Turn off fake DNS for request sent from Routing and Freedom outbound.
Fake DNS now only apply to DNS outbound.
This is important for Android, where VPN service take over all system DNS
traffic and pass it to core. "UseIp" option can be used in Freedom outbound
to avoid getting fake IP and fail connection.
Co-authored-by: loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com>
* Add fake dns
A new config object "fake" in DnsObject for toggling fake dns function
Compare with sniffing, fake dns is not limited to http and tls traffic.
It works across all inbounds. For example, when dns request come
from one inbound, the local DNS server of v2ray will response with a
unique fake IP for every unique domain name. Then later on v2ray
received a request to one of the fake IP from any inbounds, it will
override the request destination with the previously saved domain.
By default, v2ray cache up to 65535 addresses. The old records will
be discarded bases on LRU. The fake IP will be 240.x.x.x
* fix an edge case when encounter a fake IP in use
* Move lru to common.cache package
* Added the necessary change to obtain request IP from sniffer
* Refactor the code so that it may stop depending on global variables in the future.
* Replace string manipulation code with more generic codes, hopefully this will work for both IPv4 and IPv6 networks.
* Try to use IPv4 version of address if possible
* Added Test Case for Fake Dns
* Added More Test Case for Fake Dns
* Stop user from creating a instance with LRU size more than subnet size, it will create a infinite loop
* Move Fake DNS to a separate package
* Generated Code for fakedns
* Encapsulate Fake DNS as a Instance wide service
* Added Support for metadata sniffer, which will be used for Fake DNS
* Dependency injection for fake dns
* Fake DNS As a Sniffer
* Remove stub object
* Remove global variable
* Update generated protobuf file for metadata only sniffing
* Apply Fake DNS config to session
* Loading for fake dns settings
* Bug fix
* Include fake dns in all
* Fix FakeDns Lint Condition
* Fix sniffer config
* Fix lint message
* Fix dependency resolution
* Fix fake dns not loaded as sniffer
* reduce ttl for fake dns
* Apply Coding Style
* Apply Coding Style
* Apply Coding Style
* Apply Coding Style
* Apply Coding Style
* Fix crashed when no fake dns
* Apply Coding Style
* Fix Fake DNS do not apply to UDP socket
* Fixed a bug prevent FakeDNS App Setting from become effective
* Fixed a caveat prevent FakeDNS App Setting from become effective
* Use log comparison to reduce in issue when it comes to really high value typical for ipv6 subnet
* Add build tag for fakedns
* Removal of FakeDNS specific logic at DNS client: making it a standard dns client
* Regenerate auto generated file
* Amended version of configure file
* Bug fixes for fakeDNS
* Bug fixes for fakeDNS
* Fix test: remove reference to removed attribute
* Test: fix codacy issue
* Conf: Remove old field support
* Test: fix codacy issue
* Change test scale for TestFakeDnsHolderCreateMappingAndRollOver
* Test: fix codacy issue
Co-authored-by: yuhan6665 <1588741+yuhan6665@users.noreply.github.com>
Co-authored-by: loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com>
Co-authored-by: kslr <kslrwang@gmail.com>
- Previously, without specifying the server IP, the remote address in the response to a UdpAssoicate command is `127.0.0.1`, which might break UDP for non-localhost clients.
- This commit changes it so that, localhost clients get responses with the corresponding loopback IP, non-localhost clients get responses with the corresponding `net.AnyIP` or `net.AnyIPv6`.
- The new behavior is also consistent with many other implementations. So the compatibility is guaranteed. It also makes specifying server IP optional.
- When you connect to a non-localhost socks5 server, in the response of a UdpAssociate from a socks5 server, the remote address may be `::` or `0.0.0.0`. The previous behavior is to connect to the remote address in the response, which obviously fails.
- This commit changes the behavior to dial to the outbound server's address when the remote address in the response is `::` or `0.0.0.0`.
- Rename `cmdUDPPort` to `cmdUDPAssociate` for clarity.
* rename AuthIDDecoderHolder private fields
* ignore unused return value more clear
* change PoolSwap to private fields
* refactor Unlock to defer
* use const capacity, reorder code layout
* replace mismatch field name poolX with type Filter
* change AntiReplayTime to private fileds, protect to modify
* rename lastSwapTime to lastSwap
* merge duplicate time.Now.
Since the current unit is in seconds, there is no need to repeat the call
* refine negate expression
* rename antiReplayTime to interval
* add docs
* fix lint stutter issue, rename antireplay.AntiReplayWindow to antireplay.ReplayFilter
* rename fileds m,n to poolA,poolB
* rename antireplay.go to replayfilter.go
* fix build issue
Co-authored-by: Chinsyo <chinsyo@sina.cn>