From 58d840815777261ed65330f63e6f543bdab162d5 Mon Sep 17 00:00:00 2001 From: anlicheng <244108715@qq.com> Date: Tue, 10 Mar 2026 21:41:00 +0800 Subject: [PATCH] fix --- Tun/Punchnet/Actors/SDLContextActor.swift | 9 +- Tun/Punchnet/NetworkStack/IPPacket.swift | 118 +++++++++++----------- 2 files changed, 65 insertions(+), 62 deletions(-) diff --git a/Tun/Punchnet/Actors/SDLContextActor.swift b/Tun/Punchnet/Actors/SDLContextActor.swift index 0fa7ffe..d859317 100644 --- a/Tun/Punchnet/Actors/SDLContextActor.swift +++ b/Tun/Punchnet/Actors/SDLContextActor.swift @@ -548,7 +548,7 @@ actor SDLContextActor { let identitySnapshot = self.snapshotPublisher.current() let ruleMap = identitySnapshot.lookup(data.identityID) - if self.checkPolicy(ipPacket: ipPacket, ruleMap: ruleMap) { + if true || self.checkPolicy(ipPacket: ipPacket, ruleMap: ruleMap) { let packet = NEPacket(data: ipPacket.data, protocolFamily: 2) self.provider.packetFlow.writePacketObjects([packet]) SDLLogger.shared.log("[SDLContext] identity: \(data.identityID), allow", level: .debug) @@ -647,10 +647,13 @@ actor SDLContextActor { // 外部出去的数据,需要建立FlowSession // 外部数据进来的时候需要查找 + SDLLogger.shared.log("[SDLContext] flow_session: started", level: .debug) if let flowSession = packet.flowSession() { - self.flowSessionManager.updateSession(flowSession) + //self.flowSessionManager.updateSession(flowSession) + SDLLogger.shared.log("[SDLContext] flow_session: \(flowSession)", level: .debug) } - + SDLLogger.shared.log("[SDLContext] flow_session: end", level: .debug) + // 查找arp缓存中是否有目标mac地址 if let dstMac = self.arpServer.query(ip: dstIp) { await self.routeLayerPacket(dstMac: dstMac, type: .ipv4, data: packet.data) diff --git a/Tun/Punchnet/NetworkStack/IPPacket.swift b/Tun/Punchnet/NetworkStack/IPPacket.swift index 20cc63d..3f5e8d1 100644 --- a/Tun/Punchnet/NetworkStack/IPPacket.swift +++ b/Tun/Punchnet/NetworkStack/IPPacket.swift @@ -43,6 +43,7 @@ struct IPHeader { struct IPPacket { let header: IPHeader let data: Data + let transportPacket: TransportPacket? enum TransportPacket { case tcp(TCPPacket) @@ -52,38 +53,6 @@ struct IPPacket { case malformed } - var transportPacket: TransportPacket { - guard let proto = TransportProtocol(rawValue: header.proto) else { - return .unsupported(header.proto) - } - - switch proto { - case .tcp: - guard let tcp = TCPPacket(payload) else { - return .malformed - } - return .tcp(tcp) - - case .udp: - guard let udp = UDPPacket(payload) else { - return .malformed - } - return .udp(udp) - - case .icmp: - guard let icmp = ICMPPacket(payload) else { - return .malformed - } - return .icmp(icmp) - } - } - - var payload: Data.SubSequence { - let offset = Int(header.headerLength) - - return data[offset..= 20 else { return nil @@ -111,7 +80,39 @@ struct IPPacket { ) self.data = data + + let offset = Int(headerLen) + self.transportPacket = Self.parseTransportPacket(proto: data[9], offset: offset, data: data) + + SDLLogger.shared.log("[SDLContext] ipPacket proto \(data[9]), offset: \(offset), ip_data: \(data), data: \(self.transportPacket)", level: .debug) } + + private static func parseTransportPacket(proto: UInt8, offset: Int, data: Data) -> TransportPacket? { + guard let proto = TransportProtocol(rawValue: proto) else { + return .unsupported(proto) + } + + switch proto { + case .tcp: + guard let tcp = TCPPacket(data, offset: offset) else { + return .malformed + } + return .tcp(tcp) + + case .udp: + guard let udp = UDPPacket(data, offset: offset) else { + return .malformed + } + return .udp(udp) + + case .icmp: + guard let icmp = ICMPPacket(data, offset: offset) else { + return .malformed + } + return .icmp(icmp) + } + } + } // MARK: - TCP Flags @@ -156,25 +157,25 @@ struct TCPPacket { let header: TCPHeader let payload: Data - init?(_ data: Data) { - guard data.count >= 20 else { + init?(_ data: Data, offset: Int) { + guard data.count >= offset + 20 else { return nil } - let srcPort = UInt16(bytes: (data[0], data[1])) - let dstPort = UInt16(bytes: (data[2], data[3])) + let srcPort = UInt16(bytes: (data[offset], data[offset + 1])) + let dstPort = UInt16(bytes: (data[offset + 2], data[offset + 3])) - let seq = UInt32(bytes: (data[4], data[5], data[6], data[7])) - let ack = UInt32(bytes: (data[8], data[9], data[10], data[11])) + let seq = UInt32(bytes: (data[offset + 4], data[offset + 5], data[offset + 6], data[offset + 7])) + let ack = UInt32(bytes: (data[offset + 8], data[offset + 9], data[offset + 10], data[offset + 11])) - let offsetAndFlags = UInt16(bytes: (data[12], data[13])) + let offsetAndFlags = UInt16(bytes: (data[offset + 12], data[offset + 13])) let dataOffset = UInt8(offsetAndFlags >> 12) let flags = TCPFlags(rawValue: offsetAndFlags & 0x01FF) - let window = UInt16(bytes: (data[14], data[15])) - let checksum = UInt16(bytes: (data[16], data[17])) - let urgent = UInt16(bytes: (data[18], data[19])) + let window = UInt16(bytes: (data[offset + 14], data[offset + 15])) + let checksum = UInt16(bytes: (data[offset + 16], data[offset + 17])) + let urgent = UInt16(bytes: (data[offset + 18], data[offset + 19])) let header = TCPHeader( srcPort: srcPort, @@ -189,13 +190,12 @@ struct TCPPacket { ) let headerLen = header.headerLength - - guard data.count >= headerLen else { + guard data.count >= offset + headerLen else { return nil } self.header = header - self.payload = data[headerLen..= 8 else { + init?(_ data: Data, offset: Int) { + guard data.count >= offset + 8 else { return nil } - self.srcPort = UInt16(bytes: (data[0], data[1])) - self.dstPort = UInt16(bytes: (data[2], data[3])) - self.length = UInt16(bytes: (data[4], data[5])) - self.checksum = UInt16(bytes: (data[6], data[7])) + self.srcPort = UInt16(bytes: (data[offset], data[offset + 1])) + self.dstPort = UInt16(bytes: (data[offset + 2], data[offset + 3])) + self.length = UInt16(bytes: (data[offset + 4], data[offset + 5])) + self.checksum = UInt16(bytes: (data[offset + 6], data[offset + 7])) - self.payload = data[8..= 4 else { + init?(_ data: Data, offset: Int) { + guard data.count >= offset + 4 else { return nil } - self.type = data[0] - self.code = data[1] - self.checksum = UInt16(bytes: (data[2], data[3])) - self.payload = data[4..