From 6ae15dc28631808ff2c04e1d1a280a1eaf71cd2b Mon Sep 17 00:00:00 2001 From: anlicheng <244108715@qq.com> Date: Fri, 6 Mar 2026 14:21:00 +0800 Subject: [PATCH] fix --- Tun/Punchnet/Actors/SDLContextActor.swift | 17 +++++++++++++---- Tun/Punchnet/SDLMessage.swift | 4 ++++ punchnet/Views/Login/LoginView.swift | 2 +- 3 files changed, 18 insertions(+), 5 deletions(-) diff --git a/Tun/Punchnet/Actors/SDLContextActor.swift b/Tun/Punchnet/Actors/SDLContextActor.swift index 9bc63ae..8212c60 100644 --- a/Tun/Punchnet/Actors/SDLContextActor.swift +++ b/Tun/Punchnet/Actors/SDLContextActor.swift @@ -296,7 +296,7 @@ actor SDLContextActor { case .registerAck(let registerAck): await self.handleRegisterAck(remoteAddress: remoteAddress, registerAck: registerAck) case .data(let data): - try? await self.handleData(data: data) + try? await self.handleHoleData(data: data) case .stunReply(let stunReply): SDLLogger.shared.log("[SDLContext] get a stunReply: \(stunReply)") } @@ -500,7 +500,7 @@ actor SDLContextActor { } } - private func handleData(data: SDLData) async throws { + private func handleHoleData(data: SDLData) async throws { guard let aesKey = self.aesKey else { return } @@ -548,12 +548,20 @@ actor SDLContextActor { // 检查权限逻辑 let identitySnapshot = self.snapshotPublisher.current() if let ruleMap = identitySnapshot.lookup(data.identityID) { + SDLLogger.shared.log("[SDLContext] identity: \(data.identityID), ruleMap: \(ruleMap)", level: .debug) + let proto = ipPacket.header.proto switch TransportProtocol(rawValue: proto) { case .udp, .tcp: if let dstPort = ipPacket.getDstPort(), ruleMap.isAllow(proto: proto, port: dstPort) { let packet = NEPacket(data: ipPacket.data, protocolFamily: 2) self.provider.packetFlow.writePacketObjects([packet]) + } else { + if let dstPort = ipPacket.getDstPort() { + SDLLogger.shared.log("[SDLContext] identity: \(data.identityID), dst port: \(dstPort) not allow", level: .debug) + } else { + SDLLogger.shared.log("[SDLContext] identity: \(data.identityID), invalid ip packet, not allow", level: .debug) + } } case .icmp: let packet = NEPacket(data: ipPacket.data, protocolFamily: 2) @@ -562,6 +570,7 @@ actor SDLContextActor { () } } else { + SDLLogger.shared.log("[SDLContext] not found identity: \(data.identityID) ruleMap", level: .debug) // 向服务器请求权限逻辑 var policyRequest = SDLPolicyRequest() policyRequest.srcIdentityID = data.identityID @@ -603,7 +612,7 @@ actor SDLContextActor { let (packets, numbers) = await self.provider.packetFlow.readPackets() for (data, number) in zip(packets, numbers) where number == 2 { if let ipPacket = IPPacket(data) { - await self.dealPacket(packet: ipPacket) + await self.dealTunPacket(packet: ipPacket) } } } @@ -611,7 +620,7 @@ actor SDLContextActor { } // 处理读取的每个数据包 - private func dealPacket(packet: IPPacket) async { + private func dealTunPacket(packet: IPPacket) async { let networkAddr = self.config.networkAddress if SDLDNSClient.Helper.isDnsRequestPacket(ipPacket: packet) { diff --git a/Tun/Punchnet/SDLMessage.swift b/Tun/Punchnet/SDLMessage.swift index 85d36e6..1612d48 100644 --- a/Tun/Punchnet/SDLMessage.swift +++ b/Tun/Punchnet/SDLMessage.swift @@ -37,6 +37,10 @@ enum SDLPacketType: UInt8 { case stunProbe = 0x32 case stunProbeReply = 0x33 + // arp查询 + case arpRequest = 0x50 + case arpResponse = 0x51 + // 权限控制 case policyRequest = 0xb0 case policyResponse = 0xb1 diff --git a/punchnet/Views/Login/LoginView.swift b/punchnet/Views/Login/LoginView.swift index d73acaa..8319446 100644 --- a/punchnet/Views/Login/LoginView.swift +++ b/punchnet/Views/Login/LoginView.swift @@ -74,7 +74,7 @@ struct LoginView: View { struct LoginTokenView: View { @Environment(UserContext.self) var userContext: UserContext - @State private var token: String = "" + @State private var token: String = "49974818809840025617726088179154" @State private var showAlert = false @State private var errorMessage = ""