Open bAndie91 opened 1 month ago
Hi @bAndie91 ! Thanks for opening an issue!
UDP is currently not supported:
The protocol bytes are 0x12
for UDPv4 and 0x22
for UDPv6.
nc -u
works because netcat uses a connected UDP socket. Intercepting sendto(2)
and recvfrom(2)
should cover most UDP usage.
A PR is welcome, otherwise I will look at adding support!
hi @msantos, thanks picking up the line. if i understand well, need to patch these places:
((struct sockaddr_in *)from)->sin_addr.s_addr
) and TCPv6 are good for UDP as well. maybe a case
fall-through would be enough here?strcmp(token, "UDP4")
and strcmp(token, "UDP6")
would make it?recvfrom()
as first glance, the problem is that it does not know how much is read from the socket. do we need to somehow note whether or not PROXY header is read from the socket?sendto()
i started to implement it here
https://github.com/msantos/libproxyproto/compare/master...bAndie91:libproxyproto:proxy-udp?expand=1
currently it does not seem to intercept recvfrom()
…
it reads using recvmsg()
. [EDIT] source address is in struct msghdr
in msg_name
field.
now it seems intercepting recvmsg
is not enough, because the program understandably wants to reply to the faked (proxy) address. thinking about maintaining yet an other list of real↔proxy address pairs...
would it work for UDP?
tested with
netcat -u
, and it made the client send the PROXY header corretly, but not the server. obviously, because there is noaccept()
for udp. i started to overriderecv*()
family, but don´t know how coprehensive would it be.my use-case is to make powerDNS authoritative server know the real source when curveDNS being the frontend for DNS requests and it forwards to powerDNS.