Refactor/mark #362
Refactor/mark #362
Conversation
We should allow overwriting the global mark by setting Only use global mark when |
|
yeah that's an option too, since we hardcode 0xff now. @VendettaReborn thoughts? |
yep, it should always have a value, so I think a default global value is fine. And the question is, what's the scope of routing-mark that user can customize? |
|
@ibigbug @VendettaReborn |
|
well isn't this mostly duplicating changes in #343 ? |
Yes i cherry pick one commit from #343. just for respect the proxy node specific mark and iface conf |
Itsusinn
force-pushed
the
refactor/mark
branch
2 times, most recently
from
a4bbbcb
to
fcd403d
Compare
Agree as well, i cannot think of any use case |
Itsusinn
force-pushed
the
refactor/mark
branch
2 times, most recently
from
85ac4df
to
a31ef35
Compare
Actually, i am thinking about re-using the shadowsocks-rust's infra: https://github.com/shadowsocks/shadowsocks-rust/blob/b37c6e4dfa13af7bc65b34606baa01e78927199e/crates/shadowsocks/src/net/option.rs#L47. They have done a great job in supporting the fwmark and bind_interface as well as other options across different platforms. |
|
and actually, we can also set fwmark on macos, see: https://github.com/WireGuard/wireguard-go/blob/12269c2761734b15625017d8565745096325392f/conn/mark_unix.go#L18 |
It seems they take fwmark and bind_interface options as an independent configuration (instead of add these options to every single proxy)? |
|
I think we could merge this pr as a workaround for now. |
any ideas about on how to test it? |
You mean unit test? |
I've went through the issue list of clash.meta, and one of the most frequently asked issue is about tun, and it even got routing loop in some conditions. So I think we'd better develop some ways to avoid similar problems. |
|
For example, when testing fwmark & bind feature, we shall create a list of packet to example.org, with unique cookies in each http request's header. And we shall count the number of occurrence. Whenever the occurrence is 2, we knows that there must be some routing problem. What do u think? cc @Itsusinn |
|
What about creating multiple tuns locally and listen on those tuns and
expect the packets sent from the client with different marks and binds?
…On Wed, Apr 17, 2024 at 01:18 V ***@***.***> wrote:
For example, when testing fwmark & bind feature, we shall create a list of
packet to example.org, with unique cookies in each http request's header.
And we shall count the number of occurrence. Whenever the occurrence is 2,
we knows that there must be some routing problem. What do u think? cc
@Itsusinn <https://github.com/Itsusinn>
—
Reply to this email directly, view it on GitHub
<#362 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAEEVLMG7LKHWQPJGKSFHLTY5U6NBAVCNFSM6AAAAABF6KPM56VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDANJZGM2DKNZXG4>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
|
But it seems that we cannot get the binded device of a interface? the libc doesn't provide this api |
|
You create a tun, and start a listener on the tun. From client you send packet and bind iface to that tun. And from the listener you expect receiving traffic. Would this not work? |
This pr actually dont cares about routing table. (auto-route do) It just make setting/getting mark/iface easier. But indeed looping is a vital problem. It highly depends how routing works. Anyway, i dont have any ideas about test. But i think this could be useful |
|
I think we can do the test for global proxy(tproxy/tun) by: |
|
@VendettaReborn Do you see what are the common causes of the routing loop? Wrongly configed routing table? Can we do some validations during start up. And apply runtime checks as you described above? |
|
these cases are just a sum up of clash.meta's issues when i read through them:
it' true that we shall prevent the routing loop as much as possible, even better with some proofs. But I still think some check may be helpful(maybe for debug?) and the |
|
Yeah I agree. I'll start working on the process rule soon. |
A global mark