From 940238f1587fc118fc809d39091b90842569be4f Mon Sep 17 00:00:00 2001 From: "Sijie.Sun" Date: Thu, 17 Jul 2025 10:09:25 +0800 Subject: [PATCH] socks5 and port forwarding (#1118) --- easytier/src/common/dns.rs | 2 +- easytier/src/gateway/socks5.rs | 60 +++++++++++++++++++++++++--------- 2 files changed, 45 insertions(+), 17 deletions(-) diff --git a/easytier/src/common/dns.rs b/easytier/src/common/dns.rs index 5ff4f08..bf4990b 100644 --- a/easytier/src/common/dns.rs +++ b/easytier/src/common/dns.rs @@ -127,7 +127,7 @@ mod tests { #[tokio::test] async fn test_socket_addrs() { - let url = url::Url::parse("tcp://public.easytier.cn:80").unwrap(); + let url = url::Url::parse("tcp://github-ci-test.easytier.cn:80").unwrap(); let addrs = socket_addrs(&url, || Some(80)).await.unwrap(); assert_eq!(2, addrs.len(), "addrs: {:?}", addrs); println!("addrs: {:?}", addrs); diff --git a/easytier/src/gateway/socks5.rs b/easytier/src/gateway/socks5.rs index 9bad000..7d33350 100644 --- a/easytier/src/gateway/socks5.rs +++ b/easytier/src/gateway/socks5.rs @@ -10,7 +10,7 @@ use kcp_sys::{endpoint::KcpEndpoint, stream::KcpStream}; use crate::{ common::{ config::PortForwardConfig, global_ctx::GlobalCtxEvent, join_joinset_background, - scoped_task::ScopedTask, + netns::NetNS, scoped_task::ScopedTask, }, gateway::{ fast_socks5::{ @@ -23,7 +23,10 @@ use crate::{ kcp_proxy::NatDstKcpConnector, tokio_smoltcp::{channel_device, BufferSize, Net, NetConfig}, }, - tunnel::packet_def::{PacketType, ZCPacket}, + tunnel::{ + common::setup_sokcet2, + packet_def::{PacketType, ZCPacket}, + }, }; use anyhow::Context; use dashmap::DashMap; @@ -32,8 +35,7 @@ use pnet::packet::{ }; use tokio::{ io::{AsyncRead, AsyncWrite}, - net::TcpListener, - net::UdpSocket, + net::{TcpListener, TcpSocket, UdpSocket}, select, sync::{mpsc, Mutex}, task::JoinSet, @@ -250,6 +252,38 @@ impl AsyncTcpConnector for Socks5KcpConnector { } } +fn bind_tcp_socket(addr: SocketAddr, net_ns: NetNS) -> Result { + let _g = net_ns.guard(); + let socket2_socket = socket2::Socket::new( + socket2::Domain::for_address(addr), + socket2::Type::STREAM, + Some(socket2::Protocol::TCP), + )?; + + setup_sokcet2(&socket2_socket, &addr)?; + + let socket = TcpSocket::from_std_stream(socket2_socket.into()); + + if let Err(e) = socket.set_nodelay(true) { + tracing::warn!(?e, "set_nodelay fail in listen"); + } + + Ok(socket.listen(1024)?) +} + +fn bind_udp_socket(addr: SocketAddr, net_ns: NetNS) -> Result { + let _g = net_ns.guard(); + let socket2_socket = socket2::Socket::new( + socket2::Domain::for_address(addr), + socket2::Type::DGRAM, + Some(socket2::Protocol::UDP), + )?; + + setup_sokcet2(&socket2_socket, &addr)?; + + Ok(UdpSocket::from_std(socket2_socket.into())?) +} + struct Socks5ServerNet { ipv4_addr: cidr::Ipv4Inet, auth: Option, @@ -555,10 +589,10 @@ impl Socks5Server { proxy_url.port().unwrap() ); - let listener = { - let _g = self.global_ctx.net_ns.guard(); - TcpListener::bind(bind_addr.parse::().unwrap()).await? - }; + let listener = bind_tcp_socket( + bind_addr.parse::().unwrap(), + self.global_ctx.net_ns.clone(), + )?; let net = self.net.clone(); self.tasks.lock().unwrap().spawn(async move { @@ -651,10 +685,7 @@ impl Socks5Server { bind_addr: SocketAddr, dst_addr: SocketAddr, ) -> Result<(), Error> { - let listener = { - let _g = self.global_ctx.net_ns.guard(); - TcpListener::bind(bind_addr).await? - }; + let listener = bind_tcp_socket(bind_addr, self.global_ctx.net_ns.clone())?; let net = self.net.clone(); let entries = self.entries.clone(); @@ -721,10 +752,7 @@ impl Socks5Server { bind_addr: SocketAddr, dst_addr: SocketAddr, ) -> Result<(), Error> { - let socket = { - let _g = self.global_ctx.net_ns.guard(); - Arc::new(UdpSocket::bind(bind_addr).await?) - }; + let socket = Arc::new(bind_udp_socket(bind_addr, self.global_ctx.net_ns.clone())?); let entries = self.entries.clone(); let net_ns = self.global_ctx.net_ns.clone();