mirror of
https://github.com/SagerNet/sing-box.git
synced 2024-11-28 19:41:29 +00:00
Add udp_disable_domain_unmapping inbound listen option
This commit is contained in:
parent
4d23773a25
commit
81e214812f
|
@ -7,28 +7,26 @@
|
||||||
"tcp_fast_open": false,
|
"tcp_fast_open": false,
|
||||||
"tcp_multi_path": false,
|
"tcp_multi_path": false,
|
||||||
"udp_fragment": false,
|
"udp_fragment": false,
|
||||||
|
"udp_timeout": 300,
|
||||||
|
"detour": "another-in",
|
||||||
"sniff": false,
|
"sniff": false,
|
||||||
"sniff_override_destination": false,
|
"sniff_override_destination": false,
|
||||||
"sniff_timeout": "300ms",
|
"sniff_timeout": "300ms",
|
||||||
"domain_strategy": "prefer_ipv6",
|
"domain_strategy": "prefer_ipv6",
|
||||||
"udp_timeout": 300,
|
"udp_disable_domain_unmapping": false
|
||||||
"proxy_protocol": false,
|
|
||||||
"proxy_protocol_accept_no_header": false,
|
|
||||||
"detour": "another-in"
|
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
### Fields
|
### Fields
|
||||||
|
|
||||||
| Field | Available Context |
|
| Field | Available Context |
|
||||||
|-----------------------------------|-------------------------------------------------------------------|
|
|--------------------------------|-------------------------------------------------------------------|
|
||||||
| `listen` | Needs to listen on TCP or UDP. |
|
| `listen` | Needs to listen on TCP or UDP. |
|
||||||
| `listen_port` | Needs to listen on TCP or UDP. |
|
| `listen_port` | Needs to listen on TCP or UDP. |
|
||||||
| `tcp_fast_open` | Needs to listen on TCP. |
|
| `tcp_fast_open` | Needs to listen on TCP. |
|
||||||
| `tcp_multi_path` | Needs to listen on TCP. |
|
| `tcp_multi_path` | Needs to listen on TCP. |
|
||||||
| `udp_timeout` | Needs to assemble UDP connections, currently Tun and Shadowsocks. |
|
| `udp_timeout` | Needs to assemble UDP connections, currently Tun and Shadowsocks. |
|
||||||
| `proxy_protocol` | Needs to listen on TCP. |
|
| `udp_disable_domain_unmapping` | Needs to listen on UDP and accept domain UDP addresses. |
|
||||||
| `proxy_protocol_accept_no_header` | When `proxy_protocol` enabled |
|
|
||||||
|
|
||||||
#### listen
|
#### listen
|
||||||
|
|
||||||
|
@ -56,6 +54,16 @@ Enable TCP Multi Path.
|
||||||
|
|
||||||
Enable UDP fragmentation.
|
Enable UDP fragmentation.
|
||||||
|
|
||||||
|
#### udp_timeout
|
||||||
|
|
||||||
|
UDP NAT expiration time in seconds, default is 300 (5 minutes).
|
||||||
|
|
||||||
|
#### detour
|
||||||
|
|
||||||
|
If set, connections will be forwarded to the specified inbound.
|
||||||
|
|
||||||
|
Requires target inbound support, see [Injectable](/configuration/inbound/#fields).
|
||||||
|
|
||||||
#### sniff
|
#### sniff
|
||||||
|
|
||||||
Enable sniffing.
|
Enable sniffing.
|
||||||
|
@ -82,20 +90,10 @@ If set, the requested domain name will be resolved to IP before routing.
|
||||||
|
|
||||||
If `sniff_override_destination` is in effect, its value will be taken as a fallback.
|
If `sniff_override_destination` is in effect, its value will be taken as a fallback.
|
||||||
|
|
||||||
#### udp_timeout
|
#### udp_disable_domain_unmapping
|
||||||
|
|
||||||
UDP NAT expiration time in seconds, default is 300 (5 minutes).
|
If enabled, for UDP proxy requests addressed to a domain,
|
||||||
|
the original packet address will be sent in the response instead of the mapped domain.
|
||||||
|
|
||||||
#### proxy_protocol
|
This option is used for compatibility with clients that
|
||||||
|
do not support receiving UDP packets with domain addresses, such as Surge.
|
||||||
Parse [Proxy Protocol](https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt) in the connection header.
|
|
||||||
|
|
||||||
#### proxy_protocol_accept_no_header
|
|
||||||
|
|
||||||
Accept connections without Proxy Protocol header.
|
|
||||||
|
|
||||||
#### detour
|
|
||||||
|
|
||||||
If set, connections will be forwarded to the specified inbound.
|
|
||||||
|
|
||||||
Requires target inbound support, see [Injectable](/configuration/inbound/#fields).
|
|
||||||
|
|
|
@ -7,14 +7,13 @@
|
||||||
"tcp_fast_open": false,
|
"tcp_fast_open": false,
|
||||||
"tcp_multi_path": false,
|
"tcp_multi_path": false,
|
||||||
"udp_fragment": false,
|
"udp_fragment": false,
|
||||||
|
"udp_timeout": 300,
|
||||||
|
"detour": "another-in",
|
||||||
"sniff": false,
|
"sniff": false,
|
||||||
"sniff_override_destination": false,
|
"sniff_override_destination": false,
|
||||||
"sniff_timeout": "300ms",
|
"sniff_timeout": "300ms",
|
||||||
"domain_strategy": "prefer_ipv6",
|
"domain_strategy": "prefer_ipv6",
|
||||||
"udp_timeout": 300,
|
"udp_disable_domain_unmapping": false
|
||||||
"proxy_protocol": false,
|
|
||||||
"proxy_protocol_accept_no_header": false,
|
|
||||||
"detour": "another-in"
|
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -26,8 +25,7 @@
|
||||||
| `tcp_fast_open` | 需要监听 TCP。 |
|
| `tcp_fast_open` | 需要监听 TCP。 |
|
||||||
| `tcp_multi_path` | 需要监听 TCP。 |
|
| `tcp_multi_path` | 需要监听 TCP。 |
|
||||||
| `udp_timeout` | 需要组装 UDP 连接, 当前为 Tun 和 Shadowsocks。 |
|
| `udp_timeout` | 需要组装 UDP 连接, 当前为 Tun 和 Shadowsocks。 |
|
||||||
| `proxy_protocol` | 需要监听 TCP。 |
|
|
|
||||||
| `proxy_protocol_accept_no_header` | `proxy_protocol` 启用时 |
|
|
||||||
|
|
||||||
### 字段
|
### 字段
|
||||||
|
|
||||||
|
@ -57,6 +55,16 @@
|
||||||
|
|
||||||
启用 UDP 分段。
|
启用 UDP 分段。
|
||||||
|
|
||||||
|
#### udp_timeout
|
||||||
|
|
||||||
|
UDP NAT 过期时间,以秒为单位,默认为 300(5 分钟)。
|
||||||
|
|
||||||
|
#### detour
|
||||||
|
|
||||||
|
如果设置,连接将被转发到指定的入站。
|
||||||
|
|
||||||
|
需要目标入站支持,参阅 [注入支持](/zh/configuration/inbound/#_3)。
|
||||||
|
|
||||||
#### sniff
|
#### sniff
|
||||||
|
|
||||||
启用协议探测。
|
启用协议探测。
|
||||||
|
@ -83,20 +91,8 @@
|
||||||
|
|
||||||
如果 `sniff_override_destination` 生效,它的值将作为后备。
|
如果 `sniff_override_destination` 生效,它的值将作为后备。
|
||||||
|
|
||||||
#### udp_timeout
|
#### udp_disable_domain_unmapping
|
||||||
|
|
||||||
UDP NAT 过期时间,以秒为单位,默认为 300(5 分钟)。
|
如果启用,对于地址为域的 UDP 代理请求,将在响应中发送原始包地址而不是映射的域。
|
||||||
|
|
||||||
#### proxy_protocol
|
此选项用于兼容不支持接收带有域地址的 UDP 包的客户端,如 Surge。
|
||||||
|
|
||||||
解析连接头中的 [代理协议](https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt)。
|
|
||||||
|
|
||||||
#### proxy_protocol_accept_no_header
|
|
||||||
|
|
||||||
接受没有代理协议标头的连接。
|
|
||||||
|
|
||||||
#### detour
|
|
||||||
|
|
||||||
如果设置,连接将被转发到指定的入站。
|
|
||||||
|
|
||||||
需要目标入站支持,参阅 [注入支持](/zh/configuration/inbound/#_3)。
|
|
||||||
|
|
2
go.mod
2
go.mod
|
@ -26,7 +26,7 @@ require (
|
||||||
github.com/sagernet/gvisor v0.0.0-20230930141345-5fef6f2e17ab
|
github.com/sagernet/gvisor v0.0.0-20230930141345-5fef6f2e17ab
|
||||||
github.com/sagernet/quic-go v0.0.0-20231008035953-32727fef9460
|
github.com/sagernet/quic-go v0.0.0-20231008035953-32727fef9460
|
||||||
github.com/sagernet/reality v0.0.0-20230406110435-ee17307e7691
|
github.com/sagernet/reality v0.0.0-20230406110435-ee17307e7691
|
||||||
github.com/sagernet/sing v0.2.18-0.20231124115745-e50e7ae2d3e4
|
github.com/sagernet/sing v0.2.18-0.20231124125253-2dcabf4bfcbc
|
||||||
github.com/sagernet/sing-dns v0.1.11
|
github.com/sagernet/sing-dns v0.1.11
|
||||||
github.com/sagernet/sing-mux v0.1.4
|
github.com/sagernet/sing-mux v0.1.4
|
||||||
github.com/sagernet/sing-quic v0.1.5-0.20231123150204-077075e9b6ad
|
github.com/sagernet/sing-quic v0.1.5-0.20231123150204-077075e9b6ad
|
||||||
|
|
4
go.sum
4
go.sum
|
@ -114,8 +114,8 @@ github.com/sagernet/reality v0.0.0-20230406110435-ee17307e7691 h1:5Th31OC6yj8byL
|
||||||
github.com/sagernet/reality v0.0.0-20230406110435-ee17307e7691/go.mod h1:B8lp4WkQ1PwNnrVMM6KyuFR20pU8jYBD+A4EhJovEXU=
|
github.com/sagernet/reality v0.0.0-20230406110435-ee17307e7691/go.mod h1:B8lp4WkQ1PwNnrVMM6KyuFR20pU8jYBD+A4EhJovEXU=
|
||||||
github.com/sagernet/sing v0.0.0-20220817130738-ce854cda8522/go.mod h1:QVsS5L/ZA2Q5UhQwLrn0Trw+msNd/NPGEhBKR/ioWiY=
|
github.com/sagernet/sing v0.0.0-20220817130738-ce854cda8522/go.mod h1:QVsS5L/ZA2Q5UhQwLrn0Trw+msNd/NPGEhBKR/ioWiY=
|
||||||
github.com/sagernet/sing v0.1.8/go.mod h1:jt1w2u7lJQFFSGLiRrRIs5YWmx4kAPfWuOejuDW9qMk=
|
github.com/sagernet/sing v0.1.8/go.mod h1:jt1w2u7lJQFFSGLiRrRIs5YWmx4kAPfWuOejuDW9qMk=
|
||||||
github.com/sagernet/sing v0.2.18-0.20231124115745-e50e7ae2d3e4 h1:Pew0S+oj/RLZ8zaxFGykDyQ6Pu5yiKAMDF/kqJcFAB8=
|
github.com/sagernet/sing v0.2.18-0.20231124125253-2dcabf4bfcbc h1:vESVuxHgbd2EzHxd+TYTpNACIEGBOhp5n3KG7bgbcws=
|
||||||
github.com/sagernet/sing v0.2.18-0.20231124115745-e50e7ae2d3e4/go.mod h1:OL6k2F0vHmEzXz2KW19qQzu172FDgSbUSODylighuVo=
|
github.com/sagernet/sing v0.2.18-0.20231124125253-2dcabf4bfcbc/go.mod h1:OL6k2F0vHmEzXz2KW19qQzu172FDgSbUSODylighuVo=
|
||||||
github.com/sagernet/sing-dns v0.1.11 h1:PPrMCVVrAeR3f5X23I+cmvacXJ+kzuyAsBiWyUKhGSE=
|
github.com/sagernet/sing-dns v0.1.11 h1:PPrMCVVrAeR3f5X23I+cmvacXJ+kzuyAsBiWyUKhGSE=
|
||||||
github.com/sagernet/sing-dns v0.1.11/go.mod h1:zJ/YjnYB61SYE+ubMcMqVdpaSvsyQ2iShQGO3vuLvvE=
|
github.com/sagernet/sing-dns v0.1.11/go.mod h1:zJ/YjnYB61SYE+ubMcMqVdpaSvsyQ2iShQGO3vuLvvE=
|
||||||
github.com/sagernet/sing-mux v0.1.4 h1:BPNPOQr6HkXG3iY/BrfvUKUl+A7gYsGKVSxvoR3PO50=
|
github.com/sagernet/sing-mux v0.1.4 h1:BPNPOQr6HkXG3iY/BrfvUKUl+A7gYsGKVSxvoR3PO50=
|
||||||
|
|
|
@ -120,10 +120,11 @@ func (h *Inbound) UnmarshalJSON(bytes []byte) error {
|
||||||
}
|
}
|
||||||
|
|
||||||
type InboundOptions struct {
|
type InboundOptions struct {
|
||||||
SniffEnabled bool `json:"sniff,omitempty"`
|
SniffEnabled bool `json:"sniff,omitempty"`
|
||||||
SniffOverrideDestination bool `json:"sniff_override_destination,omitempty"`
|
SniffOverrideDestination bool `json:"sniff_override_destination,omitempty"`
|
||||||
SniffTimeout Duration `json:"sniff_timeout,omitempty"`
|
SniffTimeout Duration `json:"sniff_timeout,omitempty"`
|
||||||
DomainStrategy DomainStrategy `json:"domain_strategy,omitempty"`
|
DomainStrategy DomainStrategy `json:"domain_strategy,omitempty"`
|
||||||
|
UDPDisableDomainUnmapping bool `json:"udp_disable_domain_unmapping,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type ListenOptions struct {
|
type ListenOptions struct {
|
||||||
|
|
|
@ -124,9 +124,13 @@ func NewPacketConnection(ctx context.Context, this N.Dialer, conn N.PacketConn,
|
||||||
}
|
}
|
||||||
if destinationAddress.IsValid() {
|
if destinationAddress.IsValid() {
|
||||||
if metadata.Destination.IsFqdn() {
|
if metadata.Destination.IsFqdn() {
|
||||||
outConn = bufio.NewNATPacketConn(bufio.NewPacketConn(outConn), M.SocksaddrFrom(destinationAddress, metadata.Destination.Port), metadata.Destination)
|
if metadata.InboundOptions.UDPDisableDomainUnmapping {
|
||||||
|
outConn = bufio.NewUnidirectionalNATPacketConn(bufio.NewPacketConn(outConn), M.SocksaddrFrom(destinationAddress, metadata.Destination.Port), metadata.Destination)
|
||||||
|
} else {
|
||||||
|
outConn = bufio.NewNATPacketConn(bufio.NewPacketConn(outConn), M.SocksaddrFrom(destinationAddress, metadata.Destination.Port), metadata.Destination)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
if natConn, loaded := common.Cast[*bufio.NATPacketConn](conn); loaded {
|
if natConn, loaded := common.Cast[bufio.NATPacketConn](conn); loaded {
|
||||||
natConn.UpdateDestination(destinationAddress)
|
natConn.UpdateDestination(destinationAddress)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -170,7 +174,7 @@ func NewDirectPacketConnection(ctx context.Context, router adapter.Router, this
|
||||||
if metadata.Destination.IsFqdn() {
|
if metadata.Destination.IsFqdn() {
|
||||||
outConn = bufio.NewNATPacketConn(bufio.NewPacketConn(outConn), M.SocksaddrFrom(destinationAddress, metadata.Destination.Port), metadata.Destination)
|
outConn = bufio.NewNATPacketConn(bufio.NewPacketConn(outConn), M.SocksaddrFrom(destinationAddress, metadata.Destination.Port), metadata.Destination)
|
||||||
}
|
}
|
||||||
if natConn, loaded := common.Cast[*bufio.NATPacketConn](conn); loaded {
|
if natConn, loaded := common.Cast[bufio.NATPacketConn](conn); loaded {
|
||||||
natConn.UpdateDestination(destinationAddress)
|
natConn.UpdateDestination(destinationAddress)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue