udp proxy now dials router directly for DNS requests in arpspoof mode

shadowy-pycoder · shadowy-pycoder · commit 25e227c8ad32 · 2025-08-11T09:01:16.000+03:00
diff --git a/go.mod b/go.mod
@@ -7,7 +7,7 @@ require (
 	github.com/google/uuid v1.6.0
 	github.com/rs/zerolog v1.34.0
 	github.com/shadowy-pycoder/colors v0.0.1
-	github.com/shadowy-pycoder/mshark v0.0.12
+	github.com/shadowy-pycoder/mshark v0.0.13
 	github.com/wzshiming/socks5 v0.5.2
 	golang.org/x/sys v0.33.0
 	golang.org/x/term v0.32.0
@@ -20,6 +20,7 @@ require (
 	github.com/mattn/go-isatty v0.0.19 // indirect
 	github.com/mdlayher/packet v1.1.2 // indirect
 	github.com/mdlayher/socket v0.4.1 // indirect
+	github.com/packetcap/go-pcap v0.0.0-20240528124601-8c87ecf5dbc5 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
 	golang.org/x/net v0.40.0 // indirect
 	golang.org/x/sync v0.16.0 // indirect
diff --git a/go.sum b/go.sum
@@ -8,6 +8,8 @@ github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
 github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
 github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/gopacket/gopacket v1.2.0 h1:eXbzFad7f73P1n2EJHQlsKuvIMJjVXK5tXoSca78I3A=
+github.com/gopacket/gopacket v1.2.0/go.mod h1:BrAKEy5EOGQ76LSqh7DMAr7z0NNPdczWm2GxCG7+I8M=
 github.com/josharian/native v1.1.0 h1:uuaP0hAbW7Y4l0ZRQ6C9zfb7Mg1mbFKry/xzDAfmtLA=
 github.com/josharian/native v1.1.0/go.mod h1:7X/raswPFr05uY3HiLlYeyQntB6OO7E/d2Cu7qoaN2w=
 github.com/malfunkt/iprange v0.9.0 h1:VCs0PKLUPotNVQTpVNszsut4lP7OCGNBwX+lOYBrnVQ=
@@ -21,6 +23,8 @@ github.com/mdlayher/packet v1.1.2 h1:3Up1NG6LZrsgDVn6X4L9Ge/iyRyxFEFD9o6Pr3Q1nQY
 github.com/mdlayher/packet v1.1.2/go.mod h1:GEu1+n9sG5VtiRE4SydOmX5GTwyyYlteZiFU+x0kew4=
 github.com/mdlayher/socket v0.4.1 h1:eM9y2/jlbs1M615oshPQOHZzj6R6wMT7bX5NPiQvn2U=
 github.com/mdlayher/socket v0.4.1/go.mod h1:cAqeGjoufqdxWkD7DkpyS+wcefOtmu5OQ8KuoJGIReA=
+github.com/packetcap/go-pcap v0.0.0-20240528124601-8c87ecf5dbc5 h1:p4VuaitqUAqSZSomd7Wb4BPV/Jj7Hno2/iqtfX7DZJI=
+github.com/packetcap/go-pcap v0.0.0-20240528124601-8c87ecf5dbc5/go.mod h1:zIAoVKeWP0mz4zXY50UYQt6NLg2uwKRswMDcGEqOms4=
 github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
@@ -30,8 +34,8 @@ github.com/rs/zerolog v1.34.0 h1:k43nTLIwcTVQAncfCw4KZ2VY6ukYoZaBPNOE8txlOeY=
 github.com/rs/zerolog v1.34.0/go.mod h1:bJsvje4Z08ROH4Nhs5iH600c3IkWhwp44iRc54W6wYQ=
 github.com/shadowy-pycoder/colors v0.0.1 h1:weCj/YIOupqy4BSP8KuVzr20fC+cuAv/tArz7bhhkP4=
 github.com/shadowy-pycoder/colors v0.0.1/go.mod h1:lkrJS1PY2oVigNLTT6pkbF7B/v0YcU2LD5PZnss1Q4U=
-github.com/shadowy-pycoder/mshark v0.0.12 h1:1zPAQLhKu1pxAZTm5oqUahywJ7SIpx9ds9/ytz5TwaU=
-github.com/shadowy-pycoder/mshark v0.0.12/go.mod h1:FqbHFdsx0zMnrZZH0+oPzaFcleP4O+tUWv8i5gxo87k=
+github.com/shadowy-pycoder/mshark v0.0.13 h1:ROEuey/Th4YAmfRg8Xc17aboMs5fknQho4mNBC9h+KE=
+github.com/shadowy-pycoder/mshark v0.0.13/go.mod h1:FqbHFdsx0zMnrZZH0+oPzaFcleP4O+tUWv8i5gxo87k=
 github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
 github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
 github.com/wzshiming/socks5 v0.5.2 h1:LtoowVNwAmkIQSkP1r1Wg435xUmC+tfRxorNW30KtnM=
diff --git a/tproxy_udp_linux.go b/tproxy_udp_linux.go
@@ -31,8 +31,6 @@ const (
 	udpBufferSize   int           = 4096
 )
 
-var googleDNSAddr *net.UDPAddr = &net.UDPAddr{IP: net.ParseIP("8.8.8.8"), Port: 53}
-
 type udpConn struct {
 	*socks5.UDPConn
 	srcAddr  *net.UDPAddr
@@ -179,40 +177,44 @@ func newTproxyServerUDP(p *proxyapp) *tproxyServerUDP {
 			tsu.p.logger.Fatal().Err(err).Msgf("[udp %s] Failed getting default interface", tsu.p.tproxyMode)
 		}
 	}
-	gw, err := network.GetGatewayIPv4FromInterface(tsu.iface.Name)
-	if err != nil {
-		tsu.p.logger.Fatal().Err(err).Msgf("[udp %s] failed getting gateway from %s", tsu.p.tproxyMode, tsu.iface.Name)
-	}
-	tsu.gwDNS = &net.UDPAddr{IP: net.ParseIP(gw.String()), Port: 53}
-	lc = net.ListenConfig{
-		Control: func(network, address string, conn syscall.RawConn) error {
-			var operr error
-			if err := conn.Control(func(fd uintptr) {
-				operr = unix.SetsockoptInt(int(fd), unix.SOL_IP, unix.IP_TRANSPARENT, 1)
-				operr = unix.SetsockoptInt(int(fd), unix.SOL_IP, unix.IP_FREEBIND, 1)
-				operr = unix.SetsockoptInt(int(fd), unix.SOL_SOCKET, unix.SO_REUSEADDR, 1)
-			}); err != nil {
-				return err
-			}
-			return operr
-		},
-	}
-	pconn, err = lc.ListenPacket(context.Background(), "udp4", tsu.gwDNS.String())
-	if err != nil {
-		tsu.p.logger.Fatal().Err(err).Msgf("[udp %s] failed listening on gateway DNS", tsu.p.tproxyMode)
+	if tsu.p.arpspoofer != nil {
+		gw, err := network.GetGatewayIPv4FromInterface(tsu.iface.Name)
+		if err != nil {
+			tsu.p.logger.Fatal().Err(err).Msgf("[udp %s] failed getting gateway from %s", tsu.p.tproxyMode, tsu.iface.Name)
+		}
+		tsu.gwDNS = &net.UDPAddr{IP: net.ParseIP(gw.String()), Port: 53}
+		lc = net.ListenConfig{
+			Control: func(network, address string, conn syscall.RawConn) error {
+				var operr error
+				if err := conn.Control(func(fd uintptr) {
+					operr = unix.SetsockoptInt(int(fd), unix.SOL_IP, unix.IP_TRANSPARENT, 1)
+					operr = unix.SetsockoptInt(int(fd), unix.SOL_IP, unix.IP_FREEBIND, 1)
+					operr = unix.SetsockoptInt(int(fd), unix.SOL_SOCKET, unix.SO_REUSEADDR, 1)
+				}); err != nil {
+					return err
+				}
+				return operr
+			},
+		}
+		pconn, err = lc.ListenPacket(context.Background(), "udp4", tsu.gwDNS.String())
+		if err != nil {
+			tsu.p.logger.Fatal().Err(err).Msgf("[udp %s] failed listening on gateway DNS", tsu.p.tproxyMode)
+		}
+		tsu.gwConn = pconn.(*net.UDPConn)
 	}
-	tsu.gwConn = pconn.(*net.UDPConn)
 	return tsu
 }
 
 func (tsu *tproxyServerUDP) ListenAndServe() {
 	tsu.startingFlag.Store(true)
 	tsu.wg.Add(1)
 	go tsu.clients.Cleanup()
-	go func() {
-		tsu.listenAndServeDNS()
-		tsu.wg.Done()
-	}()
+	if tsu.p.arpspoofer != nil {
+		go func() {
+			tsu.listenAndServeDNS()
+			tsu.wg.Done()
+		}()
+	}
 	buf := make([]byte, udpBufferSize)
 	oob := make([]byte, 1500)
 	tsu.startingFlag.Store(false)
@@ -417,11 +419,11 @@ func (dc *dnsConn) close() error {
 	return dc.Close()
 }
 
-func newDNSConn(srcAddr *net.UDPAddr, mark uint) (*dnsConn, error) {
+func newDNSConn(srcAddr, dstAddr *net.UDPAddr, mark uint) (*dnsConn, error) {
 	dialer := getBaseDialer(timeout, mark)
 	ctx, cancel := context.WithTimeout(context.Background(), timeout)
 	defer cancel()
-	conn, err := dialer.DialContext(ctx, "udp4", googleDNSAddr.String())
+	conn, err := dialer.DialContext(ctx, "udp4", dstAddr.String())
 	if err != nil {
 		return nil, err
 	}
@@ -432,7 +434,7 @@ func newDNSConn(srcAddr *net.UDPAddr, mark uint) (*dnsConn, error) {
 	return &dnsConn{
 		UDPConn:  udpConn,
 		srcAddr:  srcAddr,
-		dstAddr:  googleDNSAddr,
+		dstAddr:  dstAddr,
 		reqChan:  make(chan layers.Layer),
 		respChan: make(chan layers.Layer),
 	}, nil
@@ -456,9 +458,9 @@ func (tsu *tproxyServerUDP) listenAndServeDNS() {
 			}
 			n, srcAddr, er := tsu.gwConn.ReadFromUDP(buf)
 			if n > 0 {
-				conn, err := newDNSConn(srcAddr, tsu.p.mark)
+				conn, err := newDNSConn(srcAddr, tsu.gwDNS, tsu.p.mark)
 				if err != nil {
-					tsu.p.logger.Error().Err(err).Msgf("[udp %s] Failed creating UDP connection %s→ %s", tsu.p.tproxyMode, srcAddr, googleDNSAddr)
+					tsu.p.logger.Error().Err(err).Msgf("[udp %s] Failed creating UDP connection %s→ %s", tsu.p.tproxyMode, srcAddr, tsu.gwDNS)
 					continue
 				}
 				srcConnStr := fmt.Sprintf("%s→ %s", srcAddr, tsu.gwConn.LocalAddr())
