fix ipv6 overriding
This commit is contained in:
parent
dc0ec0db19
commit
a2be628ba1
24
kvas2.go
24
kvas2.go
@ -36,11 +36,13 @@ type App struct {
|
|||||||
|
|
||||||
DNSProxy *dnsProxy.DNSProxy
|
DNSProxy *dnsProxy.DNSProxy
|
||||||
NetfilterHelper4 *netfilterHelper.NetfilterHelper
|
NetfilterHelper4 *netfilterHelper.NetfilterHelper
|
||||||
|
NetfilterHelper6 *netfilterHelper.NetfilterHelper
|
||||||
Records *Records
|
Records *Records
|
||||||
Groups map[int]*Group
|
Groups map[int]*Group
|
||||||
|
|
||||||
isRunning bool
|
isRunning bool
|
||||||
dnsOverrider4 *netfilterHelper.PortRemap
|
dnsOverrider4 *netfilterHelper.PortRemap
|
||||||
|
dnsOverrider6 *netfilterHelper.PortRemap
|
||||||
}
|
}
|
||||||
|
|
||||||
func (a *App) handleLink(event netlink.LinkUpdate) {
|
func (a *App) handleLink(event netlink.LinkUpdate) {
|
||||||
@ -93,13 +95,23 @@ func (a *App) listen(ctx context.Context) (err error) {
|
|||||||
a.dnsOverrider4 = a.NetfilterHelper4.PortRemap(fmt.Sprintf("%sDNSOR", a.Config.ChainPrefix), 53, a.Config.ListenPort)
|
a.dnsOverrider4 = a.NetfilterHelper4.PortRemap(fmt.Sprintf("%sDNSOR", a.Config.ChainPrefix), 53, a.Config.ListenPort)
|
||||||
err = a.dnsOverrider4.Enable()
|
err = a.dnsOverrider4.Enable()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("failed to override DNS: %v", err)
|
return fmt.Errorf("failed to override DNS (IPv4): %v", err)
|
||||||
}
|
}
|
||||||
defer func() {
|
defer func() {
|
||||||
// TODO: Handle error
|
// TODO: Handle error
|
||||||
_ = a.dnsOverrider4.Disable()
|
_ = a.dnsOverrider4.Disable()
|
||||||
}()
|
}()
|
||||||
|
|
||||||
|
a.dnsOverrider6 = a.NetfilterHelper6.PortRemap(fmt.Sprintf("%sDNSOR", a.Config.ChainPrefix), 53, a.Config.ListenPort)
|
||||||
|
err = a.dnsOverrider6.Enable()
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("failed to override DNS (IPv6): %v", err)
|
||||||
|
}
|
||||||
|
defer func() {
|
||||||
|
// TODO: Handle error
|
||||||
|
_ = a.dnsOverrider6.Disable()
|
||||||
|
}()
|
||||||
|
|
||||||
for _, group := range a.Groups {
|
for _, group := range a.Groups {
|
||||||
err = group.Enable()
|
err = group.Enable()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -477,6 +489,16 @@ func New(config Config) (*App, error) {
|
|||||||
return nil, fmt.Errorf("failed to clear iptables: %w", err)
|
return nil, fmt.Errorf("failed to clear iptables: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
nh6, err := netfilterHelper.New(true)
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("netfilter helper init fail: %w", err)
|
||||||
|
}
|
||||||
|
app.NetfilterHelper6 = nh6
|
||||||
|
err = app.NetfilterHelper6.ClearIPTables(app.Config.ChainPrefix)
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("failed to clear iptables: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
app.Groups = make(map[int]*Group)
|
app.Groups = make(map[int]*Group)
|
||||||
|
|
||||||
return app, nil
|
return app, nil
|
||||||
|
|||||||
@ -22,7 +22,8 @@ func (r *PortRemap) PutIPTable(table string) error {
|
|||||||
return fmt.Errorf("failed to clear chain: %w", err)
|
return fmt.Errorf("failed to clear chain: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
err = r.IPTables.AppendUnique("nat", r.ChainName, "-p", "udp", "--dport", strconv.Itoa(int(r.From)), "-j", "REDIRECT", "--to-port", strconv.Itoa(int(r.To)))
|
// TODO: Add `-d <IP>`
|
||||||
|
err = r.IPTables.AppendUnique("nat", r.ChainName, "-p", "udp", "--dport", strconv.Itoa(int(r.From)), "-j", "DNAT", "--to-destination", fmt.Sprintf(":%d", r.To))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("failed to create rule: %w", err)
|
return fmt.Errorf("failed to create rule: %w", err)
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user