Documentation
¶
Index ¶
- Constants
- func AddDNSCryptRelay(t Tunnel, stamp string) error
- func AddDNSCryptTransport(t Tunnel, id, stamp string) (err error)
- func AddDNSProxy(t Tunnel, id, ip, port string) error
- func AddDefaultTransport(t Tunnel, typ, ippOrUrl, ips string) error
- func AddDoHTransport(t Tunnel, id, url, ips string) error
- func AddDoTTransport(t Tunnel, id, url, ips string) error
- func AddODoHTransport(t Tunnel, id, endpoint, resolver, epips string) error
- func AddProxyDNS(t Tunnel, p x.Proxy) error
- func LogLevel(level int)
- func NewICMPHandler(resolver dnsx.Resolver, prox ipn.Proxies, tunMode *settings.TunMode, ...) netstack.GICMPHandler
- func NewTCPHandler(resolver dnsx.Resolver, prox ipn.Proxies, tunMode *settings.TunMode, ...) netstack.GTCPConnHandler
- func NewUDPHandler(resolver dnsx.Resolver, prox ipn.Proxies, tunMode *settings.TunMode, ...) netstack.GUDPConnHandler
- func SetSystemDNS(t Tunnel, ipcsv string) error
- type Bridge
- type DefaultDNS
- type Listener
- type Mark
- type SocketListener
- type SocketSummary
- type Tunnel
Constants ¶
const ( ICMPOK = iota ICMPEND )
const ( ProtoTypeUDP = "udp" ProtoTypeTCP = "tcp" ProtoTypeICMP = "icmp" )
const ( TCPOK = iota TCPEND )
const ( UDPOK = iota UDPEND )
Variables ¶
This section is empty.
Functions ¶
func AddDNSCryptRelay ¶
AddDNSCryptRelay adds a DNSCrypt relay transport to the tunnel's resolver.
func AddDNSCryptTransport ¶
AddDNSCryptTransport creates and adds a DNSCrypt transport to the tunnel's resolver.
func AddDNSProxy ¶
AddDNSProxy creates and adds a DNS53 transport to the tunnel's resolver.
func AddDefaultTransport ¶
AddDefaultTransport adds a special default transport to the tunnel's resolver It may be either a DoH or a DNS53 transport.
func AddDoHTransport ¶
AddDoHTransport creates and adds a Transport that connects to the specified DoH server. `url` is the URL of a DoH server (no template, POST-only).
func AddDoTTransport ¶
AddDoTTransport creates and adds a Transport that connects to the specified DoT server.
func AddODoHTransport ¶
AddODoHTransport creates and adds a Transport that connects to the specified ODoH server. `endpoint` is the entry / proxy for the ODoH server, `resolver` is the URL of the target ODoH server.
func AddProxyDNS ¶
AddProxyDNS creates and adds a DNS53 transport as defined in Proxy's configuration.
func LogLevel ¶
func LogLevel(level int)
Change log level to log.VERBOSE, log.DEBUG, log.INFO, log.WARN, log.ERROR.
func NewICMPHandler ¶
func NewTCPHandler ¶
func NewTCPHandler(resolver dnsx.Resolver, prox ipn.Proxies, tunMode *settings.TunMode, ctl protect.Controller, listener SocketListener) netstack.GTCPConnHandler
NewTCPHandler returns a TCP forwarder with Intra-style behavior. Connections to `fakedns` are redirected to DOH. All other traffic is forwarded using `dialer`. `listener` is provided with a summary of each socket when it is closed.
func NewUDPHandler ¶
func NewUDPHandler(resolver dnsx.Resolver, prox ipn.Proxies, tunMode *settings.TunMode, ctl protect.Controller, listener SocketListener) netstack.GUDPConnHandler
NewUDPHandler makes a UDP handler with Intra-style DNS redirection: All packets are routed directly to their destination. `timeout` controls the effective NAT mapping lifetime. `config` is used to bind new external UDP ports. `listener` receives a summary about each UDP binding when it expires.
func SetSystemDNS ¶
SetSystemDNS creates and adds a DNS53 transport of the specified IP addresses.
Types ¶
type Bridge ¶
type Bridge interface {
Listener
x.Controller
}
type DefaultDNS ¶
type DefaultDNS interface {
x.DNSTransport
// contains filtered or unexported methods
}
DefaultDNS is the resolver used by all dialers.
func NewDefaultDNS ¶
func NewDefaultDNS(typ, url, ips string) (DefaultDNS, error)
NewDefaultDNS creates a new DefaultDNS resolver of type typ. For typ DOH, url scheme is http or https; for typ DNS53, url is ipport or csv(ipport). ips is a csv of ipports for typ DOH, and nil for typ DNS53.
type Listener ¶
type Listener interface {
SocketListener
x.DNSListener
rnet.ServerListener
x.ProxyListener
}
Listener receives usage statistics when a UDP or TCP socket is closed, or a DNS query is completed.
type SocketListener ¶
type SocketListener interface {
// Flow is called on a new connection; return "proxyid,connid" to forward the connection
// to a pre-registered proxy; "Base" to allow the connection; "Block" to block the connection.
// "connid" is used to uniquely identify a connection across all proxies, and a summary of the
// connection is sent back to a pre-registered listener.
// protocol is 6 for TCP, 17 for UDP, 1 for ICMP.
// uid is -1 in case owner-uid of the connection couldn't be determined.
// dup is true if there's another active connection to dst or origdsts.
// src and dst are string'd representation of net.TCPAddr and net.UDPAddr.
// origdsts is a comma-separated list of original source IPs, this may be same as dst.
// domains is a comma-separated list of domain names associated with origsrcs, if any.
// probableDomains is a comma-separated list of probable domain names associated with origsrcs, if any.
// blocklists is a comma-separated list of blocklist names, if any.
Flow(protocol int32, uid int, dup bool, src, dst, origdsts, domains, probableDomains, blocklists string) *Mark
// OnSocketClosed reports summary after a socket closes.
OnSocketClosed(*SocketSummary)
}
type SocketSummary ¶
type SocketSummary struct {
Proto string // tcp, udp, icmp, etc.
ID string // Unique ID for this socket.
PID string // Proxy ID that handled this socket.
UID string // UID of the app that owns this socket (sans ICMP).
Target string // Remote IP, if dialed in.
Rx int64 // Total bytes downloaded (sans ICMP).
Tx int64 // Total bytes uploaded (sans ICMP).
Duration int32 // Duration in seconds.
Rtt int32 // Round-trip time (ms); (sans ICMP).
Msg string // Err or other messages, if any.
Dup bool // True if another active connection to Target exists.
// contains filtered or unexported fields
}
SocketSummary reports information about each TCP socket or a non-DNS UDP association, or ICMP echo when it is closed.
type Tunnel ¶
type Tunnel interface {
tunnel.Tunnel
// Get the resolver.
GetResolver() (x.DNSResolver, error)
// Get proxies.
GetProxies() (x.Proxies, error)
// Sets new default routes for the given engine, where engine is
// one of the constants (Ns4, Ns6, Ns46) defined in package settings.
SetRoute(engine int) error
// Sets pcap output to fpcap which is the absolute filepath
// to which a PCAP file will be written to.
// If len(fpcap) is 0, no PCAP file will be written.
// If len(fpcap) is 1, PCAP be written to stdout.
// Must be called on a background thread.
SetPcap(fpcap string) error
// Set DNSMode, BlockMode, PtMode.
SetTunMode(dnsmode, blockmode, ptmode int)
// contains filtered or unexported methods
}
Tunnel represents an Intra session.
func Connect ¶
Connect creates firestack-administered tunnel. `fd` is the TUN device. The IntraTunnel acquires an additional reference to it, which
is released by Disconnect(), so the caller must close `fd` _and_ call Disconnect() in order to close the TUN device.
`mtu` is the MTU of the TUN device. `fakedns` are the DNS servers that the system believes it is using, in "host:port" style. `bdg` is a kotlin object that implements the Bridge interface. `dtr` is a kotlin object that implements the DefaultDNS interface. Throws an exception if the TUN file descriptor cannot be opened, or if the tunnel fails to connect.
Source Files
¶
Directories
¶
| Path | Synopsis |
|---|---|
|
Adopted from: github.com/google/gvisor/blob/f33d034/pkg/tcpip/link/fdbased/packet_dispatchers.go
|
Adopted from: github.com/google/gvisor/blob/f33d034/pkg/tcpip/link/fdbased/packet_dispatchers.go |
|
adopted from: github.com/DNSCrypt/dnscrypt-proxy/blob/df3fb0c9/dnscrypt-proxy/plugin_dns64.go
|
adopted from: github.com/DNSCrypt/dnscrypt-proxy/blob/df3fb0c9/dnscrypt-proxy/plugin_dns64.go |