diff --git a/src/tun2proxy.rs b/src/tun2proxy.rs index 46b6d68..75a36f9 100644 --- a/src/tun2proxy.rs +++ b/src/tun2proxy.rs @@ -690,6 +690,45 @@ impl<'a> TunToProxy<'a> { Ok(()) } + fn process_incoming_tcp_packets( + &mut self, + first_packet: bool, + manager: &Rc, + info: &ConnectionInfo, + origin_dst: SocketAddr, + frame: &[u8], + ) -> Result<()> { + if first_packet { + let proxy_handler = manager.new_proxy_handler(info, false)?; + let server = manager.get_server_addr(); + let state = self.create_new_tcp_connection_state(server, origin_dst, proxy_handler, false)?; + self.connection_map.insert(info.clone(), state); + + log::info!("Connect done {} ({})", info, origin_dst); + } else if !self.connection_map.contains_key(info) { + log::trace!("Drop middle session {} ({})", info, origin_dst); + return Ok(()); + } else { + log::trace!("Subsequent packet {} ({})", info, origin_dst); + } + + // Inject the packet to advance the remote proxy server smoltcp socket state + self.device.inject_packet(frame); + + // Having advanced the socket state, we expect the socket to ACK + // Exfiltrate the response packets generated by the socket and inject them + // into the tunnel interface. + self.expect_smoltcp_send()?; + + // Read from the smoltcp socket and push the data to the connection handler. + self.tunsocket_read_and_forward(info)?; + + // The connection handler builds up the connection or encapsulates the data. + // Therefore, we now expect it to write data to the server. + self.write_to_server(info)?; + Ok(()) + } + // A raw packet was received on the tunnel interface. fn receive_tun(&mut self, frame: &mut [u8]) -> Result<(), Error> { let mut handler = || -> Result<(), Error> { @@ -698,41 +737,14 @@ impl<'a> TunToProxy<'a> { log::debug!("{}, ignored", error); return Ok(()); } - let (info, _first_packet, payload_offset, payload_size) = result?; + let (info, first_packet, payload_offset, payload_size) = result?; let origin_dst = SocketAddr::try_from(&info.dst)?; let info = self.preprocess_origin_connection_info(info)?; let manager = self.get_connection_manager().ok_or("get connection manager")?; if info.protocol == IpProtocol::Tcp { - if _first_packet { - let proxy_handler = manager.new_proxy_handler(&info, false)?; - let server = manager.get_server_addr(); - let state = self.create_new_tcp_connection_state(server, origin_dst, proxy_handler, false)?; - self.connection_map.insert(info.clone(), state); - - log::info!("Connect done {} ({})", info, origin_dst); - } else if !self.connection_map.contains_key(&info) { - log::trace!("Drop middle session {} ({})", info, origin_dst); - return Ok(()); - } else { - log::trace!("Subsequent packet {} ({})", info, origin_dst); - } - - // Inject the packet to advance the remote proxy server smoltcp socket state - self.device.inject_packet(frame); - - // Having advanced the socket state, we expect the socket to ACK - // Exfiltrate the response packets generated by the socket and inject them - // into the tunnel interface. - self.expect_smoltcp_send()?; - - // Read from the smoltcp socket and push the data to the connection handler. - self.tunsocket_read_and_forward(&info)?; - - // The connection handler builds up the connection or encapsulates the data. - // Therefore, we now expect it to write data to the server. - self.write_to_server(&info)?; + self.process_incoming_tcp_packets(first_packet, &manager, &info, origin_dst, frame)?; } else if info.protocol == IpProtocol::Udp { let port = info.dst.port(); let payload = &frame[payload_offset..payload_offset + payload_size];