Improve README and do not panic when reading from proxy fails

4 years ago · 41c22fa4d4
2 changed files with 29 additions and 12 deletions
--- a/README.md
+++ b/README.md
@ -11,26 +11,31 @@ cargo build --release

 ## Setup
 A standard setup, which would route all traffic from your system through the tunnel interface, could look as follows:
-```
-# Create a tunnel interface named tun0 which your user can bind to.
+```shell
+# Define the proxy endpoint.
+PROXY_IP=1.2.3.4
+PROXY_PORT=1080
+
+# Create a tunnel interface named tun0 which your user can bind to, so we don't need to run tun2proxy as root.
 sudo ip tuntap add name tun0 mode tun user $USER
 sudo ip link set tun0 up

-# To prevent a loop, replace 1.2.3.4 with the IP address of the proxy server.
-# This will add a route to the proxy server that behaves like the default route.
-sudo ip route add 1.2.3.4 $(ip route | grep '^default' | cut -d' ' -f2-)
+# To prevent a routing loop, we add a route to the proxy server that behaves like the default route.
+sudo ip route add "$PROXY_IP" $(ip route | grep '^default' | cut -d ' ' -f 2-)

 # Route all your traffic through tun0 without interfering with the default route.
 sudo ip route add 128.0.0.0/1 dev tun0
 sudo ip route add 0.0.0.0/1 dev tun0

-# Again, replace 1.2.3.4 with the IP address of the proxy server.
-./target/release/tun2proxy --tun tun0 --socks5 1.2.3.4
+./target/release/tun2proxy --tun tun0 --socks5 "$PROXY_IP:$PROXY_PORT"
 ```

 Note that if you paste these commands into a shell script, which you then run with `sudo`, you might want to replace
 `$USER` with `$SUDO_USER`.

+For DNS to work, you might need an additional tool like [dnsproxy](https://github.com/AdguardTeam/dnsproxy) that is
+configured to listen on a local UDP port and communicates with the upstream DNS server via TCP.
+
 ## CLI
 ```
 tun2proxy 0.1.0
@ -47,4 +52,9 @@ OPTIONS:
    -h, --http <IP:PORT>      HTTP server to use
    -s, --socks5 <IP:PORT>    SOCKS5 server to use
    -t, --tun <TUN>           Name of the tun interface
-```
+```
+
+## TODO
+- Authentication for SOCKS (plain) and HTTP (base64)
+- UDP support for SOCKS
+- Virtual DNS
--- a/src/tun2proxy.rs
+++ b/src/tun2proxy.rs
@ -379,11 +379,12 @@ impl<'a> TunToProxy<'a> {
                // Therefore, we now expect it to write data to the server.
                self.write_to_server(&connection);
            } else if connection.proto == smoltcp::wire::IpProtocol::Udp.into() {
-                /* // UDP is not yet supported.
-                if payload_offset > frame.len() || payload_offset + payload_offset > frame.len() {
+                // UDP is not yet supported
+                /*if _payload_offset > frame.len() || _payload_offset + _payload_offset > frame.len() {
                    return;
                }
-                let payload = &frame[payload_offset..payload_offset+payload_size]; */
+                let payload = &frame[_payload_offset.._payload_offset + _payload_size];
+                self.virtual_dns.add_query(payload);*/
            }
        }
    }
@ -445,7 +446,13 @@ impl<'a> TunToProxy<'a> {
                let state = self.connections.get_mut(&connection).unwrap();

                let mut buf = [0u8; 4096];
-                let read = state.mio_stream.read(&mut buf).unwrap();
+                let read_result = state.mio_stream.read(&mut buf);
+                let read = if read_result.is_err() {
+                    error!("READ from proxy: {}", read_result.as_ref().err().unwrap());
+                    0
+                } else {
+                    read_result.unwrap()
+                };

                if read == 0 {
                    {