From 95bbfe39457d1cc6c620d9f7718924ea6b39ef99 Mon Sep 17 00:00:00 2001 From: yaling888 <73897884+yaling888@users.noreply.github.com> Date: Wed, 5 Apr 2023 14:05:23 +0800 Subject: [PATCH] Fix: should always drop packet when handle UDP packet (#2659) --- tunnel/connection.go | 2 -- tunnel/tunnel.go | 7 +++++++ 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/tunnel/connection.go b/tunnel/connection.go index cf37114..0614603 100644 --- a/tunnel/connection.go +++ b/tunnel/connection.go @@ -12,8 +12,6 @@ import ( ) func handleUDPToRemote(packet C.UDPPacket, pc C.PacketConn, metadata *C.Metadata) error { - defer packet.Drop() - addr := metadata.UDPAddr() if addr == nil { return errors.New("udp addr invalid") diff --git a/tunnel/tunnel.go b/tunnel/tunnel.go index 20e03fd..5eaf421 100644 --- a/tunnel/tunnel.go +++ b/tunnel/tunnel.go @@ -176,6 +176,7 @@ func resolveMetadata(ctx C.PlainContext, metadata *C.Metadata) (proxy C.Proxy, r func handleUDPConn(packet *inbound.PacketAdapter) { metadata := packet.Metadata() if !metadata.Valid() { + packet.Drop() log.Warnln("[Metadata] not valid: %#v", metadata) return } @@ -188,6 +189,7 @@ func handleUDPConn(packet *inbound.PacketAdapter) { } if err := preHandleMetadata(metadata); err != nil { + packet.Drop() log.Debugln("[Metadata PreHandle] error: %s", err) return } @@ -196,8 +198,10 @@ func handleUDPConn(packet *inbound.PacketAdapter) { if !metadata.Resolved() { ips, err := resolver.LookupIP(context.Background(), metadata.Host) if err != nil { + packet.Drop() return } else if len(ips) == 0 { + packet.Drop() return } metadata.DstIP = ips[0] @@ -215,6 +219,7 @@ func handleUDPConn(packet *inbound.PacketAdapter) { } if handle() { + packet.Drop() return } @@ -222,6 +227,8 @@ func handleUDPConn(packet *inbound.PacketAdapter) { cond, loaded := natTable.GetOrCreateLock(lockKey) go func() { + defer packet.Drop() + if loaded { cond.L.Lock() cond.Wait()