Merge pull request 'First working alpha, version a0.4.' (#6) from dev into beta

Reviewed-on: #6

CMakeLists.txt

@@ -6,7 +6,7 @@ cmake_minimum_required(VERSION 3.16)
 # If MAJOR is 0, and MINOR > 0, Version is BETA
 
 project(ColumnLynx
-    VERSION 0.0.3
+    VERSION 0.0.4
     LANGUAGES CXX
 )
 

include/columnlynx/client/net/tcp/tcp_client.hpp

@@ -13,6 +13,8 @@
 #include <array>
 #include <algorithm>
 #include <vector>
+#include <columnlynx/common/net/protocol_structs.hpp>
+#include <columnlynx/common/net/virtual_interface.hpp>
 
 using asio::ip::tcp;
 
@@ -25,7 +27,8 @@ namespace ColumnLynx::Net::TCP {
                       Utils::LibSodiumWrapper* sodiumWrapper,
                       std::array<uint8_t, 32>* aesKey,
                       uint64_t* sessionIDRef,
-                      bool* insecureMode)
+                      bool* insecureMode,
+                      std::shared_ptr<VirtualInterface> tun = nullptr)
                 :
                 mResolver(ioContext),
                 mSocket(ioContext),
@@ -37,7 +40,8 @@ namespace ColumnLynx::Net::TCP {
                 mInsecureMode(insecureMode),
                 mHeartbeatTimer(mSocket.get_executor()),
                 mLastHeartbeatReceived(std::chrono::steady_clock::now()),
-                mLastHeartbeatSent(std::chrono::steady_clock::now())
+                mLastHeartbeatSent(std::chrono::steady_clock::now()),
+                mTun(tun)
             {}
 
             void start();
@@ -70,5 +74,7 @@ namespace ColumnLynx::Net::TCP {
             std::chrono::steady_clock::time_point mLastHeartbeatSent;
             int mMissedHeartbeats = 0;
             bool mIsHostDomain;
+            Protocol::TunConfig mTunConfig;
+            std::shared_ptr<VirtualInterface> mTun = nullptr;
     };
 }

include/columnlynx/client/net/udp/udp_client.hpp

@@ -9,6 +9,7 @@
 #include <columnlynx/common/utils.hpp>
 #include <columnlynx/common/libsodium_wrapper.hpp>
 #include <array>
+#include <columnlynx/common/net/virtual_interface.hpp>
 
 namespace ColumnLynx::Net::UDP {
     class UDPClient {
@@ -17,8 +18,12 @@ namespace ColumnLynx::Net::UDP {
                       const std::string& host,
                       const std::string& port,
                       std::array<uint8_t, 32>* aesKeyRef,
-                      uint64_t* sessionIDRef)
+                      uint64_t* sessionIDRef,
-                : mSocket(ioContext), mResolver(ioContext), mHost(host), mPort(port), mAesKeyRef(aesKeyRef), mSessionIDRef(sessionIDRef) { mStartReceive(); }
+                      std::shared_ptr<VirtualInterface> tunRef = nullptr)
+                : mSocket(ioContext), mResolver(ioContext), mHost(host), mPort(port), mAesKeyRef(aesKeyRef), mSessionIDRef(sessionIDRef), mTunRef(tunRef) 
+            {
+                mStartReceive(); 
+            }
 
             void start();
             void sendMessage(const std::string& data = "");
@@ -35,6 +40,7 @@ namespace ColumnLynx::Net::UDP {
             std::string mPort;
             std::array<uint8_t, 32>* mAesKeyRef;
             uint64_t* mSessionIDRef;
+            std::shared_ptr<VirtualInterface> mTunRef = nullptr;
             std::array<uint8_t, 2048> mRecvBuffer; // Adjust size as needed
     };
 }

include/columnlynx/common/net/protocol_structs.hpp

@@ -0,0 +1,21 @@
+// protocol_structs.hpp - Network Protocol Structures
+// Copyright (C) 2025 DcruBro
+// Distributed under the terms of the GNU General Public License, either version 2 only or version 3. See LICENSES/ for details.
+
+#pragma once
+
+#include <cstdint>
+
+namespace ColumnLynx::Protocol {
+    #pragma pack(push, 1)
+    struct TunConfig {
+        uint8_t version;
+        uint8_t prefixLength;
+        uint16_t mtu;
+        uint32_t serverIP;
+        uint32_t clientIP;
+        uint32_t dns1;
+        uint32_t dns2;
+    };
+    #pragma pack(pop)
+}

include/columnlynx/common/net/session_registry.hpp

@@ -21,6 +21,9 @@ namespace ColumnLynx::Net {
         std::atomic<uint64_t> sendCounter{0};
         std::chrono::steady_clock::time_point created = std::chrono::steady_clock::now();
         std::chrono::steady_clock::time_point expires{};
+        uint32_t clientTunIP;
+        uint32_t serverTunIP;
+        uint64_t sessionID;
         Nonce base_nonce{};
 
         ~SessionState() { sodium_memzero(aesKey.data(), aesKey.size()); }
@@ -29,7 +32,7 @@ namespace ColumnLynx::Net {
         SessionState(SessionState&&) = default;
         SessionState& operator=(SessionState&&) = default;
 
-        explicit SessionState(const SymmetricKey& k, std::chrono::seconds ttl = std::chrono::hours(24)) : aesKey(k) {
+        explicit SessionState(const SymmetricKey& k, std::chrono::seconds ttl = std::chrono::hours(24), uint32_t clientIP = 0, uint32_t serverIP = 0, uint64_t id = 0) : aesKey(k), clientTunIP(clientIP), serverTunIP(serverIP), sessionID(id) {
             expires = created + ttl;
         }
 
@@ -46,6 +49,7 @@ namespace ColumnLynx::Net {
             void put(uint64_t sessionID, std::shared_ptr<SessionState> state) {
                 std::unique_lock lock(mMutex);
                 mSessions[sessionID] = std::move(state);
+                mIPSessions[mSessions[sessionID]->clientTunIP] = mSessions[sessionID];
             }
 
             // Lookup
@@ -55,6 +59,12 @@ namespace ColumnLynx::Net {
                 return (it == mSessions.end()) ? nullptr : it->second;
             }
 
+            std::shared_ptr<const SessionState> getByIP(uint32_t ip) const {
+                std::shared_lock lock(mMutex);
+                auto it = mIPSessions.find(ip);
+                return (it == mIPSessions.end()) ? nullptr : it->second;
+            }
+
             std::unordered_map<uint64_t, std::shared_ptr<SessionState>> snapshot() const {
                 std::unordered_map<uint64_t, std::shared_ptr<SessionState>> snap;
                 std::shared_lock lock(mMutex);
@@ -79,10 +89,50 @@ namespace ColumnLynx::Net {
                         ++it;
                     }
                 }
+
+                for (auto it = mIPSessions.begin(); it != mIPSessions.end(); ) {
+                    if (it->second && it->second->expires <= now) {
+                        it = mIPSessions.erase(it);
+                    } else {
+                        ++it;
+                    }
+                }
+            }
+
+            int size() const {
+                std::shared_lock lock(mMutex);
+                return static_cast<int>(mSessions.size());
+            }
+
+            // IP management (simple for /24 subnet)
+
+            uint32_t getFirstAvailableIP() const {
+                std::shared_lock lock(mMutex);
+                uint32_t baseIP = 0x0A0A0002; // 10.10.0.2
+
+                // TODO: Expand to support larger subnets
+                for (uint32_t offset = 0; offset < 254; offset++) {
+                    uint32_t candidateIP = baseIP + offset;
+                    if (mSessionIPs.find(candidateIP) == mSessionIPs.end()) {
+                        return candidateIP;
+                    }                    
+                }
+            }
+
+            void lockIP(uint64_t sessionID, uint32_t ip) {
+                std::unique_lock lock(mMutex);
+                mSessionIPs[sessionID] = ip;
+            }
+
+            void deallocIP(uint64_t sessionID) {
+                std::unique_lock lock(mMutex);
+                mSessionIPs.erase(sessionID);
             }
 
         private:
             mutable std::shared_mutex mMutex;
             std::unordered_map<uint64_t, std::shared_ptr<SessionState>> mSessions;
+            std::unordered_map<uint64_t, uint32_t> mSessionIPs;
+            std::unordered_map<uint32_t, std::shared_ptr<SessionState>> mIPSessions;
     };
 }

include/columnlynx/common/net/virtual_interface.hpp

@@ -17,6 +17,7 @@
     #include <sys/ioctl.h>
     #include <linux/if.h>
     #include <linux/if_tun.h>
+    #include <arpa/inet.h>
 #elif defined(__APPLE__)
     #include <sys/socket.h>
     #include <sys/kern_control.h>
@@ -24,8 +25,11 @@
     #include <net/if_utun.h>
     #include <sys/ioctl.h>
     #include <unistd.h>
+    #include <arpa/inet.h>
 #elif defined(_WIN32)
     #include <windows.h>
+    #include <ws2tcpip.h>
+    #include <winsock2.h>
     #include <wintun/wintun.h>
     #pragma comment(lib, "advapi32.lib")
 #endif
@@ -36,12 +40,37 @@ namespace ColumnLynx::Net {
             explicit VirtualInterface(const std::string& ifName);
             ~VirtualInterface();
 
+            bool configureIP(uint32_t clientIP, uint32_t serverIP,
+                             uint8_t prefixLen, uint16_t mtu);
+
             std::vector<uint8_t> readPacket();
             void writePacket(const std::vector<uint8_t>& packet);
 
             const std::string& getName() const;
-            int getFd() const; // for ASIO integration (on POSIX)
+            int getFd() const; // For ASIO integration (on POSIX)
+
+            static inline std::string ipv4ToString(uint32_t ip) {
+                struct in_addr addr;
+                addr.s_addr = htonl(ip);
+            
+                char buf[INET_ADDRSTRLEN];
+                if (!inet_ntop(AF_INET, &addr, buf, sizeof(buf)))
+                    return "0.0.0.0";
+            
+                return std::string(buf);
+            }
+
+            static inline uint32_t prefixLengthToNetmask(uint8_t prefixLen) {
+                if (prefixLen == 0) return 0;
+                uint32_t mask = (0xFFFFFFFF << (32 - prefixLen)) & 0xFFFFFFFF;
+                return htonl(mask);    // convert to network byte order
+            }
+
         private:
+            bool mApplyLinuxIP(uint32_t clientIP, uint32_t serverIP, uint8_t prefixLen, uint16_t mtu);
+            bool mApplyMacOSIP(uint32_t clientIP, uint32_t serverIP, uint8_t prefixLen, uint16_t mtu);
+            bool mApplyWindowsIP(uint32_t clientIP, uint32_t serverIP, uint8_t prefixLen, uint16_t mtu);
+
             std::string mIfName;
             int mFd;           // POSIX
         #if defined(_WIN32)

include/columnlynx/server/net/tcp/tcp_connection.hpp

@@ -16,6 +16,7 @@
 #include <columnlynx/common/utils.hpp>
 #include <columnlynx/common/libsodium_wrapper.hpp>
 #include <columnlynx/common/net/session_registry.hpp>
+#include <columnlynx/common/net/protocol_structs.hpp>
 
 namespace ColumnLynx::Net::TCP {
     class TCPConnection : public std::enable_shared_from_this<TCPConnection> {

include/columnlynx/server/net/tcp/tcp_server.hpp

@@ -16,6 +16,7 @@
 #include <columnlynx/common/utils.hpp>
 #include <columnlynx/server/net/tcp/tcp_connection.hpp>
 #include <columnlynx/common/libsodium_wrapper.hpp>
+#include <columnlynx/common/net/protocol_structs.hpp>
 
 namespace ColumnLynx::Net::TCP {
 

include/columnlynx/server/net/udp/udp_server.hpp

@@ -8,12 +8,13 @@
 #include <columnlynx/common/net/udp/udp_message_type.hpp>
 #include <columnlynx/common/utils.hpp>
 #include <array>
+#include <columnlynx/common/net/virtual_interface.hpp>
 
 namespace ColumnLynx::Net::UDP {
     class UDPServer {
         public:
-            UDPServer(asio::io_context& ioContext, uint16_t port, bool* hostRunning, bool ipv4Only = false)
+            UDPServer(asio::io_context& ioContext, uint16_t port, bool* hostRunning, bool ipv4Only = false, std::shared_ptr<VirtualInterface> tun = nullptr)
-                : mSocket(ioContext), mHostRunning(hostRunning)
+                : mSocket(ioContext), mHostRunning(hostRunning), mTun(tun)
             {
                 asio::error_code ec;
 
@@ -43,13 +44,15 @@ namespace ColumnLynx::Net::UDP {
 
             void stop();
 
+            void sendData(const uint64_t sessionID, const std::string& data);
+
         private:
             void mStartReceive();
             void mHandlePacket(std::size_t bytes);
-            void mSendData(const uint64_t sessionID, const std::string& data);
             asio::ip::udp::socket mSocket;
             asio::ip::udp::endpoint mRemoteEndpoint;
             std::array<uint8_t, 2048> mRecvBuffer; // Adjust size as needed
             bool* mHostRunning;
+            std::shared_ptr<VirtualInterface> mTun;
     };
 }

src/client/main.cpp

@@ -15,12 +15,13 @@
 using asio::ip::tcp;
 using namespace ColumnLynx::Utils;
 using namespace ColumnLynx::Net;
+using namespace ColumnLynx;
 
 volatile sig_atomic_t done = 0;
 
 void signalHandler(int signum) {
     if (signum == SIGINT || signum == SIGTERM) {
-        log("Received termination signal. Shutting down client.");
+        //log("Received termination signal. Shutting down client.");
         done = 1;
     }
 }
@@ -62,8 +63,8 @@ int main(int argc, char** argv) {
         WintunInitialize();
 #endif
 
-        VirtualInterface tun("columnlynxtun0");
+        std::shared_ptr<VirtualInterface> tun = std::make_shared<VirtualInterface>("utun0");
-        log("Using virtual interface: " + tun.getName());
+        log("Using virtual interface: " + tun->getName());
 
         LibSodiumWrapper sodiumWrapper = LibSodiumWrapper();
 
@@ -71,8 +72,8 @@ int main(int argc, char** argv) {
         uint64_t sessionID = 0;
 
         asio::io_context io;
-        auto client = std::make_shared<ColumnLynx::Net::TCP::TCPClient>(io, host, port, &sodiumWrapper, &aesKey, &sessionID, &insecureMode);
+        auto client = std::make_shared<ColumnLynx::Net::TCP::TCPClient>(io, host, port, &sodiumWrapper, &aesKey, &sessionID, &insecureMode, tun);
-        auto udpClient = std::make_shared<ColumnLynx::Net::UDP::UDPClient>(io, host, port, &aesKey, &sessionID);
+        auto udpClient = std::make_shared<ColumnLynx::Net::UDP::UDPClient>(io, host, port, &aesKey, &sessionID, tun);
 
         client->start();
         udpClient->start();
@@ -81,29 +82,30 @@ int main(int argc, char** argv) {
         std::thread ioThread([&io]() {
             io.run();
         });
-        ioThread.detach();
+        //ioThread.join();
 
         log("Client connected to " + host + ":" + port);
         
         // Client is running
-        // TODO: SIGINT or SIGTERM seems to not kill this instantly!
         while ((client->isConnected() || !client->isHandshakeComplete()) && !done) {
-            std::this_thread::sleep_for(std::chrono::milliseconds(100)); // Temp wait
+            auto packet = tun->readPacket();
+            if (!client->isConnected() || done) {
+                break; // Bail out if connection died or signal set while blocked
+            }
             
-            if (client->isHandshakeComplete()) {
+            if (packet.empty()) {
-                // Send a test UDP message every 5 seconds after handshake is complete
+                continue;
-                static auto lastSendTime = std::chrono::steady_clock::now();
-                auto now = std::chrono::steady_clock::now();
-                if (std::chrono::duration_cast<std::chrono::seconds>(now - lastSendTime).count() >= 5) {
-                    udpClient->sendMessage("Hello from UDP client!");
-                    lastSendTime = now;
-                }
             }
+            
+            udpClient->sendMessage(std::string(packet.begin(), packet.end()));
         }
+
         log("Client shutting down.");
         udpClient->stop();
         client->disconnect();
         io.stop();
+
+        if (ioThread.joinable())
             ioThread.join();
 
     } catch (const std::exception& e) {

src/client/net/tcp/tcp_client.cpp

@@ -239,19 +239,29 @@ namespace ColumnLynx::Net::TCP {
                         mConnectionAESKey, symNonce
                     );
 
-                    if (decrypted.size() != sizeof(mConnectionSessionID)) {
+                    if (decrypted.size() != sizeof(mConnectionSessionID) + sizeof(Protocol::TunConfig)) {
-                        Utils::error("Decrypted session ID has invalid size. Terminating connection.");
+                        Utils::error("Decrypted config has invalid size. Terminating connection.");
                         disconnect();
                         return;
                     }
 
                     std::memcpy(&mConnectionSessionID, decrypted.data(), sizeof(mConnectionSessionID));
+                    std::memcpy(&mTunConfig, decrypted.data() + sizeof(mConnectionSessionID), sizeof(Protocol::TunConfig));
                     Utils::log("Connection established with Session ID: " + std::to_string(mConnectionSessionID));
                 
                     if (mSessionIDRef) { // Copy to the global reference
                         *mSessionIDRef = mConnectionSessionID;
                     }
 
+                    uint32_t clientIP = ntohl(mTunConfig.clientIP);
+                    uint32_t serverIP = ntohl(mTunConfig.serverIP);
+                    uint8_t prefixLen = mTunConfig.prefixLength;
+                    uint16_t mtu = mTunConfig.mtu;
+
+                    if (mTun) {
+                        mTun->configureIP(clientIP, serverIP, prefixLen, mtu);
+                    }
+
                     mHandshakeComplete = true;
                 }
             

src/client/net/udp/udp_client.cpp

@@ -6,6 +6,7 @@
 
 namespace ColumnLynx::Net::UDP {
     void UDPClient::start() {
+        // TODO: Add IPv6
         auto endpoints = mResolver.resolve(asio::ip::udp::v4(), mHost, mPort);
         mRemoteEndpoint = *endpoints.begin();
         mSocket.open(asio::ip::udp::v4());
@@ -107,5 +108,10 @@ namespace ColumnLynx::Net::UDP {
         }
 
         Utils::log("UDP Client received packet from " + mRemoteEndpoint.address().to_string() + " - Packet size: " + std::to_string(bytes));
+
+        // Write to TUN
+        if (mTunRef) {
+            mTunRef->writePacket(plaintext);
+        }
     }
 }

src/common/utils.cpp

@@ -37,7 +37,7 @@ namespace ColumnLynx::Utils {
     }
 
     std::string getVersion() {
-        return "a0.3";
+        return "a0.4";
     }
 
     unsigned short serverPort() {

src/common/virtual_interface.cpp

@@ -42,8 +42,11 @@ namespace ColumnLynx::Net {
         sc.sc_id = ctlInfo.ctl_id;
         sc.sc_unit = 0; // utun0 (0 = auto-assign)
 
-        if (connect(mFd, (struct sockaddr*)&sc, sizeof(sc)) < 0)
+        if (connect(mFd, (struct sockaddr*)&sc, sizeof(sc)) < 0) {
+            if (errno == EPERM)
+                throw std::runtime_error("connect(AF_SYS_CONTROL) failed: Insufficient permissions (try running as root)");
             throw std::runtime_error("connect(AF_SYS_CONTROL) failed: " + std::string(strerror(errno)));
+        }
 
         // Retrieve actual utun device name
         struct sockaddr_storage addr;
@@ -93,8 +96,12 @@ namespace ColumnLynx::Net {
     #if defined(__linux__) || defined(__APPLE__)
         std::vector<uint8_t> buf(4096);
         ssize_t n = read(mFd, buf.data(), buf.size());
-        if (n < 0)
+        if (n < 0) {
+            if (errno == EINTR) {
+                return {}; // Interrupted, return empty
+            }
             throw std::runtime_error("read() failed: " + std::string(strerror(errno)));
+        }
         buf.resize(n);
         return buf;
 
@@ -128,4 +135,91 @@ namespace ColumnLynx::Net {
     const std::string& VirtualInterface::getName() const { return mIfName; }
 
     int VirtualInterface::getFd() const { return mFd; }
-}
+
+    // ------------------------------------------------------------
+    //  IP CONFIGURATION
+    // ------------------------------------------------------------
+    bool VirtualInterface::configureIP(uint32_t clientIP, uint32_t serverIP,
+                                       uint8_t prefixLen, uint16_t mtu)
+    {
+    #if defined(__linux__)
+        return mApplyLinuxIP(clientIP, serverIP, prefixLen, mtu);
+    #elif defined(__APPLE__)
+        return mApplyMacOSIP(clientIP, serverIP, prefixLen, mtu);
+    #elif defined(_WIN32)
+        return mApplyWindowsIP(clientIP, serverIP, prefixLen, mtu);
+    #else
+        return false;
+    #endif
+    }
+    
+    // ------------------------------------------------------------
+    // Linux
+    // ------------------------------------------------------------
+    bool VirtualInterface::mApplyLinuxIP(uint32_t clientIP, uint32_t serverIP,
+                                        uint8_t prefixLen, uint16_t mtu)
+    {
+        char cmd[512];
+    
+        std::string ipStr = ipv4ToString(clientIP);
+        std::string peerStr = ipv4ToString(serverIP);
+    
+        snprintf(cmd, sizeof(cmd),
+                 "ip addr add %s/%d peer %s dev %s",
+                 ipStr.c_str(), prefixLen, peerStr.c_str(), mIfName.c_str());
+        system(cmd);
+    
+        snprintf(cmd, sizeof(cmd),
+                 "ip link set dev %s up mtu %d", mIfName.c_str(), mtu);
+        system(cmd);
+    
+        return true;
+    }
+    
+    // ------------------------------------------------------------
+    // macOS (utun)
+    // ------------------------------------------------------------
+    bool VirtualInterface::mApplyMacOSIP(uint32_t clientIP, uint32_t serverIP,
+                                        uint8_t prefixLen, uint16_t mtu)
+    {
+        char cmd[512];
+    
+        std::string ipStr = ipv4ToString(clientIP);
+        std::string peerStr = ipv4ToString(serverIP);
+    
+        // Set netmask (/24 CIDR temporarily with raw command, improve later)
+        snprintf(cmd, sizeof(cmd),
+                "ifconfig utun0 %s %s mtu %d netmask 255.255.255.0 up",
+                 ipStr.c_str(), peerStr.c_str(), mtu);
+        system(cmd);
+
+        Utils::log("Executed command: " + std::string(cmd));
+    
+        return true;
+    }
+    
+    // ------------------------------------------------------------
+    // Windows (Wintun)
+    // ------------------------------------------------------------
+    bool VirtualInterface::mApplyWindowsIP(uint32_t clientIP, uint32_t serverIP,
+                                          uint8_t prefixLen, uint16_t mtu)
+    {
+    #ifdef _WIN32
+        char ip[32], gw[32];
+        strcpy(ip, ipv4ToString(clientIP).c_str());
+        strcpy(gw, ipv4ToString(serverIP).c_str());
+    
+        char cmd[256];
+        snprintf(cmd, sizeof(cmd),
+                 "netsh interface ip set address name=\"%s\" static %s %d.%d.%d.%d",
+                 mIfName.c_str(), ip,
+                 (prefixLen <= 8) ? ((prefixLen << 3) & 255) : 255,
+                 255, 255, 255);
+        system(cmd);
+    
+        return true;
+    #else
+        return false;
+    #endif
+    }
+} // namespace ColumnLynx::Net

src/server/main.cpp

@@ -11,11 +11,14 @@
 #include <columnlynx/common/libsodium_wrapper.hpp>
 #include <unordered_set>
 #include <cxxopts/cxxopts.hpp>
+#include <columnlynx/common/net/virtual_interface.hpp>
 
 using asio::ip::tcp;
 using namespace ColumnLynx::Utils;
 using namespace ColumnLynx::Net::TCP;
 using namespace ColumnLynx::Net::UDP;
+using namespace ColumnLynx::Net;
+using namespace ColumnLynx;
 
 volatile sig_atomic_t done = 0;
 
@@ -54,6 +57,13 @@ int main(int argc, char** argv) {
         log("ColumnLynx Server, Version " + getVersion());
         log("This software is licensed under the GPLv2 only OR the GPLv3. See LICENSES/ for details.");
 
+#if defined(__WIN32__)
+        WintunInitialize();
+#endif
+
+        std::shared_ptr<VirtualInterface> tun = std::make_shared<VirtualInterface>("utun0");
+        log("Using virtual interface: " + tun->getName());
+
         // Generate a temporary keypair, replace with actual CA signed keys later (Note, these are stored in memory)
         LibSodiumWrapper sodiumWrapper = LibSodiumWrapper();
         log("Server public key: " + bytesToHexString(sodiumWrapper.getPublicKey(), crypto_sign_PUBLICKEYBYTES));
@@ -64,7 +74,7 @@ int main(int argc, char** argv) {
         asio::io_context io;
 
         auto server = std::make_shared<TCPServer>(io, serverPort(), &sodiumWrapper, &hostRunning, ipv4Only);
-        auto udpServer = std::make_shared<UDPServer>(io, serverPort(), &hostRunning, ipv4Only);
+        auto udpServer = std::make_shared<UDPServer>(io, serverPort(), &hostRunning, ipv4Only, tun);
 
         asio::signal_set signals(io, SIGINT, SIGTERM);
         signals.async_wait([&](const std::error_code&, int) {
@@ -87,7 +97,21 @@ int main(int argc, char** argv) {
         log("Server started on port " + std::to_string(serverPort()));
         
         while (!done) {
-            std::this_thread::sleep_for(std::chrono::milliseconds(100));
+            auto packet = tun->readPacket();
+            if (packet.empty()) {
+                continue;
+            }
+
+            const uint8_t* ip = packet.data();
+            uint32_t dstIP = ntohl(*(uint32_t*)(ip + 16)); // IPv4 destination address offset in IPv6-mapped header
+        
+            auto session = SessionRegistry::getInstance().getByIP(dstIP);
+            if (!session) {
+                Utils::warn("TUN: No session found for destination IP " + VirtualInterface::ipv4ToString(dstIP));
+                continue;
+            }
+
+            udpServer->sendData(session->sessionID, std::string(packet.begin(), packet.end()));
         }
 
         log("Shutting down server...");

src/server/server/net/tcp/tcp_connection.cpp

@@ -41,6 +41,9 @@ namespace ColumnLynx::Net::TCP {
         mHandler->socket().shutdown(asio::ip::tcp::socket::shutdown_both, ec);
         mHandler->socket().close(ec);
 
+        SessionRegistry::getInstance().erase(mConnectionSessionID);
+        SessionRegistry::getInstance().deallocIP(mConnectionSessionID);
+
         Utils::log("Closed connection to " + ip);
 
         if (mOnDisconnect) {
@@ -174,16 +177,33 @@ namespace ColumnLynx::Net::TCP {
 
                     // Encrypt the Session ID with the established AES key (using symmetric encryption, nonce can be all zeros for this purpose)
                     Nonce symNonce{}; // All zeros
-                    std::vector<uint8_t> encryptedSessionID = Utils::LibSodiumWrapper::encryptMessage(
+
-                        reinterpret_cast<uint8_t*>(&mConnectionSessionID), sizeof(mConnectionSessionID),
+                    uint32_t clientIP = SessionRegistry::getInstance().getFirstAvailableIP();
+                    Protocol::TunConfig tunConfig{};
+                    tunConfig.version = Utils::protocolVersion();
+                    tunConfig.prefixLength = 24;
+                    tunConfig.mtu = 1420;
+                    tunConfig.serverIP = htonl(0x0A0A0001); // 10.10.0.1
+                    tunConfig.clientIP = htonl(clientIP); // 10.10.0.X
+                    tunConfig.dns1 = htonl(0x08080808);    // 8.8.8.8
+                    tunConfig.dns2 = 0;
+
+                    SessionRegistry::getInstance().lockIP(mConnectionSessionID, clientIP);
+
+                    std::vector<uint8_t> payload(sizeof(uint64_t) + sizeof(tunConfig));
+                    std::memcpy(payload.data(), &mConnectionSessionID, sizeof(uint64_t));
+                    std::memcpy(payload.data() + sizeof(uint64_t), &tunConfig, sizeof(tunConfig));
+
+                    std::vector<uint8_t> encryptedPayload = Utils::LibSodiumWrapper::encryptMessage(
+                        payload.data(), payload.size(),
                         mConnectionAESKey, symNonce
                     );
 
-                    mHandler->sendMessage(ServerMessageType::HANDSHAKE_EXCHANGE_KEY_CONFIRM, Utils::uint8ArrayToString(encryptedSessionID.data(), encryptedSessionID.size()));
+                    mHandler->sendMessage(ServerMessageType::HANDSHAKE_EXCHANGE_KEY_CONFIRM, Utils::uint8ArrayToString(encryptedPayload.data(), encryptedPayload.size()));
 
                     // Add to session registry
                     Utils::log("Handshake with " + reqAddr + " completed successfully. Session ID assigned.");
-                    auto session = std::make_shared<SessionState>(mConnectionAESKey, std::chrono::hours(12));
+                    auto session = std::make_shared<SessionState>(mConnectionAESKey, std::chrono::hours(12), clientIP, htonl(0x0A0A0001), mConnectionSessionID);
                     SessionRegistry::getInstance().put(mConnectionSessionID, std::move(session));
 
                 } catch (const std::exception& e) {

src/server/server/net/udp/udp_server.cpp

@@ -63,15 +63,16 @@ namespace ColumnLynx::Net::UDP {
             std::string payloadStr(plaintext.begin(), plaintext.end());
             Utils::log("UDP: Received packet from " + mRemoteEndpoint.address().to_string() + " - Payload: " + payloadStr);
 
-            // TODO: Process the packet payload, for now just echo back
+            if (mTun) {
-            mSendData(sessionID, std::string(plaintext.begin(), plaintext.end()));
+                mTun->writePacket(plaintext); // Send to virtual interface
+            }
         } catch (...) {
             Utils::warn("UDP: Failed to decrypt payload from " + mRemoteEndpoint.address().to_string());
             return;
         }
     }
 
-    void UDPServer::mSendData(const uint64_t sessionID, const std::string& data) {
+    void UDPServer::sendData(const uint64_t sessionID, const std::string& data) {
         // Find the IPv4/IPv6 endpoint for the session
         std::shared_ptr<const SessionState> session = SessionRegistry::getInstance().get(sessionID);
         if (!session) {