diff --git a/common.cpp b/common.cpp
new file mode 100644
index 0000000..cd98c22
--- /dev/null
+++ b/common.cpp
@@ -0,0 +1,331 @@
+/*
+ * comm.cpp
+ *
+ *  Created on: Jul 29, 2017
+ *      Author: wangyu
+ */
+
+#include "common.h"
+#include "log.h"
+
+
+
+int about_to_exit=0;
+
+raw_mode_t raw_mode=mode_faketcp;
+unordered_map<int, const char*> raw_mode_tostring = {{mode_faketcp, "faketcp"}, {mode_udp, "udp"}, {mode_icmp, "icmp"}};
+int socket_buf_size=1024*1024;
+static int random_number_fd=-1;
+char iptables_rule[200]="";
+program_mode_t program_mode=unset_mode;//0 unset; 1client 2server
+
+u64_t get_current_time()
+{
+	timespec tmp_time;
+	clock_gettime(CLOCK_MONOTONIC, &tmp_time);
+	return tmp_time.tv_sec*1000+tmp_time.tv_nsec/(1000*1000l);
+}
+
+u64_t get_current_time_us()
+{
+	timespec tmp_time;
+	clock_gettime(CLOCK_MONOTONIC, &tmp_time);
+	return (uint64_t(tmp_time.tv_sec))*1000llu*1000llu+ (uint64_t(tmp_time.tv_nsec))/1000llu;
+}
+
+u64_t pack_u64(u32_t a,u32_t b)
+{
+	u64_t ret=a;
+	ret<<=32u;
+	ret+=b;
+	return ret;
+}
+u32_t get_u64_h(u64_t a)
+{
+	return a>>32u;
+}
+u32_t get_u64_l(u64_t a)
+{
+	return (a<<32u)>>32u;
+}
+
+char * my_ntoa(u32_t ip)
+{
+	in_addr a;
+	a.s_addr=ip;
+	return inet_ntoa(a);
+}
+
+
+int add_iptables_rule(char * s)
+{
+	strcpy(iptables_rule,s);
+	char buf[300]="iptables -I ";
+	strcat(buf,s);
+	if(system(buf)==0)
+	{
+		mylog(log_warn,"auto added iptables rule by:  %s\n",buf);
+	}
+	else
+	{
+		mylog(log_fatal,"auto added iptables failed by: %s\n",buf);
+		myexit(-1);
+	}
+	return 0;
+}
+
+int clear_iptables_rule()
+{
+	if(iptables_rule[0]!=0)
+	{
+		char buf[300]="iptables -D ";
+		strcat(buf,iptables_rule);
+		if(system(buf)==0)
+		{
+			mylog(log_warn,"iptables rule cleared by: %s \n",buf);
+		}
+		else
+		{
+			mylog(log_error,"clear iptables failed by: %s\n",buf);
+		}
+
+	}
+	return 0;
+}
+
+
+void init_random_number_fd()
+{
+
+	random_number_fd=open("/dev/urandom",O_RDONLY);
+
+	if(random_number_fd==-1)
+	{
+		mylog(log_fatal,"error open /dev/urandom\n");
+		myexit(-1);
+	}
+	setnonblocking(random_number_fd);
+}
+u64_t get_true_random_number_64()
+{
+	u64_t ret;
+	int size=read(random_number_fd,&ret,sizeof(ret));
+	if(size!=sizeof(ret))
+	{
+		mylog(log_fatal,"get random number failed %d\n",size);
+
+		myexit(-1);
+	}
+
+	return ret;
+}
+u32_t get_true_random_number()
+{
+	u32_t ret;
+	int size=read(random_number_fd,&ret,sizeof(ret));
+	if(size!=sizeof(ret))
+	{
+		mylog(log_fatal,"get random number failed %d\n",size);
+		myexit(-1);
+	}
+	return ret;
+}
+u32_t get_true_random_number_nz() //nz for non-zero
+{
+	u32_t ret=0;
+	while(ret==0)
+	{
+		ret=get_true_random_number();
+	}
+	return ret;
+}
+u64_t ntoh64(u64_t a)
+{
+	if(__BYTE_ORDER == __LITTLE_ENDIAN)
+	{
+		return __bswap_64( a);
+	}
+	else return a;
+
+}
+u64_t hton64(u64_t a)
+{
+	if(__BYTE_ORDER == __LITTLE_ENDIAN)
+	{
+		return __bswap_64( a);
+	}
+	else return a;
+
+}
+
+void setnonblocking(int sock) {
+	int opts;
+	opts = fcntl(sock, F_GETFL);
+
+	if (opts < 0) {
+    	mylog(log_fatal,"fcntl(sock,GETFL)\n");
+		//perror("fcntl(sock,GETFL)");
+		myexit(1);
+	}
+	opts = opts | O_NONBLOCK;
+	if (fcntl(sock, F_SETFL, opts) < 0) {
+    	mylog(log_fatal,"fcntl(sock,SETFL,opts)\n");
+		//perror("fcntl(sock,SETFL,opts)");
+		myexit(1);
+	}
+
+}
+
+/*
+    Generic checksum calculation function
+*/
+unsigned short csum(const unsigned short *ptr,int nbytes) {
+    register long sum;
+    unsigned short oddbyte;
+    register short answer;
+
+    sum=0;
+    while(nbytes>1) {
+        sum+=*ptr++;
+        nbytes-=2;
+    }
+    if(nbytes==1) {
+        oddbyte=0;
+        *((u_char*)&oddbyte)=*(u_char*)ptr;
+        sum+=oddbyte;
+    }
+
+    sum = (sum>>16)+(sum & 0xffff);
+    sum = sum + (sum>>16);
+    answer=(short)~sum;
+
+    return(answer);
+}
+int set_buf_size(int fd)
+{
+	int socket_buf_size=1024*1024;
+    if(setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &socket_buf_size, sizeof(socket_buf_size))<0)
+    //if(setsockopt(fd, SOL_SOCKET, SO_SNDBUFFORCE, &socket_buf_size, sizeof(socket_buf_size))<0)
+    {
+    	printf("set SO_SNDBUF fail\n");
+    	exit(1);
+    }
+    //if(setsockopt(fd, SOL_SOCKET, SO_RCVBUFFORCE, &socket_buf_size, sizeof(socket_buf_size))<0)
+    if(setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &socket_buf_size, sizeof(socket_buf_size))<0)
+    {
+    	printf("set SO_RCVBUF fail\n");
+    	exit(1);
+    }
+	return 0;
+}
+void myexit(int a)
+{
+    if(enable_log_color)
+   	 printf("%s\n",RESET);
+    clear_iptables_rule();
+	exit(a);
+}
+void  signal_handler(int sig)
+{
+	about_to_exit=1;
+    // myexit(0);
+}
+
+int numbers_to_char(id_t id1,id_t id2,id_t id3,char * &data,int &len)
+{
+	static char buf[buf_len];
+	data=buf;
+	id_t tmp=htonl(id1);
+	memcpy(buf,&tmp,sizeof(tmp));
+
+	tmp=htonl(id2);
+	memcpy(buf+sizeof(tmp),&tmp,sizeof(tmp));
+
+	tmp=htonl(id3);
+	memcpy(buf+sizeof(tmp)*2,&tmp,sizeof(tmp));
+
+	len=sizeof(id_t)*3;
+	return 0;
+}
+
+
+int char_to_numbers(const char * data,int len,id_t &id1,id_t &id2,id_t &id3)
+{
+	if(len<int(sizeof(id_t)*3)) return -1;
+	id1=ntohl(  *((id_t*)(data+0)) );
+	id2=ntohl(  *((id_t*)(data+sizeof(id_t))) );
+	id3=ntohl(  *((id_t*)(data+sizeof(id_t)*2)) );
+	return 0;
+}
+
+bool larger_than_u32(u32_t a,u32_t b)
+{
+
+	u32_t smaller,bigger;
+	smaller=min(a,b);//smaller in normal sense
+	bigger=max(a,b);
+	u32_t distance=min(bigger-smaller,smaller+(0xffffffff-bigger+1));
+	if(distance==bigger-smaller)
+	{
+		if(bigger==a)
+		{
+			return 1;
+		}
+		else
+		{
+			return 0;
+		}
+	}
+	else
+	{
+		if(smaller==b)
+		{
+			return 0;
+		}
+		else
+		{
+			return 1;
+		}
+	}
+}
+
+bool larger_than_u16(uint16_t a,uint16_t b)
+{
+
+	uint16_t smaller,bigger;
+	smaller=min(a,b);//smaller in normal sense
+	bigger=max(a,b);
+	uint16_t distance=min(bigger-smaller,smaller+(0xffff-bigger+1));
+	if(distance==bigger-smaller)
+	{
+		if(bigger==a)
+		{
+			return 1;
+		}
+		else
+		{
+			return 0;
+		}
+	}
+	else
+	{
+		if(smaller==b)
+		{
+			return 0;
+		}
+		else
+		{
+			return 1;
+		}
+	}
+}
+
+void get_true_random_chars(char * s,int len)
+{
+	int size=read(random_number_fd,s,len);
+	if(size!=len)
+	{
+		printf("get random number failed\n");
+		exit(-1);
+	}
+}
diff --git a/common.h b/common.h
new file mode 100644
index 0000000..e16c63e
--- /dev/null
+++ b/common.h
@@ -0,0 +1,150 @@
+/*
+ * common.h
+ *
+ *  Created on: Jul 29, 2017
+ *      Author: wangyu
+ */
+
+#ifndef COMMON_H_
+#define COMMON_H_
+#define __STDC_FORMAT_MACROS 1
+#include <inttypes.h>
+
+#include<stdio.h>
+#include<string.h>
+#include<stdlib.h>
+#include<getopt.h>
+
+#include<unistd.h>
+#include<errno.h>
+#include <sys/epoll.h>
+#include <sys/wait.h>
+#include <sys/socket.h>    //for socket ofcourse
+#include <sys/types.h>
+#include <stdlib.h> //for exit(0);
+#include <errno.h> //For errno - the error number
+#include <netinet/tcp.h>   //Provides declarations for tcp header
+#include <netinet/udp.h>
+#include <netinet/ip.h>    //Provides declarations for ip header
+#include <netinet/if_ether.h>
+#include <arpa/inet.h>
+#include <fcntl.h>
+#include <byteswap.h>
+#include <arpa/inet.h>
+#include <linux/if_ether.h>
+#include <linux/filter.h>
+#include <sys/time.h>
+#include <time.h>
+#include <sys/timerfd.h>
+#include <sys/ioctl.h>
+#include <netinet/in.h>
+#include <net/if.h>
+#include <arpa/inet.h>
+#include <stdarg.h>
+#include <assert.h>
+#include <linux/if_packet.h>
+
+
+
+
+#include<unordered_map>
+#include<unordered_set>
+using  namespace std;
+
+
+typedef unsigned long long u64_t;   //this works on most platform,avoid using the PRId64
+typedef long long i64_t;
+
+typedef unsigned int u32_t;
+typedef int i32_t;
+
+
+const int max_data_len=1600;
+const int buf_len=max_data_len+200;
+const u32_t max_handshake_conn_num=10000;
+const u32_t max_ready_conn_num=1000;
+//const u32_t anti_replay_window_size=1000;
+const int max_conv_num=10000;
+
+const u32_t client_handshake_timeout=5000;
+const u32_t client_retry_interval=1000;
+
+const u32_t server_handshake_timeout=10000;// this should be much longer than clients. client retry initially ,server retry passtively
+
+const int conv_clear_ratio=10;  //conv grabage collecter check 1/10 of all conv one time
+const int conn_clear_ratio=10;
+const int conv_clear_min=5;
+const int conn_clear_min=1;
+
+const u32_t conv_clear_interval=1000;
+const u32_t conn_clear_interval=1000;
+
+
+const i32_t max_fail_time=0;//disable
+
+const u32_t heartbeat_interval=1000;
+
+const u32_t timer_interval=400;//this should be smaller than heartbeat_interval and retry interval;
+
+//const uint32_t conv_timeout=120000; //120 second
+const u32_t conv_timeout=120000; //for test
+
+const u32_t client_conn_timeout=10000;
+const u32_t client_conn_uplink_timeout=client_conn_timeout+2000;
+
+//const uint32_t server_conn_timeout=conv_timeout+60000;//this should be 60s+ longer than conv_timeout,so that conv_manager can destruct convs gradually,to avoid latency glicth
+const u32_t server_conn_timeout=conv_timeout+60000;//for test
+
+extern int about_to_exit;
+
+enum raw_mode_t{mode_faketcp=0,mode_udp,mode_icmp,mode_end};
+extern raw_mode_t raw_mode;
+enum program_mode_t {unset_mode=0,client_mode,server_mode};
+extern program_mode_t program_mode;
+extern unordered_map<int, const char*> raw_mode_tostring ;
+extern int socket_buf_size;
+
+typedef u32_t id_t;
+
+typedef u64_t iv_t;
+
+typedef u64_t padding_t;
+
+typedef u64_t anti_replay_seq_t;
+
+u64_t get_current_time();
+u64_t get_current_time_us();
+u64_t pack_u64(u32_t a,u32_t b);
+
+u32_t get_u64_h(u64_t a);
+
+u32_t get_u64_l(u64_t a);
+
+char * my_ntoa(u32_t ip);
+
+void myexit(int a);
+void init_random_number_fd();
+u64_t get_true_random_number_64();
+u32_t get_true_random_number();
+u32_t get_true_random_number_nz();
+u64_t ntoh64(u64_t a);
+u64_t hton64(u64_t a);
+bool larger_than_u16(uint16_t a,uint16_t b);
+bool larger_than_u32(u32_t a,u32_t b);
+void setnonblocking(int sock);
+int set_buf_size(int fd);
+
+unsigned short csum(const unsigned short *ptr,int nbytes);
+
+void  signal_handler(int sig);
+int numbers_to_char(id_t id1,id_t id2,id_t id3,char * &data,int &len);
+int char_to_numbers(const char * data,int len,id_t &id1,id_t &id2,id_t &id3);
+
+void myexit(int a);
+
+int add_iptables_rule(char *);
+
+int clear_iptables_rule();
+void get_true_random_chars(char * s,int len);
+
+#endif /* COMMON_H_ */
diff --git a/log.cpp b/log.cpp
new file mode 100755
index 0000000..543cf3f
--- /dev/null
+++ b/log.cpp
@@ -0,0 +1,63 @@
+#include <common.h>
+#include <log.h>
+
+int log_level=log_info;
+
+int enable_log_position=0;
+int enable_log_color=1;
+
+
+void log0(const char * file,const char * function,int line,int level,const char* str, ...) {
+
+	if(level>log_level) return ;
+	if(level>log_trace||level<0) return ;
+
+
+	time_t timer;
+	char buffer[100];
+	struct tm* tm_info;
+
+	time(&timer);
+	tm_info = localtime(&timer);
+
+	if(enable_log_color)
+		printf("%s",log_color[level]);
+
+	strftime(buffer, 100, "%Y-%m-%d %H:%M:%S", tm_info);
+	printf("[%s][%s]",buffer,log_text[level]);
+
+	if(enable_log_position)printf("[%s,func:%s,line:%d]",file,function,line);
+
+	va_list vlist;
+	va_start(vlist, str);
+	vfprintf(stdout, str, vlist);
+	va_end(vlist);
+	if(enable_log_color)
+		printf("%s",RESET);
+
+	//printf("\n");
+	//if(enable_log_color)
+		//printf(log_color[level]);
+	fflush(stdout);
+
+	if(log_level==log_fatal)
+	{
+		about_to_exit=1;
+	}
+}
+
+void log_bare(int level,const char* str, ...)
+{
+	if(level>log_level) return ;
+	if(level>log_trace||level<0) return ;
+	if(enable_log_color)
+		printf("%s",log_color[level]);
+	va_list vlist;
+	va_start(vlist, str);
+	vfprintf(stdout, str, vlist);
+	va_end(vlist);
+	if(enable_log_color)
+		printf("%s",RESET);
+	fflush(stdout);
+
+}
diff --git a/log.h b/log.h
new file mode 100755
index 0000000..d29788f
--- /dev/null
+++ b/log.h
@@ -0,0 +1,101 @@
+
+#ifndef _LOG_MYLOG_H_
+#define _LOG_MYLOG_H_
+
+#include<stdio.h>
+#include<string.h>
+#include<sys/socket.h>
+#include<arpa/inet.h>
+#include<stdlib.h>
+#include<getopt.h>
+#include <unistd.h>
+#include<errno.h>
+
+#include <fcntl.h>
+//#include"aes.h"
+
+#include <sys/epoll.h>
+#include <sys/wait.h>
+
+#include<map>
+#include<string>
+#include<vector>
+
+
+#include <sys/socket.h>    //for socket ofcourse
+#include <sys/types.h>
+#include <stdlib.h> //for exit(0);
+#include <errno.h> //For errno - the error number
+#include <netinet/tcp.h>   //Provides declarations for tcp header
+#include <netinet/udp.h>
+#include <netinet/ip.h>    //Provides declarations for ip header
+#include <netinet/if_ether.h>
+#include <arpa/inet.h>
+#include <fcntl.h>
+#include <byteswap.h>
+#include <sys/socket.h>
+#include <sys/types.h>
+#include <arpa/inet.h>
+#include <linux/if_ether.h>
+#include <linux/filter.h>
+
+#include <sys/time.h>
+#include <time.h>
+
+#include <sys/timerfd.h>
+#include <set>
+//#include <encrypt.h>
+#include <inttypes.h>
+
+#include <sys/ioctl.h>
+#include <netinet/in.h>
+#include <net/if.h>
+#include <arpa/inet.h>
+#include <stdarg.h>
+
+using namespace std;
+
+
+#define RED   "\x1B[31m"
+#define GRN   "\x1B[32m"
+#define YEL   "\x1B[33m"
+#define BLU   "\x1B[34m"
+#define MAG   "\x1B[35m"
+#define CYN   "\x1B[36m"
+#define WHT   "\x1B[37m"
+#define RESET "\x1B[0m"
+
+
+const int log_never=0;
+const int log_fatal=1;
+const int log_error=2;
+const int log_warn=3;
+const int log_info=4;
+const int log_debug=5;
+const int log_trace=6;
+const int log_end=7;
+
+const char log_text[][20]={"NEVER","FATAL","ERROR","WARN","INFO","DEBUG","TRACE",""};
+const char log_color[][20]={RED,RED,RED,YEL,GRN,MAG,""};
+
+extern int log_level;
+extern int enable_log_position;
+extern int enable_log_color;
+
+
+#ifdef MY_DEBUG
+#define mylog(__first_argu__dummy_abcde__,...) printf(__VA_ARGS__)
+
+#else
+#define mylog(...) log0(__FILE__,__FUNCTION__,__LINE__,__VA_ARGS__)
+#endif
+
+
+//#define mylog(__first_argu__dummy_abcde__,...) {;}
+
+void log0(const char * file,const char * function,int line,int level,const char* str, ...);
+
+void log_bare(int level,const char* str, ...);
+
+
+#endif