Skip to content

Commit

Permalink
add wg dns timeout
Browse files Browse the repository at this point in the history
  • Loading branch information
@ibigbug
ibigbug committed Dec 25, 2023
1 parent 5eb89e1 commit 3493ac3
Show file tree
Hide file tree
Showing 3 changed files with 21 additions and 11 deletions.
2 changes: 1 addition & 1 deletion clash/tests/data/config/wg.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ proxies:
allowed-ips: ['0.0.0.0/0']
remote-dns-resolve: true
dns:
- 1.1.1.1
- 8.8.8.8
udp: true


Expand Down
14 changes: 11 additions & 3 deletions clash_lib/src/proxy/wg/device.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -148,14 +148,22 @@ impl DeviceManager {

let pkt = UdpPacket::new(
msg.to_vec().unwrap().into(),
(self.addr, self.get_ephemeral_udp_port().await).into(),
SocksAddr::any_ipv4(),
server.into(),
);

socket.feed(pkt).await.ok()?;
socket.close().await.ok()?;
socket.flush().await.ok()?;
trace!("sent dns query: {:?}", msg);

let pkt = match tokio::time::timeout(Duration::from_secs(5), socket.next()).await {
Ok(Some(pkt)) => pkt,
_ => {
warn!("wg dns query timed out with server {server}");
return None;
}
};

let pkt = socket.next().await?;
let msg = hickory_proto::op::Message::from_vec(&pkt.data).ok()?;
trace!("got dns response: {:?}", msg);
msg.answers()
Expand Down
16 changes: 9 additions & 7 deletions clash_lib/src/proxy/wg/wireguard.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -109,7 +109,6 @@ impl WireguardTunnel {
}
boringtun::noise::TunnResult::WriteToNetwork(packet) => {
self.udp.send_to(&packet, self.endpoint).await?;
trace!("sent packet to {}", self.endpoint);
}
_ => {
error!("unexpected result from encapsulate");
Expand All @@ -133,8 +132,6 @@ impl WireguardTunnel {
}

pub async fn start_forwarding(&self) {
trace!("wg stack writing data");

let mut packet_reader = self.packet_reader.lock().await;
loop {
match packet_reader.recv().await {
Expand Down Expand Up @@ -235,6 +232,8 @@ impl WireguardTunnel {
}

TunnResult::WriteToTunnelV4(packet, addr) => {
trace_ip_packet("Received IP packet", packet);

if !self.is_ip_allowed(addr.into()) {
trace!(
"received packet from {} which is not in allowed_ips",
Expand All @@ -246,7 +245,7 @@ impl WireguardTunnel {
let _ =
trace_span!("wg_write_stack", endpoint = %self.endpoint, size = packet.len())
.entered();
trace_ip_packet("Received IP packet", packet);

if let Some(proto) = self.route_protocol(packet) {
if let Err(e) = self
.packet_writer
Expand All @@ -256,10 +255,12 @@ impl WireguardTunnel {
error!("failed to send packet to virtual device: {}", e);
}
} else {
trace!("wg stack recevied unkown data");
warn!("wg stack recevied unkown data");
}
}
TunnResult::WriteToTunnelV6(packet, addr) => {
trace_ip_packet("Received IP packet", packet);

if !self.is_ip_allowed(addr.into()) {
trace!(
"received packet from {} which is not in allowed_ips",
Expand All @@ -271,7 +272,6 @@ impl WireguardTunnel {
let _ =
trace_span!("wg_write_stack", endpoint = %self.endpoint, size = packet.len())
.entered();
trace_ip_packet("Received IP packet", packet);
if let Some(proto) = self.route_protocol(packet) {
if let Err(e) = self
.packet_writer
Expand All @@ -281,7 +281,7 @@ impl WireguardTunnel {
error!("failed to send packet to virtual device: {}", e);
}
} else {
trace!("wg stack recevied unkown data");
warn!("wg stack recevied unkown data");
}
}
}
Expand All @@ -299,6 +299,8 @@ impl WireguardTunnel {
let mut buf = vec![0u8; 65535];
let mut peer = self.peer.lock().await;
let tun_result = peer.format_handshake_initiation(&mut buf[..], false);
drop(peer);

self.handle_routine_result(tun_result).await;
}
TunnResult::Err(e) => {
Expand Down

0 comments on commit 3493ac3

Please sign in to comment.