diff --git a/common.cpp b/common.cpp
index 6b8b825..2f98b1b 100644
--- a/common.cpp
+++ b/common.cpp
@@ -90,6 +90,46 @@ int address_t::from_str(char *str)
 	return 0;
 }
 
+int address_t::from_str_ip_only(char * str)
+{
+	clear();
+
+	u32_t type;
+
+	if(strchr(str,':')==NULL)
+		type=AF_INET;
+	else
+		type=AF_INET6;
+
+	((sockaddr*)&inner)->sa_family=type;
+
+	int ret;
+	if(type==AF_INET)
+	{
+		ret=inet_pton(type, str,&inner.ipv4.sin_addr);
+	}
+	else
+	{
+		ret=inet_pton(type, str,&inner.ipv6.sin6_addr);
+	}
+
+	if(ret==0)  // 0 if address type doesnt match
+	{
+		mylog(log_error,"confusion in parsing %s, %d\n",str,ret);
+		myexit(-1);
+	}
+	else if(ret==1) // inet_pton returns 1 on success
+	{
+		//okay
+	}
+	else
+	{
+		mylog(log_error,"ip_addr %s is invalid, %d\n",str,ret);
+		myexit(-1);
+	}
+	return 0;
+}
+
 char * address_t::get_str()
 {
 	static char res[max_addr_len];
@@ -220,7 +260,74 @@ int address_t::new_connected_udp_fd()
 	return new_udp_fd;
 }
 
+bool my_ip_t::equal (const my_ip_t &b) const
+{
+	//extern int raw_ip_version;
+	if(raw_ip_version==AF_INET)
+	{
+		return v4==b.v4;
+	}else if(raw_ip_version==AF_INET)
+	{
+		return memcmp(&v6,&b.v6,sizeof(v6));
+	}
+	assert(0==1);
+	return 0;
+}
+char * my_ip_t::get_str1() const
+{
+	static char res[max_addr_len];
+	if(raw_ip_version==AF_INET6)
+	{
+		assert(inet_ntop(AF_INET6, &v6, res,max_addr_len)!=0);
+	}
+	else if(raw_ip_version==AF_INET)
+	{
+		assert(inet_ntop(AF_INET, &v4, res,max_addr_len)!=0);
+	}
+	return res;
+}
+char * my_ip_t::get_str2() const
+{
+	static char res[max_addr_len];
+	if(raw_ip_version==AF_INET6)
+	{
+		assert(inet_ntop(AF_INET6, &v6, res,max_addr_len)!=0);
+	}
+	else if(raw_ip_version==AF_INET)
+	{
+		assert(inet_ntop(AF_INET, &v4, res,max_addr_len)!=0);
+	}
+	return res;
+}
+/*
+int my_ip_t::from_str(char * str)
+{
+	u32_t type;
 
+	if(strchr(str,':')==NULL)
+		type=AF_INET;
+	else
+		type=AF_INET6;
+
+	int ret;
+	ret=inet_pton(type, str,this);
+
+	if(ret==0)  // 0 if address type doesnt match
+	{
+		mylog(log_error,"confusion in parsing %s, %d\n",str,ret);
+		myexit(-1);
+	}
+	else if(ret==1) // inet_pton returns 1 on success
+	{
+		//okay
+	}
+	else
+	{
+		mylog(log_error,"ip_addr %s is invalid, %d\n",str,ret);
+		myexit(-1);
+	}
+	return 0;
+}*/
 u64_t get_current_time()
 {
 	timespec tmp_time;
diff --git a/common.h b/common.h
index b22833c..f5b6960 100644
--- a/common.h
+++ b/common.h
@@ -28,6 +28,7 @@
 #include <netinet/tcp.h>   //Provides declarations for tcp header
 #include <netinet/udp.h>
 #include <netinet/ip.h>    //Provides declarations for ip header
+#include <netinet/ip6.h>
 #include <netinet/if_ether.h>
 #include <arpa/inet.h>
 #include <fcntl.h>
@@ -150,6 +151,8 @@ struct address_t  //TODO scope id
 
 	int from_str(char * str);
 
+	int from_str_ip_only(char * str);
+
 	int from_sockaddr(sockaddr *,socklen_t);
 
 	char* get_str();
@@ -233,6 +236,19 @@ template <>
  };
 }
 
+union my_ip_t //just a simple version of address_t,stores ip only
+{
+	u32_t v4;
+	in6_addr v6;
+
+    bool equal (const my_ip_t &b) const;
+
+    //int from_str(char * str);
+    char * get_str1() const;
+    char * get_str2() const;
+
+};
+
 struct not_copy_able_t
 {
 	not_copy_able_t()
diff --git a/main.cpp b/main.cpp
index ee2e640..abb3d04 100755
--- a/main.cpp
+++ b/main.cpp
@@ -100,7 +100,7 @@ int client_on_timer(conn_info_t &conn_info) //for client. called when a timer is
 		}
 		else
 		{
-			send_info.src_port = source_addr.get_port();
+			send_info.src_port = source_port;
 		}
 
 		if (raw_mode == mode_icmp)
diff --git a/misc.cpp b/misc.cpp
index 8778c25..8e313cc 100644
--- a/misc.cpp
+++ b/misc.cpp
@@ -34,6 +34,8 @@ fd_manager_t fd_manager;
 //int local_port = -1, remote_port=-1,source_port=0;//similiar to local_ip  remote_ip,buf for port.source_port=0 indicates --source-port is not enabled
 address_t local_addr,remote_addr,source_addr,bind_addr;
 
+int source_port=-1;
+
 int bind_addr_used=0;
 int force_source_ip=0; //if --source-ip is enabled
 int force_source_port=0;
@@ -132,7 +134,7 @@ void print_help()
 	printf("common options,these options must be same on both side:\n");
 	printf("    --raw-mode            <string>        avaliable values:faketcp(default),udp,icmp\n");
 	printf("    -k,--key              <string>        password to gen symetric key,default:\"secret key\"\n");
-	printf("    --cipher-mode         <string>        avaliable values:aes128cbc(default),xor,none\n");
+	printf("    --cipher-mode         <string>        avaliable values:aes128cfb,aes128cbc(default),xor,none\n");
 	printf("    --auth-mode           <string>        avaliable values:hmac_sha1,md5(default),crc32,simple,none\n");
 	printf("    -a,--auto-rule                        auto add (and delete) iptables rule\n");
 	printf("    -g,--gen-rule                         generate iptables rule then exit,so that you can copy and\n");
@@ -470,13 +472,13 @@ void process_arg(int argc, char *argv[])  //process all options
 			{
 				clear_iptables=1;
 			}
-			/////////////////////fix this later
-			/*
+
 			else if(strcmp(long_options[option_index].name,"source-ip")==0)
 			{
 				mylog(log_debug,"parsing long option :source-ip\n");
-				sscanf(optarg, "%s", source_ip);
-				mylog(log_debug,"source: %s\n",source_ip);
+				//sscanf(optarg, "%s", source_ip);
+				source_addr.from_str_ip_only(optarg);
+				mylog(log_debug,"source: %s\n",source_addr.get_ip());
 				force_source_ip=1;
 			}
 			else if(strcmp(long_options[option_index].name,"source-port")==0)
@@ -484,7 +486,8 @@ void process_arg(int argc, char *argv[])  //process all options
 				mylog(log_debug,"parsing long option :source-port\n");
 				sscanf(optarg, "%d", &source_port);
 				mylog(log_info,"source: %d\n",source_port);
-			}*/
+				force_source_port=1;
+			}
 			else if(strcmp(long_options[option_index].name,"raw-mode")==0)
 			{
 				for(i=0;i<mode_end;i++)
diff --git a/misc.h b/misc.h
index f2afbcc..48a159a 100644
--- a/misc.h
+++ b/misc.h
@@ -83,6 +83,7 @@ extern address_t local_addr,remote_addr,source_addr,bind_addr;
 extern int bind_addr_used;
 extern int force_source_ip; //if --source-ip is enabled
 extern int force_source_port;
+extern int source_port;
 
 extern id_t const_id;//an id used for connection recovery,its generated randomly,it never change since its generated
 
diff --git a/network.cpp b/network.cpp
index 0acc8e3..ca86389 100644
--- a/network.cpp
+++ b/network.cpp
@@ -154,45 +154,6 @@ tcpdump -i eth1  ip and icmp -dd
 
  */
 
-bool packet_info_t::tmp_ip_t::equal (const tmp_ip_t &b) const
-{
-	//extern int raw_ip_version;
-	if(raw_ip_version==AF_INET)
-	{
-		return v4==b.v4;
-	}else if(raw_ip_version==AF_INET)
-	{
-		return memcmp(&v6,&b.v6,sizeof(v6));
-	}
-	assert(0==1);
-	return 0;
-}
-char * packet_info_t::tmp_ip_t::get_str1() const
-{
-	static char res[max_addr_len];
-	if(raw_ip_version==AF_INET6)
-	{
-		assert(inet_ntop(AF_INET6, &v6, res,max_addr_len)!=0);
-	}
-	else if(raw_ip_version==AF_INET)
-	{
-		assert(inet_ntop(AF_INET, &v4, res,max_addr_len)!=0);
-	}
-	return res;
-}
-char * packet_info_t::tmp_ip_t::get_str2() const
-{
-	static char res[max_addr_len];
-	if(raw_ip_version==AF_INET6)
-	{
-		assert(inet_ntop(AF_INET6, &v6, res,max_addr_len)!=0);
-	}
-	else if(raw_ip_version==AF_INET)
-	{
-		assert(inet_ntop(AF_INET, &v4, res,max_addr_len)!=0);
-	}
-	return res;
-}
 packet_info_t::packet_info_t()
 {
 	src_port=0;
@@ -637,7 +598,42 @@ int find_lower_level_info(u32_t ip,u32_t &dest_ip,string &if_name,string &hw)
 	return 0;
 }
 
+int send_raw_packet(raw_info_t &raw_info,const char * packet,int len)
+{
+	const packet_info_t &send_info=raw_info.send_info;
+	const packet_info_t &recv_info=raw_info.recv_info;
 
+    int ret;
+    if(lower_level==0)
+    {
+		struct sockaddr_in sin={0};
+		sin.sin_family = AF_INET;
+		//sin.sin_port = htons(info.dst_port); //dont need this
+		sin.sin_addr.s_addr = send_info.new_dst_ip.v4;
+		ret = sendto(raw_send_fd, packet, len ,  0, (struct sockaddr *) &sin, sizeof (sin));
+
+    }
+    else
+    {
+
+    	struct sockaddr_ll addr={0};  //={0} not necessary
+    	memcpy(&addr,&send_info.addr_ll,sizeof(addr));
+
+    	ret = sendto(raw_send_fd, packet, len ,  0, (struct sockaddr *) &addr, sizeof (addr));
+    }
+    if(ret==-1)
+    {
+
+    	mylog(log_trace,"sendto failed\n");
+    	//perror("why?");
+    	return -1;
+    }
+    else
+    {
+    	//mylog(log_info,"sendto succ\n");
+    }
+    return 0;
+}
 int send_raw_ip(raw_info_t &raw_info,const char * payload,int payloadlen)
 {
 	const packet_info_t &send_info=raw_info.send_info;
@@ -687,36 +683,8 @@ int send_raw_ip(raw_info_t &raw_info,const char * payload,int payloadlen)
     else
     	iph->check=0;
 
-    int ret;
-    if(lower_level==0)
-    {
-		struct sockaddr_in sin={0};
-		sin.sin_family = AF_INET;
-		//sin.sin_port = htons(info.dst_port); //dont need this
-		sin.sin_addr.s_addr = send_info.new_dst_ip.v4;
-		ret = sendto(raw_send_fd, send_raw_ip_buf, ip_tot_len ,  0, (struct sockaddr *) &sin, sizeof (sin));
 
-    }
-    else
-    {
-
-    	struct sockaddr_ll addr={0};  //={0} not necessary
-    	memcpy(&addr,&send_info.addr_ll,sizeof(addr));
-
-    	ret = sendto(raw_send_fd, send_raw_ip_buf, ip_tot_len ,  0, (struct sockaddr *) &addr, sizeof (addr));
-    }
-    if(ret==-1)
-    {
-
-    	mylog(log_trace,"sendto failed\n");
-    	//perror("why?");
-    	return -1;
-    }
-    else
-    {
-    	//mylog(log_info,"sendto succ\n");
-    }
-    return 0;
+    return send_raw_packet(raw_info,send_raw_ip_buf,ip_tot_len);
 }
 int peek_raw(packet_info_t &peek_info)
 {
@@ -814,15 +782,33 @@ int discard_raw_packet()
 	g_packet_buf_cnt--;
 	return 0;
 }
-int recv_raw_ip(raw_info_t &raw_info,char * &payload,int &payloadlen)
+int recv_raw_packet(char * &packet,int &len)
 {
 	assert(g_packet_buf_cnt==1);
 	g_packet_buf_cnt--;
 
-	char *recv_raw_ip_buf=g_packet_buf;
-	//static char recv_raw_ip_buf[buf_len];
+	if(g_packet_buf_len<int(link_level_header_len))
+	{
+		mylog(log_trace,"packet len %d shorter than link_level_header_len %d\n");
+		return -1;
+	}
 
-	int recv_len=g_packet_buf_len;
+	if(link_level_header_len ==14&&(g_packet_buf[12]!=8||g_packet_buf[13]!=0))
+	{
+		mylog(log_trace,"not an ipv4 packet!\n");
+		return -1;
+	}
+	packet=g_packet_buf+int(link_level_header_len);
+	len=g_packet_buf_len-int(link_level_header_len);
+	return 0;
+}
+int recv_raw_ip(raw_info_t &raw_info,char * &payload,int &payloadlen)
+{
+	char *raw_packet_buf;
+	//static char recv_raw_ip_buf[buf_len];
+	int raw_packet_len;
+
+	if(recv_raw_packet(raw_packet_buf,raw_packet_len)!=0) return -1;
 
 	const packet_info_t &send_info=raw_info.send_info;
 	packet_info_t &recv_info=raw_info.recv_info;
@@ -833,20 +819,7 @@ int recv_raw_ip(raw_info_t &raw_info,char * &payload,int &payloadlen)
 	int flag=0;
 	//int recv_len = recvfrom(raw_recv_fd, recv_raw_ip_buf, max_data_len+1, flag ,(sockaddr*)&saddr , &saddr_size);
 
-
-	if(recv_len<int(link_level_header_len))
-	{
-		mylog(log_trace,"length error\n");
-	}
-
-	if(link_level_header_len ==14&&(recv_raw_ip_buf[12]!=8||recv_raw_ip_buf[13]!=0))
-	{
-		mylog(log_trace,"not an ipv4 packet!\n");
-		return -1;
-	}
-
-
-	char *ip_begin=recv_raw_ip_buf+link_level_header_len;  //14 is eth net header
+	char *ip_begin=raw_packet_buf;  //14 is eth net header
 
 	iph = (struct iphdr *) (ip_begin);
 
@@ -875,7 +848,7 @@ int recv_raw_ip(raw_info_t &raw_info,char * &payload,int &payloadlen)
 
 	int ip_len=ntohs(iph->tot_len);
 
-	if(recv_len-int(link_level_header_len) <ip_len)
+	if(raw_packet_len <ip_len)
 	{
 		mylog(log_debug,"incomplete packet\n");
 		return -1;
diff --git a/network.h b/network.h
index d9d59b8..5a45a20 100644
--- a/network.h
+++ b/network.h
@@ -30,6 +30,7 @@ extern char g_packet_buf[buf_len];
 extern int g_packet_buf_len;
 extern int g_packet_buf_cnt;
 
+
 struct icmphdr
 {
 	uint8_t type;
@@ -51,19 +52,10 @@ struct packet_info_t  //todo change this to union
 {
 	uint8_t protocol;
 
-	union tmp_ip_t
-	{
-		u32_t v4;
-		in6_addr v6;
 
-	    bool equal (const tmp_ip_t &b) const;
 
-	    char * get_str1() const;
-	    char * get_str2() const;
-	}ip;
-
-	tmp_ip_t new_src_ip;
-	tmp_ip_t new_dst_ip;
+	my_ip_t new_src_ip;
+	my_ip_t new_dst_ip;
 
 	uint16_t src_port;
 	uint16_t dst_port;