From 550f2d2f5f9b5d454a9798e2d8b50a0fb821c7ad Mon Sep 17 00:00:00 2001 From: ruti <> Date: Fri, 9 Aug 2024 22:49:44 +0300 Subject: [PATCH] drop-sack --- desync.c | 53 +++++++++++++++++++++++++++++++++++++++++++++++++++-- desync.h | 2 ++ extend.c | 4 ++++ main.c | 8 ++++++++ params.h | 1 + 5 files changed, 66 insertions(+), 2 deletions(-) diff --git a/desync.c b/desync.c index b46f137..d305d86 100644 --- a/desync.c +++ b/desync.c @@ -14,9 +14,10 @@ #ifndef __linux__ #include - #else - #include + #else #include + #include + #include #include #define memfd_create(name, flags) syscall(__NR_memfd_create, name, flags) @@ -67,6 +68,32 @@ int setttl(int fd, int ttl, int family) { return 0; } +#ifdef __linux__ +int drop_sack(int fd) +{ + struct sock_filter code[] = { + { 0x30, 0, 0, 0x0000000c }, + { 0x74, 0, 0, 0x00000004 }, + { 0x35, 0, 3, 0x0000000b }, + { 0x30, 0, 0, 0x00000022 }, + { 0x15, 0, 1, 0x00000005 }, + { 0x6, 0, 0, 0x00000000 }, + { 0x6, 0, 0, 0x00040000 }, + }; + struct sock_fprog bpf = { + .len = sizeof(code)/sizeof(*code), + .filter = code + }; + if (setsockopt(fd, SOL_SOCKET, + SO_ATTACH_FILTER, (char *)&bpf, sizeof(bpf)) == -1) { + uniperror("setsockopt SO_ATTACH_FILTER"); + return -1; + } + return 0; +} +#endif + + #ifndef _WIN32 static inline void delay(long ms) { @@ -471,6 +498,11 @@ ssize_t desync(int sfd, char *buffer, size_t bfsize, } } // desync + #ifdef __linux__ + if (dp.drop_sack && drop_sack(sfd)) { + return -1; + } + #endif long lp = offset; for (int i = 0; i < dp.parts_n; i++) { @@ -565,6 +597,23 @@ ssize_t desync(int sfd, char *buffer, size_t bfsize, } +int post_desync(int sfd, int dp_c) +{ + struct desync_params *dp = ¶ms.dp[dp_c]; + + #ifdef __linux__ + if (dp->drop_sack) { + if (setsockopt(sfd, SOL_SOCKET, + SO_DETACH_FILTER, &dp_c, sizeof(dp_c)) == -1) { + uniperror("setsockopt SO_DETACH_FILTER"); + return -1; + } + } + #endif + return 0; +} + + ssize_t desync_udp(int sfd, char *buffer, size_t bfsize, ssize_t n, struct sockaddr *dst, int dp_c) { diff --git a/desync.h b/desync.h index a915179..cb0d038 100644 --- a/desync.h +++ b/desync.h @@ -18,4 +18,6 @@ int get_family(struct sockaddr *dst); int setttl(int fd, int ttl, int family); +int post_desync(int sfd, int dp_c); + #endif diff --git a/extend.c b/extend.c index 5b71e27..da40589 100644 --- a/extend.c +++ b/extend.c @@ -285,6 +285,10 @@ int on_tunnel_check(struct poolhd *pool, struct eval *val, } int m = pair->attempt; + if (post_desync(val->fd, m)) { + return -1; + } + if (!pair->cache) { return 0; } diff --git a/main.c b/main.c index cb2684b..8a26e3f 100644 --- a/main.c +++ b/main.c @@ -106,6 +106,9 @@ const char help_text[] = { " -M, --mod-http Modify HTTP: hcsmix,dcsmix,rmspace\n" " -r, --tlsrec Make TLS record at position\n" " -a, --udp-fake UDP fakes count, default 0\n" + #ifdef __linux__ + " -Y, --drop-sack Drop packets with SACK extension\n" + #endif }; @@ -156,6 +159,7 @@ const struct option options[] = { {"delay", 1, 0, 'w'}, // {"not-wait-send", 0, 0, 'W'}, // #ifdef __linux__ + {"drop-sack", 0, 0, 'Y'}, {"protect-path", 1, 0, 'P'}, // #endif {0} @@ -802,6 +806,10 @@ int main(int argc, char **argv) } break; + case 'Y': + dp->drop_sack = 1; + break; + case 'w': // params.sfdelay = strtol(optarg, &end, 0); if (params.sfdelay < 0 || optarg == end diff --git a/params.h b/params.h index caa9057..173ae1f 100644 --- a/params.h +++ b/params.h @@ -67,6 +67,7 @@ struct desync_params { struct packet fake_data; int udp_fake_count; int fake_offset; + char drop_sack; int parts_n; struct part *parts;