extern/EtherGuard-VPN
1
0
Fork 0
mirror of https://github.com/KusakabeShi/EtherGuard-VPN.git synced 2024-11-21 23:03:08 +01:00
Code Issues Packages Projects Releases Wiki Activity

fwmark

Browse Source
This commit is contained in:
KusakabeSi 2024-01-12 04:02:39 +00:00
parent a96db9e8cf
commit d78d3335f8
5 changed files with 30 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
conn/bind_linux.go
View File

@ -57,23 +57,24 @@ func (endpoint *LinuxSocketEndpoint) dst6() *unix.SockaddrInet6 {
type LinuxSocketBind struct { type LinuxSocketBind struct {
// mu guards sock4 and sock6 and the associated fds. // mu guards sock4 and sock6 and the associated fds.
// As long as someone holds mu (read or write), the associated fds are valid. // As long as someone holds mu (read or write), the associated fds are valid.
mu sync.RWMutex mu sync.RWMutex
sock4 int fwmark uint32
sock6 int sock4 int
use4 bool sock6 int
use6 bool use4 bool
use6 bool
} }
func NewLinuxSocketBind() Bind { return &LinuxSocketBind{sock4: -1, sock6: -1, use4: true, use6: true} } func NewLinuxSocketBind() Bind { return &LinuxSocketBind{sock4: -1, sock6: -1, use4: true, use6: true} }
func NewLinuxSocketBindAf(use4 bool, use6 bool) Bind { func NewLinuxSocketBindAf(use4 bool, use6 bool, fwmark uint32) Bind {
return &LinuxSocketBind{sock4: -1, sock6: -1, use4: use4, use6: use6} return &LinuxSocketBind{sock4: -1, sock6: -1, use4: use4, use6: use6, fwmark: fwmark}
} }
func NewDefaultBind(Af EnabledAf, bindmode string) Bind { func NewDefaultBind(Af EnabledAf, bindmode string, fwmark uint32) Bind {
if bindmode == "std" { if bindmode == "std" {
return NewStdNetBindAf(Af.IPv4, Af.IPv6) return NewStdNetBindAf(Af.IPv4, Af.IPv6, fwmark)
} }
return NewLinuxSocketBindAf(Af.IPv4, Af.IPv6) return NewLinuxSocketBindAf(Af.IPv4, Af.IPv6, fwmark)
} }
var _ Endpoint = (*LinuxSocketEndpoint)(nil) var _ Endpoint = (*LinuxSocketEndpoint)(nil)
@ -185,6 +186,9 @@ again:
if len(fns) == 0 { if len(fns) == 0 {
return nil, 0, syscall.EAFNOSUPPORT return nil, 0, syscall.EAFNOSUPPORT
} }
if bind.fwmark != 0 {
bind.setMark(bind.fwmark)
}
return fns, port, nil return fns, port, nil
} }
@ -192,6 +196,10 @@ func (bind *LinuxSocketBind) SetMark(value uint32) error {
bind.mu.RLock() bind.mu.RLock()
defer bind.mu.RUnlock() defer bind.mu.RUnlock()
return bind.setMark(value)
}
func (bind *LinuxSocketBind) setMark(value uint32) error {
if bind.sock6 != -1 { if bind.sock6 != -1 {
err := unix.SetsockoptInt( err := unix.SetsockoptInt(
bind.sock6, bind.sock6,

7
conn/bind_std.go
View File

@ -20,15 +20,16 @@ type StdNetBind struct {
mu sync.Mutex // protects following fields mu sync.Mutex // protects following fields
ipv4 *net.UDPConn ipv4 *net.UDPConn
ipv6 *net.UDPConn ipv6 *net.UDPConn
fwmark uint32
blackhole4 bool blackhole4 bool
blackhole6 bool blackhole6 bool
use4 bool use4 bool
use6 bool use6 bool
} }
func NewStdNetBind() Bind { return &StdNetBind{use4: true, use6: true} } func NewStdNetBind() Bind { return &StdNetBind{use4: true, use6: true, fwmark: 0} }
func NewStdNetBindAf(use4 bool, use6 bool) Bind { func NewStdNetBindAf(use4 bool, use6 bool, fwmark uint32) Bind {
return &StdNetBind{use4: use4, use6: use6} return &StdNetBind{use4: use4, use6: use6, fwmark: fwmark}
} }
type StdNetEndpoint net.UDPAddr type StdNetEndpoint net.UDPAddr

4
main_edge.go
View File

@ -125,7 +125,7 @@ func Edge(configPath string, useUAPI bool, printExample bool, bindmode string) (
IPv6: !econfig.DisableAf.IPv6, IPv6: !econfig.DisableAf.IPv6,
} }
the_device := device.NewDevice(thetap, econfig.NodeID, conn.NewDefaultBind(EnabledAf, bindmode), logger, graph, false, configPath, &econfig, nil, nil, Version) the_device := device.NewDevice(thetap, econfig.NodeID, conn.NewDefaultBind(EnabledAf, bindmode, econfig.FwMark), logger, graph, false, configPath, &econfig, nil, nil, Version)
defer the_device.Close() defer the_device.Close()
pk, err := device.Str2PriKey(econfig.PrivKey) pk, err := device.Str2PriKey(econfig.PrivKey)
if err != nil { if err != nil {
@ -133,7 +133,7 @@ func Edge(configPath string, useUAPI bool, printExample bool, bindmode string) (
return err return err
} }
the_device.SetPrivateKey(pk) the_device.SetPrivateKey(pk)
the_device.IpcSet("fwmark=0\n") the_device.IpcSet("fwmark=" + fmt.Sprint(econfig.FwMark) + "\n")
the_device.IpcSet("listen_port=" + strconv.Itoa(econfig.ListenPort) + "\n") the_device.IpcSet("listen_port=" + strconv.Itoa(econfig.ListenPort) + "\n")
the_device.IpcSet("replace_peers=true\n") the_device.IpcSet("replace_peers=true\n")
for _, peerconf := range econfig.Peers { for _, peerconf := range econfig.Peers {

8
main_super.go
View File

@ -144,10 +144,10 @@ func Super(configPath string, useUAPI bool, printExample bool, bindmode string)
} }
} }
thetap4, _ := tap.CreateDummyTAP() thetap4, _ := tap.CreateDummyTAP()
httpobj.http_device4 = device.NewDevice(thetap4, mtypes.NodeID_SuperNode, conn.NewDefaultBind(conn.EnabledAf4, bindmode), logger4, httpobj.http_graph, true, configPath, nil, &sconfig, httpobj.http_super_chains, Version) httpobj.http_device4 = device.NewDevice(thetap4, mtypes.NodeID_SuperNode, conn.NewDefaultBind(conn.EnabledAf4, bindmode, sconfig.FwMark), logger4, httpobj.http_graph, true, configPath, nil, &sconfig, httpobj.http_super_chains, Version)
defer httpobj.http_device4.Close() defer httpobj.http_device4.Close()
thetap6, _ := tap.CreateDummyTAP() thetap6, _ := tap.CreateDummyTAP()
httpobj.http_device6 = device.NewDevice(thetap6, mtypes.NodeID_SuperNode, conn.NewDefaultBind(conn.EnabledAf6, bindmode), logger6, httpobj.http_graph, true, configPath, nil, &sconfig, httpobj.http_super_chains, Version) httpobj.http_device6 = device.NewDevice(thetap6, mtypes.NodeID_SuperNode, conn.NewDefaultBind(conn.EnabledAf6, bindmode, sconfig.FwMark), logger6, httpobj.http_graph, true, configPath, nil, &sconfig, httpobj.http_super_chains, Version)
defer httpobj.http_device6.Close() defer httpobj.http_device6.Close()
if sconfig.PrivKeyV4 != "" { if sconfig.PrivKeyV4 != "" {
pk4, err := device.Str2PriKey(sconfig.PrivKeyV4) pk4, err := device.Str2PriKey(sconfig.PrivKeyV4)
@ -156,7 +156,7 @@ func Super(configPath string, useUAPI bool, printExample bool, bindmode string)
return err return err
} }
httpobj.http_device4.SetPrivateKey(pk4) httpobj.http_device4.SetPrivateKey(pk4)
httpobj.http_device4.IpcSet("fwmark=0\n") httpobj.http_device4.IpcSet("fwmark=" + fmt.Sprint(sconfig.FwMark) + "\n")
httpobj.http_device4.IpcSet("listen_port=" + strconv.Itoa(sconfig.ListenPort) + "\n") httpobj.http_device4.IpcSet("listen_port=" + strconv.Itoa(sconfig.ListenPort) + "\n")
httpobj.http_device4.IpcSet("replace_peers=true\n") httpobj.http_device4.IpcSet("replace_peers=true\n")
} }
@ -168,7 +168,7 @@ func Super(configPath string, useUAPI bool, printExample bool, bindmode string)
return err return err
} }
httpobj.http_device6.SetPrivateKey(pk6) httpobj.http_device6.SetPrivateKey(pk6)
httpobj.http_device6.IpcSet("fwmark=0\n") httpobj.http_device6.IpcSet("fwmark=" + fmt.Sprint(sconfig.FwMark) + "\n")
httpobj.http_device6.IpcSet("listen_port=" + strconv.Itoa(sconfig.ListenPort) + "\n") httpobj.http_device6.IpcSet("listen_port=" + strconv.Itoa(sconfig.ListenPort) + "\n")
httpobj.http_device6.IpcSet("replace_peers=true\n") httpobj.http_device6.IpcSet("replace_peers=true\n")
} }

2
mtypes/config.go
View File

@ -23,6 +23,7 @@ type EdgeConfig struct {
Interface InterfaceConf `yaml:"Interface"` Interface InterfaceConf `yaml:"Interface"`
NodeID Vertex `yaml:"NodeID"` NodeID Vertex `yaml:"NodeID"`
NodeName string `yaml:"NodeName"` NodeName string `yaml:"NodeName"`
FwMark uint32 `yaml:"FwMark"`
PostScript string `yaml:"PostScript"` PostScript string `yaml:"PostScript"`
DefaultTTL uint8 `yaml:"DefaultTTL"` DefaultTTL uint8 `yaml:"DefaultTTL"`
L2FIBTimeout float64 `yaml:"L2FIBTimeout"` L2FIBTimeout float64 `yaml:"L2FIBTimeout"`
@ -39,6 +40,7 @@ type EdgeConfig struct {
type SuperConfig struct { type SuperConfig struct {
NodeName string `yaml:"NodeName"` NodeName string `yaml:"NodeName"`
FwMark uint32 `yaml:"FwMark"`
PostScript string `yaml:"PostScript"` PostScript string `yaml:"PostScript"`
PrivKeyV4 string `yaml:"PrivKeyV4"` PrivKeyV4 string `yaml:"PrivKeyV4"`
PrivKeyV6 string `yaml:"PrivKeyV6"` PrivKeyV6 string `yaml:"PrivKeyV6"`