VPN功能代码跟踪
来源:互联网 发布:锵锵软件官网 编辑:程序博客网 时间:2024/05/30 07:13
查看服务入口点:
代码如下:
导入vpn的底层驱动,可以配置多个
驱动配置文件:
底层驱动类:neutron/services/vpn/plugin.py
neutron --debug vpn-service-create e78e9837-4458-48d7-9ab5-e4acdf1789ce 8f6226cc-3d89-4749-9302-103d0fa88830
入口:v2/resource.py
v2/base.py
services/vpn/plugin.py
db/vpn/vpn_db.py
neutron ipsec-site-connection-create --vpnservice-id 1f179967-3dce-47dd-b9f5-7d5640286444 --ikepolicy-id b16dd53b-df4f-43cd-8cf7-1d97a4a67bcc --ipsecpolicy-id eb96b574-670c-492c-b05a-f3bd521a758c --peer-address 192.168.12.50 --peer-id 192.168.12.50 --peer-cidr 111.111.111.0/24 --psk secret
services/vpn/service_drivers/ipsec.py
vpn_db.py
核心命令:
创建ipsec进程
ip netns exec qrouter-e78e9837-4458-48d7-9ab5-e4acdf1789ce ipsec pluto --ctlbase /var/lib/neutron/ipsec/e78e9837-4458-48d7-9ab5-e4acdf1789ce/var/run/pluto --ipsecdir /var/lib/neutron/ipsec/e78e9837-4458-48d7-9ab5-e4acdf1789ce/etc --use-netkey --uniqueids --nat_traversal --secretsfile /var/lib/neutron/ipsec/e78e9837-4458-48d7-9ab5-e4acdf1789ce/etc/ipsec.secrets --virtual_private %v4:192.168.0.0/16,%v4:111.111.111.0/24
查看状态
ip netns exec qrouter-e78e9837-4458-48d7-9ab5-e4acdf1789ce ipsec whack --ctlbase /var/lib/neutron/ipsec/e78e9837-4458-48d7-9ab5-e4acdf1789ce/var/run/pluto --status
创建进程时vpn报错:
Stderr: '/usr/bin/neutron-rootwrap: Unauthorized command: ip netns exec qrouter-e78e9837-4458-48d7-9ab5-e4acdf1789ce ipsec pluto --ctlbase /var/lib/neutron/ipsec/e78e9837-4458-48d7-9ab5-e4acdf1789ce/var/run/pluto --ipsecdir /var/lib/neutron/ipsec/e78e9837-4458-48d7-9ab5-e4acdf1789ce/etc --use-netkey --uniqueids --nat_traversal --secretsfile /var/lib/neutron/ipsec/e78e9837-4458-48d7-9ab5-e4acdf1789ce/etc/ipsec.secrets --virtual_private %v4:192.168.0.0/16,%v4:111.111.111.0/24,%v4:111.111.111.0/24,%v4:111.111.111.0/24 (no filter matched)\n' execute /usr/lib/python2.6/site-packages/neutron/agent/linux/utils.py:74
2014-10-29 02:08:36.190 3607 ERROR neutron.services.vpn.device_drivers.ipsec [req-1930b10a-b224-455d-afc5-7084c2c9aebe None] Failed to enable vpn process on router e78e9837-4458-48d7-9ab5-e4acdf1789ce
2014-10-29 02:08:36.190 3607 TRACE neutron.services.vpn.device_drivers.ipsec Traceback (most recent call last):
2014-10-29 02:08:36.190 3607 TRACE neutron.services.vpn.device_drivers.ipsec File "/usr/lib/python2.6/site-packages/neutron/services/vpn/device_drivers/ipsec.py", line 247, in enable
2014-10-29 02:08:36.190 3607 TRACE neutron.services.vpn.device_drivers.ipsec self.start()
2014-10-29 02:08:36.190 3607 TRACE neutron.services.vpn.device_drivers.ipsec File "/usr/lib/python2.6/site-packages/neutron/services/vpn/device_drivers/ipsec.py", line 388, in start
2014-10-29 02:08:36.190 3607 TRACE neutron.services.vpn.device_drivers.ipsec '--virtual_private', virtual_private
2014-10-29 02:08:36.190 3607 TRACE neutron.services.vpn.device_drivers.ipsec File "/usr/lib/python2.6/site-packages/neutron/services/vpn/device_drivers/ipsec.py", line 317, in _execute
2014-10-29 02:08:36.190 3607 TRACE neutron.services.vpn.device_drivers.ipsec check_exit_code=check_exit_code)
2014-10-29 02:08:36.190 3607 TRACE neutron.services.vpn.device_drivers.ipsec File "/usr/lib/python2.6/site-packages/neutron/agent/linux/ip_lib.py", line 466, in execute
2014-10-29 02:08:36.190 3607 TRACE neutron.services.vpn.device_drivers.ipsec check_exit_code=check_exit_code)
2014-10-29 02:08:36.190 3607 TRACE neutron.services.vpn.device_drivers.ipsec File "/usr/lib/python2.6/site-packages/neutron/agent/linux/utils.py", line 76, in execute
2014-10-29 02:08:36.190 3607 TRACE neutron.services.vpn.device_drivers.ipsec raise RuntimeError(m)
2014-10-29 02:08:36.190 3607 TRACE neutron.services.vpn.device_drivers.ipsec RuntimeError:
rootwarp中需要加入ipsec的权限
下面是整个vpn的创建过程
neutron vpn-ikepolicy-create ikepolicy1neutron vpn-ipsecpolicy-create ipsecpolicy1neutron vpn-service-create --name myvpn --description "My vpn service" router1 mysubnet
neutron ipsec-site-connection-create --name vpnconnection1 --vpnservice-id myvpn --ikepolicy-id ikepolicy1 --ipsecpolicy-id ipsecpolicy1 --peer-address 172.24.4.233 --peer-id 172.24.4.233 --peer-cidr 10.2.0.0/24 --psk secret
0 0
- VPN功能代码跟踪
- 跟踪代码
- 代码跟踪
- teamviewer 实现 vpn 功能
- C#代码跟踪代码
- 块修改跟踪功能
- QTableWidget 排序功能跟踪
- 代码实现VPN连接
- 代码实现VPN连接
- 用OD跟踪金山游侠的部分代码并用汇编还原其功能
- VPN+NAT实现代理服务器功能
- 云平台VPN功能对比
- 如何跟踪ACPI代码
- C/C++代码跟踪
- mtd子系统代码跟踪
- MFC之代码跟踪
- Android Launcher2代码跟踪
- 代码跟踪调试方法
- 硅谷大佬内部发言:千亿美金公司,最初的真相
- 【github教程】创建github仓库以及创建版本库和添加文件到版本库
- 联机日志文件损坏后的恢复方法
- Android:通知栏的使用
- windows7 下面安装wget工具和使用详解
- VPN功能代码跟踪
- Ubuntu手动启动Oracle11g
- sql server中sql语句中单引号怎么转义?
- Web 开发在 2015 年及未来的发展趋势
- 使用Pfsense+Snorby构建入侵检测系统
- 指向结构类型数组元素的指针
- 第12周oj平台项目3射击成绩
- 关于android布局的两个属性dither和tileMode
- 这 30 类 CSS 选择器,你必须记在脑袋里!
