 100644 --- a/netcon/Intercept.c +++ b/netcon/Intercept.c @@ -824,9 +824,10 @@ int accept(ACCEPT_SIG) return -1; } - // if(opt & O_NONBLOCK) - fcntl(sockfd, F_SETFL, O_NONBLOCK); /* required by libuv in nodejs */ - + /* The following line is required for libuv/nodejs to accept connections properly, + however, this has the side effect of causing certain webservers to max out the CPU + in an accept loop */ + //fcntl(sockfd, F_SETFL, O_NONBLOCK); char c[1]; int new_conn_socket; @@ -980,7 +981,7 @@ int poll(POLL_SIG) /* int fd */ int close(CLOSE_SIG) { - //checkpid(); // Required for httpd-2.4.17-3.x86_64 -- After clone, some symbols aren't initialized yet */ + checkpid(); // Required for httpd-2.4.17-3.x86_64 -- After clone, some symbols aren't initialized yet */ if(realclose == NULL){ dwr(MSG_ERROR, "close(): SYMBOL NOT FOUND.\n"); return -1; diff --git a/netcon/README.md b/netcon/README.md index ba99ca380..91e69287c 100644 --- a/netcon/README.md +++ b/netcon/README.md @@ -23,17 +23,11 @@ The virtual TCP/IP stack will respond to *incoming* ICMP ECHO requests, which me #### Compatibility Test Results - sshd [ WORKS as of 20151207 ] Should be run with in debug mode with -d - ssh [ WORKS as of 20151112 ] - sftp [ WORKS as of 20151022 ] - curl [ WORKS as of 20151021 ] - apache (debug mode -X) [ WORKS as of 20151207 ] (2.4.6-31.x86_64 on Centos 7), (2.4.16-1.x84_64 on F22/F23), (2.4.17-3.x86_64 on F22/F23) - apache (prefork MPM) [ WORKS as of 20151123 ] - nginx [ BROKEN as of 20151207 ] - nodejs [ WORKS as of 20151207 ] (0.10.36-4.fc23) - java [ WORKS as of 20151010 ] - MongoDB [ WORKS as of 20151028 ] - Redis-server [ WORKS as of 20151207 ] (3.0.4-1.fc23.x86_64) + sshd (debug mode -d) [ WORKS as of 20151208 ] Fedora 22/23, Centos 7, Ubuntu 14.04 + apache (debug mode -X) [ WORKS as of 20151208 ] 2.4.6 on Centos 7, 2.4.16 and 2.4.17 on Fedora 22/23 + nginx [ WORKS as of 20151208 ] 1.8.0 on both Fedora 22/23 and Ubuntu 14.04 + nodejs [ WORKS as of 20151208 ] 0.10.36 Fedora 22/23 (disabled, see note in accept() in netcon/Intercept.c) + redis-server [ WORKS as of 20151208 ] 3.0.4 on Fedora 22/23 It is *likely* to work with other things but there are no guarantees. UDP, ICMP/RAW, and IPv6 support are planned for the near future. @@ -100,12 +94,12 @@ Now try: export LD_PRELOAD=/path/to/ZeroTierOne/libzerotierintercept.so export ZT_NC_NWID=8056c2e21c000001 - zerotier-intercept httpd + zerotier-intercept httpd -X Going to port 80 on your machine won't work. Httpd is listening, but only inside the network container. To reach it, go to the other system where you joined the same network with a conventional ZeroTier instance and try: - curl http://NETCON.INSTANCE.IP:8080/README.md + curl http://NETCON.INSTANCE.IP:80/ Replace *NETCON.INSTANCE.IP* with the IP address that *zerotier-netcon-service* was assigned on the virtual network. (This is the same IP you pinged in your first test.) If everything works, you should get back a copy of ZeroTier One's main README.md file. diff --git a/netcon/docker-test/_remove_all.sh b/netcon/docker-test/_remove_all.sh new file mode 100755 index 000000000..c6090a9b9 --- /dev/null +++ b/netcon/docker-test/_remove_all.sh @@ -0,0 +1,5 @@ +#!/bin/bash +# Delete all containers +docker rm $(docker ps -a -q) +# Delete all images +docker rmi $(docker images -q) diff --git a/netcon/docker-test/httpd/httpd-2.4.16-1.fc23.x86_64/netcon_entrypoint.sh b/netcon/docker-test/httpd/httpd-2.4.16-1.fc23.x86_64/netcon_entrypoint.sh index 0ed4d3314..55ee1da3e 100644 --- a/netcon/docker-test/httpd/httpd-2.4.16-1.fc23.x86_64/netcon_entrypoint.sh +++ b/netcon/docker-test/httpd/httpd-2.4.16-1.fc23.x86_64/netcon_entrypoint.sh @@ -43,4 +43,4 @@ echo '*** Wrote MD5 sum to ' "$tx_md5sumfile" echo '*** Starting application...' sleep 0.5 rm -rf /run/httpd/* /tmp/httpd* -zerotier-intercept /usr/sbin/httpd -D FOREGROUND >>/tmp/apache.out 2>&1 +zerotier-intercept /usr/sbin/httpd -X diff --git a/netcon/docker-test/httpd/httpd-2.4.16-1.ub14.x86_64/netcon_entrypoint.sh b/netcon/docker-test/httpd/httpd-2.4.16-1.ub14.x86_64/netcon_entrypoint.sh index 0ed4d3314..55ee1da3e 100644 --- a/netcon/docker-test/httpd/httpd-2.4.16-1.ub14.x86_64/netcon_entrypoint.sh +++ b/netcon/docker-test/httpd/httpd-2.4.16-1.ub14.x86_64/netcon_entrypoint.sh @@ -43,4 +43,4 @@ echo '*** Wrote MD5 sum to ' "$tx_md5sumfile" echo '*** Starting application...' sleep 0.5 rm -rf /run/httpd/* /tmp/httpd* -zerotier-intercept /usr/sbin/httpd -D FOREGROUND >>/tmp/apache.out 2>&1 +zerotier-intercept /usr/sbin/httpd -X diff --git a/netcon/docker-test/httpd/httpd-2.4.17-3.fc23.x86_64/netcon_entrypoint.sh b/netcon/docker-test/httpd/httpd-2.4.17-3.fc23.x86_64/netcon_entrypoint.sh index 77439e0c5..7d0ebc896 100644 --- a/netcon/docker-test/httpd/httpd-2.4.17-3.fc23.x86_64/netcon_entrypoint.sh +++ b/netcon/docker-test/httpd/httpd-2.4.17-3.fc23.x86_64/netcon_entrypoint.sh @@ -45,4 +45,4 @@ echo '*** Wrote MD5 sum to ' "$tx_md5sumfile" echo '*** Starting application...' sleep 0.5 rm -rf /run/httpd/* /tmp/httpd* -zerotier-intercept /usr/sbin/httpd -D FOREGROUND >>/tmp/apache.out 2>&1 +zerotier-intercept /usr/sbin/httpd -X diff --git a/netcon/docker-test/httpd/httpd_demo/netcon_entrypoint.sh b/netcon/docker-test/httpd/httpd_demo/netcon_entrypoint.sh index fd47cf380..5c42b6a67 100644 --- a/netcon/docker-test/httpd/httpd_demo/netcon_entrypoint.sh +++ b/netcon/docker-test/httpd/httpd_demo/netcon_entrypoint.sh @@ -51,4 +51,4 @@ echo '*** Wrote MD5 sum to ' "$tx_md5sumfile" echo '*** Starting application...' sleep 0.5 rm -rf /run/httpd/* /tmp/httpd* -zerotier-intercept /usr/sbin/httpd -D FOREGROUND >>/tmp/apache.out 2>&1 +zerotier-intercept /usr/sbin/httpd -X diff --git a/netcon/docker-test/httpd/httpd_demo/two_party_test.sh b/netcon/docker-test/httpd/httpd_demo/two_party_test.sh deleted file mode 100755 index 164b0b2e4..000000000 --- a/netcon/docker-test/httpd/httpd_demo/two_party_test.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/bash - -# Runs test image and monitor image as daemons - -test_name=${PWD##*/} -echo 'Building dockerfiles for test: ' "$test_name" -touch "$test_name".name - -# Start netcon container to be tested -test_container=$(docker run -d -it -v $PWD/../../_results:/opt/results --device=/dev/net/tun "$test_name":latest) -monitor_container=$(docker run -d -it -v $PWD/../../_results:/opt/results --device=/dev/net/tun "$test_name"_monitor:latest) - -echo "waiting $netcon_test_wait_time for test to complete." -sleep $netcon_test_wait_time -docker stop $(docker ps -a -q) -docker rm $test_container -docker rm $monitor_container \ No newline at end of file