mirror of
https://github.com/XTLS/Xray-core.git
synced 2024-11-22 20:59:19 +02:00
Refactor: TPROXY inbound UDP write back
https://t.me/projectXray/119670 虽然不一定是最终的版本,但值得记录,感谢协助测试的各位朋友,特别感谢 @yichya @huyz
This commit is contained in:
parent
310a938511
commit
c41a1a56fe
|
@ -163,25 +163,41 @@ func (d *DokodemoDoor) Process(ctx context.Context, network net.Network, conn in
|
||||||
if !destinationOverridden {
|
if !destinationOverridden {
|
||||||
writer = &buf.SequentialWriter{Writer: conn}
|
writer = &buf.SequentialWriter{Writer: conn}
|
||||||
} else {
|
} else {
|
||||||
sockopt := &internet.SocketConfig{
|
var addr *net.UDPAddr
|
||||||
Tproxy: internet.SocketConfig_TProxy,
|
var mark int
|
||||||
}
|
|
||||||
if dest.Address.Family().IsIP() {
|
if dest.Address.Family().IsIP() {
|
||||||
sockopt.BindAddress = dest.Address.IP()
|
addr = &net.UDPAddr{
|
||||||
sockopt.BindPort = uint32(dest.Port)
|
IP: dest.Address.IP(),
|
||||||
|
Port: int(dest.Port),
|
||||||
|
}
|
||||||
}
|
}
|
||||||
if d.sockopt != nil {
|
if d.sockopt != nil {
|
||||||
sockopt.Mark = d.sockopt.Mark
|
mark = int(d.sockopt.Mark)
|
||||||
}
|
}
|
||||||
to := net.DestinationFromAddr(conn.RemoteAddr())
|
pConn, err := FakeUDP(addr, mark)
|
||||||
tConn, err := internet.DialSystem(ctx, to, sockopt)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
writer = NewPacketWriter(tConn, &dest, ctx, &to, sockopt)
|
back := net.DestinationFromAddr(conn.RemoteAddr())
|
||||||
|
writer = NewPacketWriter(pConn, &dest, mark, &back)
|
||||||
defer writer.(*PacketWriter).Close()
|
defer writer.(*PacketWriter).Close()
|
||||||
/*
|
/*
|
||||||
|
sockopt := &internet.SocketConfig{
|
||||||
|
Tproxy: internet.SocketConfig_TProxy,
|
||||||
|
}
|
||||||
|
if dest.Address.Family().IsIP() {
|
||||||
|
sockopt.BindAddress = dest.Address.IP()
|
||||||
|
sockopt.BindPort = uint32(dest.Port)
|
||||||
|
}
|
||||||
|
if d.sockopt != nil {
|
||||||
|
sockopt.Mark = d.sockopt.Mark
|
||||||
|
}
|
||||||
|
tConn, err := internet.DialSystem(ctx, net.DestinationFromAddr(conn.RemoteAddr()), sockopt)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
defer tConn.Close()
|
defer tConn.Close()
|
||||||
|
|
||||||
writer = &buf.SequentialWriter{Writer: tConn}
|
writer = &buf.SequentialWriter{Writer: tConn}
|
||||||
tReader := buf.NewPacketReader(tConn)
|
tReader := buf.NewPacketReader(tConn)
|
||||||
requestCount++
|
requestCount++
|
||||||
|
@ -220,24 +236,25 @@ func (d *DokodemoDoor) Process(ctx context.Context, network net.Network, conn in
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewPacketWriter(conn net.Conn, d *net.Destination, ctx context.Context, to *net.Destination, sockopt *internet.SocketConfig) buf.Writer {
|
func NewPacketWriter(conn net.PacketConn, d *net.Destination, mark int, back *net.Destination) buf.Writer {
|
||||||
writer := &PacketWriter{
|
writer := &PacketWriter{
|
||||||
conn: conn,
|
conn: conn,
|
||||||
conns: make(map[net.Destination]net.Conn),
|
conns: make(map[net.Destination]net.PacketConn),
|
||||||
ctx: ctx,
|
mark: mark,
|
||||||
to: to,
|
back: &net.UDPAddr{
|
||||||
sockopt: sockopt,
|
IP: back.Address.IP(),
|
||||||
|
Port: int(back.Port),
|
||||||
|
},
|
||||||
}
|
}
|
||||||
writer.conns[*d] = conn
|
writer.conns[*d] = conn
|
||||||
return writer
|
return writer
|
||||||
}
|
}
|
||||||
|
|
||||||
type PacketWriter struct {
|
type PacketWriter struct {
|
||||||
conn net.Conn
|
conn net.PacketConn
|
||||||
conns map[net.Destination]net.Conn
|
conns map[net.Destination]net.PacketConn
|
||||||
ctx context.Context
|
mark int
|
||||||
to *net.Destination
|
back *net.UDPAddr
|
||||||
sockopt *internet.SocketConfig
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func (w *PacketWriter) WriteMultiBuffer(mb buf.MultiBuffer) error {
|
func (w *PacketWriter) WriteMultiBuffer(mb buf.MultiBuffer) error {
|
||||||
|
@ -251,23 +268,34 @@ func (w *PacketWriter) WriteMultiBuffer(mb buf.MultiBuffer) error {
|
||||||
if b.UDP != nil && b.UDP.Address.Family().IsIP() {
|
if b.UDP != nil && b.UDP.Address.Family().IsIP() {
|
||||||
conn := w.conns[*b.UDP]
|
conn := w.conns[*b.UDP]
|
||||||
if conn == nil {
|
if conn == nil {
|
||||||
w.sockopt.BindAddress = b.UDP.Address.IP()
|
conn, err = FakeUDP(
|
||||||
w.sockopt.BindPort = uint32(b.UDP.Port)
|
&net.UDPAddr{
|
||||||
conn, _ = internet.DialSystem(w.ctx, *w.to, w.sockopt)
|
IP: b.UDP.Address.IP(),
|
||||||
if conn == nil {
|
Port: int(b.UDP.Port),
|
||||||
|
},
|
||||||
|
w.mark,
|
||||||
|
)
|
||||||
|
if err != nil {
|
||||||
b.Release()
|
b.Release()
|
||||||
continue
|
buf.ReleaseMulti(mb)
|
||||||
|
return err
|
||||||
}
|
}
|
||||||
w.conns[*b.UDP] = conn
|
w.conns[*b.UDP] = conn
|
||||||
}
|
}
|
||||||
_, err = conn.Write(b.Bytes())
|
_, err = conn.WriteTo(b.Bytes(), w.back)
|
||||||
|
if err != nil {
|
||||||
|
conn.Close()
|
||||||
|
w.conns[*b.UDP] = nil
|
||||||
|
newError(err).WriteToLog()
|
||||||
|
}
|
||||||
|
b.Release()
|
||||||
} else {
|
} else {
|
||||||
_, err = w.conn.Write(b.Bytes())
|
_, err = w.conn.WriteTo(b.Bytes(), w.back)
|
||||||
}
|
b.Release()
|
||||||
b.Release()
|
if err != nil {
|
||||||
if err != nil {
|
buf.ReleaseMulti(mb)
|
||||||
buf.ReleaseMulti(mb)
|
return err
|
||||||
return err
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
|
|
|
@ -0,0 +1,85 @@
|
||||||
|
// +build linux
|
||||||
|
|
||||||
|
package dokodemo
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"net"
|
||||||
|
"os"
|
||||||
|
"strconv"
|
||||||
|
"syscall"
|
||||||
|
)
|
||||||
|
|
||||||
|
func FakeUDP(addr *net.UDPAddr, mark int) (net.PacketConn, error) {
|
||||||
|
|
||||||
|
if addr == nil {
|
||||||
|
addr = &net.UDPAddr{
|
||||||
|
IP: []byte{0, 0, 0, 0},
|
||||||
|
Port: 0,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
localSocketAddress, af, err := udpAddrToSocketAddr(addr)
|
||||||
|
if err != nil {
|
||||||
|
return nil, &net.OpError{Op: "fake", Err: fmt.Errorf("build local socket address: %s", err)}
|
||||||
|
}
|
||||||
|
|
||||||
|
fileDescriptor, err := syscall.Socket(af, syscall.SOCK_DGRAM, 0)
|
||||||
|
if err != nil {
|
||||||
|
return nil, &net.OpError{Op: "fake", Err: fmt.Errorf("socket open: %s", err)}
|
||||||
|
}
|
||||||
|
|
||||||
|
if mark != 0 {
|
||||||
|
if err = syscall.SetsockoptInt(fileDescriptor, syscall.SOL_SOCKET, syscall.SO_MARK, mark); err != nil {
|
||||||
|
syscall.Close(fileDescriptor)
|
||||||
|
return nil, &net.OpError{Op: "fake", Err: fmt.Errorf("set socket option: SO_MARK: %s", err)}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if err = syscall.SetsockoptInt(fileDescriptor, syscall.SOL_SOCKET, syscall.SO_REUSEADDR, 1); err != nil {
|
||||||
|
syscall.Close(fileDescriptor)
|
||||||
|
return nil, &net.OpError{Op: "fake", Err: fmt.Errorf("set socket option: SO_REUSEADDR: %s", err)}
|
||||||
|
}
|
||||||
|
|
||||||
|
if err = syscall.SetsockoptInt(fileDescriptor, syscall.SOL_IP, syscall.IP_TRANSPARENT, 1); err != nil {
|
||||||
|
syscall.Close(fileDescriptor)
|
||||||
|
return nil, &net.OpError{Op: "fake", Err: fmt.Errorf("set socket option: IP_TRANSPARENT: %s", err)}
|
||||||
|
}
|
||||||
|
|
||||||
|
if err = syscall.Bind(fileDescriptor, localSocketAddress); err != nil {
|
||||||
|
syscall.Close(fileDescriptor)
|
||||||
|
return nil, &net.OpError{Op: "fake", Err: fmt.Errorf("socket bind: %s", err)}
|
||||||
|
}
|
||||||
|
|
||||||
|
fdFile := os.NewFile(uintptr(fileDescriptor), fmt.Sprintf("net-udp-fake-%s", addr.String()))
|
||||||
|
defer fdFile.Close()
|
||||||
|
|
||||||
|
packetConn, err := net.FilePacketConn(fdFile)
|
||||||
|
if err != nil {
|
||||||
|
syscall.Close(fileDescriptor)
|
||||||
|
return nil, &net.OpError{Op: "fake", Err: fmt.Errorf("convert file descriptor to connection: %s", err)}
|
||||||
|
}
|
||||||
|
|
||||||
|
return packetConn, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func udpAddrToSocketAddr(addr *net.UDPAddr) (syscall.Sockaddr, int, error) {
|
||||||
|
switch {
|
||||||
|
case addr.IP.To4() != nil:
|
||||||
|
ip := [4]byte{}
|
||||||
|
copy(ip[:], addr.IP.To4())
|
||||||
|
|
||||||
|
return &syscall.SockaddrInet4{Addr: ip, Port: addr.Port}, syscall.AF_INET, nil
|
||||||
|
|
||||||
|
default:
|
||||||
|
ip := [16]byte{}
|
||||||
|
copy(ip[:], addr.IP.To16())
|
||||||
|
|
||||||
|
zoneID, err := strconv.ParseUint(addr.Zone, 10, 32)
|
||||||
|
if err != nil {
|
||||||
|
return nil, 0, err
|
||||||
|
}
|
||||||
|
|
||||||
|
return &syscall.SockaddrInet6{Addr: ip, Port: addr.Port, ZoneId: uint32(zoneID)}, syscall.AF_INET6, nil
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,12 @@
|
||||||
|
// +build !linux
|
||||||
|
|
||||||
|
package dokodemo
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"net"
|
||||||
|
)
|
||||||
|
|
||||||
|
func FakeUDP(addr *net.UDPAddr, mark int) (net.PacketConn, error) {
|
||||||
|
return nil, &net.OpError{Op: "fake", Err: fmt.Errorf("!linux")}
|
||||||
|
}
|
Loading…
Reference in New Issue