Add support for SideStore redirect

Author: nekohasekai

stack_gvisor.go

@@ -26,14 +26,15 @@ const WithGVisor = true
 const DefaultNIC tcpip.NICID = 1
 
 type GVisor struct {
-	ctx           context.Context
-	tun           GVisorTun
-	udpTimeout    time.Duration
-	broadcastAddr netip.Addr
-	handler       Handler
-	logger        logger.Logger
-	stack         *stack.Stack
-	endpoint      stack.LinkEndpoint
+	ctx               context.Context
+	tun               GVisorTun
+	udpTimeout        time.Duration
+	sideStoreRedirect bool
+	broadcastAddr     netip.Addr
+	handler           Handler
+	logger            logger.Logger
+	stack             *stack.Stack
+	endpoint          stack.LinkEndpoint
 }
 
 type GVisorTun interface {
@@ -50,12 +51,13 @@ func NewGVisor(
 	}
 
 	gStack := &GVisor{
-		ctx:           options.Context,
-		tun:           gTun,
-		udpTimeout:    options.UDPTimeout,
-		broadcastAddr: BroadcastAddr(options.TunOptions.Inet4Address),
-		handler:       options.Handler,
-		logger:        options.Logger,
+		ctx:               options.Context,
+		tun:               gTun,
+		udpTimeout:        options.UDPTimeout,
+		sideStoreRedirect: options.TunOptions.SideStoreRedirect,
+		broadcastAddr:     BroadcastAddr(options.TunOptions.Inet4Address),
+		handler:           options.Handler,
+		logger:            options.Logger,
 	}
 	return gStack, nil
 }
@@ -70,7 +72,7 @@ func (t *GVisor) Start() error {
 	if err != nil {
 		return err
 	}
-	ipStack.SetTransportProtocolHandler(tcp.ProtocolNumber, NewTCPForwarder(t.ctx, ipStack, t.handler).HandlePacket)
+	ipStack.SetTransportProtocolHandler(tcp.ProtocolNumber, NewTCPForwarder(t.ctx, ipStack, t.handler, t.sideStoreRedirect, t.tun).HandlePacket)
 	ipStack.SetTransportProtocolHandler(udp.ProtocolNumber, NewUDPForwarder(t.ctx, ipStack, t.handler, t.udpTimeout).HandlePacket)
 	t.stack = ipStack
 	t.endpoint = linkEndpoint

stack_gvisor_tcp.go

@@ -5,30 +5,43 @@ package tun
 import (
 	"context"
 
+	"github.com/sagernet/gvisor/pkg/tcpip/header"
 	"github.com/sagernet/gvisor/pkg/tcpip/stack"
 	"github.com/sagernet/gvisor/pkg/tcpip/transport/tcp"
+	"github.com/sagernet/sing/common/bufio"
 	M "github.com/sagernet/sing/common/metadata"
 	N "github.com/sagernet/sing/common/network"
 )
 
 type TCPForwarder struct {
-	ctx       context.Context
-	stack     *stack.Stack
-	handler   Handler
-	forwarder *tcp.Forwarder
+	ctx               context.Context
+	stack             *stack.Stack
+	handler           Handler
+	sideStoreRedirect bool
+	tun               GVisorTun
+	forwarder         *tcp.Forwarder
 }
 
-func NewTCPForwarder(ctx context.Context, stack *stack.Stack, handler Handler) *TCPForwarder {
+func NewTCPForwarder(ctx context.Context, stack *stack.Stack, handler Handler, sideStoreRedirect bool, tun GVisorTun) *TCPForwarder {
 	forwarder := &TCPForwarder{
-		ctx:     ctx,
-		stack:   stack,
-		handler: handler,
+		ctx:               ctx,
+		tun:               tun,
+		stack:             stack,
+		handler:           handler,
+		sideStoreRedirect: sideStoreRedirect,
 	}
 	forwarder.forwarder = tcp.NewForwarder(stack, 0, 1024, forwarder.Forward)
 	return forwarder
 }
 
 func (f *TCPForwarder) HandlePacket(id stack.TransportEndpointID, pkt *stack.PacketBuffer) bool {
+	if f.sideStoreRedirect && AddrFromAddress(id.LocalAddress) == sideStoreFakeIP && (id.RemotePort == sideStorePort || id.LocalPort == sideStorePort) {
+		ipv4Hdr := pkt.Network().(header.IPv4)
+		ipv4Hdr.SetDestinationAddressWithChecksumUpdate(ipv4Hdr.SourceAddress())
+		ipv4Hdr.SetSourceAddressWithChecksumUpdate(AddressFromAddr(sideStoreFakeIP))
+		bufio.WriteVectorised(f.tun, pkt.AsSlices())
+		return true
+	}
 	return f.forwarder.HandlePacket(id, pkt)
 }
 

stack_sidestore.go

@@ -0,0 +1,8 @@
+package tun
+
+import "net/netip"
+
+var (
+	sideStoreFakeIP        = netip.AddrFrom4([4]byte{10, 7, 0, 1})
+	sideStorePort   uint16 = 62078
+)

stack_system.go

@@ -36,6 +36,7 @@ type System struct {
 	inet6Address       netip.Addr
 	broadcastAddr      netip.Addr
 	udpTimeout         time.Duration
+	sideStoreRedirect  bool
 	tcpListener        net.Listener
 	tcpListener6       net.Listener
 	tcpPort            uint16
@@ -57,18 +58,19 @@ type Session struct {
 
 func NewSystem(options StackOptions) (Stack, error) {
 	stack := &System{
-		ctx:             options.Context,
-		tun:             options.Tun,
-		tunName:         options.TunOptions.Name,
-		mtu:             int(options.TunOptions.MTU),
-		udpTimeout:      options.UDPTimeout,
-		handler:         options.Handler,
-		logger:          options.Logger,
-		inet4Prefixes:   options.TunOptions.Inet4Address,
-		inet6Prefixes:   options.TunOptions.Inet6Address,
-		broadcastAddr:   BroadcastAddr(options.TunOptions.Inet4Address),
-		bindInterface:   options.ForwarderBindInterface,
-		interfaceFinder: options.InterfaceFinder,
+		ctx:               options.Context,
+		tun:               options.Tun,
+		tunName:           options.TunOptions.Name,
+		mtu:               int(options.TunOptions.MTU),
+		sideStoreRedirect: options.TunOptions.SideStoreRedirect,
+		udpTimeout:        options.UDPTimeout,
+		handler:           options.Handler,
+		logger:            options.Logger,
+		inet4Prefixes:     options.TunOptions.Inet4Address,
+		inet6Prefixes:     options.TunOptions.Inet6Address,
+		broadcastAddr:     BroadcastAddr(options.TunOptions.Inet4Address),
+		bindInterface:     options.ForwarderBindInterface,
+		interfaceFinder:   options.InterfaceFinder,
 	}
 	if len(options.TunOptions.Inet4Address) > 0 {
 		if !HasNextAddress(options.TunOptions.Inet4Address[0], 1) {
@@ -351,6 +353,9 @@ func (s *System) processIPv4TCP(ipHdr header.IPv4, tcpHdr header.TCP) (bool, err
 		tcpHdr.SetSourcePort(session.Destination.Port())
 		ipHdr.SetDestinationAddr(session.Source.Addr())
 		tcpHdr.SetDestinationPort(session.Source.Port())
+	} else if s.sideStoreRedirect && destination.Addr() == sideStoreFakeIP && (source.Port() == sideStorePort || destination.Port() == sideStorePort) {
+		ipHdr.SetDestinationAddr(ipHdr.SourceAddr())
+		ipHdr.SetSourceAddr(sideStoreFakeIP)
 	} else {
 		natPort, err := s.tcpNat.Lookup(source, destination, s.handler)
 		if err != nil {

tun.go

@@ -78,11 +78,11 @@ type Options struct {
 	IncludeAndroidUser       []int
 	IncludePackage           []string
 	ExcludePackage           []string
+	SideStoreRedirect        bool
 	InterfaceFinder          control.InterfaceFinder
 	InterfaceMonitor         DefaultInterfaceMonitor
 	FileDescriptor           int
 	Logger                   logger.Logger
-
 	// No work for TCP, do not use.
 	_TXChecksumOffload bool