mirrors/redsocks
0
0
Fork 0
mirror of https://github.com/darkk/redsocks.git synced 2025-08-28 12:45:30 +00:00
Code
175 Commits 1 Branch 5 Tags 2.1 MiB
48dd5557c0
Commit Graph

175 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Leonid Evdokimov
48dd5557c0 Mention `nogroup' name difference between RedHat-like and Debian-like distributions. 
See also #60
 2016-03-21 11:10:11 +03:00
Leonid Evdokimov
afd298f6ce Replace wm_read/wm_write manipulations with call to bufferevent_setwatermark 
bufferevent_setwatermark() has some meaningful code to run on
high-watermark changes, avoiding this code may lead to stuck
connections.
 2016-03-18 11:23:58 +03:00
Leonid Evdokimov
d2165a4ff0 Replace libevent macroses with functions 2016-03-18 00:41:04 +03:00
Leonid Evdokimov
d70227eb10 Use proper buffer size in assertion 2016-03-17 19:08:49 +03:00
Leonid Evdokimov
91a5b80a31 Add quick-n-dirty debugging code to estimate memory usage. 
Debugging code is not compiled by default, don't use it unless you're
just trying to measure something :)
 2016-03-17 19:03:12 +03:00
Leonid Evdokimov
ad06706af7 Log network errors better, use errno if SO_ERROR is clear 
Some errors are not stored in SO_ERROR. Moreover, libevent uses SO_ERROR
itself and SO_ERROR is cleared after reading. Probably, using SO_ERROR
is not a good idea at all, but I have no proper test-case checking if
it's safe to remove SO_ERROR code.
 2016-03-17 18:57:49 +03:00
Leonid Evdokimov
8a703e4a27 Write more information about unclean builds 2016-03-17 18:56:57 +03:00
Leonid Evdokimov
62cb189c1b Emit better errors from config file parser 2016-03-17 18:48:37 +03:00
Leonid Evdokimov
4e222f3f27 Avoid EBADF warnings from epoll using bufferevent_free more accurately 2016-03-17 18:48:33 +03:00
Leonid Evdokimov
5c716327b2 Write message priority to the log file/stderr 2016-03-17 18:05:01 +03:00
Leonid Evdokimov
64afce95a1 Add libevent version to redsocks -v output 2016-03-17 17:07:42 +03:00
Leonid Evdokimov
681452324a Add options to specify TCP_KEEPIDLE, TCP_KEEPCNT and TCP_KEEPINTVL 2016-03-09 01:12:38 +03:00
Leonid Evdokimov
83703f0de4 Log back-pressure events with LOG_DEBUG severity to ease debugging 2016-03-09 01:12:38 +03:00
Leonid Evdokimov
ef46553e27 Fix hung connection when client sends EOF before relay even replies 
EOF is forwarded only when the bi-directional connection is established.

Thanks to semigodking for describing the test-case in #26

Moreover, linux kernel may reply SYN-ACK with RST if the now-connecting
socket is brought down with shutdown(fd, SHUT_WR):

connect(26, {sa_family=AF_INET, sin_port=htons(8080), sin_addr=inet_addr("11.22.33.44")}, 16) = -1 EINPROGRESS (Operation now in progress)
IP 192.168.10.254.42578 > 11.22.33.44.8080: Flags [S], seq 813066190, win 27200, options [...], length 0
epoll_ctl(3, EPOLL_CTL_ADD, 26, {EPOLLOUT, {u32=26, u64=26}}) = 0
epoll_wait(3, {{EPOLLIN, {u32=25, u64=25}}}, 32, -1) = 1
clock_gettime(CLOCK_MONOTONIC, {728135, 720450764}) = 0
gettimeofday({1457464453, 327070}, NULL) = 0
ioctl(25, FIONREAD, [0]) = 0
readv(25, [{"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 4096}], 1) = 0
epoll_ctl(3, EPOLL_CTL_DEL, 25, {EPOLLIN, {u32=25, u64=25}}) = 0
shutdown(25, SHUT_RD) = 0
shutdown(26, SHUT_WR) = 0
epoll_ctl(3, EPOLL_CTL_DEL, 26, {EPOLLOUT, {u32=26, u64=26}}) = 0
IP 11.22.33.44.8080 > 192.168.10.254.42578: Flags [S.], seq 481785732, ack 813066191, win 65535, options [...], length 0
IP 192.168.10.254.42578 > 11.22.33.44.8080: Flags [R], seq 813066191, win 0, length 0
epoll_wait(3, ...
 2016-03-09 01:12:38 +03:00
Leonid Evdokimov
14ff78dfe7 Replace inconsistent rand()/random() with call to libevent2 rng 2016-03-09 01:12:38 +03:00
Leonid Evdokimov
24a5384e29 Emit better errors from config file parser 2016-03-09 01:12:38 +03:00
Leonid Evdokimov
b322e4a8dd Fix crash in config file parser caused by unknown option key 2016-03-09 01:12:36 +03:00
Leonid Evdokimov
23fb178f04 logging: do not crash in SIGUSR1 handler in partly-initialized case 2016-03-07 22:16:51 +03:00
Leonid Evdokimov
e8fd5422e5 logging: respect log_debug for non-syslog `log', SIGUSR1 writes LOG_NOTICE 
log_debug and log_info should not waste CPU and disk space while logging
to file and stderr, but SIGUSR1 dump is explicit request, so it's always
logged.
 2016-03-07 21:39:23 +03:00
Leonid Evdokimov
2118c616b4 Merge pull request #52 from przemoc/switch-from-gnu99-to-c99 
Switch from gnu99 to c99.
 2015-09-07 16:03:08 +03:00
Przemyslaw Pawelczyk
a7d1fb09a0 Switch from gnu99 to C99 and provide proper feature macros. 
Use _XOPEN_SOURCE=600 to make system headers expose Single UNIX
Specification v3 (SUSv3) definitions, i.e. POSIX.1-2001 base
specification plus the X/Open System Interface (XSI) extension.
POSIX.1-2001 is aligned with C99, so that all of the library
functions standardized in C99 are also standardized in POSIX.1-2001.

Use _BSD_SOURCE together with _DEFAULT_SOURCE to compile without
warnings in glibc <= 2.19 and glibc >= 2.20 (_BSD_SOURCE is deprecated
since glibc 2.20 and it has same effect as defining _DEFAULT_SOURCE
but generates a compile-time warning if used alone). This is required
for availability of non-POSIX functions, like inet_aton() or timercmp(),
that are present on most BSD derivatives.

Note: _DEFAULT_SOURCE, which was introduced in glibc 2.19, will actually
bump _POSIX_C_SOURCE from 200112L to 200809L, but it brings no harm.
 2014-07-05 01:28:44 +02:00
Przemyslaw Pawelczyk
19f0fb225a Use __typeof instead of typeof. 
__typeof adheres to ISO C standard as it is reserved identifier [1],
so it is collision-free and works in non-GNU mode as long as compiler
supports it.

[1] C99: "All identifiers that begin with an underscore and either an
uppercase letter or another underscore are always reserved for any use."
 2014-07-05 01:11:34 +02:00
Przemyslaw Pawelczyk
fce288f657 Rewrite container_of macro without using statement expression. 
Statement expression is GNU C extension, not present in ISO standard.
Type checking works now via implicit conversion performed for compound
literal (compound literals are available since C99). typeof is only used
on GNUC compilers like gcc or clang.
 2014-07-05 00:31:04 +02:00
Leonid Evdokimov
2e3f648809 Merge pull request #40 from tlvince/systemd-improv 
Replace 'su' cruft with systemd's 'User='
 2013-02-13 01:55:36 -08:00
Tom Vincent
b1cf7c473d Replace 'su' cruft with systemd's 'User=' 
See systemd.exec(5)
 2013-02-13 13:36:48 +08:00
Leonid Evdokimov
778340243e Add README from balabit.com - it's nice doc about TPROXY. 2012-12-04 20:59:13 +04:00
Leonid Evdokimov
0a491b0be8 Merge pull request #33 from kanzure/typofix 
typo fix in README (Andoird -> Android)
 2012-09-20 01:08:03 -07:00
Bryan Bishop
c7513aafc6 typo fix in README (Andoird -> Android) 2012-09-20 01:33:46 -05:00
Leonid Evdokimov
18e2b5ed1f Fix compilation on Ubuntu 10.04 LTS and (hopefully) Debian squeeze[1] 
fixes #28, fixes #22, fixes #24
[1] current "stable" release
 2012-09-12 02:05:39 +04:00
Leonid Evdokimov
9352d659ba conf.example: comments about UDP redirection 2012-09-10 22:36:01 +04:00
Leonid Evdokimov
d8d521c4b5 Merge pull request #29 from tlvince/systemd 
Add systemd service unit
 2012-09-10 01:44:15 -07:00
Leonid Evdokimov
d57e56f2fa README: links to packages 2012-09-10 12:18:04 +04:00
Tom Vincent
f9a3431265 Add systemd service unit 2012-09-09 21:03:29 +08:00
Leonid Evdokimov
070bd77c29 Script to auto-repack releases into better tarballs. fixes #27 2012-09-01 01:33:13 +04:00
Leonid Evdokimov
a9cfd09011 Merge pull request #21 from jmesmon/master 
Fix transposition of memset arguments.
 2012-04-24 02:49:53 -07:00
Cody Schafer
b60b492602 Fix transposition of memset parameters. 2012-04-24 04:33:13 -05:00
Leonid Evdokimov
709646d59d Initial support for UDP + TPROXY redirection. No more dest_ip in redudp. 
* TPROXY requires Linux 2.6.29+ (see man 7 ip[1]).
 * all redsocks code is running as root to bind to arbitrary port.
 * Non-Linux and old-Linux builds are broken at the moment.

[1] http://www.kernel.org/doc/man-pages/online/pages/man7/ip.7.html
 2012-04-13 02:06:02 +04:00
Leonid Evdokimov
6015b3a6f2 inet_ntop -> red_inet_ntop 2012-04-10 01:43:22 +04:00
Leonid Evdokimov
290f19972e Fix bug in DNS resolution - results were ignored (since 8179a1ff). 2012-04-10 00:57:26 +04:00
Leonid Evdokimov
e0b284d7e0 Version bump - v0.4 2012-03-26 00:04:34 +04:00
Leonid Evdokimov
4d2e10df17 Implement better exponential backoff in case of accept() failure. 
This commit implements two more features:
 * min_accept_backoff configuration option
 * retry accept() after some close() calls

See also https://github.com/darkk/redsocks/issues/19
 2012-03-25 23:58:40 +04:00
Leonid Evdokimov
dd089f09bd Proper accept_backoff event cleanup. 2012-03-25 23:14:27 +04:00
Leonid Evdokimov
d1d5b70b2b README: document socksifying router setup. 
Note: I don't know source of doc/iptables-packet-flow.png and
doc/iptables-packet-flow-ng.png files, their license is unknown.
As far as I remember, it's something CC-like and they're quite old:
-rw-r--r-- 1 darkk darkk  99799 2007-09-16 07:00 iptables-packet-flow.png
-rw-r--r-- 1 darkk darkk 287299 2009-10-09 10:42 iptables-packet-flow-ng.png
 2012-03-25 14:51:34 +04:00
Leonid Evdokimov
93073cec40 README: typo fixes. 2012-02-05 16:04:10 +04:00
Leonid Evdokimov
f0949e86e7 README: note about GID-based redirection 2012-02-05 16:01:29 +04:00
Leonid Evdokimov
52b936a56c README: add socksified firefox example. 2012-02-05 15:50:59 +04:00
Leonid Evdokimov
5ac05d5b77 Fix typo. Thanks to Apollon Oikonomopoulos. 2012-01-30 14:01:30 +04:00
Leonid Evdokimov
bc57cf8c1b Fix gen/version.c generation: clean git build was broken. 2012-01-28 00:09:24 +04:00
Leonid Evdokimov
128d730583 Implement exponential backoff in case of accept() failure. 
Busy-loop strikes the daemon without backoff and log flood fills disks.

See also https://github.com/darkk/redsocks/issues/19
 2012-01-28 00:00:09 +04:00
Leonid Evdokimov
6f8312b21f Refactor: replace struct event with tracked_event to track EVLIST_INSERTED state. 2012-01-28 00:00:09 +04:00