tun2proxy/src/main.rs

use clap::Parser;
use std::{net::IpAddr, process::ExitCode};
use tun2proxy::{error::Error, main_entry, NetworkInterface, Options, Proxy};

#[cfg(target_os = "linux")]
use tun2proxy::setup::{get_default_cidrs, Setup};

/// Tunnel interface to proxy
#[derive(Parser)]
#[command(author, version, about = "Tunnel interface to proxy.", long_about = None)]
struct Args {
    /// Name of the tun interface
    #[arg(short, long, value_name = "name", default_value = "tun0")]
    tun: String,

    /// File descriptor of the tun interface
    #[arg(long, value_name = "fd")]
    tun_fd: Option<i32>,

    /// MTU of the tun interface (only with tunnel file descriptor)
    #[arg(long, value_name = "mtu", default_value = "1500")]
    tun_mtu: usize,

    /// Proxy URL in the form proto://[username[:password]@]host:port
    #[arg(short, long, value_parser = Proxy::from_url, value_name = "URL")]
    proxy: Proxy,

    /// DNS handling
    #[arg(short, long, value_name = "method", value_enum, default_value = "virtual")]
    dns: ArgDns,

    /// Routing and system setup
    #[arg(short, long, value_name = "method", value_enum)]
    setup: Option<ArgSetup>,

    /// Public proxy IP used in routing setup which should bypassing the tunnel
    #[arg(long, value_name = "IP")]
    bypass_ip: Option<IpAddr>,

    /// Verbosity level
    #[arg(short, long, value_name = "level", value_enum, default_value = "info")]
    verbosity: ArgVerbosity,

    /// Enable DNS over TCP
    #[arg(long)]
    dns_over_tcp: bool,
}

#[derive(Copy, Clone, PartialEq, Eq, PartialOrd, Ord, clap::ValueEnum)]
enum ArgDns {
    Virtual,
    None,
}

#[derive(Copy, Clone, PartialEq, Eq, PartialOrd, Ord, clap::ValueEnum)]
enum ArgSetup {
    Auto,
}

#[derive(Debug, Copy, Clone, PartialEq, Eq, PartialOrd, Ord, clap::ValueEnum)]
enum ArgVerbosity {
    Off,
    Error,
    Warn,
    Info,
    Debug,
    Trace,
}

fn main() -> ExitCode {
    dotenvy::dotenv().ok();
    let args = Args::parse();

    let default = format!("{}={:?}", module_path!(), args.verbosity);
    env_logger::Builder::from_env(env_logger::Env::default().default_filter_or(default)).init();

    let addr = args.proxy.addr;
    let proxy_type = args.proxy.proxy_type;
    log::info!("Proxy {proxy_type} server: {addr}");

    let mut options = Options::new();
    if args.dns == ArgDns::Virtual {
        options = options.with_virtual_dns();
    }

    if args.dns_over_tcp {
        options = options.with_dns_over_tcp();
    }

    let interface = match args.tun_fd {
        None => NetworkInterface::Named(args.tun.clone()),
        Some(fd) => {
            options = options.with_mtu(args.tun_mtu);
            NetworkInterface::Fd(fd)
        }
    };

    let block = || -> Result<(), Error> {
        #[cfg(target_os = "linux")]
        {
            let mut setup: Setup;
            if args.setup == Some(ArgSetup::Auto) {
                let bypass_tun_ip = match args.bypass_ip {
                    Some(addr) => addr,
                    None => args.proxy.addr.ip(),
                };
                setup = Setup::new(&args.tun, &bypass_tun_ip, get_default_cidrs(), args.bypass_ip.is_some());

                setup.configure()?;

                setup.drop_privileges()?;
            }
        }

        main_entry(&interface, &args.proxy, options)?;

        Ok(())
    };
    if let Err(e) = block() {
        log::error!("{e}");
        return ExitCode::FAILURE;
    }

    ExitCode::SUCCESS
}
Pass proxy via URL 2023-03-22 11:17:28 +01:00			`use clap::Parser;`
swith socks5-impl 2023-07-23 02:03:15 +08:00			`use std::{net::IpAddr, process::ExitCode};`
			`use tun2proxy::{error::Error, main_entry, NetworkInterface, Options, Proxy};`
upgrade clap module 2023-03-20 14:13:06 +08:00
Only include setup feature on Linux 2023-04-10 20:59:54 +02:00			`#[cfg(target_os = "linux")]`
			`use tun2proxy::setup::{get_default_cidrs, Setup};`

upgrade clap module 2023-03-20 14:13:06 +08:00			`/// Tunnel interface to proxy`
			`#[derive(Parser)]`
			`#[command(author, version, about = "Tunnel interface to proxy.", long_about = None)]`
			`struct Args {`
			`/// Name of the tun interface`
Pass proxy via URL 2023-03-22 11:17:28 +01:00			`#[arg(short, long, value_name = "name", default_value = "tun0")]`
upgrade clap module 2023-03-20 14:13:06 +08:00			`tun: String,`

Add file descriptor and MTU to CLI arguments 2023-04-13 21:54:02 +02:00			`/// File descriptor of the tun interface`
			`#[arg(long, value_name = "fd")]`
			`tun_fd: Option<i32>,`

			`/// MTU of the tun interface (only with tunnel file descriptor)`
			`#[arg(long, value_name = "mtu", default_value = "1500")]`
			`tun_mtu: usize,`

Enable virtual DNS by default for the CLI. This commit enables virtual DNS by default for the CLI. Pros for this decision: - It works out of the box in most cases. - Users do not need to install third-party software. - Users do not need to update their /etc/resolv.conf. Cons: - Not every server might support this. - Hijacking port 53 without asking is somewhat intrusive. Also, make the --dns argument an enum type. In the future, native support for DNS over TCP/TLS might be added. In that case we could e.g. supply tcp://1.1.1.1 to the --dns argument without breaking the CLI. 2023-03-23 21:59:18 +01:00			`/// Proxy URL in the form proto://[username[:password]@]host:port`
Squashed code beautifications commit d5fdf845bfe7d5170eb6dfa0c66d46c2021d0aa4 Author: ssrlive <30760636+ssrlive@users.noreply.github.com> Date: Thu Mar 23 23:21:22 2023 +0800 Update tun2proxy.rs commit 2540daa423e9695bbabc8716c7e9058a23f941b6 Author: ssrlive <30760636+ssrlive@users.noreply.github.com> Date: Thu Mar 23 22:40:26 2023 +0800 Update main.rs commit 9ef5efb864084389d75f059e8d240e3012b9fcb1 Author: ssrlive <30760636+ssrlive@users.noreply.github.com> Date: Thu Mar 23 22:19:06 2023 +0800 Update main.rs commit 017ea1a17a509baa5909c8620817486422736d72 Author: ssrlive <30760636+ssrlive@users.noreply.github.com> Date: Thu Mar 23 22:15:00 2023 +0800 Update main.rs 2023-03-23 18:01:25 +01:00			`#[arg(short, long, value_parser = Proxy::from_url, value_name = "URL")]`
Supply Proxy type to main_entry instead of individual args and adapt test cases 2023-03-22 13:18:07 +01:00			`proxy: Proxy,`
Implement first, unfinished version of DNS support and fix incomplete TCP stream bug This commit does two things: First, it implements a first, unfinished version of the virtual DNS functionality. This feature is incomplete and has known bugs. Since it needs to be enabled manually, this is not a huge issue so far. Second, the commit fixes a bug where TCP streams where not properly relayed, causing TCP connections to stall. 2023-03-23 13:03:01 +01:00
Enable virtual DNS by default for the CLI. This commit enables virtual DNS by default for the CLI. Pros for this decision: - It works out of the box in most cases. - Users do not need to install third-party software. - Users do not need to update their /etc/resolv.conf. Cons: - Not every server might support this. - Hijacking port 53 without asking is somewhat intrusive. Also, make the --dns argument an enum type. In the future, native support for DNS over TCP/TLS might be added. In that case we could e.g. supply tcp://1.1.1.1 to the --dns argument without breaking the CLI. 2023-03-23 21:59:18 +01:00			`/// DNS handling`
re-formatting with max_width = 120 2023-08-08 23:45:16 +08:00			`#[arg(short, long, value_name = "method", value_enum, default_value = "virtual")]`
Enable virtual DNS by default for the CLI. This commit enables virtual DNS by default for the CLI. Pros for this decision: - It works out of the box in most cases. - Users do not need to install third-party software. - Users do not need to update their /etc/resolv.conf. Cons: - Not every server might support this. - Hijacking port 53 without asking is somewhat intrusive. Also, make the --dns argument an enum type. In the future, native support for DNS over TCP/TLS might be added. In that case we could e.g. supply tcp://1.1.1.1 to the --dns argument without breaking the CLI. 2023-03-23 21:59:18 +01:00			`dns: ArgDns,`
Add auto setup method 2023-03-25 21:12:41 +01:00
Make setup argument optional 2023-03-26 00:46:59 +01:00			`/// Routing and system setup`
Add auto setup method 2023-03-25 21:12:41 +01:00			`#[arg(short, long, value_name = "method", value_enum)]`
Make setup argument optional 2023-03-26 00:46:59 +01:00			`setup: Option<ArgSetup>,`
Handle private IP addresses in setup 2023-03-26 11:02:13 +02:00
swith socks5-impl 2023-07-23 02:03:15 +08:00			`/// Public proxy IP used in routing setup which should bypassing the tunnel`
Document --setup-ip 2023-03-26 11:07:06 +02:00			`#[arg(long, value_name = "IP")]`
swith socks5-impl 2023-07-23 02:03:15 +08:00			`bypass_ip: Option<IpAddr>,`
verbosity parameter 2023-08-08 11:37:24 +08:00
			`/// Verbosity level`
			`#[arg(short, long, value_name = "level", value_enum, default_value = "info")]`
			`verbosity: ArgVerbosity,`
dns over tcp 2023-08-21 19:58:13 +08:00
receive_dns_over_tcp_packet_and_write_to_client 2023-08-22 23:43:27 +08:00			`/// Enable DNS over TCP`
dns over tcp 2023-08-21 19:58:13 +08:00			`#[arg(long)]`
			`dns_over_tcp: bool,`
Enable virtual DNS by default for the CLI. This commit enables virtual DNS by default for the CLI. Pros for this decision: - It works out of the box in most cases. - Users do not need to install third-party software. - Users do not need to update their /etc/resolv.conf. Cons: - Not every server might support this. - Hijacking port 53 without asking is somewhat intrusive. Also, make the --dns argument an enum type. In the future, native support for DNS over TCP/TLS might be added. In that case we could e.g. supply tcp://1.1.1.1 to the --dns argument without breaking the CLI. 2023-03-23 21:59:18 +01:00			`}`

			`#[derive(Copy, Clone, PartialEq, Eq, PartialOrd, Ord, clap::ValueEnum)]`
			`enum ArgDns {`
			`Virtual,`
			`None,`
Pass proxy via URL 2023-03-22 11:17:28 +01:00			`}`

Add auto setup method 2023-03-25 21:12:41 +01:00			`#[derive(Copy, Clone, PartialEq, Eq, PartialOrd, Ord, clap::ValueEnum)]`
			`enum ArgSetup {`
			`Auto,`
			`}`

verbosity parameter 2023-08-08 11:37:24 +08:00			`#[derive(Debug, Copy, Clone, PartialEq, Eq, PartialOrd, Ord, clap::ValueEnum)]`
			`enum ArgVerbosity {`
			`Off,`
			`Error,`
			`Warn,`
			`Info,`
			`Debug,`
			`Trace,`
			`}`

Restore network configuration on Drop 2023-03-25 21:41:40 +01:00			`fn main() -> ExitCode {`
Use dotenvy in main 2023-03-23 13:28:05 +01:00			`dotenvy::dotenv().ok();`
Pass proxy via URL 2023-03-22 11:17:28 +01:00			`let args = Args::parse();`

verbosity parameter 2023-08-08 11:37:24 +08:00			`let default = format!("{}={:?}", module_path!(), args.verbosity);`
			`env_logger::Builder::from_env(env_logger::Env::default().default_filter_or(default)).init();`

Pass proxy via URL 2023-03-22 11:17:28 +01:00			`let addr = args.proxy.addr;`
Use Option type for credentials This commit applys the diff by @ssrlive from https://github.com/blechschmidt/tun2proxy/commit/3223ca4e22003fd87e90f89ce352d84d38227f2e#commitcomment-105521241. 2023-03-22 12:18:41 +01:00			`let proxy_type = args.proxy.proxy_type;`
			`log::info!("Proxy {proxy_type} server: {addr}");`

Implement first, unfinished version of DNS support and fix incomplete TCP stream bug This commit does two things: First, it implements a first, unfinished version of the virtual DNS functionality. This feature is incomplete and has known bugs. Since it needs to be enabled manually, this is not a huge issue so far. Second, the commit fixes a bug where TCP streams where not properly relayed, causing TCP connections to stall. 2023-03-23 13:03:01 +01:00			`let mut options = Options::new();`
Enable virtual DNS by default for the CLI. This commit enables virtual DNS by default for the CLI. Pros for this decision: - It works out of the box in most cases. - Users do not need to install third-party software. - Users do not need to update their /etc/resolv.conf. Cons: - Not every server might support this. - Hijacking port 53 without asking is somewhat intrusive. Also, make the --dns argument an enum type. In the future, native support for DNS over TCP/TLS might be added. In that case we could e.g. supply tcp://1.1.1.1 to the --dns argument without breaking the CLI. 2023-03-23 21:59:18 +01:00			`if args.dns == ArgDns::Virtual {`
Implement first, unfinished version of DNS support and fix incomplete TCP stream bug This commit does two things: First, it implements a first, unfinished version of the virtual DNS functionality. This feature is incomplete and has known bugs. Since it needs to be enabled manually, this is not a huge issue so far. Second, the commit fixes a bug where TCP streams where not properly relayed, causing TCP connections to stall. 2023-03-23 13:03:01 +01:00			`options = options.with_virtual_dns();`
			`}`

dns over tcp 2023-08-21 19:58:13 +08:00			`if args.dns_over_tcp {`
			`options = options.with_dns_over_tcp();`
			`}`

Add file descriptor and MTU to CLI arguments 2023-04-13 21:54:02 +02:00			`let interface = match args.tun_fd {`
			`None => NetworkInterface::Named(args.tun.clone()),`
			`Some(fd) => {`
			`options = options.with_mtu(args.tun_mtu);`
			`NetworkInterface::Fd(fd)`
			`}`
			`};`

swith socks5-impl 2023-07-23 02:03:15 +08:00			`let block = \|\| -> Result<(), Error> {`
Only include setup feature on Linux 2023-04-10 20:59:54 +02:00			`#[cfg(target_os = "linux")]`
			`{`
			`let mut setup: Setup;`
			`if args.setup == Some(ArgSetup::Auto) {`
swith socks5-impl 2023-07-23 02:03:15 +08:00			`let bypass_tun_ip = match args.bypass_ip {`
Only include setup feature on Linux 2023-04-10 20:59:54 +02:00			`Some(addr) => addr,`
			`None => args.proxy.addr.ip(),`
			`};`
re-formatting with max_width = 120 2023-08-08 23:45:16 +08:00			`setup = Setup::new(&args.tun, &bypass_tun_ip, get_default_cidrs(), args.bypass_ip.is_some());`
Only include setup feature on Linux 2023-04-10 20:59:54 +02:00
			`setup.configure()?;`

			`setup.drop_privileges()?;`
			`}`
Add auto setup method 2023-03-25 21:12:41 +01:00			`}`

Add file descriptor support 2023-04-10 23:24:53 +02:00			`main_entry(&interface, &args.proxy, options)?;`
Use nix crate instead of interacting with libc directly, drop privileges 2023-04-01 02:19:20 +02:00
			`Ok(())`
swith socks5-impl 2023-07-23 02:03:15 +08:00			`};`
			`if let Err(e) = block() {`
refine TunToProxy struct 2023-03-24 09:27:31 +08:00			`log::error!("{e}");`
Add SOCKS4 support to CI 2023-04-03 00:39:13 +02:00			`return ExitCode::FAILURE;`
swith socks5-impl 2023-07-23 02:03:15 +08:00			`}`
Use nix crate instead of interacting with libc directly, drop privileges 2023-04-01 02:19:20 +02:00
Restore network configuration on Drop 2023-03-25 21:41:40 +01:00			`ExitCode::SUCCESS`
Initial commit 2021-09-02 11:30:23 +02:00			`}`