From c21133a1af0fe8846c7f216245d970199538799d Mon Sep 17 00:00:00 2001 From: octeep Date: Fri, 11 Mar 2022 10:10:42 +0000 Subject: [PATCH] integrate socks5 proxy --- go.mod | 1 + go.sum | 3 ++ main.go | 109 +++++++++++++++++++++++++++++++++++++++----------------- 3 files changed, 81 insertions(+), 32 deletions(-) diff --git a/go.mod b/go.mod index d7a44a8..1bfa3d5 100644 --- a/go.mod +++ b/go.mod @@ -3,6 +3,7 @@ module github.com/octeep/wireproxy go 1.17 require ( + github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 golang.org/x/net v0.0.0-20220225172249-27dd8689420f golang.zx2c4.com/go118/netip v0.0.0-20211111135330-a4a02eeacf9d golang.zx2c4.com/wireguard v0.0.0-20220202223031-3b95c81cc178 diff --git a/go.sum b/go.sum index ee746e0..6217068 100644 --- a/go.sum +++ b/go.sum @@ -78,6 +78,8 @@ github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRF github.com/alexflint/go-filemutex v0.0.0-20171022225611-72bdc8eae2ae/go.mod h1:CgnQgUtFrFz9mxFNtED3jI5tLDjKlOM+oUF/sTk6ps0= github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= +github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= +github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= github.com/aws/aws-sdk-go v1.15.11/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZoCYDt7FT0= github.com/bazelbuild/rules_go v0.27.0/go.mod h1:MC23Dc/wkXEyk3Wpq6lCqz0ZAYOZDw2DR5y3N1q2i7M= @@ -733,6 +735,7 @@ golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211103235746-7861aae1554b/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211110154304-99a53858aa08/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e h1:fLOSk5Q00efkSvAm+4xcoXD+RRmLmmulPn5I3Y9F2EM= golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220227234510-4e6760a101f9 h1:nhht2DYV/Sn3qOayu8lM+cU1ii9sTLUeBQwQQfUHtrs= golang.org/x/sys v0.0.0-20220227234510-4e6760a101f9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= diff --git a/main.go b/main.go index 42ffae8..68ae1e5 100644 --- a/main.go +++ b/main.go @@ -6,14 +6,14 @@ import ( "encoding/hex" "errors" "fmt" - "io" "log" "net" - "net/http" "os" "strings" "strconv" + "github.com/armon/go-socks5" + "golang.zx2c4.com/go118/netip" "golang.zx2c4.com/wireguard/conn" "golang.zx2c4.com/wireguard/device" @@ -90,6 +90,7 @@ func readConfig(path string) (Configuration, error) { return nil, err } + sections = append(sections, section) return sections, nil } @@ -185,52 +186,96 @@ allowed_ip=0.0.0.0/0`, selfSK, peerPK, endpoint, keepAlive, preSharedKey) return request, dns, nil } +func socks5Routine(config map[string]string) (*netip.Addr, func(*netstack.Net), error) { + vpnAddr, err := netip.ParseAddr(config["vpnaddress"]) + if err != nil { + return nil, nil, err + } + + bindAddr, ok := config["bindaddress"] + if !ok { + return nil, nil, errors.New("missing bind address") + } + + routine := func(tnet *netstack.Net) { + conf := &socks5.Config{ Dial: tnet.DialContext } + server, err := socks5.New(conf) + if err != nil { + log.Panic(err) + } + + if err := server.ListenAndServe("tcp", bindAddr); err != nil { + log.Panic(err) + } + } + + return &vpnAddr, routine, nil +} + +func startWireguard(request string, boundAddrs, dns []netip.Addr) (*netstack.Net, error) { + tun, tnet, err := netstack.CreateNetTUN(boundAddrs, dns, 1420) + if err != nil { + return nil, err + } + dev := device.NewDevice(tun, conn.NewDefaultBind(), device.NewLogger(device.LogLevelVerbose, "")) + dev.IpcSet(request) + err = dev.Up() + if err != nil { + return nil, err + } + + return tnet, nil +} + func main() { - fmt.Println("hi") conf, err := readConfig("/home/octeep/.config/wireproxy") if err != nil { log.Panic(err) } - for _, section := range conf { - fmt.Println(section.name) - } - request, dns, err := createIPCRequest(conf) if err != nil { log.Panic(err) } - fmt.Println(request) - test(request, dns) -} + routines := [](func(*netstack.Net)){} + boundAddrs := []netip.Addr{} -func test(request string, dns []netip.Addr) { - tun, tnet, err := netstack.CreateNetTUN( - []netip.Addr{netip.MustParseAddr("172.16.31.2")}, - dns, 1420) - if err != nil { - log.Panic(err) + var addr *netip.Addr + var routine func(*netstack.Net) + + confloop: for _, section := range conf { + switch section.name { + case "[socks5]": + addr, routine, err = socks5Routine(section.entries) + case "[tcpclienttunnel]": + log.Panic(errors.New("not supported yet")) + case "[tcpservertunnel]": + log.Panic(errors.New("not supported yet")) + case "ROOT": + continue + default: + log.Panic(errors.New(fmt.Sprintf("unsupported proxy: %s", section.name))) + } + if err != nil { + log.Panic(err) + } + routines = append(routines, routine) + + for _, addr2 := range boundAddrs { + if addr2.Compare(*addr) == 0 { + continue confloop + } + } + boundAddrs = append(boundAddrs, *addr) } - dev := device.NewDevice(tun, conn.NewDefaultBind(), device.NewLogger(device.LogLevelVerbose, "")) - dev.IpcSet(request) - err = dev.Up() + + tnet, err := startWireguard(request, boundAddrs, dns) if err != nil { log.Panic(err) } - client := http.Client{ - Transport: &http.Transport{ - DialContext: tnet.DialContext, - }, + for _, netRoutine := range routines { + netRoutine(tnet) } - resp, err := client.Get("https://www.zx2c4.com/ip") - if err != nil { - log.Panic(err) - } - body, err := io.ReadAll(resp.Body) - if err != nil { - log.Panic(err) - } - log.Println(string(body)) }