Optimize TPROXY Inbound UDP write back

Enhanced stability.
This commit is contained in:
RPRX 2021-01-20 23:58:59 +00:00 committed by GitHub
parent ae98dc75cf
commit b60cf02603
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 30 additions and 43 deletions

View file

@ -277,17 +277,17 @@ func (w *PacketWriter) WriteMultiBuffer(mb buf.MultiBuffer) error {
w.mark, w.mark,
) )
if err != nil { if err != nil {
newError(err).WriteToLog()
b.Release() b.Release()
buf.ReleaseMulti(mb) continue
return err
} }
w.conns[*b.UDP] = conn w.conns[*b.UDP] = conn
} }
_, err = conn.WriteTo(b.Bytes(), w.back) _, err = conn.WriteTo(b.Bytes(), w.back)
if err != nil { if err != nil {
conn.Close()
w.conns[*b.UDP] = nil
newError(err).WriteToLog() newError(err).WriteToLog()
w.conns[*b.UDP] = nil
conn.Close()
} }
b.Release() b.Release()
} else { } else {

View file

@ -12,68 +12,55 @@ import (
) )
func FakeUDP(addr *net.UDPAddr, mark int) (net.PacketConn, error) { func FakeUDP(addr *net.UDPAddr, mark int) (net.PacketConn, error) {
var af int
var sockaddr syscall.Sockaddr
localSocketAddress, af, err := udpAddrToSocketAddr(addr) if len(addr.IP) == 4 {
if err != nil { af = syscall.AF_INET
return nil, &net.OpError{Op: "fake", Err: fmt.Errorf("build local socket address: %s", err)} sockaddr = &syscall.SockaddrInet4{Port: addr.Port}
copy(sockaddr.(*syscall.SockaddrInet4).Addr[:], addr.IP)
} else {
af = syscall.AF_INET6
sockaddr = &syscall.SockaddrInet6{Port: addr.Port}
copy(sockaddr.(*syscall.SockaddrInet6).Addr[:], addr.IP)
} }
fileDescriptor, err := syscall.Socket(af, syscall.SOCK_DGRAM, 0) var fd int
if err != nil { var err error
if fd, err = syscall.Socket(af, syscall.SOCK_DGRAM, 0); err != nil {
return nil, &net.OpError{Op: "fake", Err: fmt.Errorf("socket open: %s", err)} return nil, &net.OpError{Op: "fake", Err: fmt.Errorf("socket open: %s", err)}
} }
if mark != 0 { if mark != 0 {
if err = syscall.SetsockoptInt(fileDescriptor, syscall.SOL_SOCKET, syscall.SO_MARK, mark); err != nil { if err = syscall.SetsockoptInt(fd, syscall.SOL_SOCKET, syscall.SO_MARK, mark); err != nil {
syscall.Close(fileDescriptor) syscall.Close(fd)
return nil, &net.OpError{Op: "fake", Err: fmt.Errorf("set socket option: SO_MARK: %s", err)} return nil, &net.OpError{Op: "fake", Err: fmt.Errorf("set socket option: SO_MARK: %s", err)}
} }
} }
if err = syscall.SetsockoptInt(fileDescriptor, syscall.SOL_SOCKET, syscall.SO_REUSEADDR, 1); err != nil { if err = syscall.SetsockoptInt(fd, syscall.SOL_IP, syscall.IP_TRANSPARENT, 1); err != nil {
syscall.Close(fileDescriptor) syscall.Close(fd)
return nil, &net.OpError{Op: "fake", Err: fmt.Errorf("set socket option: SO_REUSEADDR: %s", err)}
}
if err = syscall.SetsockoptInt(fileDescriptor, syscall.SOL_SOCKET, unix.SO_REUSEPORT, 1); err != nil {
syscall.Close(fileDescriptor)
return nil, &net.OpError{Op: "fake", Err: fmt.Errorf("set socket option: SO_REUSEPORT: %s", err)}
}
if err = syscall.SetsockoptInt(fileDescriptor, syscall.SOL_IP, syscall.IP_TRANSPARENT, 1); err != nil {
syscall.Close(fileDescriptor)
return nil, &net.OpError{Op: "fake", Err: fmt.Errorf("set socket option: IP_TRANSPARENT: %s", err)} return nil, &net.OpError{Op: "fake", Err: fmt.Errorf("set socket option: IP_TRANSPARENT: %s", err)}
} }
if err = syscall.Bind(fileDescriptor, localSocketAddress); err != nil { syscall.SetsockoptInt(fd, syscall.SOL_SOCKET, syscall.SO_REUSEADDR, 1)
syscall.Close(fileDescriptor)
syscall.SetsockoptInt(fd, syscall.SOL_SOCKET, unix.SO_REUSEPORT, 1)
if err = syscall.Bind(fd, sockaddr); err != nil {
syscall.Close(fd)
return nil, &net.OpError{Op: "fake", Err: fmt.Errorf("socket bind: %s", err)} return nil, &net.OpError{Op: "fake", Err: fmt.Errorf("socket bind: %s", err)}
} }
fdFile := os.NewFile(uintptr(fileDescriptor), fmt.Sprintf("net-udp-fake-%s", addr.String())) fdFile := os.NewFile(uintptr(fd), fmt.Sprintf("net-udp-fake-%s", addr.String()))
defer fdFile.Close() defer fdFile.Close()
packetConn, err := net.FilePacketConn(fdFile) packetConn, err := net.FilePacketConn(fdFile)
if err != nil { if err != nil {
syscall.Close(fileDescriptor) syscall.Close(fd)
return nil, &net.OpError{Op: "fake", Err: fmt.Errorf("convert file descriptor to connection: %s", err)} return nil, &net.OpError{Op: "fake", Err: fmt.Errorf("convert file descriptor to connection: %s", err)}
} }
return packetConn, nil return packetConn, nil
} }
func udpAddrToSocketAddr(addr *net.UDPAddr) (syscall.Sockaddr, int, error) {
switch {
case addr.IP.To4() != nil:
ip := [4]byte{}
copy(ip[:], addr.IP.To4())
return &syscall.SockaddrInet4{Addr: ip, Port: addr.Port}, syscall.AF_INET, nil
default:
ip := [16]byte{}
copy(ip[:], addr.IP.To16())
return &syscall.SockaddrInet6{Addr: ip, Port: addr.Port, ZoneId: 0}, syscall.AF_INET6, nil
}
}