diff --git a/app/tun/config.pb.go b/app/tun/config.pb.go new file mode 100644 index 000000000..2ebeb0ffb --- /dev/null +++ b/app/tun/config.pb.go @@ -0,0 +1,170 @@ +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.30.0 +// protoc v3.21.12 +// source: app/tun/config.proto + +package tun + +import ( + _ "github.com/v2fly/v2ray-core/v5/common/protoext" + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +type Config struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + Mtu uint32 `protobuf:"varint,2,opt,name=mtu,proto3" json:"mtu,omitempty"` + UserLevel uint32 `protobuf:"varint,3,opt,name=user_level,json=userLevel,proto3" json:"user_level,omitempty"` +} + +func (x *Config) Reset() { + *x = Config{} + if protoimpl.UnsafeEnabled { + mi := &file_app_tun_config_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *Config) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*Config) ProtoMessage() {} + +func (x *Config) ProtoReflect() protoreflect.Message { + mi := &file_app_tun_config_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use Config.ProtoReflect.Descriptor instead. +func (*Config) Descriptor() ([]byte, []int) { + return file_app_tun_config_proto_rawDescGZIP(), []int{0} +} + +func (x *Config) GetName() string { + if x != nil { + return x.Name + } + return "" +} + +func (x *Config) GetMtu() uint32 { + if x != nil { + return x.Mtu + } + return 0 +} + +func (x *Config) GetUserLevel() uint32 { + if x != nil { + return x.UserLevel + } + return 0 +} + +var File_app_tun_config_proto protoreflect.FileDescriptor + +var file_app_tun_config_proto_rawDesc = []byte{ + 0x0a, 0x14, 0x61, 0x70, 0x70, 0x2f, 0x74, 0x75, 0x6e, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, + 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x12, 0x76, 0x32, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, + 0x72, 0x65, 0x2e, 0x61, 0x70, 0x70, 0x2e, 0x74, 0x75, 0x6e, 0x1a, 0x20, 0x63, 0x6f, 0x6d, 0x6d, + 0x6f, 0x6e, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x65, 0x78, 0x74, 0x2f, 0x65, 0x78, 0x74, 0x65, + 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x61, 0x0a, 0x06, + 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x10, 0x0a, 0x03, 0x6d, 0x74, + 0x75, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x03, 0x6d, 0x74, 0x75, 0x12, 0x1d, 0x0a, 0x0a, + 0x75, 0x73, 0x65, 0x72, 0x5f, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0d, + 0x52, 0x09, 0x75, 0x73, 0x65, 0x72, 0x4c, 0x65, 0x76, 0x65, 0x6c, 0x3a, 0x12, 0x82, 0xb5, 0x18, + 0x0e, 0x0a, 0x07, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x03, 0x74, 0x75, 0x6e, 0x42, + 0x57, 0x0a, 0x16, 0x63, 0x6f, 0x6d, 0x2e, 0x76, 0x32, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x72, + 0x65, 0x2e, 0x61, 0x70, 0x70, 0x2e, 0x74, 0x75, 0x6e, 0x50, 0x01, 0x5a, 0x26, 0x67, 0x69, 0x74, + 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x76, 0x32, 0x66, 0x6c, 0x79, 0x2f, 0x76, 0x32, + 0x72, 0x61, 0x79, 0x2d, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x35, 0x2f, 0x61, 0x70, 0x70, 0x2f, + 0x74, 0x75, 0x6e, 0xaa, 0x02, 0x12, 0x56, 0x32, 0x52, 0x61, 0x79, 0x2e, 0x43, 0x6f, 0x72, 0x65, + 0x2e, 0x41, 0x70, 0x70, 0x2e, 0x54, 0x75, 0x6e, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, +} + +var ( + file_app_tun_config_proto_rawDescOnce sync.Once + file_app_tun_config_proto_rawDescData = file_app_tun_config_proto_rawDesc +) + +func file_app_tun_config_proto_rawDescGZIP() []byte { + file_app_tun_config_proto_rawDescOnce.Do(func() { + file_app_tun_config_proto_rawDescData = protoimpl.X.CompressGZIP(file_app_tun_config_proto_rawDescData) + }) + return file_app_tun_config_proto_rawDescData +} + +var file_app_tun_config_proto_msgTypes = make([]protoimpl.MessageInfo, 1) +var file_app_tun_config_proto_goTypes = []interface{}{ + (*Config)(nil), // 0: v2ray.core.app.tun.Config +} +var file_app_tun_config_proto_depIdxs = []int32{ + 0, // [0:0] is the sub-list for method output_type + 0, // [0:0] is the sub-list for method input_type + 0, // [0:0] is the sub-list for extension type_name + 0, // [0:0] is the sub-list for extension extendee + 0, // [0:0] is the sub-list for field type_name +} + +func init() { file_app_tun_config_proto_init() } +func file_app_tun_config_proto_init() { + if File_app_tun_config_proto != nil { + return + } + if !protoimpl.UnsafeEnabled { + file_app_tun_config_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Config); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_app_tun_config_proto_rawDesc, + NumEnums: 0, + NumMessages: 1, + NumExtensions: 0, + NumServices: 0, + }, + GoTypes: file_app_tun_config_proto_goTypes, + DependencyIndexes: file_app_tun_config_proto_depIdxs, + MessageInfos: file_app_tun_config_proto_msgTypes, + }.Build() + File_app_tun_config_proto = out.File + file_app_tun_config_proto_rawDesc = nil + file_app_tun_config_proto_goTypes = nil + file_app_tun_config_proto_depIdxs = nil +} diff --git a/app/tun/config.proto b/app/tun/config.proto new file mode 100644 index 000000000..bf3687441 --- /dev/null +++ b/app/tun/config.proto @@ -0,0 +1,22 @@ +syntax = "proto3"; + +package v2ray.core.app.tun; +option csharp_namespace = "V2Ray.Core.App.Tun"; +option go_package = "github.com/v2fly/v2ray-core/v5/app/tun"; +option java_package = "com.v2ray.core.app.tun"; +option java_multiple_files = true; + + +// import "app/router/routercommon/common.proto"; + +import "common/protoext/extensions.proto"; + +message Config { + option (v2ray.core.common.protoext.message_opt).type = "service"; + option (v2ray.core.common.protoext.message_opt).short_name = "tun"; + + + string name = 1; + uint32 mtu = 2; + uint32 user_level = 3; +} \ No newline at end of file diff --git a/app/tun/device/device.go b/app/tun/device/device.go new file mode 100644 index 000000000..6fb52d2e8 --- /dev/null +++ b/app/tun/device/device.go @@ -0,0 +1,19 @@ +package device + +import ( + "github.com/v2fly/v2ray-core/v5/common" + "gvisor.dev/gvisor/pkg/tcpip/stack" +) + +type Device interface { + stack.LinkEndpoint + + common.Closable +} + +type Options struct { + Name string + MTU uint32 +} + +type NewTUNFunc func(Options) (Device, error) diff --git a/app/tun/device/tun/errors.generated.go b/app/tun/device/tun/errors.generated.go new file mode 100644 index 000000000..0f01e11d7 --- /dev/null +++ b/app/tun/device/tun/errors.generated.go @@ -0,0 +1,9 @@ +package tun + +import "github.com/v2fly/v2ray-core/v5/common/errors" + +type errPathObjHolder struct{} + +func newError(values ...interface{}) *errors.Error { + return errors.New(values...).WithPathObj(errPathObjHolder{}) +} diff --git a/app/tun/device/tun/tun.go b/app/tun/device/tun/tun.go new file mode 100644 index 000000000..ca0e66e36 --- /dev/null +++ b/app/tun/device/tun/tun.go @@ -0,0 +1,3 @@ +package tun + +//go:generate go run github.com/v2fly/v2ray-core/v5/common/errors/errorgen diff --git a/app/tun/device/tun/tun_gvisor.go b/app/tun/device/tun/tun_gvisor.go new file mode 100644 index 000000000..2197d3c09 --- /dev/null +++ b/app/tun/device/tun/tun_gvisor.go @@ -0,0 +1,68 @@ +//go:build linux && ((linux && amd64) || (linux && arm64)) +// +build linux +// +build linux,amd64 linux,arm64 + +package tun + +import ( + "github.com/v2fly/v2ray-core/v5/app/tun/device" + "golang.org/x/sys/unix" + "gvisor.dev/gvisor/pkg/tcpip/stack" + + "gvisor.dev/gvisor/pkg/tcpip/link/fdbased" + "gvisor.dev/gvisor/pkg/tcpip/link/rawfile" + "gvisor.dev/gvisor/pkg/tcpip/link/tun" +) + +type TUN struct { + stack.LinkEndpoint + + options device.Options + + fd int + mtu uint32 // real MTU +} + +func New(options device.Options) (device.Device, error) { + t := &TUN{options: options} + + if len(options.Name) > unix.IFNAMSIZ { + return nil, newError("name too long").AtError() + } + + fd, err := tun.Open(options.Name) + if err != nil { + return nil, newError("failed to open tun device").Base(err).AtError() + } + t.fd = fd + + // TODO: set MTU + + mtu, err := rawfile.GetMTU(options.Name) + if err != nil { + return nil, newError("failed to get mtu").Base(err).AtError() + } + t.mtu = mtu + + linkEndpoint, err := fdbased.New(&fdbased.Options{ + FDs: []int{fd}, + MTU: mtu, + // TUN is not need to process ethernet header. + EthernetHeader: false, + // Readv is the default dispatch mode and is the least performant of the + // dispatch options but the one that is supported by all underlying FD + // types. + PacketDispatchMode: fdbased.Readv, + MaxSyscallHeaderBytes: 0x00, + }) + if err != nil { + return nil, newError("failed to create link endpoint").Base(err).AtError() + } + t.LinkEndpoint = linkEndpoint + + return t, nil +} + +func (t *TUN) Close() error { + return unix.Close(t.fd) +} diff --git a/app/tun/errors.generated.go b/app/tun/errors.generated.go new file mode 100644 index 000000000..0f01e11d7 --- /dev/null +++ b/app/tun/errors.generated.go @@ -0,0 +1,9 @@ +package tun + +import "github.com/v2fly/v2ray-core/v5/common/errors" + +type errPathObjHolder struct{} + +func newError(values ...interface{}) *errors.Error { + return errors.New(values...).WithPathObj(errPathObjHolder{}) +} diff --git a/app/tun/handler.go b/app/tun/handler.go new file mode 100644 index 000000000..75e8485f7 --- /dev/null +++ b/app/tun/handler.go @@ -0,0 +1 @@ +package tun diff --git a/app/tun/handler_tcp.go b/app/tun/handler_tcp.go new file mode 100644 index 000000000..98027677a --- /dev/null +++ b/app/tun/handler_tcp.go @@ -0,0 +1,96 @@ +package tun + +import ( + "context" + + "github.com/v2fly/v2ray-core/v5/common" + "github.com/v2fly/v2ray-core/v5/common/buf" + "github.com/v2fly/v2ray-core/v5/common/log" + "github.com/v2fly/v2ray-core/v5/common/net" + "github.com/v2fly/v2ray-core/v5/common/signal" + "github.com/v2fly/v2ray-core/v5/common/task" + "github.com/v2fly/v2ray-core/v5/features/policy" + "github.com/v2fly/v2ray-core/v5/features/routing" + "gvisor.dev/gvisor/pkg/tcpip/adapters/gonet" + "gvisor.dev/gvisor/pkg/tcpip/stack" + "gvisor.dev/gvisor/pkg/tcpip/transport/tcp" + "gvisor.dev/gvisor/pkg/waiter" +) + +type TCPHandler struct { + ctx context.Context + dispatcher routing.Dispatcher + policyManager policy.Manager + config *Config + + stack *stack.Stack + rcvWnd int + maxInFlight int +} + +func (h *TCPHandler) SetHandler() { + tcpForwarder := tcp.NewForwarder(h.stack, h.rcvWnd, h.maxInFlight, func(r *tcp.ForwarderRequest) { + wg := new(waiter.Queue) + linkedEndpoint, err := r.CreateEndpoint(wg) + if err != nil { + r.Complete(true) + return + } + defer r.Complete(false) + + // TODO: set sockopt + + h.handle(gonet.NewTCPConn(wg, linkedEndpoint)) + + }) + h.stack.SetTransportProtocolHandler(tcp.ProtocolNumber, tcpForwarder.HandlePacket) +} + +func (h *TCPHandler) handle(conn *gonet.TCPConn) error { + sessionPolicy := h.policyManager.ForLevel(h.config.UserLevel) + + addr := conn.RemoteAddr() + + dest := net.DestinationFromAddr(addr) + ctx := log.ContextWithAccessMessage(h.ctx, &log.AccessMessage{ + From: addr, + To: dest, + Status: log.AccessAccepted, + Reason: "", + }) + ctx, cancel := context.WithCancel(ctx) + timer := signal.CancelAfterInactivity(ctx, cancel, sessionPolicy.Timeouts.ConnectionIdle) + link, err := h.dispatcher.Dispatch(ctx, dest) + if err != nil { + return newError("failed to dispatch").Base(err) + } + + responseDone := func() error { + defer timer.SetTimeout(sessionPolicy.Timeouts.UplinkOnly) + + if err := buf.Copy(link.Reader, buf.NewWriter(conn), buf.UpdateActivity(timer)); err != nil { + return newError("failed to transport all TCP response").Base(err) + } + + return nil + } + + requestDone := func() error { + defer timer.SetTimeout(sessionPolicy.Timeouts.DownlinkOnly) + + if err := buf.Copy(buf.NewReader(conn), link.Writer, buf.UpdateActivity(timer)); err != nil { + return newError("failed to transport all TCP request").Base(err) + } + + return nil + } + + requestDoneAndCloseWriter := task.OnSuccess(requestDone, task.Close(link.Writer)) + if err := task.Run(h.ctx, requestDoneAndCloseWriter, responseDone); err != nil { + common.Interrupt(link.Reader) + common.Interrupt(link.Writer) + return newError("connection ends").Base(err) + } + + return nil +} diff --git a/app/tun/stack.go b/app/tun/stack.go new file mode 100644 index 000000000..2d498d108 --- /dev/null +++ b/app/tun/stack.go @@ -0,0 +1,29 @@ +package tun + +import ( + "gvisor.dev/gvisor/pkg/tcpip/network/ipv4" + "gvisor.dev/gvisor/pkg/tcpip/network/ipv6" + "gvisor.dev/gvisor/pkg/tcpip/stack" + "gvisor.dev/gvisor/pkg/tcpip/transport/icmp" + "gvisor.dev/gvisor/pkg/tcpip/transport/tcp" + "gvisor.dev/gvisor/pkg/tcpip/transport/udp" +) + +func CreateStack(_ stack.LinkEndpoint) (*stack.Stack, error) { + s := stack.New(stack.Options{ + NetworkProtocols: []stack.NetworkProtocolFactory{ + ipv4.NewProtocol, + ipv6.NewProtocol, + }, + TransportProtocols: []stack.TransportProtocolFactory{ + tcp.NewProtocol, + udp.NewProtocol, + icmp.NewProtocol4, + icmp.NewProtocol6, + }, + }) + + // nicID := tcpip.NICID(s.UniqueID()) + + return s, nil +} diff --git a/app/tun/tun.go b/app/tun/tun.go new file mode 100644 index 000000000..1ce8f79e4 --- /dev/null +++ b/app/tun/tun.go @@ -0,0 +1,89 @@ +//go:build !confonly +// +build !confonly + +package tun + +import ( + "context" + + core "github.com/v2fly/v2ray-core/v5" + "github.com/v2fly/v2ray-core/v5/app/tun/device" + "github.com/v2fly/v2ray-core/v5/app/tun/device/tun" + "github.com/v2fly/v2ray-core/v5/common" + "github.com/v2fly/v2ray-core/v5/features/policy" + "github.com/v2fly/v2ray-core/v5/features/routing" + "gvisor.dev/gvisor/pkg/tcpip/stack" +) + +//go:generate go run github.com/v2fly/v2ray-core/v5/common/errors/errorgen + +type TUN struct { + ctx context.Context + dispatcher routing.Dispatcher + policyManager policy.Manager + config *Config + + stack *stack.Stack +} + +func (t *TUN) Type() interface{} { + return (*TUN)(nil) +} + +func (t *TUN) Start() error { + var newDeviceFunc device.NewTUNFunc + newDeviceFunc = tun.New + device, err := newDeviceFunc(device.Options{ + Name: t.config.Name, + MTU: t.config.Mtu, + }) + if err != nil { + return newError("failed to create device").Base(err).AtError() + } + + stack, err := CreateStack(device) + if err != nil { + return newError("failed to create stack").Base(err).AtError() + } + t.stack = stack + + tcpHandler := &TCPHandler{ + ctx: t.ctx, + dispatcher: t.dispatcher, + policyManager: t.policyManager, + config: t.config, + stack: stack, + } + + tcpHandler.SetHandler() + + return nil +} + +func (t *TUN) Close() error { + if t.stack != nil { + t.stack.Close() + t.stack.Wait() + } + return nil +} + +func NewTUN(ctx context.Context, config *Config, dispatcher routing.Dispatcher) *TUN { + v := core.MustFromContext(ctx) + return &TUN{ + ctx: ctx, + dispatcher: dispatcher, + config: config, + policyManager: v.GetFeature(policy.ManagerType()).(policy.Manager), + } +} + +func init() { + common.Must(common.RegisterConfig((*Config)(nil), func(ctx context.Context, config interface{}) (interface{}, error) { + tun := core.RequireFeatures(ctx, func(d routing.Dispatcher) *TUN { + return NewTUN(ctx, config.(*Config), d) + }) + + return tun, nil + })) +}