Updated README, tests, and Intercept

This commit is contained in:
Joseph Henry 2015-12-08 07:47:20 -08:00
parent f2db82940b
commit b1eb16d5fb
8 changed files with 21 additions and 38 deletions

View File

@ -824,9 +824,10 @@ int accept(ACCEPT_SIG)
return -1; return -1;
} }
// if(opt & O_NONBLOCK) /* The following line is required for libuv/nodejs to accept connections properly,
fcntl(sockfd, F_SETFL, O_NONBLOCK); /* required by libuv in nodejs */ however, this has the side effect of causing certain webservers to max out the CPU
in an accept loop */
//fcntl(sockfd, F_SETFL, O_NONBLOCK);
char c[1]; char c[1];
int new_conn_socket; int new_conn_socket;
@ -980,7 +981,7 @@ int poll(POLL_SIG)
/* int fd */ /* int fd */
int close(CLOSE_SIG) int close(CLOSE_SIG)
{ {
//checkpid(); // Required for httpd-2.4.17-3.x86_64 -- After clone, some symbols aren't initialized yet */ checkpid(); // Required for httpd-2.4.17-3.x86_64 -- After clone, some symbols aren't initialized yet */
if(realclose == NULL){ if(realclose == NULL){
dwr(MSG_ERROR, "close(): SYMBOL NOT FOUND.\n"); dwr(MSG_ERROR, "close(): SYMBOL NOT FOUND.\n");
return -1; return -1;

View File

@ -23,17 +23,11 @@ The virtual TCP/IP stack will respond to *incoming* ICMP ECHO requests, which me
#### Compatibility Test Results #### Compatibility Test Results
sshd [ WORKS as of 20151207 ] Should be run with in debug mode with -d sshd (debug mode -d) [ WORKS as of 20151208 ] Fedora 22/23, Centos 7, Ubuntu 14.04
ssh [ WORKS as of 20151112 ] apache (debug mode -X) [ WORKS as of 20151208 ] 2.4.6 on Centos 7, 2.4.16 and 2.4.17 on Fedora 22/23
sftp [ WORKS as of 20151022 ] nginx [ WORKS as of 20151208 ] 1.8.0 on both Fedora 22/23 and Ubuntu 14.04
curl [ WORKS as of 20151021 ] nodejs [ WORKS as of 20151208 ] 0.10.36 Fedora 22/23 (disabled, see note in accept() in netcon/Intercept.c)
apache (debug mode -X) [ WORKS as of 20151207 ] (2.4.6-31.x86_64 on Centos 7), (2.4.16-1.x84_64 on F22/F23), (2.4.17-3.x86_64 on F22/F23) redis-server [ WORKS as of 20151208 ] 3.0.4 on Fedora 22/23
apache (prefork MPM) [ WORKS as of 20151123 ]
nginx [ BROKEN as of 20151207 ]
nodejs [ WORKS as of 20151207 ] (0.10.36-4.fc23)
java [ WORKS as of 20151010 ]
MongoDB [ WORKS as of 20151028 ]
Redis-server [ WORKS as of 20151207 ] (3.0.4-1.fc23.x86_64)
It is *likely* to work with other things but there are no guarantees. UDP, ICMP/RAW, and IPv6 support are planned for the near future. It is *likely* to work with other things but there are no guarantees. UDP, ICMP/RAW, and IPv6 support are planned for the near future.
@ -100,12 +94,12 @@ Now try:
export LD_PRELOAD=/path/to/ZeroTierOne/libzerotierintercept.so export LD_PRELOAD=/path/to/ZeroTierOne/libzerotierintercept.so
export ZT_NC_NWID=8056c2e21c000001 export ZT_NC_NWID=8056c2e21c000001
zerotier-intercept httpd zerotier-intercept httpd -X
Going to port 80 on your machine won't work. Httpd is listening, but only inside the network container. To reach it, go to the other system where you joined the same network with a conventional ZeroTier instance and try: Going to port 80 on your machine won't work. Httpd is listening, but only inside the network container. To reach it, go to the other system where you joined the same network with a conventional ZeroTier instance and try:
curl http://NETCON.INSTANCE.IP:8080/README.md curl http://NETCON.INSTANCE.IP:80/
Replace *NETCON.INSTANCE.IP* with the IP address that *zerotier-netcon-service* was assigned on the virtual network. (This is the same IP you pinged in your first test.) If everything works, you should get back a copy of ZeroTier One's main README.md file. Replace *NETCON.INSTANCE.IP* with the IP address that *zerotier-netcon-service* was assigned on the virtual network. (This is the same IP you pinged in your first test.) If everything works, you should get back a copy of ZeroTier One's main README.md file.

View File

@ -0,0 +1,5 @@
#!/bin/bash
# Delete all containers
docker rm $(docker ps -a -q)
# Delete all images
docker rmi $(docker images -q)

View File

@ -43,4 +43,4 @@ echo '*** Wrote MD5 sum to ' "$tx_md5sumfile"
echo '*** Starting application...' echo '*** Starting application...'
sleep 0.5 sleep 0.5
rm -rf /run/httpd/* /tmp/httpd* rm -rf /run/httpd/* /tmp/httpd*
zerotier-intercept /usr/sbin/httpd -D FOREGROUND >>/tmp/apache.out 2>&1 zerotier-intercept /usr/sbin/httpd -X

View File

@ -43,4 +43,4 @@ echo '*** Wrote MD5 sum to ' "$tx_md5sumfile"
echo '*** Starting application...' echo '*** Starting application...'
sleep 0.5 sleep 0.5
rm -rf /run/httpd/* /tmp/httpd* rm -rf /run/httpd/* /tmp/httpd*
zerotier-intercept /usr/sbin/httpd -D FOREGROUND >>/tmp/apache.out 2>&1 zerotier-intercept /usr/sbin/httpd -X

View File

@ -45,4 +45,4 @@ echo '*** Wrote MD5 sum to ' "$tx_md5sumfile"
echo '*** Starting application...' echo '*** Starting application...'
sleep 0.5 sleep 0.5
rm -rf /run/httpd/* /tmp/httpd* rm -rf /run/httpd/* /tmp/httpd*
zerotier-intercept /usr/sbin/httpd -D FOREGROUND >>/tmp/apache.out 2>&1 zerotier-intercept /usr/sbin/httpd -X

View File

@ -51,4 +51,4 @@ echo '*** Wrote MD5 sum to ' "$tx_md5sumfile"
echo '*** Starting application...' echo '*** Starting application...'
sleep 0.5 sleep 0.5
rm -rf /run/httpd/* /tmp/httpd* rm -rf /run/httpd/* /tmp/httpd*
zerotier-intercept /usr/sbin/httpd -D FOREGROUND >>/tmp/apache.out 2>&1 zerotier-intercept /usr/sbin/httpd -X

View File

@ -1,17 +0,0 @@
#!/bin/bash
# Runs test image and monitor image as daemons
test_name=${PWD##*/}
echo 'Building dockerfiles for test: ' "$test_name"
touch "$test_name".name
# Start netcon container to be tested
test_container=$(docker run -d -it -v $PWD/../../_results:/opt/results --device=/dev/net/tun "$test_name":latest)
monitor_container=$(docker run -d -it -v $PWD/../../_results:/opt/results --device=/dev/net/tun "$test_name"_monitor:latest)
echo "waiting $netcon_test_wait_time for test to complete."
sleep $netcon_test_wait_time
docker stop $(docker ps -a -q)
docker rm $test_container
docker rm $monitor_container