From 667279af57e8aca8e1da588a740e4e2d8da53bd1 Mon Sep 17 00:00:00 2001 From: RPRX <63339210+RPRX@users.noreply.github.com> Date: Sun, 18 Jun 2023 17:20:16 +0000 Subject: [PATCH] Add "nonIPQuery" to DNS outbound ("drop" by default) And fixed a memory leak And regenerated *.pb.go --- common/protocol/headers.pb.go | 2 +- infra/conf/dns_proxy.go | 16 ++++++++++++---- proxy/dns/config.pb.go | 28 +++++++++++++++++++--------- proxy/dns/config.proto | 1 + proxy/dns/dns.go | 5 +++++ 5 files changed, 38 insertions(+), 14 deletions(-) diff --git a/common/protocol/headers.pb.go b/common/protocol/headers.pb.go index b90db8c7..96c427d4 100644 --- a/common/protocol/headers.pb.go +++ b/common/protocol/headers.pb.go @@ -27,7 +27,7 @@ const ( SecurityType_AUTO SecurityType = 2 SecurityType_AES128_GCM SecurityType = 3 SecurityType_CHACHA20_POLY1305 SecurityType = 4 - SecurityType_NONE SecurityType = 5 + SecurityType_NONE SecurityType = 5 // [DEPRECATED 2023-06] SecurityType_ZERO SecurityType = 6 ) diff --git a/infra/conf/dns_proxy.go b/infra/conf/dns_proxy.go index 90a5d65e..15630cfe 100644 --- a/infra/conf/dns_proxy.go +++ b/infra/conf/dns_proxy.go @@ -7,10 +7,11 @@ import ( ) type DNSOutboundConfig struct { - Network Network `json:"network"` - Address *Address `json:"address"` - Port uint16 `json:"port"` - UserLevel uint32 `json:"userLevel"` + Network Network `json:"network"` + Address *Address `json:"address"` + Port uint16 `json:"port"` + UserLevel uint32 `json:"userLevel"` + NonIPQuery string `json:"nonIPQuery"` } func (c *DNSOutboundConfig) Build() (proto.Message, error) { @@ -24,5 +25,12 @@ func (c *DNSOutboundConfig) Build() (proto.Message, error) { if c.Address != nil { config.Server.Address = c.Address.Build() } + switch c.NonIPQuery { + case "": + c.NonIPQuery = "drop" + case "drop", "skip": + default: + return nil, newError(`unknown "nonIPQuery": `, c.NonIPQuery) + } return config, nil } diff --git a/proxy/dns/config.pb.go b/proxy/dns/config.pb.go index 8da51b44..24016460 100644 --- a/proxy/dns/config.pb.go +++ b/proxy/dns/config.pb.go @@ -28,8 +28,9 @@ type Config struct { // Server is the DNS server address. If specified, this address overrides the // original one. - Server *net.Endpoint `protobuf:"bytes,1,opt,name=server,proto3" json:"server,omitempty"` - UserLevel uint32 `protobuf:"varint,2,opt,name=user_level,json=userLevel,proto3" json:"user_level,omitempty"` + Server *net.Endpoint `protobuf:"bytes,1,opt,name=server,proto3" json:"server,omitempty"` + UserLevel uint32 `protobuf:"varint,2,opt,name=user_level,json=userLevel,proto3" json:"user_level,omitempty"` + Non_IPQuery string `protobuf:"bytes,3,opt,name=non_IP_query,json=nonIPQuery,proto3" json:"non_IP_query,omitempty"` } func (x *Config) Reset() { @@ -78,6 +79,13 @@ func (x *Config) GetUserLevel() uint32 { return 0 } +func (x *Config) GetNon_IPQuery() string { + if x != nil { + return x.Non_IPQuery + } + return "" +} + var File_proxy_dns_config_proto protoreflect.FileDescriptor var file_proxy_dns_config_proto_rawDesc = []byte{ @@ -85,18 +93,20 @@ var file_proxy_dns_config_proto_rawDesc = []byte{ 0x69, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x64, 0x6e, 0x73, 0x1a, 0x1c, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x6e, 0x65, 0x74, 0x2f, 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, - 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x5a, 0x0a, 0x06, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, + 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x7c, 0x0a, 0x06, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x31, 0x0a, 0x06, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6e, 0x65, 0x74, 0x2e, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x52, 0x06, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x12, 0x1d, 0x0a, 0x0a, 0x75, 0x73, 0x65, 0x72, 0x5f, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x09, 0x75, 0x73, 0x65, 0x72, 0x4c, 0x65, 0x76, - 0x65, 0x6c, 0x42, 0x4c, 0x0a, 0x12, 0x63, 0x6f, 0x6d, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x70, - 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x64, 0x6e, 0x73, 0x50, 0x01, 0x5a, 0x23, 0x67, 0x69, 0x74, 0x68, - 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x78, 0x74, 0x6c, 0x73, 0x2f, 0x78, 0x72, 0x61, 0x79, - 0x2d, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2f, 0x64, 0x6e, 0x73, 0xaa, - 0x02, 0x0e, 0x58, 0x72, 0x61, 0x79, 0x2e, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x44, 0x6e, 0x73, - 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x65, 0x6c, 0x12, 0x20, 0x0a, 0x0c, 0x6e, 0x6f, 0x6e, 0x5f, 0x49, 0x50, 0x5f, 0x71, 0x75, 0x65, + 0x72, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x6e, 0x6f, 0x6e, 0x49, 0x50, 0x51, + 0x75, 0x65, 0x72, 0x79, 0x42, 0x4c, 0x0a, 0x12, 0x63, 0x6f, 0x6d, 0x2e, 0x78, 0x72, 0x61, 0x79, + 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x64, 0x6e, 0x73, 0x50, 0x01, 0x5a, 0x23, 0x67, 0x69, + 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x78, 0x74, 0x6c, 0x73, 0x2f, 0x78, 0x72, + 0x61, 0x79, 0x2d, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2f, 0x64, 0x6e, + 0x73, 0xaa, 0x02, 0x0e, 0x58, 0x72, 0x61, 0x79, 0x2e, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x44, + 0x6e, 0x73, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( diff --git a/proxy/dns/config.proto b/proxy/dns/config.proto index 0b324725..e9304a51 100644 --- a/proxy/dns/config.proto +++ b/proxy/dns/config.proto @@ -13,4 +13,5 @@ message Config { // original one. xray.common.net.Endpoint server = 1; uint32 user_level = 2; + string non_IP_query = 3; } diff --git a/proxy/dns/dns.go b/proxy/dns/dns.go index 4aa5dac0..d8a3244d 100644 --- a/proxy/dns/dns.go +++ b/proxy/dns/dns.go @@ -44,6 +44,7 @@ type Handler struct { ownLinkVerifier ownLinkVerifier server net.Destination timeout time.Duration + nonIPQuery string } func (h *Handler) Init(config *Config, dnsClient dns.Client, policyManager policy.Manager) error { @@ -57,6 +58,7 @@ func (h *Handler) Init(config *Config, dnsClient dns.Client, policyManager polic if config.Server != nil { h.server = config.Server.AsDestination() } + h.nonIPQuery = config.Non_IPQuery return nil } @@ -175,6 +177,9 @@ func (h *Handler) Process(ctx context.Context, link *transport.Link, d internet. isIPQuery, domain, id, qType := parseIPQuery(b.Bytes()) if isIPQuery { go h.handleIPQuery(id, qType, domain, writer) + } + if isIPQuery || h.nonIPQuery == "drop" { + b.Release() continue } }