Fix: should use the correct gateway for TUN system stack

This commit is contained in:
gVisor bot 2022-03-13 17:48:43 +08:00
parent dc0339e399
commit cb7e7fa23f
5 changed files with 53 additions and 20 deletions

View File

@ -13,14 +13,18 @@ func GetAutoDetectInterface() (string, error) {
} }
func ConfigInterfaceAddress(dev device.Device, addr netip.Prefix, forceMTU int, autoRoute bool) error { func ConfigInterfaceAddress(dev device.Device, addr netip.Prefix, forceMTU int, autoRoute bool) error {
interfaceName := dev.Name()
if !addr.Addr().Is4() { if !addr.Addr().Is4() {
return fmt.Errorf("supported ipv4 only") return fmt.Errorf("supported ipv4 only")
} }
ip := addr.Addr() var (
netmask := IPv4MaskString(addr.Bits()) interfaceName = dev.Name()
cmdStr := fmt.Sprintf("ifconfig %s inet %s netmask %s %s", interfaceName, ip, netmask, ip) ip = addr.Masked().Addr().Next()
gw = addr.Addr()
netmask = IPv4MaskString(addr.Bits())
)
cmdStr := fmt.Sprintf("ifconfig %s inet %s netmask %s %s", interfaceName, ip, netmask, gw)
_, err := cmd.ExecCmd(cmdStr) _, err := cmd.ExecCmd(cmdStr)
if err != nil { if err != nil {

View File

@ -13,8 +13,12 @@ func GetAutoDetectInterface() (string, error) {
} }
func ConfigInterfaceAddress(dev device.Device, addr netip.Prefix, forceMTU int, autoRoute bool) error { func ConfigInterfaceAddress(dev device.Device, addr netip.Prefix, forceMTU int, autoRoute bool) error {
interfaceName := dev.Name() var (
_, err := cmd.ExecCmd(fmt.Sprintf("ip addr add %s dev %s", addr.String(), interfaceName)) interfaceName = dev.Name()
ip = addr.Masked().Addr().Next()
)
_, err := cmd.ExecCmd(fmt.Sprintf("ip addr add %s dev %s", ip.String(), interfaceName))
if err != nil { if err != nil {
return err return err
} }
@ -31,8 +35,9 @@ func ConfigInterfaceAddress(dev device.Device, addr netip.Prefix, forceMTU int,
} }
func configInterfaceRouting(interfaceName string, addr netip.Prefix) error { func configInterfaceRouting(interfaceName string, addr netip.Prefix) error {
linkIP := addr.Masked().Addr().Next()
for _, route := range ROUTES { for _, route := range ROUTES {
if err := execRouterCmd("add", route, interfaceName, addr.Addr().String()); err != nil { if err := execRouterCmd("add", route, interfaceName, linkIP.String()); err != nil {
return err return err
} }
} }

View File

@ -40,12 +40,15 @@ startOver:
log.Infoln("[wintun]: tun adapter GUID: %s", guid.String()) log.Infoln("[wintun]: tun adapter GUID: %s", guid.String())
} }
addresses := []netip.Prefix{addr} var (
ip = addr.Masked().Addr().Next()
addresses = []netip.Prefix{netip.PrefixFrom(ip, addr.Bits())}
family := winipcfg.AddressFamily(windows.AF_INET) family4 = winipcfg.AddressFamily(windows.AF_INET)
familyV6 := winipcfg.AddressFamily(windows.AF_INET6) familyV6 = winipcfg.AddressFamily(windows.AF_INET6)
currentFamily = winipcfg.AddressFamily(windows.AF_INET6)
)
currentFamily := winipcfg.AddressFamily(windows.AF_INET6)
if addr.Addr().Is4() { if addr.Addr().Is4() {
currentFamily = winipcfg.AddressFamily(windows.AF_INET) currentFamily = winipcfg.AddressFamily(windows.AF_INET)
} }
@ -114,7 +117,14 @@ startOver:
deduplicatedRoutes = append(deduplicatedRoutes, &r) deduplicatedRoutes = append(deduplicatedRoutes, &r)
} }
err = luid.SetRoutesForFamily(family, deduplicatedRoutes) // append the gateway
deduplicatedRoutes = append(deduplicatedRoutes, &winipcfg.RouteData{
Destination: addr.Masked(),
NextHop: addr.Addr(),
Metric: 0,
})
err = luid.SetRoutesForFamily(currentFamily, deduplicatedRoutes)
if err == windows.ERROR_NOT_FOUND && retryOnFailure { if err == windows.ERROR_NOT_FOUND && retryOnFailure {
goto startOver goto startOver
} else if err != nil { } else if err != nil {
@ -134,7 +144,7 @@ startOver:
} }
var ipif *winipcfg.MibIPInterfaceRow var ipif *winipcfg.MibIPInterfaceRow
ipif, err = luid.IPInterface(family) ipif, err = luid.IPInterface(family4)
if err != nil { if err != nil {
return err return err
} }
@ -181,7 +191,7 @@ startOver:
} }
dnsAdds := []netip.Addr{netip.MustParseAddr("198.18.0.2")} dnsAdds := []netip.Addr{netip.MustParseAddr("198.18.0.2")}
err = luid.SetDNS(family, dnsAdds, nil) err = luid.SetDNS(family4, dnsAdds, nil)
if err == windows.ERROR_NOT_FOUND && retryOnFailure { if err == windows.ERROR_NOT_FOUND && retryOnFailure {
goto startOver goto startOver
} else if err != nil { } else if err != nil {

View File

@ -38,8 +38,10 @@ func (s sysStack) Close() error {
var ipv4LoopBack = netip.MustParsePrefix("127.0.0.0/8") var ipv4LoopBack = netip.MustParsePrefix("127.0.0.0/8")
func New(device device.Device, dnsHijack []netip.AddrPort, tunAddress netip.Prefix, tcpIn chan<- C.ConnContext, udpIn chan<- *inbound.PacketAdapter) (ipstack.Stack, error) { func New(device device.Device, dnsHijack []netip.AddrPort, tunAddress netip.Prefix, tcpIn chan<- C.ConnContext, udpIn chan<- *inbound.PacketAdapter) (ipstack.Stack, error) {
portal := tunAddress.Addr() var (
gateway := portal portal = tunAddress.Addr()
gateway = tunAddress.Masked().Addr().Next()
)
stack, err := mars.StartListener(device, gateway, portal) stack, err := mars.StartListener(device, gateway, portal)
if err != nil { if err != nil {

View File

@ -28,7 +28,7 @@ func New(tunConf *config.Tun, tcpIn chan<- C.ConnContext, udpIn chan<- *inbound.
devName = generateDeviceName() devName = generateDeviceName()
} }
tunAddress := netip.MustParsePrefix("198.18.0.1/16") tunAddress := netip.MustParsePrefix("198.18.255.254/16")
autoRoute := tunConf.AutoRoute autoRoute := tunConf.AutoRoute
stackType := tunConf.Stack stackType := tunConf.Stack
mtu := 9000 mtu := 9000
@ -87,9 +87,9 @@ func New(tunConf *config.Tun, tcpIn chan<- C.ConnContext, udpIn chan<- *inbound.
return nil, fmt.Errorf("setting interface address and routing failed: %w", err) return nil, fmt.Errorf("setting interface address and routing failed: %w", err)
} }
setAtLatest(stackType) setAtLatest(stackType, devName)
log.Infoln("TUN stack listening at: %s(%s), mtu: %d, auto route: %v, ip stack: %s", tunDevice.Name(), tunAddress.Addr().String(), mtu, autoRoute, stackType) log.Infoln("TUN stack listening at: %s(%s), mtu: %d, auto route: %v, ip stack: %s", tunDevice.Name(), tunAddress.Masked().Addr().Next().String(), mtu, autoRoute, stackType)
return tunStack, nil return tunStack, nil
} }
@ -127,7 +127,7 @@ func parseDevice(s string, mtu uint32) (device.Device, error) {
} }
} }
func setAtLatest(stackType C.TUNStack) { func setAtLatest(stackType C.TUNStack, devName string) {
if stackType != C.TunSystem { if stackType != C.TunSystem {
return return
} }
@ -137,6 +137,18 @@ func setAtLatest(stackType C.TUNStack) {
_, _ = cmd.ExecCmd("ipconfig /renew") _, _ = cmd.ExecCmd("ipconfig /renew")
case "linux": case "linux":
// _, _ = cmd.ExecCmd("sysctl -w net.ipv4.ip_forward=1") // _, _ = cmd.ExecCmd("sysctl -w net.ipv4.ip_forward=1")
// _, _ = cmd.ExecCmd("sysctl -w net.ipv4.conf.all.forwarding = 1")
// _, _ = cmd.ExecCmd("sysctl -w net.ipv4.conf.all.accept_local = 1")
// _, _ = cmd.ExecCmd("sysctl -w net.ipv4.conf.all.accept_redirects = 1")
// _, _ = cmd.ExecCmd("sysctl -w net.ipv4.conf.all.rp_filter = 2")
// _, _ = cmd.ExecCmd("sysctl -w net.ipv4.conf.default.forwarding = 1")
// _, _ = cmd.ExecCmd("sysctl -w net.ipv4.conf.default.accept_local = 1")
// _, _ = cmd.ExecCmd("sysctl -w net.ipv4.conf.default.accept_redirects = 1")
// _, _ = cmd.ExecCmd("sysctl -w net.ipv4.conf.default.rp_filter = 2")
// _, _ = cmd.ExecCmd(fmt.Sprintf("sysctl -w net.ipv4.conf.%s.forwarding = 1", devName))
// _, _ = cmd.ExecCmd(fmt.Sprintf("sysctl -w net.ipv4.conf.%s.accept_local = 1", devName))
// _, _ = cmd.ExecCmd(fmt.Sprintf("sysctl -w net.ipv4.conf.%s.accept_redirects = 1", devName))
// _, _ = cmd.ExecCmd(fmt.Sprintf("sysctl -w net.ipv4.conf.%s.rp_filter = 2", devName))
// _, _ = cmd.ExecCmd("iptables -t filter -P FORWARD ACCEPT") // _, _ = cmd.ExecCmd("iptables -t filter -P FORWARD ACCEPT")
} }
} }