During discussion of https://github.com/ooni/minivpn/pull/35 we considered the constrains that led to having two different parsing implementations. The gist of it was:
switch p.Raw {
case false:
pkt = p.parseEchoReplyFromICMP(recv.bytes, from)
case true:
pkt = p.parseEchoReplyFromIP(recv.bytes)
}
The reason is that in minivpn's client we're writing raw IP packets, while in the case of wireguard we're using a ICMP Dialer that does not allow us to parse the IP packet. We decided to unify the design and let gvisor handle the icmp packets in both cases, but to merge this PR and defer the refactor.
With @bassosimone we also decided to make the needed modifications to intercept the incoming packets in gvisor's netstack, so that we can track the TTL value for the incoming replies (as that seems to be the main advantage of parsing the IP packets in the case of the pinger usage for minivpn).
See also #40, since this refactor can probably be made while splitting the package into its own repo & reusable module.
During discussion of https://github.com/ooni/minivpn/pull/35 we considered the constrains that led to having two different parsing implementations. The gist of it was:
The reason is that in minivpn's client we're writing raw IP packets, while in the case of wireguard we're using a ICMP Dialer that does not allow us to parse the IP packet. We decided to unify the design and let gvisor handle the icmp packets in both cases, but to merge this PR and defer the refactor.
With @bassosimone we also decided to make the needed modifications to intercept the incoming packets in gvisor's netstack, so that we can track the TTL value for the incoming replies (as that seems to be the main advantage of parsing the IP packets in the case of the pinger usage for minivpn).
See also #40, since this refactor can probably be made while splitting the package into its own repo & reusable module.