-int tap_fd = -1;
-
-int total_tap_in = 0;
-int total_tap_out = 0;
-int total_socket_in = 0;
-int total_socket_out = 0;
-
-int upstreamindex = 0;
-static int seconds_till_retry;
-
-/* The global list of existing connections */
-conn_list_t *conn_list = NULL;
-conn_list_t *myself = NULL;
-
-/*
- strip off the MAC adresses of an ethernet frame
-*/
-void strip_mac_addresses(vpn_packet_t *p)
-{
- unsigned char tmp[MAXSIZE];
-cp
- memcpy(tmp, p->data, p->len);
- p->len -= 12;
- memcpy(p->data, &tmp[12], p->len);
-cp
-}
-
-/*
- reassemble MAC addresses
-*/
-void add_mac_addresses(vpn_packet_t *p)
-{
- unsigned char tmp[MAXSIZE];
-cp
- memcpy(&tmp[12], p->data, p->len);
- p->len += 12;
- tmp[0] = tmp[6] = 0xfe;
- tmp[1] = tmp[7] = 0xfd;
- *((ip_t*)(&tmp[2])) = (ip_t)(htonl(myself->vpn_ip));
- *((ip_t*)(&tmp[8])) = *((ip_t*)(&tmp[26]));
- memcpy(p->data, &tmp[0], p->len);
-cp
-}
-
-int xsend(conn_list_t *cl, void *packet)
-{
- real_packet_t rp;
-cp
- do_encrypt((vpn_packet_t*)packet, &rp, cl->key);
- rp.from = htonl(myself->vpn_ip);
- rp.data.len = htons(rp.data.len);
- rp.len = htons(rp.len);
-
- if(debug_lvl > 3)
- syslog(LOG_ERR, _("Sending packet of %d bytes to %s (%s)"),
- ntohs(rp.len), cl->vpn_hostname, cl->real_hostname);
-
- total_socket_out += ntohs(rp.len);
-
- cl->want_ping = 1;
-
- if((cl->flags | myself->flags) & TCPONLY)
- return send_tcppacket(cl, (void*)&rp, ntohs(rp.len));
-
- if((send(cl->socket, (char*)&rp, ntohs(rp.len), 0)) < 0)
- {
- syslog(LOG_ERR, _("Error sending packet to %s (%s): %m"),
- cl->vpn_hostname, cl->real_hostname);
- return -1;
- }
-cp
- return 0;
-}
-
-int xrecv(conn_list_t *cl, void *packet)
-{
- vpn_packet_t vp;
- int lenin;
-cp
- do_decrypt((real_packet_t*)packet, &vp, cl->key);
- add_mac_addresses(&vp);
-
- if(debug_lvl > 3)
- syslog(LOG_ERR, _("Receiving packet of %d bytes from %s (%s)"),
- ((real_packet_t*)packet)->len, cl->vpn_hostname, cl->real_hostname);
-
- if((lenin = write(tap_fd, &vp, vp.len + sizeof(vp.len))) < 0)
- syslog(LOG_ERR, _("Can't write to tap device: %m"));
- else
- total_tap_out += lenin;
-
- cl->want_ping = 0;
- cl->last_ping_time = time(NULL);
-cp
- return 0;
-}
-
-int tcprecv(conn_list_t *cl, real_packet_t *rp)
-{
- vpn_packet_t vp;
- int lenin;
- conn_list_t *f;
-cp
- rp->data.len = ntohs(rp->data.len);
- rp->len = ntohs(rp->len);
- rp->from = ntohl(rp->from);
-
- total_socket_in += rp->len;
-
- if(rp->len >= 0)
- {
- f = lookup_conn(rp->from);
- if(!f)
- {
- syslog(LOG_ERR, _("Got packet from %s (%s) with unknown origin %d.%d.%d.%d?"),
- cl->vpn_hostname, cl->real_hostname, IP_ADDR_V(rp->from));
- return -1;
- }
-
- if(f->status.validkey)
- {
- do_decrypt(rp, &vp, cl->key);
- add_mac_addresses(&vp);
-
- if(debug_lvl > 3)
- syslog(LOG_ERR, _("Receiving packet of %d bytes from %s (%s)"),
- rp->len, cl->vpn_hostname, cl->real_hostname);
-
- if((lenin = write(tap_fd, &vp, vp.len + sizeof(vp.len))) < 0)
- syslog(LOG_ERR, _("Can't write to tap device: %m"));
- else
- total_tap_out += lenin;
- }
- else
- {
- add_queue(&(cl->sq), rp, rp->len + 2);
- if(!cl->status.waitingforkey)
- send_key_request(rp->from);
- }
-
- if(my_key_expiry <= time(NULL))
- regenerate_keys();
- }
-
- cl->want_ping = 0;
- cl->last_ping_time = time(NULL);
-cp
- return 0;
-}