socat: How to create a bidirectional IP tunnel through UDP

3.2k views Asked by At

I would like to solve the following problem: Assume I have two computers, A and B.

Machine A takes all IP packets from an interface (I assume a "tun" interface"), sends it to a Java process (which may modify the data), and which sends it to machine B using UDP. On machine B, the content is extracted again and sent to an interface.

For example, on machine A, I would type a ping B command, the ping request would then be received the the Java process (inclusive IP headers), sent to machine B using UDP, sent to an interface, which would then send the reply back through the same tunnel. I can't just only use socat, because I want to do something with the data in the Java process.

What I tried is (assume on machine A):

socat -u tun:123.123.123.123/24,iff-up,iff-no-pi udp:localhost:1234 &
socat -u udp-listen:1236 interface:tun0 &

All traffic (e.g. the ping request) is sent to a local UDP socket on port 1234. My Java process receives from that port, sends it to machine B, and on the machine to the local port 1236. It seems that the tun0 interface correctly receives the ping. The problem is the packet loops between the two machines, presumably because the second socat command sends the packet to tun0, and then the first command in turn will send the packet back to Java etc.

Do you have any idea how to tunnel IP in UDP over Java without this problem?

0

There are 0 answers