mirrors/dae
1
0
Fork 0
mirror of https://github.com/daeuniverse/dae.git synced 2025-01-22 02:07:50 +07:00
Code Issues Packages Projects Releases Wiki Activity

fix

Browse Source
This commit is contained in:
mzz2017 2023-02-06 22:03:03 +08:00
parent f8b83a9283
commit 9b38fa97e6
1 changed files with 38 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

79
component/control/kern/tproxy.c
View File

@ -1178,15 +1178,15 @@ int tproxy_lan_ingress(struct __sk_buff *skb) {
} }
/** /**
ip rule add fwmark 0x80000000/0x80000000 table 1000 ip rule add fwmark 0x80000000/0x80000000 table 2023
ip route add local 0.0.0.0/0 dev lo table 1000 ip route add local 0.0.0.0/0 dev lo table 2023
ip -6 rule add fwmark 0x80000000/0x80000000 table 1000 ip -6 rule add fwmark 0x80000000/0x80000000 table 2023
ip -6 route add local ::/0 dev lo table 1000 ip -6 route add local ::/0 dev lo table 2023
ip rule del fwmark 0x80000000/0x80000000 table 1000 ip rule del fwmark 0x80000000/0x80000000 table 2023
ip route del local 0.0.0.0/0 dev lo table 1000 ip route del local 0.0.0.0/0 dev lo table 2023
ip -6 rule del fwmark 0x80000000/0x80000000 table 1000 ip -6 rule del fwmark 0x80000000/0x80000000 table 2023
ip -6 route del local ::/0 dev lo table 1000 ip -6 route del local ::/0 dev lo table 2023
*/ */
struct bpf_sock_tuple tuple = {0}; struct bpf_sock_tuple tuple = {0};
__u32 tuple_size; __u32 tuple_size;
@ -1196,44 +1196,41 @@ int tproxy_lan_ingress(struct __sk_buff *skb) {
void *l4hdr; void *l4hdr;
// Socket lookup and assign skb to existing socket connection. // Socket lookup and assign skb to existing socket connection.
if ((bpf_map_lookup_elem(&routing_tuples_map, &tuples))) { if (ipversion == 4) {
// Should be old connection. tuple.ipv4.daddr = tuples.dst.ip[3];
is_old_conn = true; tuple.ipv4.saddr = tuples.src.ip[3];
tuple.ipv4.dport = tuples.dst.port;
tuple.ipv4.sport = tuples.src.port;
tuple_size = sizeof(tuple.ipv4);
} else {
__builtin_memcpy(tuple.ipv6.daddr, tuples.dst.ip, IPV6_BYTE_LENGTH);
__builtin_memcpy(tuple.ipv6.saddr, tuples.src.ip, IPV6_BYTE_LENGTH);
tuple.ipv6.dport = tuples.dst.port;
tuple.ipv6.sport = tuples.src.port;
tuple_size = sizeof(tuple.ipv6);
}
if (ipversion == 4) { if (l4proto == IPPROTO_TCP) {
tuple.ipv4.daddr = tuples.dst.ip[3]; // TCP.
tuple.ipv4.saddr = tuples.src.ip[3]; if (tcph.syn && !tcph.ack) {
tuple.ipv4.dport = tuples.dst.port; goto new_connection;
tuple.ipv4.sport = tuples.src.port;
tuple_size = sizeof(tuple.ipv4);
} else {
__builtin_memcpy(tuple.ipv6.daddr, tuples.dst.ip, IPV6_BYTE_LENGTH);
__builtin_memcpy(tuple.ipv6.saddr, tuples.src.ip, IPV6_BYTE_LENGTH);
tuple.ipv6.dport = tuples.dst.port;
tuple.ipv6.sport = tuples.src.port;
tuple_size = sizeof(tuple.ipv6);
} }
if (l4proto == IPPROTO_TCP) { sk = bpf_skc_lookup_tcp(skb, &tuple, tuple_size, BPF_F_CURRENT_NETNS, 0);
// TCP. if (sk) {
if (tcph.syn && !tcph.ack) { if (sk->state != BPF_TCP_LISTEN) {
goto new_connection; is_old_conn = true;
}
sk = bpf_skc_lookup_tcp(skb, &tuple, tuple_size, BPF_F_CURRENT_NETNS, 0);
if (sk) {
if (sk->state != BPF_TCP_LISTEN) {
goto assign;
}
bpf_sk_release(sk);
}
} else {
// UDP.
sk = bpf_sk_lookup_udp(skb, &tuple, tuple_size, BPF_F_CURRENT_NETNS, 0);
if (sk) {
goto assign; goto assign;
} }
bpf_sk_release(sk);
}
} else {
// UDP.
sk = bpf_sk_lookup_udp(skb, &tuple, tuple_size, BPF_F_CURRENT_NETNS, 0);
if (sk) {
is_old_conn = true;
goto assign;
} }
} }