Free udp ip software for linux

udpeq is a program that balances UDP traffic over parallel routes. This is useful if you want to connect two endpoints through several slow or unreliable channels. For example, if you have 3 modem lines and a one-way satellite link, you might want to bond all of these together to form a faster, more reliable "virtual" connection.

udpeq by itself just shuttles UDP packets between two endpoints. You will almost certainly want to use a higher-level tunnel on top of udpeq to provide a "real" IP connection. CIPE or OPENVPN are perfect for this job.

Existing solutions of this nature (for example, multi-link ppp) tend to make simplistic assumptions about the bandwidth and availability of the channels. udpeq attempts to dynamically adjust to changing conditions, being as robust as possible while still being able to maximize throughput.

udpShell is a remote shell that uses UDP instead of TCP. It uses a client-server architecture (udpShell as the daemon and udpClient as the client).

Installation:
cd src
make
this sould make the work

if you like edit the Makefile to reflect your system, preferences.

Simple UDP proxy/pipe is an advanced UDP proxy/datapipe/packets forwarder and modifier with multiple functions.

Multiple clients allowed (you can connect many clients you want to this proxy), creation of ACP files (tcpdump capture files, just like a sniffer), packets forwarding (chat style, each packet is forwarded to all the other clients and server connected), packets injection (the tool opens a specific UDP port where you can send your customized packets which will be sent to the server), hexadecimal visualization and plugins support for the modification and visualization of the packets with some example plugins already included (Zdaemon huffman, Doom huffman, Half-life decoding and one for the replacement of the text strings).

Plugins (which work on both Windows and Linux) are very basic to create and use, just take a look at example_sudp.c for more informations.

NetPacket::UDP is a Perl module to assemble and disassemble UDP (User Datagram Protocol) packets.

SYNOPSIS

use NetPacket::UDP;

$udp_obj = NetPacket::UDP->decode($raw_pkt);
$udp_pkt = NetPacket::UDP->encode($ip_obj);
$udp_data = NetPacket::UDP::strip($raw_pkt);

NetPacket::UDP provides a set of routines for assembling and disassembling packets using UDP (User Datagram Protocol).

Methods

NetPacket::UDP->decode([RAW PACKET])

Decode the raw packet data given and return an object containing instance data. This method will quite happily decode garbage input. It is the responsibility of the programmer to ensure valid packet data is passed to this method.

NetPacket::UDP->encode(param => value)

Return a UDP packet encoded with the instance data specified. Needs parts of the ip header contained in $ip_obj, the IP object, in order to calculate the UDP checksum. The length field will also be set automatically.

Functions

NetPacket::UDP::strip([RAW PACKET])

Return the encapsulated data (or payload) contained in the UDP packet. This data is suitable to be used as input for other NetPacket::* modules.

This function is equivalent to creating an object using the decode() constructor and returning the data field of that object.

Instance data

The instance data for the NetPacket::UDP object consists of the following fields.

src_port

The source UDP port for the datagram.

dest_port

The destination UDP port for the datagram.

len

The length (including length of header) in bytes for this packet.

cksum

The checksum value for this packet.

data

The encapsulated data (payload) for this packet.

PINT is a handy tool for debugging any TCP/IP (or UDP) software. It can be made to listen to a server socket or to connect to a remote host. The resulting connection is displayed, with separate display for the inbound and outbound traffic.

MISSING FEATURES
UDP/RAW support
noticing connection failures
runtime help screen by pressing tab
man page

KNOWN BUGS
resizing window larger than original size crashes the program

seppl is both a protocol definition and a software implementation of a new encryption layer for IPv4. seppl project makes use of symmetric cryptography for encrypting the whole traffic on a network. Its implementation is designed around Linux netfilter/iptables.
seppl introduces two new netfilter targets: CRYPT and DECRYPT. A firewall rule may thus be used for encrypting/decrypting the incoming and outgoing network traffic. This makes seppl extraordinarily easy to use, since no daemons need to run for secure communication.
seppl uses the encryption engine of the Linux Cryptographic API which is available in kernel 2.4.22 and newer.
seppl is primarily intended for encrypting wireless LANs (as secure replacement of the broken WEP encryption) and local ethernet networks but may be used for large scale VPN solutions as well.
The protocol seppl relies on is not compatible with any other software. The protocol is open and well defined but there is no implementation other than this reference software.
Why SEPPL, there are already IPSEC, CIPE,...?
CIPE may be used for point-to-point connections only. It has tunnel structure and thus introduces new IP addresses. This is not always desirable. It requires a user space daemon.
IPSEC/FreeSwan is extremely complicated to use. Due to its strange routing scheme it is nearly impossible to use together with routing daemons. IPSEC is heavyweight.
seppl is truely peer-to-peer. It encrypts seamlessly all outgoing traffic and it thus compatible with routing daemons. It is extremely easy to use as well, as it makes no change to the normal routing behaviour. seppl is extremely lightweight.
The Implementation
The implementation consists of three Linux kernel modules: seppl.o, ipt_CRYPT.o and ipt_DECRYPT.o. The former is the in-kernel key manager, the latter are the two new netfilter targets. Both depend on seppl.o.
seppl.o must be inserted into kernel in first place. The key manager may be accessed with the file /proc/net/seppl_keyring. It contains binary key data, and is initially empty. You may add a new key by writing it to that file.
The two Python scripts seppl-ls and seppl-gen-key me be used for key management. seppl-ls may be used for converting seppl keys between the binary format used by /proc/net/seppl_keyring and a human readable XML based format. Simply call seppl-ls for a list of all currently active keys. seppl-gen-key generates a new key from /dev/urandom. By default it will use the XML format. The parameter -x forces binary mode. You may generate and activate two keys "linus" and "alan" by issuing the following command lines:
seppl-gen-key -n linus -x > /proc/net/seppl_keyring
seppl-gen-key -n alan -x > /proc/net/seppl_keyring
seppl-ls without argument lists the new keys saved in the kernel keyring. You may remove all (currently unused) keys by issuing:
echo clear > /proc/net/seppl_keyring
Since seppl is based on symmetric cryptography using shared keys you have to copy newly generated keys to every host you want to connect to your seppl infrastructure. (preferably via SSH or any other secure file transfer) You get a binary copy of your current keyring by issuing:
cat /proc/net/seppl_keyring > keyring.save
Now copy that file keyring.save to all other hosts and issue the following command there:
cat keyring.save > /proc/net/seppl_keyring
That is simple, isnt it?
After doing so you may configure your firewall settings on each host:
iptables -t mangle -A POSTROUTING -o eth0 -j CRYPT --key linus
iptables -t mangle -A PREROUTING -i eth0 -j DECRYPT
This will encrypt all outgoing traffic on eth0 with the key "linus". All incoming traffic is decrypted with either "linus" or "alan", depending on the key name specified in the specific network packet. Unencrypted incoming packets are silently dropped. Use
iptables -t mangle -A PREROUTING -p 177 -i eth0 -j DECRYPT
for allowing both crypted and unencrypted incoming traffic.
Thats it. Youre done. All your traffic on the local subnet is now crypted with seppl.
The default cipher is AES-128. If you dont specify the name of the used key it defaults to "def".
An SysV init script /etc/init.d/seppl is provided. It will load seppls kernel modules and write all keys from the directory /etc/seppl to the kernel keyring. It will not add any firewall rules, however.
Performance issues
The network packets are increased in size when they are crypted, since two new headers and the IV are added. (36 bytes in average) This conflicts on some way with the MTU management of the Linux kernel and results in having all large packets (that is: package size near MTU) fragmented in one large and another very small package. This will hurt network performance. A work-around of this limitation is using the TCPMSS target of netfilter to adjust the MSS value in the TCP header to smaller values. This will increase TCP perfomance, since TCP packets of the size of the MTU are no longer generated. Thus no fragmentation is needed. However, TCPMSS is TCP specific, it wont help on UDP or other IP protocols.
Add the following line before encryption to your firewall setup:
iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o eth0 -j TCPMSS --set-mss $((1500-40-8-16-6-15))
The Protocol
For encryption every single unencrypted packet is taken and converted to a crypted one. Not a single further packet is ever sent.
Original SEPPL counterpart
+------------+ +-----------------------+
| IP-Header | | Modified IP-Header | |
+------------+ +-----------------------+ |
| Payload | | SEPPL-Header | > Unencrypted
+------------+ +-----------------------+ |
| Initialization Vector | |
+-----------------------+ /
| SEPPL-Header |
+-----------------------+ | Crypted
| Payload | |
+-----------------------+ /
The original IP header is kept as far as possible. Only three fields are replaced with new values. The protocol number is set to 177, the fragment offset is set to 0 and the total length is corrected to the new length. All other fields are kept as is, including IP options.
The unencrypted seppl header consists of a one-byte cipher number and a key name. Currently only 0 and 1 are defined as cipher numbers for AES with 128bit key, resp. AES with 192bit key. The key name (7 bytes) may be used to select a specific key in a larger keyring.
The IV is used for CBC coding of the cipher used. It differs from packet to packet, but is not randomly generated. Due to perfomance reasons, only the initial IV on system startup is randomized, all following IVs are generated by incrementing the previous ones.
The crypted seppl header consists of three saved fields of the original IP header (protocol number, fragment offset, total length) and a byte which is always 0 for detecting unmatching keys.
The payload is the original IP-playload, from the TCP/UDP/other header to the end.
Version restrictions:
- seppl interferes with netfilters connection tracking in some way. Thus you will not be able to use NAT in conjunction with seppl. If you use connection tracking in some other way together with seppl your mileage may vary.
- seppl is tested with Linux 2.6.1. Use version 0.3 for Linux 2.4.

Serial Over IP is a tool for the transport of serial interfaces over UDP/IP. It is very usefull for connecting distant equipment that run via a serial interfaces to a local computer.


One linux will be server and one will be client. On the server you can start the program typing the following command:

bash# serialoverip -d /dev/ttyS0 9600-8n1 -s 127.0.0.1 3000

... and on the client:

bash# serialoverip -c 127.0.0.1 3000 -d /dev/ttyS1 9600-8n1

In both commands the IP address is the server IP. Note that you have to start the server first, and it will be efectively be running only after the first packet received from the client.

NetAddr::IP is a Perl module that can manage IPv4 and IPv6 addresses and subnets.

SYNOPSIS

use NetAddr::IP qw(
Compact
Coalesce
Zero
Ones
V4mask
V4net
:aton
:old_storable
:old_nth
);

my $ip = new NetAddr::IP loopback;

print "The address is ", $ip->addr, " with mask ", $ip->mask, "n" ;

if ($ip->within(new NetAddr::IP "127.0.0.0", "255.0.0.0")) {
print "Is a loopback addressn";
}

# This prints 127.0.0.1/32
print "You can also say $ip...n";
* The following four functions return ipV6 representations of:
:: = Zeros();
FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF: = Ones();
FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:: = V4mask();
::FFFF:FFFF = V4net();
* To accept addresses in the format as returned by inet_aton, invoke the module as:
use NetAddr::IP qw(:aton);
* To enable usage of legacy data files containing NetAddr::IP objects stored using the Storable module.
use NetAddr::IP qw(:old_storable);
* To compact many smaller subnets (see: $me->compact($addr1, $addr2,...)
@compacted_object_list = Compact(@object_list)
* Return a reference to list of NetAddr::IP subnets of $masklen mask length, when $number or more addresses from @list_of_subnets are found to be contained in said subnet.
$arrayref = Coalesce($masklen, $number, @list_of_subnets)