Reorganized arguments.

Added common arguments to anti-nat.

tiny-dhcp-server.py

@@ -24,36 +24,37 @@
 import netifaces # from port net/py-netifaces
 import tiny_utils as tu
 
-socket_IP_RECVIF=20 # missing in python3.4
+# missing constants
+socket_IP_RECVIF=20
 
 ##
 ## Command line arguments and usage
 ##
 
+arg_daemonize=False
 arg_log_file=None
 arg_pid_file=None
-arg_daemonize=False
 arg_unprivileged=False
 arg_unprivileged_ug=None
 
 def usage():
- print('%s {-l <log-file>} {-p <pid-file>} {-d} {-U usr:grp|-u} iface1 {iface2 {...}}' % (sys.argv[0]))
+ print('%s -d {-l <log-file>} {-p <pid-file>} {-U usr:grp|-u} iface1 {iface2 {...}}' % (sys.argv[0]))
  sys.exit(2)
 
 try:
- opts, args = getopt.getopt(sys.argv[1:], "l:p:duU:",["log=","pid=","daemonize","unprivileged","unprivileged2="])
+ opts, args = getopt.getopt(sys.argv[1:], "dl:p:uU:",["daemonize","log=","pid=","unprivileged","unprivileged2="])
 except getopt.GetoptError:
  usage()
 for opt,arg in opts:
- if opt in ("-l", "--log"):
- arg_log_file = arg
- if opt in ("-p", "--pid"):
- arg_pid_file = arg
  if opt in ("-d", "--daemonize"):
  arg_daemonize = True
- if opt in ("-u", "--unprivileged"):
+ elif opt in ("-l", "--log"):
+ arg_log_file = arg
+ elif opt in ("-p", "--pid"):
+ arg_pid_file = arg
+ elif opt in ("-u", "--unprivileged"):
  arg_unprivileged = True
- if opt in ("-U", "--unprivileged2"):
+ elif opt in ("-U", "--unprivileged2"):
  arg_unprivileged = True
  arg_unprivileged_ug = arg.split(':')
 
@@ -141,19 +142,8 @@ def log_discard(what):
 sock.setsockopt(socket.IPPROTO_IP, socket_IP_RECVIF, 1)
 sock.bind(('0.0.0.0', 67))
 
-## daemonize and write pid file
-if arg_daemonize:
- tu.do_daemonize(arg_pid_file)
-elif arg_pid_file is not None:
- tu.write_pid_file(arg_pid_file)
- atexit.register(os.remove, arg_pid_file)
-
-## lose privileges if requested
-if arg_unprivileged:
- if arg_unprivileged_ug is None:
- tu.drop_privileges([logfile(),arg_pid_file])
- else:
- tu.drop_privileges3(arg_unprivileged_ug[0], arg_unprivileged_ug[1], [logfile(),arg_pid_file])
+## daemonize, write pid file, lose privileges
+tu.process_common_args(arg_daemonize, arg_pid_file, arg_unprivileged, arg_unprivileged_ug, logfile())
 
 ## read/reply loop
 

tiny-udp-anti-nat.py

@@ -20,7 +20,8 @@
 import sys, getopt
 import socket
 import struct
-import net_checksums
+import net_checksums as nc
+import tiny_utils as tu
 
 # missing constants
 socket_IPPROTO_DIVERT=258
@@ -30,38 +31,55 @@
 ## Command line arguments and usage
 ##
 
-arg_clnt_divert_ip = "1.1.1.1"
-arg_clnt_divert_port = 0
 do_ip = False
 do_port = False
+
+arg_daemonize=False
+arg_log_file=None
+arg_pid_file=None
+arg_unprivileged=False
+arg_unprivileged_ug=None
+arg_clnt_divert_ip = "1.1.1.1"
+arg_clnt_divert_port = 0
 arg_ip_old = None
 arg_ip_new = None
 arg_port_old = 0
 arg_port_new = 0
 
 def usage():
- print('%s -d <divert-port> -i <old-dst-ip>:<new-dst-ip> -p <old-dst-port>:<new-dst-port>' % (sys.argv[0]))
+ print('%s -d {-l <log-file>} {-p <pid-file>} {-U usr:grp|-u} -D <divert-port> -I <old-dst-ip>:<new-dst-ip> -P <old-dst-port>:<new-dst-port>' % (sys.argv[0]))
  sys.exit(2)
 
 def ip_str_to_bytes(ip):
  #return bytes([hex(int(x)) for x in ip.split('.')])
  return bytes([int(x) for x in ip.split('.')])
 
 try:
- opts, args = getopt.getopt(sys.argv[1:], "d:i:p:",["divert=", "ip=","port="])
+ opts, args = getopt.getopt(sys.argv[1:], "dl:p:uU:D:I:P:",["daemonize","log=","pid=","unprivileged","unprivileged2=","divert=", "ip=","port="])
 except getopt.GetoptError:
  usage()
 for opt,arg in opts:
- if opt in ("-d", "--divert"):
+ if opt in ("-d", "--daemonize"):
+ arg_daemonize = True
+ elif opt in ("-l", "--log"):
+ arg_log_file = arg
+ elif opt in ("-p", "--pid"):
+ arg_pid_file = arg
+ elif opt in ("-u", "--unprivileged"):
+ arg_unprivileged = True
+ elif opt in ("-U", "--unprivileged2"):
+ arg_unprivileged = True
+ arg_unprivileged_ug = arg.split(':')
+ elif opt in ("-D", "--divert"):
  arg_clnt_divert_port = int(arg)
- elif opt in ("-i", "--ip"):
+ elif opt in ("-I", "--ip"):
  ip_spec = arg.split(':')
  if do_ip or len(ip_spec) != 2:
  usage()
  arg_ip_old = ip_str_to_bytes(ip_spec[0])
  arg_ip_new = ip_str_to_bytes(ip_spec[1])
  do_ip = True
- elif opt in ("-p", "--port"):
+ elif opt in ("-P", "--port"):
  port_spec = arg.split(':')
  if do_port or len(port_spec) != 2:
  usage()
@@ -75,6 +93,9 @@ def ip_str_to_bytes(ip):
 ## procedures
 ##
 
+def logfile():
+ return arg_log_file if arg_log_file is not None else '/var/log/tiny-udp-anti-nat.log'
+
 def unpack_ip(pkt, off):
  return pkt[off:off+4]
 
@@ -140,8 +161,12 @@ def update_rev(pkt):
 ## MAIN cycle
 ##
 
+## create socket
 sock = create_sock_divert(arg_clnt_divert_ip, arg_clnt_divert_port)
 
+## daemonize, write pid file, lose privileges
+tu.process_common_args(arg_daemonize, arg_pid_file, arg_unprivileged, arg_unprivileged_ug, logfile())
+
 # main event loop
 while True:
  (pkt, addr) = sock.recvfrom(64000, 1024)
@@ -158,7 +183,7 @@ def update_rev(pkt):
  print('unknown packet received: %s:%d -> %s:%d' % (unpack_ip_src(pkt), unpack_port_src(pkt), unpack_ip_dst(pkt), unpack_port_dst(pkt)))
  print('... dst-ip-old=%s' % (arg_ip_old))
  # recompute checksum
- net_checksums.checksum_calc_udp_packet(pkt)
+ nc.checksum_calc_udp_packet(pkt)
  # send further
  sock.sendto(pkt, addr)
 

tiny_utils.py

@@ -78,3 +78,19 @@ def handle_signals(log):
  signal.signal(signal.SIGALRM, bound_exit_gracefully)
  signal.signal(signal.SIGHUP, signal.SIG_IGN)
 
+# common argument processing to avoid code repeat
+def process_common_args(arg_daemonize, arg_pid_file, arg_unprivileged, arg_unprivileged_ug, log_file):
+ # daemonize and write pid file
+ if arg_daemonize:
+ do_daemonize(arg_pid_file)
+ elif arg_pid_file is not None:
+ write_pid_file(arg_pid_file)
+ atexit.register(os.remove, arg_pid_file)
+
+ # lose privileges if requested
+ if arg_unprivileged:
+ if arg_unprivileged_ug is None:
+ drop_privileges([log_file,arg_pid_file])
+ else:
+ drop_privileges3(arg_unprivileged_ug[0], arg_unprivileged_ug[1], [log_file,arg_pid_file])
+