From 41c22fa4d4296a90b7b55ef88ab47b0c50b9cd14 Mon Sep 17 00:00:00 2001 From: "B. Blechschmidt" Date: Wed, 17 Aug 2022 00:04:08 +0200 Subject: [PATCH] Improve README and do not panic when reading from proxy fails --- README.md | 26 ++++++++++++++++++-------- src/tun2proxy.rs | 15 +++++++++++---- 2 files changed, 29 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index 1cad019..3417e2c 100644 --- a/README.md +++ b/README.md @@ -11,26 +11,31 @@ cargo build --release ## Setup A standard setup, which would route all traffic from your system through the tunnel interface, could look as follows: -``` -# Create a tunnel interface named tun0 which your user can bind to. +```shell +# Define the proxy endpoint. +PROXY_IP=1.2.3.4 +PROXY_PORT=1080 + +# Create a tunnel interface named tun0 which your user can bind to, so we don't need to run tun2proxy as root. sudo ip tuntap add name tun0 mode tun user $USER sudo ip link set tun0 up -# To prevent a loop, replace 1.2.3.4 with the IP address of the proxy server. -# This will add a route to the proxy server that behaves like the default route. -sudo ip route add 1.2.3.4 $(ip route | grep '^default' | cut -d' ' -f2-) +# To prevent a routing loop, we add a route to the proxy server that behaves like the default route. +sudo ip route add "$PROXY_IP" $(ip route | grep '^default' | cut -d ' ' -f 2-) # Route all your traffic through tun0 without interfering with the default route. sudo ip route add 128.0.0.0/1 dev tun0 sudo ip route add 0.0.0.0/1 dev tun0 -# Again, replace 1.2.3.4 with the IP address of the proxy server. -./target/release/tun2proxy --tun tun0 --socks5 1.2.3.4 +./target/release/tun2proxy --tun tun0 --socks5 "$PROXY_IP:$PROXY_PORT" ``` Note that if you paste these commands into a shell script, which you then run with `sudo`, you might want to replace `$USER` with `$SUDO_USER`. +For DNS to work, you might need an additional tool like [dnsproxy](https://github.com/AdguardTeam/dnsproxy) that is +configured to listen on a local UDP port and communicates with the upstream DNS server via TCP. + ## CLI ``` tun2proxy 0.1.0 @@ -47,4 +52,9 @@ OPTIONS: -h, --http HTTP server to use -s, --socks5 SOCKS5 server to use -t, --tun Name of the tun interface -``` \ No newline at end of file +``` + +## TODO +- Authentication for SOCKS (plain) and HTTP (base64) +- UDP support for SOCKS +- Virtual DNS diff --git a/src/tun2proxy.rs b/src/tun2proxy.rs index 4debd93..168b9d1 100644 --- a/src/tun2proxy.rs +++ b/src/tun2proxy.rs @@ -379,11 +379,12 @@ impl<'a> TunToProxy<'a> { // Therefore, we now expect it to write data to the server. self.write_to_server(&connection); } else if connection.proto == smoltcp::wire::IpProtocol::Udp.into() { - /* // UDP is not yet supported. - if payload_offset > frame.len() || payload_offset + payload_offset > frame.len() { + // UDP is not yet supported + /*if _payload_offset > frame.len() || _payload_offset + _payload_offset > frame.len() { return; } - let payload = &frame[payload_offset..payload_offset+payload_size]; */ + let payload = &frame[_payload_offset.._payload_offset + _payload_size]; + self.virtual_dns.add_query(payload);*/ } } } @@ -445,7 +446,13 @@ impl<'a> TunToProxy<'a> { let state = self.connections.get_mut(&connection).unwrap(); let mut buf = [0u8; 4096]; - let read = state.mio_stream.read(&mut buf).unwrap(); + let read_result = state.mio_stream.read(&mut buf); + let read = if read_result.is_err() { + error!("READ from proxy: {}", read_result.as_ref().err().unwrap()); + 0 + } else { + read_result.unwrap() + }; if read == 0 { {