search

Mythologyli / zju-connect

ZJU RVPN 客户端的 Go 语言实现
GNU Affero General Public License v3.0
313 stars 21 forks source link

程序报错:0.0.0.0 -> PROXY, [E]: target addr 0.0.0.0:0 #29

Closed Mythologyli closed 10 months ago

Mythologyli commented 10 months ago

用户反馈,在 OpenWrt 上配合 PassWall 使用时,程序报错: image

配置文件: image

Mythologyli commented 10 months ago

报错不一定会使程序崩溃: image

初步定位问题:收到了目标为 0.0.0.0:0 的 UDP 请求

cxz66666 commented 10 months ago

有点神秘,看起来udp packet 0.0.0.0:0 并不一定导致程序崩溃吗

Mythologyli commented 10 months ago

对,似乎有时候崩溃有时候不崩溃 流量确定是从 passwall 来的,去掉 passwall 规则后没有收到请求

Mythologyli commented 10 months ago

请求也不来自 port_forwarding 中的 DNS 端口转发,去掉此转发后仍然出现相同错误

Mythologyli commented 10 months ago

@cxz66666 是否考虑先提交一个 commit,抛弃目标为 0.0.0.0 的流量:

host := parts[0]
// TODO: figure out why host is 0.0.0.0
if host == "0.0.0.0" {
    return nil, errors.New("Invalid host in address: " + addr)
}
cxz66666 commented 10 months ago

我认为可行 😄 ,后续我也排查一下为啥有时候会挂掉

cxz66666 commented 10 months ago

排查了一下,https://github.com/things-go/go-socks5 实现的基于socks的udp代理实现细节上有问题,作者可能没分清BND.ADDR字段的作用,在握手阶段的 0.0.0.0:0 的含义是允许任意port和ip作为udp代理的client(发起方),作者误以为BND.ADDR是代理的目的地址

The DST.ADDR and DST.PORT fields contain the address and port that the client expects to use to send UDP datagrams on for the association. The server MAY use this information to limit access to the association. If the client is not in possesion of the information at the time of the UDP ASSOCIATE, the client MUST use a port number and address of all zeros.

具体影响socks代理中的udp代理服务(无法正常使用),udp forward和基于udp的dns完全不受影响,影响范围较小,我尽快给go-socks5提个pr 😢

issue参考 https://github.com/things-go/go-socks5/issues/29

cxz66666 commented 10 months ago

已向上游提交pr https://github.com/things-go/go-socks5/pull/33 ,希望能尽快合并 :😇