style: refine control plane log print

component/control/addr.go

@@ -0,0 +1,25 @@
+/*
+ * SPDX-License-Identifier: AGPL-3.0-only
+ * Copyright (c) since 2023, mzz2017 <mzz@tuta.io>
+ */
+
+package control
+
+import (
+	"net"
+	"net/netip"
+	"strconv"
+)
+
+func RefineSourceToShow(src netip.AddrPort, dAddr netip.Addr) (srcToShow string) {
+	if src.Addr() == dAddr {
+		// If nothing else, this means this packet is sent from localhost.
+		return net.JoinHostPort("localhost", strconv.Itoa(int(src.Port())))
+	} else {
+		return RefineAddrPortToShow(src)
+	}
+}
+
+func RefineAddrPortToShow(addrPort netip.AddrPort) (srcToShow string) {
+	return net.JoinHostPort(net.IP(addrPort.Addr().AsSlice()).String(), strconv.Itoa(int(addrPort.Port())))
+}

component/control/kern/tproxy.c

@@ -1054,7 +1054,7 @@ int tproxy_ingress(struct __sk_buff *skb) {
     __builtin_memcpy(saddr, &ipv6h.saddr, IPV6_BYTE_LENGTH);
   }
 
-  // If this packet is sent to this host, accept it.
+  // If this packet is sent to this host and not a DNS packet, accept it.
   __u32 tproxy_ip[4];
   int to_host = ip_is_host(ipversion, skb->ifindex, daddr, tproxy_ip);
   if (to_host < 0) { // error
@@ -1063,7 +1063,7 @@ int tproxy_ingress(struct __sk_buff *skb) {
   }
   if (to_host == 1) {
     if (l4proto == IPPROTO_UDP && udph.dest == 53) {
-      // To host:53. Process it.
+      // To udp:host:53. Process it.
     } else {
       // To host. Accept.
       return TC_ACT_OK;
@@ -1773,8 +1773,11 @@ int tproxy_wan_ingress(struct __sk_buff *skb) {
     // If a client sent a packet at the begining, let's say the client is
     // sender and its ip is right host ip.
     // saddr is host ip and right sender ip.
-    // dport is sender sport. See (1).
+    // Now when tproxy responses, dport is sender's sport. See (1) below. daddr
-    // bpf_printk("[%u]should send to origin: %pI6:%u", l4proto, saddr,
+    // is original dest ip (target address).
+
+    // bpf_printk("[%u]should send to origin: %pI6:%u",
+    // l4proto, saddr,
     //            bpf_ntohs(dport));
 
     if (l4proto == IPPROTO_TCP) {
@@ -1843,7 +1846,7 @@ int tproxy_wan_ingress(struct __sk_buff *skb) {
       //   bpf_printk("%02x", t);
       // }
     }
-    // Rewrite dip.
+    // Rewrite dip to host ip.
     if (rewrite_ip(skb, ipversion, l4proto, ihl, daddr, saddr, true) < 0) {
       bpf_printk("Shot IP: %d", ret);
       return TC_ACT_SHOT;
@@ -1964,7 +1967,7 @@ static int __always_inline update_map_elem_by_sk(struct sock *sk) {
   return 0;
 }
 
-// Get sip, sport to pid, pname mapping.
+// Remove sip, sport to pid, pname mapping.
 // kernel 5.5+
 // IPv4/IPv6 TCP/UDP send.
 SEC("fexit/inet_release")
@@ -1992,7 +1995,6 @@ int BPF_PROG(inet_send_prepare, struct sock *sk, int ret) {
   if (unlikely(ret)) {
     return 0;
   }
-  /// TODO: inet_release
   update_map_elem_by_sk(sk);
   return 0;
 }
@@ -2006,7 +2008,6 @@ int BPF_PROG(inet_bind, struct socket *sock, struct sockaddr *uaddr,
   if (ret) {
     return 0;
   }
-  /// TODO: inet_release
   update_map_elem_by_sk(sock->sk);
   return 0;
 }
@@ -2018,7 +2019,6 @@ int BPF_PROG(inet_bind, struct socket *sock, struct sockaddr *uaddr,
 // https://github.com/torvalds/linux/blob/62fb9874f5da54fdb243003b386128037319b219/net/ipv4/tcp_output.c#L3820
 SEC("fentry/tcp_connect")
 int BPF_PROG(tcp_connect, struct sock *sk) {
-  /// TODO: inet4_release
   update_map_elem_by_sk(sk);
   return 0;
 }
@@ -2031,7 +2031,6 @@ int BPF_PROG(inet_autobind, struct sock *sk, int ret) {
   if (ret) {
     return 0;
   }
-  /// TODO: inet4_release
   update_map_elem_by_sk(sk);
   return 0;
 }
@@ -2045,7 +2044,6 @@ int BPF_PROG(inet6_bind, struct socket *sock, struct sockaddr *uaddr,
   if (ret) {
     return 0;
   }
-  /// TODO: inet6_release
   update_map_elem_by_sk(sock->sk);
   return 0;
 }

component/control/tcp.go

@@ -47,7 +47,8 @@ func (c *ControlPlane) handleConn(lConn net.Conn) (err error) {
 	}
 	outbound := c.outbounds[value.Outbound]
 	// TODO: Set-up ip to domain mapping and show domain if possible.
-	c.log.Infof("TCP: %v <-[%v]-> %v", lConn.RemoteAddr(), outbound.Name, dst.String())
+	src := lConn.RemoteAddr().(*net.TCPAddr).AddrPort()
+	c.log.Infof("TCP: %v <-[%v]-> %v", RefineSourceToShow(src, dst.Addr()), outbound.Name, RefineAddrPortToShow(dst))
 	if value.Outbound < 0 || int(value.Outbound) >= len(c.outbounds) {
 		return fmt.Errorf("outbound id from bpf is out of range: %v not in [0, %v]", value.Outbound, len(c.outbounds)-1)
 	}

component/control/udp.go

@@ -121,12 +121,12 @@ func (c *ControlPlane) handlePkt(data []byte, lConn *net.UDPConn, lAddrPort neti
 			if c.log.IsLevelEnabled(logrus.DebugLevel) && len(dnsMessage.Questions) > 0 {
 				q := dnsMessage.Questions[0]
 				c.log.Debugf("UDP(DNS) %v <-[%v]-> Cache: %v %v",
-					lAddrPort.String(), outbound.Name, q.Name, q.Type,
+					RefineSourceToShow(lAddrPort, dest.Addr()), outbound.Name, q.Name, q.Type,
 				)
 			}
 			return nil
 		} else {
-			c.log.Debugf("Modify dns target %v to upstream: %v", addrHdr.Dest.String(), c.dnsUpstream.String())
+			c.log.Debugf("Modify dns target %v to upstream: %v", RefineAddrPortToShow(dest), c.dnsUpstream)
 			// Modify dns target to upstream.
 			// NOTICE: Routing was calculated in advance by the eBPF program.
 			dummyFrom = &addrHdr.Dest
@@ -135,14 +135,14 @@ func (c *ControlPlane) handlePkt(data []byte, lConn *net.UDPConn, lAddrPort neti
 			if c.log.IsLevelEnabled(logrus.DebugLevel) && len(dnsMessage.Questions) > 0 {
 				q := dnsMessage.Questions[0]
 				c.log.Debugf("UDP(DNS) %v <-[%v]-> %v: %v %v",
-					lAddrPort.String(), outbound.Name, dest.String(), q.Name, q.Type,
+					RefineSourceToShow(lAddrPort, dest.Addr()), outbound.Name, RefineAddrPortToShow(dest), q.Name, q.Type,
 				)
 			}
 		}
 	} else {
 		// TODO: Set-up ip to domain mapping and show domain if possible.
 		c.log.Infof("UDP %v <-[%v]-> %v",
-			lAddrPort.String(), outbound.Name, dest.String(),
+			RefineSourceToShow(lAddrPort, dest.Addr()), outbound.Name, RefineAddrPortToShow(dest),
 		)
 	}
 	ue, err := DefaultUdpEndpointPool.GetOrCreate(lAddrPort, &UdpEndpointOptions{