black-internet-days-ahead/Xray-core
1
0
Fork 0
mirror of https://github.com/XTLS/Xray-core.git synced 2024-11-10 02:53:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Refactor: TPROXY inbound UDP write back

Browse source 
https://t.me/projectXray/119670

虽然不一定是最终的版本,但值得记录,感谢协助测试的各位朋友,特别感谢 @yichya @huyz
This commit is contained in:
RPRX 2020-12-31 15:57:15 +00:00 committed by GitHub
parent 310a938511
commit c41a1a56fe
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 157 additions and 32 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

74
proxy/dokodemo/dokodemo.go
View file

@ -163,6 +163,25 @@ func (d *DokodemoDoor) Process(ctx context.Context, network net.Network, conn in
if !destinationOverridden { if !destinationOverridden {
writer = &buf.SequentialWriter{Writer: conn} writer = &buf.SequentialWriter{Writer: conn}
} else { } else {
var addr *net.UDPAddr
var mark int
if dest.Address.Family().IsIP() {
addr = &net.UDPAddr{
IP: dest.Address.IP(),
Port: int(dest.Port),
}
}
if d.sockopt != nil {
mark = int(d.sockopt.Mark)
}
pConn, err := FakeUDP(addr, mark)
if err != nil {
return err
}
back := net.DestinationFromAddr(conn.RemoteAddr())
writer = NewPacketWriter(pConn, &dest, mark, &back)
defer writer.(*PacketWriter).Close()
/*
sockopt := &internet.SocketConfig{ sockopt := &internet.SocketConfig{
Tproxy: internet.SocketConfig_TProxy, Tproxy: internet.SocketConfig_TProxy,
} }
@ -173,15 +192,12 @@ func (d *DokodemoDoor) Process(ctx context.Context, network net.Network, conn in
if d.sockopt != nil { if d.sockopt != nil {
sockopt.Mark = d.sockopt.Mark sockopt.Mark = d.sockopt.Mark
} }
to := net.DestinationFromAddr(conn.RemoteAddr()) tConn, err := internet.DialSystem(ctx, net.DestinationFromAddr(conn.RemoteAddr()), sockopt)
tConn, err := internet.DialSystem(ctx, to, sockopt)
if err != nil { if err != nil {
return err return err
} }
writer = NewPacketWriter(tConn, &dest, ctx, &to, sockopt)
defer writer.(*PacketWriter).Close()
/*
defer tConn.Close() defer tConn.Close()
writer = &buf.SequentialWriter{Writer: tConn} writer = &buf.SequentialWriter{Writer: tConn}
tReader := buf.NewPacketReader(tConn) tReader := buf.NewPacketReader(tConn)
requestCount++ requestCount++
@ -220,24 +236,25 @@ func (d *DokodemoDoor) Process(ctx context.Context, network net.Network, conn in
return nil return nil
} }
func NewPacketWriter(conn net.Conn, d *net.Destination, ctx context.Context, to *net.Destination, sockopt *internet.SocketConfig) buf.Writer { func NewPacketWriter(conn net.PacketConn, d *net.Destination, mark int, back *net.Destination) buf.Writer {
writer := &PacketWriter{ writer := &PacketWriter{
conn: conn, conn: conn,
conns: make(map[net.Destination]net.Conn), conns: make(map[net.Destination]net.PacketConn),
ctx: ctx, mark: mark,
to: to, back: &net.UDPAddr{
sockopt: sockopt, IP: back.Address.IP(),
Port: int(back.Port),
},
} }
writer.conns[*d] = conn writer.conns[*d] = conn
return writer return writer
} }
type PacketWriter struct { type PacketWriter struct {
conn net.Conn conn net.PacketConn
conns map[net.Destination]net.Conn conns map[net.Destination]net.PacketConn
ctx context.Context mark int
to *net.Destination back *net.UDPAddr
sockopt *internet.SocketConfig
} }
func (w *PacketWriter) WriteMultiBuffer(mb buf.MultiBuffer) error { func (w *PacketWriter) WriteMultiBuffer(mb buf.MultiBuffer) error {
@ -251,25 +268,36 @@ func (w *PacketWriter) WriteMultiBuffer(mb buf.MultiBuffer) error {
if b.UDP != nil && b.UDP.Address.Family().IsIP() { if b.UDP != nil && b.UDP.Address.Family().IsIP() {
conn := w.conns[*b.UDP] conn := w.conns[*b.UDP]
if conn == nil { if conn == nil {
w.sockopt.BindAddress = b.UDP.Address.IP() conn, err = FakeUDP(
w.sockopt.BindPort = uint32(b.UDP.Port) &net.UDPAddr{
conn, _ = internet.DialSystem(w.ctx, *w.to, w.sockopt) IP: b.UDP.Address.IP(),
if conn == nil { Port: int(b.UDP.Port),
},
w.mark,
)
if err != nil {
b.Release() b.Release()
continue buf.ReleaseMulti(mb)
return err
} }
w.conns[*b.UDP] = conn w.conns[*b.UDP] = conn
} }
_, err = conn.Write(b.Bytes()) _, err = conn.WriteTo(b.Bytes(), w.back)
} else { if err != nil {
_, err = w.conn.Write(b.Bytes()) conn.Close()
w.conns[*b.UDP] = nil
newError(err).WriteToLog()
} }
b.Release() b.Release()
} else {
_, err = w.conn.WriteTo(b.Bytes(), w.back)
b.Release()
if err != nil { if err != nil {
buf.ReleaseMulti(mb) buf.ReleaseMulti(mb)
return err return err
} }
} }
}
return nil return nil
} }

85
proxy/dokodemo/fakeudp_linux.go Normal file
View file

@ -0,0 +1,85 @@
// +build linux
package dokodemo
import (
"fmt"
"net"
"os"
"strconv"
"syscall"
)
func FakeUDP(addr *net.UDPAddr, mark int) (net.PacketConn, error) {
if addr == nil {
addr = &net.UDPAddr{
IP: []byte{0, 0, 0, 0},
Port: 0,
}
}
localSocketAddress, af, err := udpAddrToSocketAddr(addr)
if err != nil {
return nil, &net.OpError{Op: "fake", Err: fmt.Errorf("build local socket address: %s", err)}
}
fileDescriptor, err := syscall.Socket(af, syscall.SOCK_DGRAM, 0)
if err != nil {
return nil, &net.OpError{Op: "fake", Err: fmt.Errorf("socket open: %s", err)}
}
if mark != 0 {
if err = syscall.SetsockoptInt(fileDescriptor, syscall.SOL_SOCKET, syscall.SO_MARK, mark); err != nil {
syscall.Close(fileDescriptor)
return nil, &net.OpError{Op: "fake", Err: fmt.Errorf("set socket option: SO_MARK: %s", err)}
}
}
if err = syscall.SetsockoptInt(fileDescriptor, syscall.SOL_SOCKET, syscall.SO_REUSEADDR, 1); err != nil {
syscall.Close(fileDescriptor)
return nil, &net.OpError{Op: "fake", Err: fmt.Errorf("set socket option: SO_REUSEADDR: %s", err)}
}
if err = syscall.SetsockoptInt(fileDescriptor, syscall.SOL_IP, syscall.IP_TRANSPARENT, 1); err != nil {
syscall.Close(fileDescriptor)
return nil, &net.OpError{Op: "fake", Err: fmt.Errorf("set socket option: IP_TRANSPARENT: %s", err)}
}
if err = syscall.Bind(fileDescriptor, localSocketAddress); err != nil {
syscall.Close(fileDescriptor)
return nil, &net.OpError{Op: "fake", Err: fmt.Errorf("socket bind: %s", err)}
}
fdFile := os.NewFile(uintptr(fileDescriptor), fmt.Sprintf("net-udp-fake-%s", addr.String()))
defer fdFile.Close()
packetConn, err := net.FilePacketConn(fdFile)
if err != nil {
syscall.Close(fileDescriptor)
return nil, &net.OpError{Op: "fake", Err: fmt.Errorf("convert file descriptor to connection: %s", err)}
}
return packetConn, nil
}
func udpAddrToSocketAddr(addr *net.UDPAddr) (syscall.Sockaddr, int, error) {
switch {
case addr.IP.To4() != nil:
ip := [4]byte{}
copy(ip[:], addr.IP.To4())
return &syscall.SockaddrInet4{Addr: ip, Port: addr.Port}, syscall.AF_INET, nil
default:
ip := [16]byte{}
copy(ip[:], addr.IP.To16())
zoneID, err := strconv.ParseUint(addr.Zone, 10, 32)
if err != nil {
return nil, 0, err
}
return &syscall.SockaddrInet6{Addr: ip, Port: addr.Port, ZoneId: uint32(zoneID)}, syscall.AF_INET6, nil
}
}

12
proxy/dokodemo/fakeudp_other.go Normal file
View file

@ -0,0 +1,12 @@
// +build !linux
package dokodemo
import (
"fmt"
"net"
)
func FakeUDP(addr *net.UDPAddr, mark int) (net.PacketConn, error) {
return nil, &net.OpError{Op: "fake", Err: fmt.Errorf("!linux")}
}