extern/sshuttle
1
1
Fork 0
mirror of https://github.com/sshuttle/sshuttle.git synced 2025-08-10 16:17:38 +02:00
Code Issues Packages Projects Releases Wiki Activity

rename hacks to scripts

Browse Source
This commit is contained in:
nom3ad
2024-01-07 16:21:27 +05:30
committed by Brian May
parent 32fceefa76
commit de8a19ce69
9 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
scripts/Containerfile Normal file
View File

@ -0,0 +1,15 @@
FROM docker.io/linuxserver/openssh-server:latest
# https://hub.docker.com/r/linuxserver/openssh-server/
RUN apk add --no-cache bash python3 nginx iperf3
# suppress linuxserver.io logo printing
RUN sed -i '1 a exec &>/dev/null' /etc/s6-overlay/s6-rc.d/init-adduser/run
ENV PUID=1000
ENV PGID=1000
ENV PASSWORD_ACCESS=true
ENV USER_NAME=test
ENV USER_PASSWORD=test
ENV LOG_STDOUT=true
COPY ./setup.service /etc/services.d/setup.service/run

13
scripts/README.md Normal file
View File

@ -0,0 +1,13 @@
# Container based test bed for sshuttle
```bash
test-bed up -d # start containers
exec-sshuttle <node> [--copy-id] [--sshuttle-bin=/path/to/sshuttle] [sshuttle-args...]
exec-sshuttle node-1 # start sshuttle to connect to node-1
exec-tool curl node-1 # curl to nginx instance running on node1 via IP that is only reachable via sshuttle
exec-tool iperf3 node-1 # measure throughput to node-1
```

34
scripts/compose.yml Normal file
View File

@ -0,0 +1,34 @@
name: sshuttle-testbed
services:
node-1:
image: ghcr.io/sshuttle/sshuttle-testbed
container_name: sshuttle-testbed-node-1
hostname: node-1
cap_add:
- "NET_ADMIN"
environment:
- ADD_IP_ADDRESSES=10.55.1.77/24
networks:
default:
ipv6_address: 2001:0DB8::551
node-2:
image: ghcr.io/sshuttle/sshuttle-testbed
container_name: sshuttle-testbed-node-2
hostname: node-2
cap_add:
- "NET_ADMIN"
environment:
- ADD_IP_ADDRESSES=10.55.2.77/32
networks:
default:
ipv6_address: 2001:0DB8::552
networks:
default:
driver: bridge
enable_ipv6: true
ipam:
config:
- subnet: 2001:0DB8::/112
# internal: true

84
scripts/exec-sshuttle Executable file
View File

@ -0,0 +1,84 @@
#!/usr/bin/env bash
set -e
function with_set_x() {
set -x
"$@"
{
ec=$?
set +x
return $ec
} 2>/dev/null
}
ssh_cmd='ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null'
args=()
while [[ $# -gt 0 ]]; do
arg=$1
shift
case "$arg" in
-v)
ssh_cmd+='-v'
;;
--copy-id)
ssh_copy_id=true
continue
;;
-6)
ipv6_only=true
continue
;;
--sshuttle-bin=*)
sshuttle_bin="${arg#*=}"
continue
;;
-*) ;;
*)
if [[ -z "$node" ]]; then
node=$arg
continue
fi
;;
esac
args+=("$arg")
done
port="2222"
user="test:test"
if [[ $node == node-* ]]; then
host=$("$(dirname "$0")/test-bed" get-ip "$node")
index=${node#node-}
if [[ $ipv6_only == true ]]; then
args+=("2001:0DB8::/112")
else
args+=("10.55.$index.0/24")
fi
else
host=$node
fi
if [[ "${args[$((${#args[@]} - 1))]}" != *.* && "${args[$((${#args[@]} - 1))]}" != *:* ]]; then
echo "No subnet specified. Using -N" >&2
args+=('-N')
fi
if ! command -v sshpass >/dev/null; then
echo "sshpass is not found. You might have to manually enter ssh password: 'test'" >&2
user=${user%:*}
fi
if [[ $ssh_copy_id == true ]]; then
echo "Trying to make it passwordless" >&2
with_set_x ssh-copy-id -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -p "$port" "$user@$host"
fi
if [[ -z $sshuttle_bin || "$sshuttle_bin" == dev ]]; then
cd "$(dirname "$0")/.."
export PYTHONPATH="."
sshuttle_bin="./run"
fi
set -x
$sshuttle_bin --version
exec "${sshuttle_bin}" -r "$user@$host:$port" --ssh-cmd "$ssh_cmd" "${args[@]}"

80
scripts/exec-tool Executable file
View File

@ -0,0 +1,80 @@
#!/usr/bin/env bash
set -e
args=()
while [[ $# -gt 0 ]]; do
arg=$1
shift
case "$arg" in
-6)
ipv6_only=true
continue
;;
-*) ;;
*)
if [[ -z $tool ]]; then
tool=$arg
continue
elif [[ -z $node ]]; then
node=$arg
continue
fi
;;
esac
args+=("$arg")
done
tool=${tool?:"tool argument missing. should be one of iperf3,ping,curl,ab"}
node=${node?:"node argument missing. should be 'node-1' , 'node-2' etc"}
if [[ $node == node-* ]]; then
index=${node#node-}
if [[ $ipv6_only == true ]]; then
host="2001:0DB8::55$index"
else
host="10.55.$index.77"
fi
else
host=$node
fi
connect_timeout_sec=3
function with_set_x() {
set -x
"$@"
{
ec=$?
set +x
return $ec
} 2>/dev/null
}
case "$tool" in
ping)
with_set_x exec ping -W $connect_timeout_sec "${args[@]}" "$host"
;;
iperf3)
port=5001
with_set_x exec iperf3 --client "$host" --port=$port --connect-timeout=$((connect_timeout_sec * 1000)) "${args[@]}"
;;
curl)
port=8080
if [[ $host = *:* ]]; then
host="[$host]"
args+=(--ipv6)
fi
with_set_x exec curl "http://$host:$port/" -v --connect-timeout $connect_timeout_sec "${args[@]}"
;;
ab)
port=8080
if [[ " ${args[*]}" != *" -n "* && " ${args[*]}" != *" -c "* ]]; then
args+=(-n 500 -c 50 "${args[@]}")
fi
with_set_x exec ab -s $connect_timeout_sec "${args[@]}" "http://$host:$port/"
;;
*)
echo "Unknown tool: $tool" >&2
exit 2
;;
esac

36
scripts/run-benchmark Executable file
View File

@ -0,0 +1,36 @@
#!/usr/bin/env bash
set -e
cd "$(dirname "$0")"
function with_set_x() {
set -x
"$@"
{
ec=$?
set +x
return $ec
} 2>/dev/null
}
./test-bed up -d
benchmark() {
local sshuttle_bin="${1?:}"
local node="${2:-"node-1"}"
echo -e "\n======== Benchmarking sshuttle: $sshuttle_bin ========"
with_set_x ./exec-sshuttle "$node" --sshuttle-bin="$sshuttle_bin" --listen 55771 &
sshuttle_pid=$!
trap 'kill -0 $sshuttle_pid &>/dev/null && kill -15 $sshuttle_pid' EXIT
while ! nc -z localhost 55771; do sleep 0.1; done
sleep 1
./exec-tool iperf3 "$node" --time=4
with_set_x kill -15 $sshuttle_pid
wait $sshuttle_pid || true
}
if [[ "$1" ]]; then
benchmark "$1"
else
benchmark "${SSHUTTLE_BIN:-sshuttle}" node-1
benchmark dev node-1
fi

9
scripts/run-checks Executable file
View File

@ -0,0 +1,9 @@
#!/usr/bin/env bash
set -e
cd "$(dirname "$0")/.."
export PYTHONPATH=.
set -x
python -m flake8 sshuttle tests
python -m pytest .

56
scripts/setup.service Executable file
View File

@ -0,0 +1,56 @@
#!/usr/bin/with-contenv bash
# shellcheck shell=bash
set -e
echo -e ">>> Setting up $(hostname) | id: $(id) | $(python --version) \nip: $(ip a)\n route: $(ip r)"
function with_set_x() {
set -x
"$@"
{
ec=$?
set +x
return $ec
} 2>/dev/null
}
iface="$(ip route | awk '/default/ { print $5 }')"
default_gw="$(ip route | awk '/default/ { print $3 }')"
for addr in ${ADD_IP_ADDRESSES//,/ }; do
echo ">>> Adding $addr to interface $iface"
net_addr=$(ipcalc -n "$addr" | awk -F= '{print $2}')
with_set_x ip addr add "$addr" dev "$iface"
with_set_x ip route add "$net_addr" via "$default_gw" dev "$iface" # so that sshuttle -N can discover routes
done
echo ">>> Starting iperf3 server"
iperf3 --server --port 5001 &
mkdir -p /www
echo -e "<h5>Hello from $(hostname)</h5>
<pre>
<u>ip address</u>
$(ip address)
<u>ip route</u>
$(ip route)
</pre>" >/www/index.html
echo "
daemon off;
worker_processes 1;
error_log /dev/stdout info;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
server {
access_log /dev/stdout;
listen 8080 default_server;
listen [::]:8080 default_server;
root /www;
}
}" >/etc/nginx/nginx.conf
echo ">>> Starting nginx"
exec nginx

42
scripts/test-bed Executable file
View File

@ -0,0 +1,42 @@
#!/usr/bin/env bash
set -e
cd "$(dirname "$0")"
if [[ -z $1 || $1 = -* ]]; then
set -- up "$@"
fi
function with_set_x() {
set -x
"$@"
{
ec=$?
set +x
return $ec
} 2>/dev/null
}
function build() {
# podman build -t ghcr.io/sshuttle/sshuttle-testbed .
with_set_x docker build -t ghcr.io/sshuttle/sshuttle-testbed -f Containerfile .
}
function compose() {
# podman-compose "$@"
with_set_x docker compose "$@"
}
function get-ip() {
local container_name=sshuttle-testbed-"$1"
docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' "$container_name"
}
if [[ $1 == get-ip ]]; then
shift
get-ip "$@"
else
if [[ $* = *--build* ]]; then
build
fi
compose "$@"
fi