5 files changed, 812 insertions, 0 deletions

diff --git a/src/cli/nat-auto/.gitignore b/src/cli/nat-auto/.gitignore
new file mode 100644
index 000000000..c750bf612
--- /dev/null
+++ b/src/cli/nat-auto/.gitignore
@@ -0,0 +1,2 @@
+gnunet-nat-auto
+gnunet-nat-server
diff --git a/src/cli/nat-auto/Makefile.am b/src/cli/nat-auto/Makefile.am
new file mode 100644
index 000000000..4b2d74280
--- /dev/null
+++ b/src/cli/nat-auto/Makefile.am
@@ -0,0 +1,26 @@
+# This Makefile.am is in the public domain
+AM_CPPFLAGS = -I$(top_srcdir)/src/include
+
+libexecdir= $(pkglibdir)/libexec/
+
+pkgcfgdir= $(pkgdatadir)/config.d/
+
+bin_PROGRAMS = \
+ gnunet-nat-auto \
+ gnunet-nat-server
+
+gnunet_nat_server_SOURCES = \
+ gnunet-nat-server.c
+gnunet_nat_server_LDADD = \
+  $(top_builddir)/src/service/nat/libgnunetnatnew.la \
+  $(top_builddir)/src/lib/util/libgnunetutil.la
+gnunet_nat_server_LDFLAGS = \
+  $(GN_LIBINTL)
+
+gnunet_nat_auto_SOURCES = \
+  gnunet-nat-auto.c
+gnunet_nat_auto_LDADD = \
+  $(top_builddir)/src/service/nat-auto/libgnunetnatauto.la \
+  $(top_builddir)/src/lib/util/libgnunetutil.la
+gnunet_nat_auto_LDFLAGS = \
+  $(GN_LIBINTL)
diff --git a/src/cli/nat-auto/gnunet-nat-auto.c b/src/cli/nat-auto/gnunet-nat-auto.c
new file mode 100644
index 000000000..055a949bd
--- /dev/null
+++ b/src/cli/nat-auto/gnunet-nat-auto.c
@@ -0,0 +1,367 @@
+/*
+     This file is part of GNUnet.
+     Copyright (C) 2015, 2016, 2017 GNUnet e.V.
+
+     GNUnet is free software: you can redistribute it and/or modify it
+     under the terms of the GNU Affero General Public License as published
+     by the Free Software Foundation, either version 3 of the License,
+     or (at your option) any later version.
+
+     GNUnet is distributed in the hope that it will be useful, but
+     WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+     Affero General Public License for more details.
+
+     You should have received a copy of the GNU Affero General Public License
+     along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+     SPDX-License-Identifier: AGPL3.0-or-later
+ */
+
+/**
+ * @file src/nat/gnunet-nat-auto.c
+ * @brief Command-line tool for testing and autoconfiguration of NAT traversal
+ * @author Christian Grothoff
+ * @author Bruno Cabral
+ */
+#include "platform.h"
+#include "gnunet_util_lib.h"
+#include "gnunet_nat_service.h"
+#include "gnunet_nat_auto_service.h"
+
+/**
+ * Value to return from #main().
+ */
+static int global_ret;
+
+/**
+ * Handle to ongoing autoconfiguration.
+ */
+static struct GNUNET_NAT_AUTO_AutoHandle *ah;
+
+/**
+ * If we do auto-configuration, should we write the result
+ * to a file?
+ */
+static int write_cfg;
+
+/**
+ * Configuration filename.
+ */
+static const char *cfg_file;
+
+/**
+ * Original configuration.
+ */
+static const struct GNUNET_CONFIGURATION_Handle *cfg;
+
+/**
+ * Adapter we are supposed to test.
+ */
+static char *section_name;
+
+/**
+ * Should we run autoconfiguration?
+ */
+static int do_auto;
+
+/**
+ * Handle to a NAT test operation.
+ */
+static struct GNUNET_NAT_AUTO_Test *nt;
+
+/**
+ * Flag set to 1 if we use IPPROTO_UDP.
+ */
+static int use_udp;
+
+/**
+ * Flag set to 1 if we use IPPROTO_TCP.
+ */
+static int use_tcp;
+
+/**
+ * Protocol to use.
+ */
+static uint8_t proto;
+
+/**
+ * Test if all activities have finished, and if so,
+ * terminate.
+ */
+static void
+test_finished ()
+{
+  if (NULL != ah)
+    return;
+  if (NULL != nt)
+    return;
+  GNUNET_SCHEDULER_shutdown ();
+}
+
+
+/**
+ * Function to iterate over suggested changes options
+ *
+ * @param cls closure
+ * @param section name of the section
+ * @param option name of the option
+ * @param value value of the option
+ */
+static void
+auto_conf_iter (void *cls,
+                const char *section,
+                const char *option,
+                const char *value)
+{
+  struct GNUNET_CONFIGURATION_Handle *new_cfg = cls;
+
+  printf ("%s: %s\n", option, value);
+  if (NULL != new_cfg)
+    GNUNET_CONFIGURATION_set_value_string (new_cfg, section, option, value);
+}
+
+
+/**
+ * Function called with the result from the autoconfiguration.
+ *
+ * @param cls closure
+ * @param diff minimal suggested changes to the original configuration
+ *             to make it work (as best as we can)
+ * @param result #GNUNET_NAT_ERROR_SUCCESS on success, otherwise the specific error code
+ * @param type what the situation of the NAT
+ */
+static void
+auto_config_cb (void *cls,
+                const struct GNUNET_CONFIGURATION_Handle *diff,
+                enum GNUNET_NAT_StatusCode result,
+                enum GNUNET_NAT_Type type)
+{
+  const char *nat_type;
+  char unknown_type[64];
+  struct GNUNET_CONFIGURATION_Handle *new_cfg;
+
+  ah = NULL;
+  switch (type)
+  {
+  case GNUNET_NAT_TYPE_NO_NAT:
+    nat_type = "NO NAT";
+    break;
+
+  case GNUNET_NAT_TYPE_UNREACHABLE_NAT:
+    nat_type = "NAT but we can traverse";
+    break;
+
+  case GNUNET_NAT_TYPE_STUN_PUNCHED_NAT:
+    nat_type = "NAT but STUN is able to identify the correct information";
+    break;
+
+  case GNUNET_NAT_TYPE_UPNP_NAT:
+    nat_type = "NAT but UPNP opened the ports";
+    break;
+
+  default:
+    sprintf (unknown_type, "NAT unknown, type %u", type);
+    nat_type = unknown_type;
+    break;
+  }
+
+  GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE,
+              "NAT status: %s/%s\n",
+              GNUNET_NAT_AUTO_status2string (result),
+              nat_type);
+
+  if (NULL == diff)
+    return;
+
+  /* Shortcut: if there are no changes suggested, bail out early. */
+  if (GNUNET_NO == GNUNET_CONFIGURATION_is_dirty (diff))
+  {
+    test_finished ();
+    return;
+  }
+
+  /* Apply diff to original configuration and show changes
+     to the user */
+  new_cfg = write_cfg ? GNUNET_CONFIGURATION_dup (cfg) : NULL;
+
+  GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE,
+              _ ("Suggested configuration changes:\n"));
+  GNUNET_CONFIGURATION_iterate_section_values (diff,
+                                               "nat",
+                                               &auto_conf_iter,
+                                               new_cfg);
+
+  /* If desired, write configuration to file; we write only the
+     changes to the defaults to keep things compact. */
+  if (write_cfg)
+  {
+    struct GNUNET_CONFIGURATION_Handle *def_cfg;
+
+    GNUNET_CONFIGURATION_set_value_string (new_cfg, "ARM", "CONFIG", NULL);
+    def_cfg = GNUNET_CONFIGURATION_create ();
+    GNUNET_break (GNUNET_OK == GNUNET_CONFIGURATION_load (def_cfg, NULL));
+    if (GNUNET_OK !=
+        GNUNET_CONFIGURATION_write_diffs (def_cfg, new_cfg, cfg_file))
+    {
+      GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE,
+                  _ ("Failed to write configuration to `%s'\n"),
+                  cfg_file);
+      global_ret = 1;
+    }
+    else
+    {
+      GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE,
+                  _ ("Wrote updated configuration to `%s'\n"),
+                  cfg_file);
+    }
+    GNUNET_CONFIGURATION_destroy (def_cfg);
+  }
+
+  if (NULL != new_cfg)
+    GNUNET_CONFIGURATION_destroy (new_cfg);
+  test_finished ();
+}
+
+
+/**
+ * Function called to report success or failure for
+ * NAT configuration test.
+ *
+ * @param cls closure
+ * @param result #GNUNET_NAT_ERROR_SUCCESS on success, otherwise the specific error code
+ */
+static void
+test_report_cb (void *cls, enum GNUNET_NAT_StatusCode result)
+{
+  nt = NULL;
+  printf ("NAT test result: %s\n", GNUNET_NAT_AUTO_status2string (result));
+  test_finished ();
+}
+
+
+/**
+ * Task run on shutdown.
+ *
+ * @param cls NULL
+ */
+static void
+do_shutdown (void *cls)
+{
+  if (NULL != ah)
+  {
+    GNUNET_NAT_AUTO_autoconfig_cancel (ah);
+    ah = NULL;
+  }
+  if (NULL != nt)
+  {
+    GNUNET_NAT_AUTO_test_stop (nt);
+    nt = NULL;
+  }
+}
+
+
+/**
+ * Main function that will be run.
+ *
+ * @param cls closure
+ * @param args remaining command-line arguments
+ * @param cfgfile name of the configuration file used (for saving, can be NULL!)
+ * @param c configuration
+ */
+static void
+run (void *cls,
+     char *const *args,
+     const char *cfgfile,
+     const struct GNUNET_CONFIGURATION_Handle *c)
+{
+  cfg_file = cfgfile;
+  cfg = c;
+
+  GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL);
+
+  if (do_auto)
+  {
+    ah = GNUNET_NAT_AUTO_autoconfig_start (c, &auto_config_cb, NULL);
+  }
+
+  if (use_tcp && use_udp)
+  {
+    if (do_auto)
+      return;
+    GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, "Cannot use TCP and UDP\n");
+    global_ret = 1;
+    return;
+  }
+  proto = 0;
+  if (use_tcp)
+    proto = IPPROTO_TCP;
+  if (use_udp)
+    proto = IPPROTO_UDP;
+
+  if (NULL != section_name)
+  {
+    nt = GNUNET_NAT_AUTO_test_start (c,
+                                     proto,
+                                     section_name,
+                                     &test_report_cb,
+                                     NULL);
+  }
+  test_finished ();
+}
+
+
+/**
+ * Main function of gnunet-nat-auto
+ *
+ * @param argc number of command-line arguments
+ * @param argv command line
+ * @return 0 on success, -1 on error
+ */
+int
+main (int argc, char *const argv[])
+{
+  struct GNUNET_GETOPT_CommandLineOption options[] =
+  { GNUNET_GETOPT_option_flag ('a',
+                               "auto",
+                               gettext_noop ("run autoconfiguration"),
+                               &do_auto),
+
+    GNUNET_GETOPT_option_string (
+      'S',
+      "section",
+      "NAME",
+      gettext_noop (
+        "section name providing the configuration for the adapter"),
+      &section_name),
+
+    GNUNET_GETOPT_option_flag ('t', "tcp", gettext_noop ("use TCP"), &use_tcp),
+
+    GNUNET_GETOPT_option_flag ('u', "udp", gettext_noop ("use UDP"), &use_udp),
+
+    GNUNET_GETOPT_option_flag (
+      'w',
+      "write",
+      gettext_noop ("write configuration file (for autoconfiguration)"),
+      &write_cfg),
+    GNUNET_GETOPT_OPTION_END };
+
+  if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv))
+    return 2;
+  if (GNUNET_OK !=
+      GNUNET_PROGRAM_run (argc,
+                          argv,
+                          "gnunet-nat-auto [options]",
+                          _ ("GNUnet NAT traversal autoconfiguration"),
+                          options,
+                          &run,
+                          NULL))
+  {
+    global_ret = 1;
+  }
+  GNUNET_free_nz ((void *) argv);
+  return global_ret;
+}
+
+
+/* end of gnunet-nat-auto.c */
diff --git a/src/cli/nat-auto/gnunet-nat-server.c b/src/cli/nat-auto/gnunet-nat-server.c
new file mode 100644
index 000000000..baa610e8f
--- /dev/null
+++ b/src/cli/nat-auto/gnunet-nat-server.c
@@ -0,0 +1,403 @@
+/*
+     This file is part of GNUnet.
+     Copyright (C) 2011, 2017 GNUnet e.V.
+
+     GNUnet is free software: you can redistribute it and/or modify it
+     under the terms of the GNU Affero General Public License as published
+     by the Free Software Foundation, either version 3 of the License,
+     or (at your option) any later version.
+
+     GNUnet is distributed in the hope that it will be useful, but
+     WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+     Affero General Public License for more details.
+
+     You should have received a copy of the GNU Affero General Public License
+     along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+     SPDX-License-Identifier: AGPL3.0-or-later
+ */
+
+/**
+ * @file src/nat/gnunet-nat-server.c
+ * @brief Daemon to run on 'gnunet.org' to help test NAT traversal code
+ * @author Christian Grothoff
+ */
+#include "platform.h"
+#include "gnunet_util_lib.h"
+#include "gnunet_nat_service.h"
+#include "gnunet_protocols.h"
+// FIXME can we build this without this header?
+#include "../../service/nat-auto/nat-auto.h"
+
+
+/**
+ * Information we track per client.
+ */
+struct ClientData
+{
+  /**
+   * Timeout task.
+   */
+  struct GNUNET_SCHEDULER_Task *tt;
+
+  /**
+   * Client handle.
+   */
+  struct GNUNET_SERVICE_Client *client;
+};
+
+
+/**
+ * Our configuration.
+ */
+static const struct GNUNET_CONFIGURATION_Handle *cfg;
+
+
+/**
+ * Try contacting the peer using autonomous NAT traversal method.
+ *
+ * @param dst_ipv4 IPv4 address to send the fake ICMP message
+ * @param dport destination port to include in ICMP message
+ * @param is_tcp mark for TCP (#GNUNET_YES)  or UDP (#GNUNET_NO)
+ */
+static void
+try_anat (uint32_t dst_ipv4,
+          uint16_t dport,
+          int is_tcp)
+{
+  struct GNUNET_NAT_Handle *h;
+  struct sockaddr_in lsa;
+  struct sockaddr_in rsa;
+  const struct sockaddr *sa;
+  socklen_t sa_len;
+
+  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+              "Asking for connection reversal with %x and code %u\n",
+              (unsigned int) dst_ipv4,
+              (unsigned int) dport);
+  memset (&lsa, 0, sizeof(lsa));
+  lsa.sin_family = AF_INET;
+#if HAVE_SOCKADDR_IN_SIN_LEN
+  lsa.sin_len = sizeof(sa);
+#endif
+  lsa.sin_addr.s_addr = 0;
+  lsa.sin_port = htons (dport);
+  memset (&rsa, 0, sizeof(rsa));
+  rsa.sin_family = AF_INET;
+#if HAVE_SOCKADDR_IN_SIN_LEN
+  rsa.sin_len = sizeof(sa);
+#endif
+  rsa.sin_addr.s_addr = dst_ipv4;
+  rsa.sin_port = htons (dport);
+  sa_len = sizeof(lsa);
+  sa = (const struct sockaddr *) &lsa;
+  h = GNUNET_NAT_register (cfg,
+                           "none",
+                           is_tcp ? IPPROTO_TCP : IPPROTO_UDP,
+                           1,
+                           &sa,
+                           &sa_len,
+                           NULL, NULL, NULL);
+  GNUNET_NAT_request_reversal (h,
+                               &lsa,
+                               &rsa);
+  GNUNET_NAT_unregister (h);
+}
+
+
+/**
+ * Closure for #tcp_send.
+ */
+struct TcpContext
+{
+  /**
+   * TCP  socket.
+   */
+  struct GNUNET_NETWORK_Handle *s;
+
+  /**
+   * Data to transmit.
+   */
+  uint16_t data;
+};
+
+
+/**
+ * Task called by the scheduler once we can do the TCP send
+ * (or once we failed to connect...).
+ *
+ * @param cls the `struct TcpContext`
+ */
+static void
+tcp_send (void *cls)
+{
+  struct TcpContext *ctx = cls;
+  const struct GNUNET_SCHEDULER_TaskContext *tc;
+
+  tc = GNUNET_SCHEDULER_get_task_context ();
+  if ((NULL != tc->write_ready) &&
+      (GNUNET_NETWORK_fdset_isset (tc->write_ready, ctx->s)))
+  {
+    if (-1 ==
+        GNUNET_NETWORK_socket_send (ctx->s, &ctx->data, sizeof(ctx->data)))
+    {
+      GNUNET_log_strerror (GNUNET_ERROR_TYPE_DEBUG, "send");
+    }
+    GNUNET_NETWORK_socket_shutdown (ctx->s, SHUT_RDWR);
+  }
+  GNUNET_NETWORK_socket_close (ctx->s);
+  GNUNET_free (ctx);
+}
+
+
+/**
+ * Try to send @a data to the
+ * IP @a dst_ipv4' at port @a dport via TCP.
+ *
+ * @param dst_ipv4 target IP
+ * @param dport target port
+ * @param data data to send
+ */
+static void
+try_send_tcp (uint32_t dst_ipv4,
+              uint16_t dport,
+              uint16_t data)
+{
+  struct GNUNET_NETWORK_Handle *s;
+  struct sockaddr_in sa;
+  struct TcpContext *ctx;
+
+  s = GNUNET_NETWORK_socket_create (AF_INET,
+                                    SOCK_STREAM,
+                                    0);
+  if (NULL == s)
+  {
+    GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
+                         "socket");
+    return;
+  }
+  memset (&sa, 0, sizeof(sa));
+  sa.sin_family = AF_INET;
+#if HAVE_SOCKADDR_IN_SIN_LEN
+  sa.sin_len = sizeof(sa);
+#endif
+  sa.sin_addr.s_addr = dst_ipv4;
+  sa.sin_port = htons (dport);
+  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+              "Sending TCP message to `%s'\n",
+              GNUNET_a2s ((struct sockaddr *) &sa,
+                          sizeof(sa)));
+  if ((GNUNET_OK !=
+       GNUNET_NETWORK_socket_connect (s,
+                                      (const struct sockaddr *) &sa,
+                                      sizeof(sa))) &&
+      (errno != EINPROGRESS))
+  {
+    GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
+                         "connect");
+    GNUNET_NETWORK_socket_close (s);
+    return;
+  }
+  ctx = GNUNET_new (struct TcpContext);
+  ctx->s = s;
+  ctx->data = data;
+  GNUNET_SCHEDULER_add_write_net (GNUNET_TIME_UNIT_SECONDS,
+                                  s,
+                                  &tcp_send,
+                                  ctx);
+}
+
+
+/**
+ * Try to send @a data to the
+ * IP @a dst_ipv4 at port @a dport via UDP.
+ *
+ * @param dst_ipv4 target IP
+ * @param dport target port
+ * @param data data to send
+ */
+static void
+try_send_udp (uint32_t dst_ipv4,
+              uint16_t dport,
+              uint16_t data)
+{
+  struct GNUNET_NETWORK_Handle *s;
+  struct sockaddr_in sa;
+
+  s = GNUNET_NETWORK_socket_create (AF_INET,
+                                    SOCK_DGRAM,
+                                    0);
+  if (NULL == s)
+  {
+    GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
+                         "socket");
+    return;
+  }
+  memset (&sa, 0, sizeof(sa));
+  sa.sin_family = AF_INET;
+#if HAVE_SOCKADDR_IN_SIN_LEN
+  sa.sin_len = sizeof(sa);
+#endif
+  sa.sin_addr.s_addr = dst_ipv4;
+  sa.sin_port = htons (dport);
+  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+              "Sending UDP packet to `%s'\n",
+              GNUNET_a2s ((struct sockaddr *) &sa,
+                          sizeof(sa)));
+  if (-1 ==
+      GNUNET_NETWORK_socket_sendto (s,
+                                    &data,
+                                    sizeof(data),
+                                    (const struct sockaddr *) &sa,
+                                    sizeof(sa)))
+    GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
+                         "sendto");
+  GNUNET_NETWORK_socket_close (s);
+}
+
+
+/**
+ * We've received a request to probe a NAT
+ * traversal. Do it.
+ *
+ * @param cls handle to client (we always close)
+ * @param tm message with details about what to test
+ */
+static void
+handle_test (void *cls,
+             const struct GNUNET_NAT_AUTO_TestMessage *tm)
+{
+  struct ClientData *cd = cls;
+  uint16_t dport;
+
+  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+              "Received test request\n");
+  dport = ntohs (tm->dport);
+  if (0 == dport)
+    try_anat (tm->dst_ipv4,
+              ntohs (tm->data),
+              (int) ntohl (tm->is_tcp));
+  else if (GNUNET_YES == ntohl (tm->is_tcp))
+    try_send_tcp (tm->dst_ipv4,
+                  dport,
+                  tm->data);
+  else
+    try_send_udp (tm->dst_ipv4,
+                  dport,
+                  tm->data);
+  GNUNET_SERVICE_client_drop (cd->client);
+}
+
+
+/**
+ * Main function that will be run.
+ *
+ * @param cls closure
+ * @param c configuration
+ * @param srv service handle
+ */
+static void
+run (void *cls,
+     const struct GNUNET_CONFIGURATION_Handle *c,
+     struct GNUNET_SERVICE_Handle *srv)
+{
+  cfg = c;
+}
+
+
+/**
+ * Forcefully drops client after 1s.
+ *
+ * @param cls our `struct ClientData` of a client to drop
+ */
+static void
+force_timeout (void *cls)
+{
+  struct ClientData *cd = cls;
+
+  cd->tt = NULL;
+  GNUNET_SERVICE_client_drop (cd->client);
+}
+
+
+/**
+ * Callback called when a client connects to the service.
+ *
+ * @param cls closure for the service
+ * @param c the new client that connected to the service
+ * @param mq the message queue used to send messages to the client
+ * @return our `struct ClientData`
+ */
+static void *
+client_connect_cb (void *cls,
+                   struct GNUNET_SERVICE_Client *c,
+                   struct GNUNET_MQ_Handle *mq)
+{
+  struct ClientData *cd;
+
+  cd = GNUNET_new (struct ClientData);
+  cd->client = c;
+  cd->tt = GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_SECONDS,
+                                         &force_timeout,
+                                         cd);
+  return cd;
+}
+
+
+/**
+ * Callback called when a client disconnected from the service
+ *
+ * @param cls closure for the service
+ * @param c the client that disconnected
+ * @param internal_cls our `struct ClientData`
+ */
+static void
+client_disconnect_cb (void *cls,
+                      struct GNUNET_SERVICE_Client *c,
+                      void *internal_cls)
+{
+  struct ClientData *cd = internal_cls;
+
+  if (NULL != cd->tt)
+    GNUNET_SCHEDULER_cancel (cd->tt);
+  GNUNET_free (cd);
+}
+
+
+/**
+ * Define "main" method using service macro.
+ */
+GNUNET_SERVICE_MAIN
+  ("nat-server",
+  GNUNET_SERVICE_OPTION_NONE,
+  &run,
+  &client_connect_cb,
+  &client_disconnect_cb,
+  NULL,
+  GNUNET_MQ_hd_fixed_size (test,
+                           GNUNET_MESSAGE_TYPE_NAT_TEST,
+                           struct GNUNET_NAT_AUTO_TestMessage,
+                           NULL),
+  GNUNET_MQ_handler_end ());
+
+
+#if defined(__linux__) && defined(__GLIBC__)
+#include <malloc.h>
+
+/**
+ * MINIMIZE heap size (way below 128k) since this process doesn't need much.
+ */
+void __attribute__ ((constructor))
+GNUNET_ARM_memory_init ()
+{
+  mallopt (M_TRIM_THRESHOLD, 4 * 1024);
+  mallopt (M_TOP_PAD, 1 * 1024);
+  malloc_trim (0);
+}
+
+
+#endif
+
+
+/* end of gnunet-nat-server.c */
diff --git a/src/cli/nat-auto/meson.build b/src/cli/nat-auto/meson.build
new file mode 100644
index 000000000..69e719126
--- /dev/null
+++ b/src/cli/nat-auto/meson.build
@@ -0,0 +1,14 @@
+executable ('gnunet-nat-auto',
+            ['gnunet-nat-auto.c'],
+            dependencies: [libgnunetnatauto_dep, libgnunetutil_dep,
+                           libgnunetnat_dep],
+            include_directories: [incdir, configuration_inc],
+            install: true,
+            install_dir: get_option('bindir'))
+executable ('gnunet-nat-server',
+            ['gnunet-nat-server.c'],
+            dependencies: [libgnunetnatauto_dep, libgnunetutil_dep, libgnunetnat_dep],
+            include_directories: [incdir, configuration_inc],
+            install: true,
+            install_dir: get_option('bindir'))
+