add IPv6 support

[Masaq-]

Server accepts both ICMP and ICMPv6.

Client sends ICMP or ICMPv6 echo as appropriate for IPv4 or IPv6 server address.

[Masaq-]

Tested behind a firewall that allows one echo reply per request and where ICMP is blocked but ICMPv6 is allowed. Maintained a connection while answering a continuous ICMPv6 ping of maximum payload outside the tunnel while answering a continuous ICMP ping of maximum payload inside the tunnel.

[Masaq-]

Autonegotiation of client id allows multiple clients behind different kinds of NAT to use the same server simultaneously. The server initially reserves two connections for each client, and each client is challenged twice, once by echo id and once by sequence number. One challenge response succeeds and a connection is established, and the other challenge expires. This way the server determines whether the echo id or the sequence number is invariant for each client separately.

Since the -Q -I server options can be used together there are four possible settings:

(default) Identify clients by ip only. -I Identify clients by ip + echo id. -Q Identify clients by ip + sequence number. -QI Identify clients by ip + automatic (echo id or sequence number).

Naturally the -q -i client options effect a flood ping when corresponding -Q -I server options are set. The significance is debatable when flooding a server with connection requests from IPv6 source addresses is trivial.

[friedrich]

Hello Masaq! Thank you for your contribution. Could you sqash the commits together into logical units? Right now the commits are difficult to review since code is added and then changed again.

[Masaq-]

OK, squashed 19 commits into 6 commits.

[friedrich]

Thanks for bringing my attention back to hans.

Your code is a good source of inspiration. When looking at your first commit, I saw that you fixed a nasty bug in the client list. There are some things that I would like to implement slightly differently. I will come back to your pull request as a reference in the near future.

[Masaq-]

Yes hans 1.0 was crashing when clients expired.

My hans server has been running continuously since 28 March and I use it daily so the code seems to be stable. I made some horrible mistakes when I was in a hurry to write something which I could use immediately but I think I have debugged it thoroughly.

Even though ICMP does not technically have port numbers I am actually glad there is sufficient information in an ICMP header to identify multiple clients behind NAT while still maintaining protocol compatibility with hans 1.0 clients. IPv6 adds another 20 bytes of overhead and the hans tunnel header is large enough as it is already.