Make the UDP ports charon listens for packets on (and uses as source ports) configurable.
authorTobias Brunner <tobias@strongswan.org>
Mon, 13 Feb 2012 17:04:04 +0000 (18:04 +0100)
committerTobias Brunner <tobias@strongswan.org>
Wed, 8 Aug 2012 13:07:43 +0000 (15:07 +0200)
18 files changed:
configure.in
src/charon-nm/nm/nm_service.c
src/libcharon/daemon.h
src/libcharon/plugins/android/android_service.c
src/libcharon/plugins/ha/ha_tunnel.c
src/libcharon/plugins/load_tester/load_tester_config.c
src/libcharon/plugins/maemo/maemo_service.c
src/libcharon/plugins/medcli/medcli_config.c
src/libcharon/plugins/medsrv/medsrv_config.c
src/libcharon/plugins/socket_default/socket_default_socket.c
src/libcharon/plugins/socket_raw/socket_raw_socket.c
src/libcharon/plugins/sql/sql_config.c
src/libcharon/plugins/stroke/stroke_config.c
src/libcharon/plugins/uci/uci_config.c
src/libcharon/processing/jobs/migrate_job.c
src/libcharon/sa/ike_sa.c
src/libcharon/sa/ikev1/tasks/informational.c
src/libcharon/sa/ikev2/tasks/ike_mobike.c

index c5fd1d3..0c288f8 100644 (file)
@@ -71,6 +71,29 @@ AC_ARG_WITH(
        [AC_SUBST(ipsecgroup, "root")]
 )
 
+AC_ARG_WITH(
+       [charon-udp-port],
+       AS_HELP_STRING([--with-charon-udp-port=port],[UDP port used by charon locally (default 500).]),
+       [AC_DEFINE_UNQUOTED(CHARON_UDP_PORT, [$withval], [UDP port used by charon locally])
+        AC_SUBST(charon_udp_port, [$withval])],
+       [AC_SUBST(charon_udp_port, 500)]
+)
+
+AC_ARG_WITH(
+       [charon-natt-port],
+       AS_HELP_STRING([--with-charon-natt-port=port],[UDP port used by charon locally in case a NAT is detected (must be different from charon-udp-port, default 4500)]),
+       [AC_DEFINE_UNQUOTED(CHARON_NATT_PORT, [$withval], [UDP post used by charon locally in case a NAT is detected])
+        AC_SUBST(charon_natt_port, [$withval])],
+       [AC_SUBST(charon_natt_port, 4500)]
+)
+
+AC_MSG_CHECKING([configured UDP ports ($charon_udp_port, $charon_natt_port)])
+if test x$charon_udp_port == x$charon_natt_port; then
+       AC_MSG_ERROR(the ports have to be different)
+else
+       AC_MSG_RESULT(ok)
+fi
+
 # convert script name to uppercase
 AC_SUBST(ipsec_script_upper, [`echo -n "$ipsec_script" | tr a-z A-Z`])
 
index 86d293d..affe281 100644 (file)
@@ -497,7 +497,7 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection,
        /**
         * Set up configurations
         */
-       ike_cfg = ike_cfg_create(TRUE, encap, "0.0.0.0", FALSE, IKEV2_UDP_PORT,
+       ike_cfg = ike_cfg_create(TRUE, encap, "0.0.0.0", FALSE, CHARON_UDP_PORT,
                                                        (char*)address, FALSE, IKEV2_UDP_PORT);
        ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
        peer_cfg = peer_cfg_create(priv->name, IKEV2, ike_cfg,
index f42a9f0..b67de77 100644 (file)
@@ -178,16 +178,31 @@ typedef struct daemon_t daemon_t;
 #define DEFAULT_THREADS 16
 
 /**
- * UDP Port on which the daemon will listen for incoming traffic.
+ * Primary UDP port used by IKE.
  */
 #define IKEV2_UDP_PORT 500
 
 /**
- * UDP Port to which the daemon will float to if NAT is detected.
+ * UDP port defined for use in case a NAT is detected.
  */
 #define IKEV2_NATT_PORT 4500
 
 /**
+ * UDP port on which the daemon will listen for incoming traffic (also used as
+ * source port for outgoing traffic).
+ */
+#ifndef CHARON_UDP_PORT
+#define CHARON_UDP_PORT IKEV2_UDP_PORT
+#endif
+
+/**
+ * UDP port used by the daemon in case a NAT is detected.
+ */
+#ifndef CHARON_NATT_PORT
+#define CHARON_NATT_PORT IKEV2_NATT_PORT
+#endif
+
+/**
  * Main class of daemon, contains some globals.
  */
 struct daemon_t {
index 6ca7407..c5553f2 100644 (file)
@@ -264,7 +264,7 @@ static job_requeue_t initiate(private_android_service_t *this)
                this->creds->set_username_password(this->creds, user, password);
        }
 
-       ike_cfg = ike_cfg_create(TRUE, FALSE, "0.0.0.0", FALSE, IKEV2_UDP_PORT,
+       ike_cfg = ike_cfg_create(TRUE, FALSE, "0.0.0.0", FALSE, CHARON_UDP_PORT,
                                                         hostname, FALSE, IKEV2_UDP_PORT);
        ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
 
index d1edb3e..200733c 100644 (file)
@@ -203,7 +203,7 @@ static void setup_tunnel(private_ha_tunnel_t *this,
        lib->credmgr->add_set(lib->credmgr, &this->creds.public);
 
        /* create config and backend */
-       ike_cfg = ike_cfg_create(FALSE, FALSE, local, FALSE, IKEV2_UDP_PORT,
+       ike_cfg = ike_cfg_create(FALSE, FALSE, local, FALSE, CHARON_UDP_PORT,
                                                         remote, FALSE, IKEV2_UDP_PORT);
        ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
        peer_cfg = peer_cfg_create("ha", IKEV2, ike_cfg, CERT_NEVER_SEND,
index d041d4c..2e02fb5 100644 (file)
@@ -257,7 +257,7 @@ static peer_cfg_t* generate_config(private_load_tester_config_t *this, uint num)
        else
        {
                ike_cfg = ike_cfg_create(FALSE, FALSE,
-                                                                this->local, FALSE, IKEV2_UDP_PORT,
+                                                                this->local, FALSE, CHARON_UDP_PORT,
                                                                 this->remote, FALSE, IKEV2_UDP_PORT);
        }
        ike_cfg->add_proposal(ike_cfg, this->proposal->clone(this->proposal));
index b5f50f1..9f1f169 100644 (file)
@@ -323,7 +323,7 @@ static gboolean initiate_connection(private_maemo_service_t *this,
                                                                NULL);
        }
 
-       ike_cfg = ike_cfg_create(TRUE, FALSE, "0.0.0.0", FALSE, IKEV2_UDP_PORT,
+       ike_cfg = ike_cfg_create(TRUE, FALSE, "0.0.0.0", FALSE, CHARON_UDP_PORT,
                                                         hostname, FALSE, IKEV2_UDP_PORT);
        ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
 
index 15d4ffa..6b28f75 100644 (file)
@@ -119,7 +119,7 @@ METHOD(backend_t, get_peer_cfg_by_name, peer_cfg_t*,
                return NULL;
        }
        ike_cfg = ike_cfg_create(FALSE, FALSE,
-                                                        "0.0.0.0", FALSE, IKEV2_UDP_PORT,
+                                                        "0.0.0.0", FALSE, CHARON_UDP_PORT,
                                                         address, FALSE, IKEV2_UDP_PORT);
        ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
        med_cfg = peer_cfg_create(
@@ -396,7 +396,7 @@ medcli_config_t *medcli_config_create(database_t *db)
                .rekey = lib->settings->get_time(lib->settings, "medcli.rekey", 1200),
                .dpd = lib->settings->get_time(lib->settings, "medcli.dpd", 300),
                .ike = ike_cfg_create(FALSE, FALSE,
-                                                         "0.0.0.0", FALSE, IKEV2_UDP_PORT,
+                                                         "0.0.0.0", FALSE, CHARON_UDP_PORT,
                                                          "0.0.0.0", FALSE, IKEV2_UDP_PORT),
        );
        this->ike->add_proposal(this->ike, proposal_create_default(PROTO_IKE));
index ef3b044..b19847b 100644 (file)
@@ -141,7 +141,7 @@ medsrv_config_t *medsrv_config_create(database_t *db)
                .rekey = lib->settings->get_time(lib->settings, "medsrv.rekey", 1200),
                .dpd = lib->settings->get_time(lib->settings, "medsrv.dpd", 300),
                .ike = ike_cfg_create(FALSE, FALSE,
-                                                         "0.0.0.0", FALSE, IKEV2_UDP_PORT,
+                                                         "0.0.0.0", FALSE, CHARON_UDP_PORT,
                                                          "0.0.0.0", FALSE, IKEV2_UDP_PORT),
        );
        this->ike->add_proposal(this->ike, proposal_create_default(PROTO_IKE));
index d1c5626..0df040e 100644 (file)
@@ -171,22 +171,22 @@ METHOD(socket_t, receiver, status_t,
 
        if (FD_ISSET(this->ipv4, &rfds))
        {
-               port = IKEV2_UDP_PORT;
+               port = CHARON_UDP_PORT;
                selected = this->ipv4;
        }
        if (FD_ISSET(this->ipv4_natt, &rfds))
        {
-               port = IKEV2_NATT_PORT;
+               port = CHARON_NATT_PORT;
                selected = this->ipv4_natt;
        }
        if (FD_ISSET(this->ipv6, &rfds))
        {
-               port = IKEV2_UDP_PORT;
+               port = CHARON_UDP_PORT;
                selected = this->ipv6;
        }
        if (FD_ISSET(this->ipv6_natt, &rfds))
        {
-               port = IKEV2_NATT_PORT;
+               port = CHARON_NATT_PORT;
                selected = this->ipv6_natt;
        }
        if (selected)
@@ -299,7 +299,7 @@ METHOD(socket_t, receiver, status_t,
                DBG2(DBG_NET, "received packet: from %#H to %#H", source, dest);
                data_offset = 0;
                /* remove non esp marker */
-               if (dest->get_port(dest) == IKEV2_NATT_PORT)
+               if (dest->get_port(dest) == CHARON_NATT_PORT)
                {
                        data_offset += MARKER_LEN;
                }
@@ -339,7 +339,7 @@ METHOD(socket_t, sender, status_t,
        /* send data */
        sport = src->get_port(src);
        family = dst->get_family(dst);
-       if (sport == IKEV2_UDP_PORT)
+       if (sport == CHARON_UDP_PORT)
        {
                if (family == AF_INET)
                {
@@ -350,7 +350,7 @@ METHOD(socket_t, sender, status_t,
                        skt = this->ipv6;
                }
        }
-       else if (sport == IKEV2_NATT_PORT)
+       else if (sport == CHARON_NATT_PORT)
        {
                if (family == AF_INET)
                {
@@ -537,7 +537,7 @@ static int open_socket(private_socket_default_socket_t *this,
        {
                /* enable UDP decapsulation globally, only for one socket needed */
                int type = UDP_ENCAP_ESPINUDP;
-               if (family == AF_INET && port == IKEV2_NATT_PORT &&
+               if (family == AF_INET && port == CHARON_NATT_PORT &&
                        setsockopt(skt, SOL_UDP, UDP_ENCAP, &type, sizeof(type)) < 0)
                {
                        DBG1(DBG_NET, "unable to set UDP_ENCAP: %s", strerror(errno));
@@ -590,7 +590,7 @@ socket_default_socket_t *socket_default_socket_create()
 
 #ifdef __APPLE__
        {
-               int natt_port = IKEV2_NATT_PORT;
+               int natt_port = CHARON_NATT_PORT;
                if (sysctlbyname("net.inet.ipsec.esp_port", NULL, NULL, &natt_port,
                                                 sizeof(natt_port)) != 0)
                {
@@ -600,28 +600,28 @@ socket_default_socket_t *socket_default_socket_create()
        }
 #endif
 
-       this->ipv4 = open_socket(this, AF_INET, IKEV2_UDP_PORT);
+       this->ipv4 = open_socket(this, AF_INET, CHARON_UDP_PORT);
        if (this->ipv4 == 0)
        {
                DBG1(DBG_NET, "could not open IPv4 socket, IPv4 disabled");
        }
        else
        {
-               this->ipv4_natt = open_socket(this, AF_INET, IKEV2_NATT_PORT);
+               this->ipv4_natt = open_socket(this, AF_INET, CHARON_NATT_PORT);
                if (this->ipv4_natt == 0)
                {
                        DBG1(DBG_NET, "could not open IPv4 NAT-T socket");
                }
        }
 
-       this->ipv6 = open_socket(this, AF_INET6, IKEV2_UDP_PORT);
+       this->ipv6 = open_socket(this, AF_INET6, CHARON_UDP_PORT);
        if (this->ipv6 == 0)
        {
                DBG1(DBG_NET, "could not open IPv6 socket, IPv6 disabled");
        }
        else
        {
-               this->ipv6_natt = open_socket(this, AF_INET6, IKEV2_NATT_PORT);
+               this->ipv6_natt = open_socket(this, AF_INET6, CHARON_NATT_PORT);
                if (this->ipv6_natt == 0)
                {
                        DBG1(DBG_NET, "could not open IPv6 NAT-T socket");
index 6557fc1..5394113 100644 (file)
@@ -204,7 +204,7 @@ METHOD(socket_t, receiver, status_t,
                DBG2(DBG_NET, "received packet: from %#H to %#H", source, dest);
                data_offset = IP_LEN + UDP_LEN;
                /* remove non esp marker */
-               if (dest->get_port(dest) == IKEV2_NATT_PORT)
+               if (dest->get_port(dest) == CHARON_NATT_PORT)
                {
                        data_offset += MARKER_LEN;
                }
@@ -291,7 +291,7 @@ METHOD(socket_t, receiver, status_t,
                DBG2(DBG_NET, "received packet: from %#H to %#H", source, dest);
                data_offset = UDP_LEN;
                /* remove non esp marker */
-               if (dest->get_port(dest) == IKEV2_NATT_PORT)
+               if (dest->get_port(dest) == CHARON_NATT_PORT)
                {
                        data_offset += MARKER_LEN;
                }
@@ -332,7 +332,7 @@ METHOD(socket_t, sender, status_t,
        /* send data */
        sport = src->get_port(src);
        family = dst->get_family(dst);
-       if (sport == IKEV2_UDP_PORT)
+       if (sport == CHARON_UDP_PORT)
        {
                if (family == AF_INET)
                {
@@ -343,7 +343,7 @@ METHOD(socket_t, sender, status_t,
                        skt = this->send6;
                }
        }
-       else if (sport == IKEV2_NATT_PORT)
+       else if (sport == CHARON_NATT_PORT)
        {
                if (family == AF_INET)
                {
@@ -541,8 +541,8 @@ static int open_recv_socket(private_socket_raw_socket_t *this, int family)
        {
                /* Destination Port must be either port or natt_port */
                BPF_STMT(BPF_LD+BPF_H+BPF_ABS, udp_header + 2),
-               BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, IKEV2_UDP_PORT, 1, 0),
-               BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, IKEV2_NATT_PORT, 6, 14),
+               BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, CHARON_UDP_PORT, 1, 0),
+               BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, CHARON_NATT_PORT, 6, 14),
                /* port */
                        /* IKE version must be 2.x */
                        BPF_STMT(BPF_LD+BPF_B+BPF_ABS, ike_header + IKE_VERSION_OFFSET),
@@ -667,7 +667,7 @@ socket_raw_socket_t *socket_raw_socket_create()
        }
        else
        {
-               this->send4 = open_send_socket(this, AF_INET, IKEV2_UDP_PORT);
+               this->send4 = open_send_socket(this, AF_INET, CHARON_UDP_PORT);
                if (this->send4 == 0)
                {
                        DBG1(DBG_NET, "could not open IPv4 send socket, IPv4 disabled");
@@ -675,7 +675,7 @@ socket_raw_socket_t *socket_raw_socket_create()
                }
                else
                {
-                       this->send4_natt = open_send_socket(this, AF_INET, IKEV2_NATT_PORT);
+                       this->send4_natt = open_send_socket(this, AF_INET, CHARON_NATT_PORT);
                        if (this->send4_natt == 0)
                        {
                                DBG1(DBG_NET, "could not open IPv4 NAT-T send socket");
@@ -690,7 +690,7 @@ socket_raw_socket_t *socket_raw_socket_create()
        }
        else
        {
-               this->send6 = open_send_socket(this, AF_INET6, IKEV2_UDP_PORT);
+               this->send6 = open_send_socket(this, AF_INET6, CHARON_UDP_PORT);
                if (this->send6 == 0)
                {
                        DBG1(DBG_NET, "could not open IPv6 send socket, IPv6 disabled");
@@ -698,7 +698,7 @@ socket_raw_socket_t *socket_raw_socket_create()
                }
                else
                {
-                       this->send6_natt = open_send_socket(this, AF_INET6, IKEV2_NATT_PORT);
+                       this->send6_natt = open_send_socket(this, AF_INET6, CHARON_NATT_PORT);
                        if (this->send6_natt == 0)
                        {
                                DBG1(DBG_NET, "could not open IPv6 NAT-T send socket");
index dd9a0b0..28b493e 100644 (file)
@@ -259,7 +259,7 @@ static ike_cfg_t *build_ike_cfg(private_sql_config_t *this, enumerator_t *e,
                ike_cfg_t *ike_cfg;
 
                ike_cfg = ike_cfg_create(certreq, force_encap,
-                                                                local, FALSE, IKEV2_UDP_PORT,
+                                                                local, FALSE, CHARON_UDP_PORT,
                                                                 remote, FALSE, IKEV2_UDP_PORT);
                add_ike_proposals(this, ike_cfg, id);
                return ike_cfg;
index c884da0..83f04bd 100644 (file)
@@ -188,6 +188,7 @@ static ike_cfg_t *build_ike_cfg(private_stroke_config_t *this, stroke_msg_t *msg
        ike_cfg_t *ike_cfg;
        char *interface;
        host_t *host;
+       u_int16_t ikeport;
 
        host = host_create_from_dns(msg->add_conn.other.address, 0, 0);
        if (host)
@@ -224,11 +225,13 @@ static ike_cfg_t *build_ike_cfg(private_stroke_config_t *this, stroke_msg_t *msg
                        }
                }
        }
+       ikeport = msg->add_conn.me.ikeport;
+       ikeport = (ikeport == IKEV2_UDP_PORT) ? CHARON_UDP_PORT : ikeport;
        ike_cfg = ike_cfg_create(msg->add_conn.other.sendcert != CERT_NEVER_SEND,
                                                         msg->add_conn.force_encap,
                                                         msg->add_conn.me.address,
                                                         msg->add_conn.me.allow_any,
-                                                        msg->add_conn.me.ikeport,
+                                                        ikeport,
                                                         msg->add_conn.other.address,
                                                         msg->add_conn.other.allow_any,
                                                         msg->add_conn.other.ikeport);
index 9b0fd73..9dc0cfc 100644 (file)
@@ -169,7 +169,7 @@ METHOD(enumerator_t, peer_enumerator_enumerate, bool,
        {
                DESTROY_IF(this->peer_cfg);
                ike_cfg = ike_cfg_create(FALSE, FALSE,
-                                                                local_addr, FALSE, IKEV2_UDP_PORT,
+                                                                local_addr, FALSE, CHARON_UDP_PORT,
                                                                 remote_addr, FALSE, IKEV2_UDP_PORT);
                ike_cfg->add_proposal(ike_cfg, create_proposal(ike_proposal, PROTO_IKE));
                this->peer_cfg = peer_cfg_create(
@@ -267,7 +267,7 @@ METHOD(enumerator_t, ike_enumerator_enumerate, bool,
        {
                DESTROY_IF(this->ike_cfg);
                this->ike_cfg = ike_cfg_create(FALSE, FALSE,
-                                                                          local_addr, FALSE, IKEV2_UDP_PORT,
+                                                                          local_addr, FALSE, CHARON_UDP_PORT,
                                                                           remote_addr, FALSE, IKEV2_UDP_PORT);
                this->ike_cfg->add_proposal(this->ike_cfg,
                                                                        create_proposal(ike_proposal, PROTO_IKE));
index 45bac7c..6e5b4af 100644 (file)
@@ -97,7 +97,7 @@ METHOD(job_t, execute, job_requeue_t,
                ike_sa->set_kmaddress(ike_sa, this->local, this->remote);
 
                host = this->local->clone(this->local);
-               host->set_port(host, IKEV2_UDP_PORT);
+               host->set_port(host, CHARON_UDP_PORT);
                ike_sa->set_my_host(ike_sa, host);
 
                host = this->remote->clone(this->remote);
index 0a7c52a..5182da5 100644 (file)
@@ -845,9 +845,9 @@ METHOD(ike_sa_t, float_ports, void,
           private_ike_sa_t *this)
 {
        /* do not switch if we have a custom port from MOBIKE/NAT */
-       if (this->my_host->get_port(this->my_host) == IKEV2_UDP_PORT)
+       if (this->my_host->get_port(this->my_host) == CHARON_UDP_PORT)
        {
-               this->my_host->set_port(this->my_host, IKEV2_NATT_PORT);
+               this->my_host->set_port(this->my_host, CHARON_NATT_PORT);
        }
        if (this->other_host->get_port(this->other_host) == IKEV2_UDP_PORT)
        {
@@ -1054,7 +1054,7 @@ static void resolve_hosts(private_ike_sa_t *this)
        if (this->local_host)
        {
                host = this->local_host->clone(this->local_host);
-               host->set_port(host, IKEV2_UDP_PORT);
+               host->set_port(host, CHARON_UDP_PORT);
        }
        else
        {
@@ -2239,7 +2239,7 @@ ike_sa_t * ike_sa_create(ike_sa_id_t *ike_sa_id, bool initiator,
        }
 
        this->task_manager = task_manager_create(&this->public);
-       this->my_host->set_port(this->my_host, IKEV2_UDP_PORT);
+       this->my_host->set_port(this->my_host, CHARON_UDP_PORT);
 
        if (!this->task_manager || !this->keymat)
        {
index 8228d01..eee716c 100644 (file)
@@ -116,7 +116,7 @@ METHOD(task_t, process_r, status_t,
                                                         notify_type_names, type, redirect);
                                                /* Cisco boxes reject the first message from 4500 */
                                                me = this->ike_sa->get_my_host(this->ike_sa);
-                                               me->set_port(me, IKEV2_UDP_PORT);
+                                               me->set_port(me, CHARON_UDP_PORT);
                                                this->ike_sa->set_other_host(this->ike_sa, redirect);
                                                this->ike_sa->reauth(this->ike_sa);
                                                enumerator->destroy(enumerator);
index 90c3866..388b45c 100644 (file)
@@ -271,15 +271,15 @@ static void update_children(private_ike_mobike_t *this)
 /**
  * Apply the port of the old host, if its ip equals the new, use port otherwise.
  */
-static void apply_port(host_t *host, host_t *old, u_int16_t port)
+static void apply_port(host_t *host, host_t *old, u_int16_t port, bool local)
 {
        if (host->ip_equals(host, old))
        {
                port = old->get_port(old);
        }
-       else if (port == IKEV2_UDP_PORT)
+       else if (port == (local ? CHARON_UDP_PORT : IKEV2_UDP_PORT))
        {
-               port = IKEV2_NATT_PORT;
+               port = (local ? CHARON_NATT_PORT : IKEV2_NATT_PORT);
        }
        host->set_port(host, port);
 }
@@ -314,9 +314,9 @@ METHOD(ike_mobike_t, transmit, void,
                                continue;
                        }
                        /* reuse port for an active address, 4500 otherwise */
-                       apply_port(me, me_old, ike_cfg->get_my_port(ike_cfg));
+                       apply_port(me, me_old, ike_cfg->get_my_port(ike_cfg), TRUE);
                        other = other->clone(other);
-                       apply_port(other, other_old, ike_cfg->get_other_port(ike_cfg));
+                       apply_port(other, other_old, ike_cfg->get_other_port(ike_cfg), FALSE);
                        DBG1(DBG_IKE, "checking path %#H - %#H", me, other);
                        copy = packet->clone(packet);
                        copy->set_source(copy, me);