Closed vavrecan closed 6 months ago
Now we can mark upstream traffic for each user, so I think using iptables
to count is a good way.
https://github.com/heiher/hev-socks5-server#authentication-file
There are some limitations when using iptables (nftables + dynamic property) to count data for both the user and destination. In examining the task system, the socks5 server utilizes task_io_splicer and retains wlen. However, it lacks a straightforward method for accessing it. Perhaps, task_io_splicer_init could incorporate a reference to the close/flush callback method for easier access?
There are some limitations when using iptables (nftables + dynamic property) to count data for both the user and destination. In examining the task system, the socks5 server utilizes task_io_splicer and retains wlen. However, it lacks a straightforward method for accessing it. Perhaps, task_io_splicer_init could incorporate a reference to the close/flush callback method for easier access?
Okay. I think you can override the splicer
method of HevSocks5TCP
/HevSocks5UDP
in the HevSocks5Session
, to use a custom splice with counting.
Here is an example:
https://github.com/heiher/hev-socks5-tunnel/blob/master/src/hev-socks5-session-tcp.c#L350
Does it make sense to implement tcp splitter from tunnel in tproxy?
On Fri, 19 Jan 2024 at 16:06, hev @.***> wrote:
There are some limitations when using iptables (nftables + dynamic property) to count data for both the user and destination. In examining the task system, the socks5 server utilizes task_io_splicer and retains wlen. However, it lacks a straightforward method for accessing it. Perhaps, task_io_splicer_init could incorporate a reference to the close/flush callback method for easier access?
Okay. I think you can override the splicer method of HevSocks5TCP/ HevSocks5UDP in the HevSocks5Session, to use a custom splice with counting.
Here is an example:
https://github.com/heiher/hev-socks5-tunnel/blob/master/src/hev-socks5-session-tcp.c#L350
— Reply to this email directly, view it on GitHub https://github.com/heiher/hev-socks5-server/issues/43#issuecomment-1900591339, or unsubscribe https://github.com/notifications/unsubscribe-auth/AANUREIOPHNSR2VK42XS6FLYPKDXTAVCNFSM6AAAAABCBFLXSCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSMBQGU4TCMZTHE . You are receiving this because you authored the thread.Message ID: @.***>
@vavrecan tcp splitter?
Yes - is there any reason tunnel is not using same tcp splitter as tproxy?
On Fri, 19 Jan 2024 at 17:12, hev @.***> wrote:
@vavrecan https://github.com/vavrecan tcp splitter?
— Reply to this email directly, view it on GitHub https://github.com/heiher/hev-socks5-server/issues/43#issuecomment-1900699886, or unsubscribe https://github.com/notifications/unsubscribe-auth/AANUREOHUPIOEXHXCXB3T43YPKLQHAVCNFSM6AAAAABCBFLXSCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSMBQGY4TSOBYGY . You are receiving this because you were mentioned.Message ID: @.***>
I am thinking about changing hev_task_io_splice adding two new parameters, size_t sent, size_t received and then just incrementing new variable in _HevTaskIOSplicer structurure (as it is using IO_SPLICE_SYSCALL - its more performer isn't it?
I am thinking about changing hev_task_io_splice adding two new parameters, size_t sent, size_t received and then just incrementing new variable in _HevTaskIOSplicer structurure (as it is using IO_SPLICE_SYSCALL - its more performer isn't it?
Yeah. You need a custom splicer
with counting.
Hello,
I'm wondering if it's possible to track traffic and associate it with a username. For UDP, it's relatively straightforward, as the transferred size is in res variable of hev_socks5_udp_fwd_f / hev_socks5_udp_fwd_b.
However, for TCP, it presents a more challenging modification due to the task system performing a copy, and it doesn't expose the size of transferred data. Do you have any ideas on how to achieve this for TCP?
Thank you!