fix

2026-03-10 21:41:00 +08:00 · 2026-03-10 21:41:00 +08:00 · 58d8408157
commit 58d8408157
parent 195724a222
2 changed files with 65 additions and 62 deletions
--- a/Tun/Punchnet/Actors/SDLContextActor.swift
+++ b/Tun/Punchnet/Actors/SDLContextActor.swift
@ -548,7 +548,7 @@ actor SDLContextActor {
            let identitySnapshot = self.snapshotPublisher.current()
            let ruleMap = identitySnapshot.lookup(data.identityID)
            
-            if self.checkPolicy(ipPacket: ipPacket, ruleMap: ruleMap) {
+            if true || self.checkPolicy(ipPacket: ipPacket, ruleMap: ruleMap) {
                let packet = NEPacket(data: ipPacket.data, protocolFamily: 2)
                self.provider.packetFlow.writePacketObjects([packet])
                SDLLogger.shared.log("[SDLContext] identity: \(data.identityID), allow", level: .debug)
@ -647,10 +647,13 @@ actor SDLContextActor {
        
        // 外部出去的数据，需要建立FlowSession
        // 外部数据进来的时候需要查找
+        SDLLogger.shared.log("[SDLContext] flow_session: started", level: .debug)
        if let flowSession = packet.flowSession() {
-            self.flowSessionManager.updateSession(flowSession)
+            //self.flowSessionManager.updateSession(flowSession)
+            SDLLogger.shared.log("[SDLContext] flow_session: \(flowSession)", level: .debug)
        }
-        
+        SDLLogger.shared.log("[SDLContext] flow_session: end", level: .debug)
+
        // 查找arp缓存中是否有目标mac地址
        if let dstMac = self.arpServer.query(ip: dstIp) {
            await self.routeLayerPacket(dstMac: dstMac, type: .ipv4, data: packet.data)
--- a/Tun/Punchnet/NetworkStack/IPPacket.swift
+++ b/Tun/Punchnet/NetworkStack/IPPacket.swift
@ -43,6 +43,7 @@ struct IPHeader {
 struct IPPacket {
    let header: IPHeader
    let data: Data
+    let transportPacket: TransportPacket?
    
    enum TransportPacket {
        case tcp(TCPPacket)
@ -52,38 +53,6 @@ struct IPPacket {
        case malformed
    }
    
-    var transportPacket: TransportPacket {
-        guard let proto = TransportProtocol(rawValue: header.proto) else {
-            return .unsupported(header.proto)
-        }
-        
-        switch proto {
-        case .tcp:
-            guard let tcp = TCPPacket(payload) else {
-                return .malformed
-            }
-            return .tcp(tcp)
-            
-        case .udp:
-            guard let udp = UDPPacket(payload) else {
-                return .malformed
-            }
-            return .udp(udp)
-            
-        case .icmp:
-            guard let icmp = ICMPPacket(payload) else {
-                return .malformed
-            }
-            return .icmp(icmp)
-        }
-    }
-    
-    var payload: Data.SubSequence {
-        let offset = Int(header.headerLength)
-        
-        return data[offset..<data.count]
-    }
-
    init?(_ data: Data) {
        guard data.count >= 20 else {
            return nil
@ -111,7 +80,39 @@ struct IPPacket {
        )

        self.data = data
+        
+        let offset = Int(headerLen)
+        self.transportPacket = Self.parseTransportPacket(proto: data[9], offset: offset, data: data)
+        
+        SDLLogger.shared.log("[SDLContext] ipPacket proto \(data[9]), offset: \(offset), ip_data: \(data), data: \(self.transportPacket)", level: .debug)
    }
+
+    private static func parseTransportPacket(proto: UInt8, offset: Int, data: Data) -> TransportPacket? {
+        guard let proto = TransportProtocol(rawValue: proto) else {
+            return .unsupported(proto)
+        }
+        
+        switch proto {
+        case .tcp:
+            guard let tcp = TCPPacket(data, offset: offset) else {
+                return .malformed
+            }
+            return .tcp(tcp)
+            
+        case .udp:
+            guard let udp = UDPPacket(data, offset: offset) else {
+                return .malformed
+            }
+            return .udp(udp)
+            
+        case .icmp:
+            guard let icmp = ICMPPacket(data, offset: offset) else {
+                return .malformed
+            }
+            return .icmp(icmp)
+        }
+    }
+    
 }

 // MARK: - TCP Flags
@ -156,25 +157,25 @@ struct TCPPacket {
    let header: TCPHeader
    let payload: Data

-    init?(_ data: Data) {
-        guard data.count >= 20 else {
+    init?(_ data: Data, offset: Int) {
+        guard data.count >= offset + 20 else {
            return nil
        }

-        let srcPort = UInt16(bytes: (data[0], data[1]))
-        let dstPort = UInt16(bytes: (data[2], data[3]))
+        let srcPort = UInt16(bytes: (data[offset], data[offset + 1]))
+        let dstPort = UInt16(bytes: (data[offset + 2], data[offset + 3]))

-        let seq = UInt32(bytes: (data[4], data[5], data[6], data[7]))
-        let ack = UInt32(bytes: (data[8], data[9], data[10], data[11]))
+        let seq = UInt32(bytes: (data[offset + 4], data[offset + 5], data[offset + 6], data[offset + 7]))
+        let ack = UInt32(bytes: (data[offset + 8], data[offset + 9], data[offset + 10], data[offset + 11]))

-        let offsetAndFlags = UInt16(bytes: (data[12], data[13]))
+        let offsetAndFlags = UInt16(bytes: (data[offset + 12], data[offset + 13]))

        let dataOffset = UInt8(offsetAndFlags >> 12)
        let flags = TCPFlags(rawValue: offsetAndFlags & 0x01FF)

-        let window = UInt16(bytes: (data[14], data[15]))
-        let checksum = UInt16(bytes: (data[16], data[17]))
-        let urgent = UInt16(bytes: (data[18], data[19]))
+        let window = UInt16(bytes: (data[offset + 14], data[offset + 15]))
+        let checksum = UInt16(bytes: (data[offset + 16], data[offset + 17]))
+        let urgent = UInt16(bytes: (data[offset + 18], data[offset + 19]))

        let header = TCPHeader(
            srcPort: srcPort,
@ -189,13 +190,12 @@ struct TCPPacket {
        )

        let headerLen = header.headerLength
-
-        guard data.count >= headerLen else {
+        guard data.count >= offset + headerLen else {
            return nil
        }

        self.header = header
-        self.payload = data[headerLen..<data.count]
+        self.payload = data[offset + headerLen..<data.count]
    }
 }

@ -208,18 +208,17 @@ struct UDPPacket {
    let checksum: UInt16
    let payload: Data

-    init?(_ data: Data) {
-
-        guard data.count >= 8 else {
+    init?(_ data: Data, offset: Int) {
+        guard data.count >= offset + 8 else {
            return nil
        }

-        self.srcPort = UInt16(bytes: (data[0], data[1]))
-        self.dstPort = UInt16(bytes: (data[2], data[3]))
-        self.length  = UInt16(bytes: (data[4], data[5]))
-        self.checksum = UInt16(bytes: (data[6], data[7]))
+        self.srcPort = UInt16(bytes: (data[offset], data[offset + 1]))
+        self.dstPort = UInt16(bytes: (data[offset + 2], data[offset + 3]))
+        self.length  = UInt16(bytes: (data[offset + 4], data[offset + 5]))
+        self.checksum = UInt16(bytes: (data[offset + 6], data[offset + 7]))

-        self.payload = data[8..<data.count]
+        self.payload = data[offset + 8..<data.count]
    }
 }

@ -231,14 +230,15 @@ struct ICMPPacket {
    let checksum: UInt16
    let payload: Data

-    init?(_ data: Data) {
-        guard data.count >= 4 else {
+    init?(_ data: Data, offset: Int) {
+        guard data.count >= offset + 4 else {
            return nil
        }

-        self.type = data[0]
-        self.code = data[1]
-        self.checksum = UInt16(bytes: (data[2], data[3]))
-        self.payload = data[4..<data.count]
+        self.type = data[offset]
+        self.code = data[offset + 1]
+        self.checksum = UInt16(bytes: (data[offset + 2], data[offset + 3]))
+        self.payload = data[offset + 4..<data.count]
    }
+    
 }