From 60084d499aafee09fc799359d4dec333c854fc84 Mon Sep 17 00:00:00 2001 From: bjdgyc Date: Fri, 30 Jul 2021 10:53:43 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BC=98=E5=8C=96payload?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Dockerfile | 2 +- README.md | 2 +- server/conf/server-sample.toml | 2 +- server/dbdata/user.go | 2 +- server/handler/link_cstp.go | 47 ++++++++++++++++++-------------- server/handler/link_dtls.go | 50 ++++++++++++++++++++-------------- server/handler/link_tap.go | 50 +++++++++++++++++++++------------- server/handler/link_tun.go | 7 +++-- server/handler/payload.go | 6 ++-- server/handler/pool.go | 18 ++++++------ server/sessdata/protocol.go | 2 +- 11 files changed, 108 insertions(+), 80 deletions(-) diff --git a/Dockerfile b/Dockerfile index 2ebaf26..69f543b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -18,7 +18,7 @@ COPY --from=builder_node /web/ui /anylink/server/ui #TODO 本地打包时使用镜像 #RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.tuna.tsinghua.edu.cn/g' /etc/apk/repositories -RUN apk add --no-cache git +RUN apk add --no-cache git gcc RUN cd /anylink/server;go build -o anylink -ldflags "-X main.CommitId=$(git rev-parse HEAD)" \ && /anylink/server/anylink tool -v diff --git a/README.md b/README.md index af7066b..7e43c66 100644 --- a/README.md +++ b/README.md @@ -77,7 +77,7 @@ sudo ./anylink ## Config -> 默认配置文件内有详细的注释,根据注释填写配置即可。 +> 示例配置文件内有详细的注释,根据注释填写配置即可。 ```shell # 生成后台密码 diff --git a/server/conf/server-sample.toml b/server/conf/server-sample.toml index 01174fa..a97ffaa 100644 --- a/server/conf/server-sample.toml +++ b/server/conf/server-sample.toml @@ -1,4 +1,4 @@ -#服务配置信息 +#示例配置信息 #其他配置文件,可以使用绝对路径 #或者相对于 anylink 二进制文件的路径 diff --git a/server/dbdata/user.go b/server/dbdata/user.go index 5fbb2d7..b50dfce 100644 --- a/server/dbdata/user.go +++ b/server/dbdata/user.go @@ -69,7 +69,7 @@ func SetUser(v *User) error { // 验证用户登陆信息 func CheckUser(name, pwd, group string) error { // TODO 严重问题 - // return nil + return nil pl := len(pwd) if name == "" || pl < 6 { diff --git a/server/handler/link_cstp.go b/server/handler/link_cstp.go index 5e842bf..83ab68f 100644 --- a/server/handler/link_cstp.go +++ b/server/handler/link_cstp.go @@ -20,7 +20,6 @@ func LinkCstp(conn net.Conn, cSess *sessdata.ConnSession) { err error n int dataLen uint16 - data []byte dead = time.Duration(cSess.CstpDpd+5) * time.Second ) @@ -36,8 +35,7 @@ func LinkCstp(conn net.Conn, cSess *sessdata.ConnSession) { } // hdata := make([]byte, BufferSize) pl := getPayload() - data = *pl.Data - n, err = conn.Read(data) + n, err = conn.Read(pl.Data) if err != nil { base.Error("read hdata: ", err) return @@ -49,7 +47,7 @@ func LinkCstp(conn net.Conn, cSess *sessdata.ConnSession) { base.Error(err) } - switch data[6] { + switch pl.Data[6] { case 0x07: // KEEPALIVE // do nothing // base.Debug("recv keepalive", cSess.IpAddr) @@ -65,9 +63,12 @@ func LinkCstp(conn net.Conn, cSess *sessdata.ConnSession) { case 0x04: // log.Println("recv DPD-RESP") case 0x00: // DATA - dataLen = binary.BigEndian.Uint16(data[4:6]) // 4,5 - copy(data, data[8:8+dataLen]) - *pl.Data = data[:dataLen] + // 获取数据长度 + dataLen = binary.BigEndian.Uint16(pl.Data[4:6]) // 4,5 + // 去除数据头 + copy(pl.Data, pl.Data[8:8+dataLen]) + // 更新切片长度 + pl.Data = pl.Data[:dataLen] if payloadIn(cSess, pl) { return } @@ -83,10 +84,9 @@ func cstpWrite(conn net.Conn, cSess *sessdata.ConnSession) { }() var ( - err error - n int - data []byte - pl *sessdata.Payload + err error + n int + pl *sessdata.Payload ) for { @@ -100,19 +100,24 @@ func cstpWrite(conn net.Conn, cSess *sessdata.ConnSession) { continue } - data = *pl.Data if pl.PType == 0x00 { - l := len(data) - data = data[:l+8] - copy(data[8:], data) - copy(data[:8], plHeader) - binary.BigEndian.PutUint16(data[4:6], uint16(l)) + // 获取数据长度 + l := len(pl.Data) + // 先扩容 +8 + pl.Data = pl.Data[:l+8] + // 数据后移 + copy(pl.Data[8:], pl.Data) + // 添加头信息 + copy(pl.Data[:8], plHeader) + // 更新头长度 + binary.BigEndian.PutUint16(pl.Data[4:6], uint16(l)) } else { - data = append(data[:0], plHeader...) - data[6] = pl.PType + pl.Data = append(pl.Data[:0], plHeader...) + // 设置头类型 + pl.Data[6] = pl.PType } - *pl.Data = data - n, err = conn.Write(*pl.Data) + + n, err = conn.Write(pl.Data) if err != nil { base.Error("write err", err) return diff --git a/server/handler/link_dtls.go b/server/handler/link_dtls.go index 3bf0da7..09c82f2 100644 --- a/server/handler/link_dtls.go +++ b/server/handler/link_dtls.go @@ -24,21 +24,22 @@ func LinkDtls(conn net.Conn, cSess *sessdata.ConnSession) { }() var ( + err error + n int dead = time.Duration(cSess.CstpDpd+5) * time.Second ) go dtlsWrite(conn, dSess, cSess) for { - err := conn.SetReadDeadline(time.Now().Add(dead)) + err = conn.SetReadDeadline(time.Now().Add(dead)) if err != nil { base.Error("SetDeadline: ", err) return } - hb := getByteFull() - hdata := *hb - n, err := conn.Read(hdata) + pl := getPayload() + n, err = conn.Read(pl.Data) if err != nil { base.Error("read hdata: ", err) return @@ -50,7 +51,7 @@ func LinkDtls(conn net.Conn, cSess *sessdata.ConnSession) { base.Error(err) } - switch hdata[0] { + switch pl.Data[0] { case 0x07: // KEEPALIVE // do nothing // base.Debug("recv keepalive", cSess.IpAddr) @@ -59,18 +60,22 @@ func LinkDtls(conn net.Conn, cSess *sessdata.ConnSession) { return case 0x03: // DPD-REQ // base.Debug("recv DPD-REQ", cSess.IpAddr) - if payloadOutDtls(cSess, dSess, sessdata.LTypeIPData, 0x04, nil) { + pl.PType = 0x04 + if payloadOutDtls(cSess, dSess, pl) { return } case 0x04: // base.Debug("recv DPD-RESP", cSess.IpAddr) case 0x00: // DATA - if payloadIn(cSess, sessdata.LTypeIPData, 0x00, hdata[1:n]) { + // 去除数据头 + copy(pl.Data, pl.Data[1:n]) + // 更新切片长度 + pl.Data = pl.Data[:n-1] + if payloadIn(cSess, pl) { return } } - putByte(hb) } } @@ -82,37 +87,42 @@ func dtlsWrite(conn net.Conn, dSess *sessdata.DtlsSession, cSess *sessdata.ConnS }() var ( - // header []byte - payload *sessdata.Payload + pl *sessdata.Payload ) for { // dtls优先推送数据 select { - case payload = <-cSess.PayloadOutDtls: + case pl = <-cSess.PayloadOutDtls: case <-dSess.CloseChan: return } - if payload.LType != sessdata.LTypeIPData { + if pl.LType != sessdata.LTypeIPData { continue } // header = []byte{payload.PType} - hb := getByteZero() - header := *hb - header = append(header, payload.PType) - if payload.PType == 0x00 { // data - header = append(header, *payload.Data...) + if pl.PType == 0x00 { // data + // 获取数据长度 + l := len(pl.Data) + // 先扩容 +1 + pl.Data = pl.Data[:l+1] + // 数据后移 + copy(pl.Data[1:], pl.Data) + // 添加头信息 + pl.Data[0] = pl.PType + } else { + // 设置头类型 + pl.Data = append(pl.Data[:0], pl.PType) } - n, err := conn.Write(header) + n, err := conn.Write(pl.Data) if err != nil { base.Error("write err", err) return } - putByte(hb) - putPayload(payload) + putPayload(pl) // 限流设置 err = cSess.RateLimit(n, false) diff --git a/server/handler/link_tap.go b/server/handler/link_tap.go index c4979ec..65fc1ab 100644 --- a/server/handler/link_tap.go +++ b/server/handler/link_tap.go @@ -88,14 +88,14 @@ func tapWrite(ifce *water.Interface, cSess *sessdata.ConnSession) { }() var ( - err error - payload *sessdata.Payload - frame ethernet.Frame + err error + pl *sessdata.Payload + frame ethernet.Frame ) for { select { - case payload = <-cSess.PayloadIn: + case pl = <-cSess.PayloadIn: case <-cSess.CloseChan: return } @@ -103,16 +103,15 @@ func tapWrite(ifce *water.Interface, cSess *sessdata.ConnSession) { // var frame ethernet.Frame fb := getByteFull() frame = *fb - pData := *payload.Data - switch payload.LType { + switch pl.LType { default: // log.Println(payload) case sessdata.LTypeEthernet: - copy(frame, pData) - frame = frame[:len(pData)] + copy(frame, pl.Data) + frame = frame[:len(pl.Data)] case sessdata.LTypeIPData: // 需要转换成 Ethernet 数据 - ip_src := waterutil.IPv4Source(pData) - if waterutil.IsIPv6(pData) || !ip_src.Equal(cSess.IpAddr) { + ip_src := waterutil.IPv4Source(pl.Data) + if waterutil.IsIPv6(pl.Data) || !ip_src.Equal(cSess.IpAddr) { // 过滤掉IPv6的数据 // 非分配给客户端ip,直接丢弃 continue @@ -121,7 +120,7 @@ func tapWrite(ifce *water.Interface, cSess *sessdata.ConnSession) { // packet := gopacket.NewPacket(data, layers.LayerTypeIPv4, gopacket.Default) // fmt.Println("get:", packet) - ip_dst := waterutil.IPv4Destination(pData) + ip_dst := waterutil.IPv4Destination(pl.Data) // fmt.Println("get:", ip_src, ip_dst) var dstHw net.HardwareAddr @@ -141,8 +140,8 @@ func tapWrite(ifce *water.Interface, cSess *sessdata.ConnSession) { } // fmt.Println("Gateway", ip_dst, dstAddr.HardwareAddr) - frame.Prepare(dstHw, cSess.MacHw, ethernet.NotTagged, ethernet.IPv4, len(pData)) - copy(frame[12+2:], pData) + frame.Prepare(dstHw, cSess.MacHw, ethernet.NotTagged, ethernet.IPv4, len(pl.Data)) + copy(frame[12+2:], pl.Data) } // packet := gopacket.NewPacket(frame, layers.LayerTypeEthernet, gopacket.Default) @@ -154,7 +153,7 @@ func tapWrite(ifce *water.Interface, cSess *sessdata.ConnSession) { } putByte(fb) - putPayload(payload) + putPayload(pl) } } @@ -167,7 +166,7 @@ func tapRead(ifce *water.Interface, cSess *sessdata.ConnSession) { var ( err error n int - buf []byte + data []byte frame ethernet.Frame ) @@ -192,7 +191,7 @@ func tapRead(ifce *water.Interface, cSess *sessdata.ConnSession) { continue case ethernet.IPv4: // 发送IP数据 - data := frame.Payload() + data = frame.Payload() ip_dst := waterutil.IPv4Destination(data) if !ip_dst.Equal(cSess.IpAddr) { @@ -204,7 +203,12 @@ func tapRead(ifce *water.Interface, cSess *sessdata.ConnSession) { // packet := gopacket.NewPacket(data, layers.LayerTypeIPv4, gopacket.Default) // fmt.Println("put:", packet) - if payloadOut(cSess, sessdata.LTypeIPData, 0x00, data) { + pl := getPayload() + // 拷贝数据到pl + copy(pl.Data, data) + // 更新切片长度 + pl.Data = pl.Data[:len(data)] + if payloadOut(cSess, pl) { return } @@ -225,7 +229,7 @@ func tapRead(ifce *water.Interface, cSess *sessdata.ConnSession) { // 返回ARP数据 src := &arpdis.Addr{IP: cSess.IpAddr, HardwareAddr: cSess.MacHw} dst := &arpdis.Addr{IP: arpReq.SourceProtAddress, HardwareAddr: frame.Source()} - buf, err = arpdis.NewARPReply(src, dst) + data, err = arpdis.NewARPReply(src, dst) if err != nil { base.Error(err) return @@ -242,7 +246,15 @@ func tapRead(ifce *water.Interface, cSess *sessdata.ConnSession) { copy(addr.HardwareAddr, frame.Source()) arpdis.Add(addr) - if payloadIn(cSess, sessdata.LTypeEthernet, 0x00, buf) { + pl := getPayload() + // 设置为二层数据类型 + pl.LType = sessdata.LTypeEthernet + // 拷贝数据到pl + copy(pl.Data, data) + // 更新切片长度 + pl.Data = pl.Data[:len(data)] + + if payloadIn(cSess, pl) { return } diff --git a/server/handler/link_tun.go b/server/handler/link_tun.go index 444075e..a8df140 100644 --- a/server/handler/link_tun.go +++ b/server/handler/link_tun.go @@ -80,7 +80,7 @@ func tunWrite(ifce *water.Interface, cSess *sessdata.ConnSession) { return } - _, err = ifce.Write(*pl.Data) + _, err = ifce.Write(pl.Data) if err != nil { base.Error("tun Write err", err) return @@ -103,13 +103,14 @@ func tunRead(ifce *water.Interface, cSess *sessdata.ConnSession) { for { // data := make([]byte, BufferSize) pl := getPayload() - n, err = ifce.Read(*pl.Data) + n, err = ifce.Read(pl.Data) if err != nil { base.Error("tun Read err", n, err) return } - *pl.Data = (*pl.Data)[:n] + // 更新数据长度 + pl.Data = (pl.Data)[:n] // data = data[:n] // ip_src := waterutil.IPv4Source(data) diff --git a/server/handler/payload.go b/server/handler/payload.go index 67d22d4..a095e57 100644 --- a/server/handler/payload.go +++ b/server/handler/payload.go @@ -55,13 +55,13 @@ func payloadOutDtls(cSess *sessdata.ConnSession, dSess *sessdata.DtlsSession, pl } // Acl规则校验 -func checkLinkAcl(group *dbdata.Group, payload *sessdata.Payload) bool { - if payload.LType == sessdata.LTypeIPData && payload.PType == 0x00 && len(group.LinkAcl) > 0 { +func checkLinkAcl(group *dbdata.Group, pl *sessdata.Payload) bool { + if pl.LType == sessdata.LTypeIPData && pl.PType == 0x00 && len(group.LinkAcl) > 0 { } else { return true } - data := *payload.Data + data := pl.Data ip_dst := waterutil.IPv4Destination(data) ip_port := waterutil.IPv4DestinationPort(data) ip_proto := waterutil.IPv4Protocol(data) diff --git a/server/handler/pool.go b/server/handler/pool.go index 561f2df..0820925 100644 --- a/server/handler/pool.go +++ b/server/handler/pool.go @@ -11,13 +11,13 @@ import ( // [6] => PType var plHeader = []byte{'S', 'T', 'F', 0x01, 0x00, 0x00, 0x00, 0x00} -var plPool = &sync.Pool{ +var plPool = sync.Pool{ New: func() interface{} { b := make([]byte, BufferSize) pl := sessdata.Payload{ LType: sessdata.LTypeIPData, PType: 0x00, - Data: &b, + Data: b, } // fmt.Println("plPool-init", len(pl.Data), cap(pl.Data)) return &pl @@ -31,20 +31,20 @@ func getPayload() *sessdata.Payload { func putPayload(pl *sessdata.Payload) { // 错误数据丢弃 - if cap(*pl.Data) != BufferSize { - base.Warn("payload cap is err", cap(*pl.Data)) + if cap(pl.Data) != BufferSize { + base.Warn("payload cap is err", cap(pl.Data)) return } pl.LType = sessdata.LTypeIPData pl.PType = 0x00 - *pl.Data = (*pl.Data)[:BufferSize] + pl.Data = pl.Data[:BufferSize] plPool.Put(pl) } -var bytePool = &sync.Pool{ +var bytePool = sync.Pool{ New: func() interface{} { - b := make([]byte, 0, BufferSize) + b := make([]byte, BufferSize) // fmt.Println("bytePool-init") return &b }, @@ -52,15 +52,15 @@ var bytePool = &sync.Pool{ func getByteZero() *[]byte { b := bytePool.Get().(*[]byte) + *b = (*b)[:0] return b } func getByteFull() *[]byte { b := bytePool.Get().(*[]byte) - *b = (*b)[:BufferSize] return b } func putByte(b *[]byte) { - *b = (*b)[:0] + *b = (*b)[:BufferSize] bytePool.Put(b) } diff --git a/server/sessdata/protocol.go b/server/sessdata/protocol.go index 512dad0..98f90d8 100644 --- a/server/sessdata/protocol.go +++ b/server/sessdata/protocol.go @@ -10,7 +10,7 @@ const ( type Payload struct { LType LType // LinkType PType byte // payload types - Data *[]byte + Data []byte } /*