fix ipv6 overriding

2024-10-22 01:52:31 +03:00 · 2024-10-22 01:52:31 +03:00 · a2be628ba1
commit a2be628ba1
parent dc0ec0db19
2 changed files with 25 additions and 2 deletions
--- a/kvas2.go
+++ b/kvas2.go
@ -36,11 +36,13 @@ type App struct {

 	DNSProxy         *dnsProxy.DNSProxy
 	NetfilterHelper4 *netfilterHelper.NetfilterHelper
+	NetfilterHelper6 *netfilterHelper.NetfilterHelper
 	Records          *Records
 	Groups           map[int]*Group

 	isRunning     bool
 	dnsOverrider4 *netfilterHelper.PortRemap
+	dnsOverrider6 *netfilterHelper.PortRemap
 }

 func (a *App) handleLink(event netlink.LinkUpdate) {
@ -93,13 +95,23 @@ func (a *App) listen(ctx context.Context) (err error) {
 	a.dnsOverrider4 = a.NetfilterHelper4.PortRemap(fmt.Sprintf("%sDNSOR", a.Config.ChainPrefix), 53, a.Config.ListenPort)
 	err = a.dnsOverrider4.Enable()
 	if err != nil {
-		return fmt.Errorf("failed to override DNS: %v", err)
+		return fmt.Errorf("failed to override DNS (IPv4): %v", err)
 	}
 	defer func() {
 		// TODO: Handle error
 		_ = a.dnsOverrider4.Disable()
 	}()

+	a.dnsOverrider6 = a.NetfilterHelper6.PortRemap(fmt.Sprintf("%sDNSOR", a.Config.ChainPrefix), 53, a.Config.ListenPort)
+	err = a.dnsOverrider6.Enable()
+	if err != nil {
+		return fmt.Errorf("failed to override DNS (IPv6): %v", err)
+	}
+	defer func() {
+		// TODO: Handle error
+		_ = a.dnsOverrider6.Disable()
+	}()
+
 	for _, group := range a.Groups {
 		err = group.Enable()
 		if err != nil {
@ -477,6 +489,16 @@ func New(config Config) (*App, error) {
 		return nil, fmt.Errorf("failed to clear iptables: %w", err)
 	}

+	nh6, err := netfilterHelper.New(true)
+	if err != nil {
+		return nil, fmt.Errorf("netfilter helper init fail: %w", err)
+	}
+	app.NetfilterHelper6 = nh6
+	err = app.NetfilterHelper6.ClearIPTables(app.Config.ChainPrefix)
+	if err != nil {
+		return nil, fmt.Errorf("failed to clear iptables: %w", err)
+	}
+
 	app.Groups = make(map[int]*Group)

 	return app, nil
--- a/netfilter-helper/port-remap.go
+++ b/netfilter-helper/port-remap.go
@ -22,7 +22,8 @@ func (r *PortRemap) PutIPTable(table string) error {
 			return fmt.Errorf("failed to clear chain: %w", err)
 		}

-		err = r.IPTables.AppendUnique("nat", r.ChainName, "-p", "udp", "--dport", strconv.Itoa(int(r.From)), "-j", "REDIRECT", "--to-port", strconv.Itoa(int(r.To)))
+		// TODO: Add `-d <IP>`
+		err = r.IPTables.AppendUnique("nat", r.ChainName, "-p", "udp", "--dport", strconv.Itoa(int(r.From)), "-j", "DNAT", "--to-destination", fmt.Sprintf(":%d", r.To))
 		if err != nil {
 			return fmt.Errorf("failed to create rule: %w", err)
 		}