apps/EasyTier
1
0
Fork 0
mirror of https://github.com/EasyTier/EasyTier.git synced 2025-10-31 12:06:28 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

optimize the condition of enabling kcp (#1210)

Browse Source
This commit is contained in:
Sijie.Sun
2025-08-09 16:16:09 +08:00
committed by GitHub
parent 37b24164b6
commit 8ffc2f12e4
11 changed files with 110 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
EasyTier.code-workspace
View File

@@ -44,5 +44,7 @@
"prettier.enable": false,
"editor.formatOnSave": true,
"editor.formatOnSaveMode": "modifications",
"editor.formatOnPaste": false,
"editor.formatOnType": true,
}
}

12
easytier/locales/app.yml
View File

@@ -190,6 +190,18 @@ core_clap:
foreign_relay_bps_limit:
en: "the maximum bps limit for foreign network relay, default is no limit. unit: BPS (bytes per second)"
zh-CN: "作为共享节点时,限制非本地网络的流量转发速率,默认无限制,单位 BPS (字节每秒)"
tcp_whitelist:
en: "tcp port whitelist. Supports single ports (80) and ranges (8000-9000)"
zh-CN: "TCP 端口白名单。支持单个端口80和范围8000-9000"
udp_whitelist:
en: "udp port whitelist. Supports single ports (53) and ranges (5000-6000)"
zh-CN: "UDP 端口白名单。支持单个端口53和范围5000-6000"
disable_relay_kcp:
en: "if true, disable relay kcp packets. avoid consuming too many bandwidth. default is false"
zh-CN: "如果为true则禁止节点转发 KCP 数据包防止过度消耗流量。默认值为false"
enable_relay_foreign_network_kcp:
en: "if true, allow relay kcp packets from foreign network. default is false (not forward foreign network kcp packets)"
zh-CN: "如果为true则作为共享节点时也可以转发其他网络的 KCP 数据包。默认值为false不转发"
core_app:
panic_backtrace_save:

3
easytier/src/common/config.rs
View File

@@ -40,7 +40,8 @@ pub fn gen_default_flags() -> Flags {
bind_device: true,
enable_kcp_proxy: false,
disable_kcp_input: false,
disable_relay_kcp: true,
disable_relay_kcp: false,
enable_relay_foreign_network_kcp: false,
accept_dns: false,
private_mode: false,
enable_quic_proxy: false,

24
easytier/src/easytier-core.rs
View File

@@ -515,7 +515,7 @@ struct NetworkOptions {
#[arg(
long,
value_delimiter = ',',
help = "TCP port whitelist. Supports single ports (80) and ranges (8000-9000)",
help = t!("core_clap.tcp_whitelist").to_string(),
num_args = 0..
)]
tcp_whitelist: Vec<String>,
@@ -523,10 +523,28 @@ struct NetworkOptions {
#[arg(
long,
value_delimiter = ',',
help = "UDP port whitelist. Supports single ports (53) and ranges (5000-6000)",
help = t!("core_clap.udp_whitelist").to_string(),
num_args = 0..
)]
udp_whitelist: Vec<String>,
#[arg(
long,
env = "ET_DISABLE_RELAY_KCP",
help = t!("core_clap.disable_relay_kcp").to_string(),
num_args = 0..=1,
default_missing_value = "true"
)]
disable_relay_kcp: Option<bool>,
#[arg(
long,
env = "ET_ENABLE_RELAY_FOREIGN_NETWORK_KCP",
help = t!("core_clap.enable_relay_foreign_network_kcp").to_string(),
num_args = 0..=1,
default_missing_value = "true"
)]
enable_relay_foreign_network_kcp: Option<bool>,
}
#[derive(Parser, Debug)]
@@ -875,6 +893,8 @@ impl NetworkOptions {
.foreign_relay_bps_limit
.unwrap_or(f.foreign_relay_bps_limit);
f.multi_thread_count = self.multi_thread_count.unwrap_or(f.multi_thread_count);
f.disable_relay_kcp = self.disable_relay_kcp.unwrap_or(f.disable_relay_kcp);
f.enable_relay_foreign_network_kcp = self.enable_relay_foreign_network_kcp.unwrap_or(f.enable_relay_foreign_network_kcp);
cfg.set_flags(f);
if !self.exit_nodes.is_empty() {

10
easytier/src/gateway/kcp_proxy.rs
View File

@@ -230,15 +230,7 @@ impl TcpProxyForKcpSrcTrait for TcpProxyForKcpSrc {
}
async fn check_dst_allow_kcp_input(&self, dst_ip: &Ipv4Addr) -> bool {
let peer_map: Arc<crate::peers::peer_map::PeerMap> =
self.0.get_peer_manager().get_peer_map();
let Some(dst_peer_id) = peer_map.get_peer_id_by_ipv4(dst_ip).await else {
return false;
};
let Some(peer_info) = peer_map.get_route_peer_info(dst_peer_id).await else {
return false;
};
peer_info.feature_flag.map(|x| x.kcp_input).unwrap_or(false)
self.0.get_peer_manager().check_allow_kcp_to_dst(&IpAddr::V4(*dst_ip)).await
}
}

10
easytier/src/gateway/socks5.rs
View File

@@ -751,8 +751,16 @@ impl Socks5Server {
continue;
};
let Some(peer_mgr_arc) = peer_mgr.upgrade() else {
tracing::error!("peer manager is dropped");
continue;
};
let dst_allow_kcp = peer_mgr_arc.check_allow_kcp_to_dst(&dst_addr.ip()).await;
tracing::debug!("dst_allow_kcp: {:?}", dst_allow_kcp);
let connector: Box<dyn AsyncTcpConnector<S = SocksTcpStream> + Send> =
if kcp_endpoint.is_none() {
if kcp_endpoint.is_none() || !dst_allow_kcp {
Box::new(SmolTcpConnector {
net: net.smoltcp_net.clone(),
entries: entries.clone(),

4
easytier/src/peers/foreign_network_manager.rs
View File

@@ -163,6 +163,10 @@ impl ForeignNetworkEntry {
config.set_network_identity(network.clone());
config.set_hostname(Some(format!("PublicServer_{}", global_ctx.get_hostname())));
let mut flags = config.get_flags();
flags.disable_relay_kcp = !global_ctx.get_flags().enable_relay_foreign_network_kcp;
config.set_flags(flags);
let foreign_global_ctx = Arc::new(GlobalCtx::new(config));
foreign_global_ctx
.replace_stun_info_collector(Box::new(global_ctx.get_stun_info_collector().clone()));

32
easytier/src/peers/peer_manager.rs
View File

@@ -1360,6 +1360,38 @@ impl PeerManager {
tracing::info!("close_peer_conn in foreign network manager done: {:?}", ret);
ret
}
pub async fn check_allow_kcp_to_dst(&self, dst_ip: &IpAddr) -> bool {
let route = self.get_route();
let Some(dst_peer_id) = route.get_peer_id_by_ip(dst_ip).await else {
return false;
};
let Some(peer_info) = route.get_peer_info(dst_peer_id).await else {
return false;
};
// check dst allow kcp input
if !peer_info.feature_flag.map(|x| x.kcp_input).unwrap_or(false) {
return false;
}
let next_hop_policy = Self::get_next_hop_policy( self.global_ctx.get_flags().latency_first);
// check relay node allow relay kcp.
let Some(next_hop_id) = route.get_next_hop_with_policy(dst_peer_id, next_hop_policy).await else {
return false;
};
let Some(next_hop_info) = route.get_peer_info(next_hop_id).await else {
return false;
};
// check next hop allow kcp relay
if next_hop_info.feature_flag.map(|x| x.no_relay_kcp).unwrap_or(false) {
return false;
}
true
}
}
#[cfg(test)]

7
easytier/src/peers/route_trait.rs
View File

@@ -86,6 +86,13 @@ pub trait Route {
None
}
async fn get_peer_id_by_ip(&self, ip: &std::net::IpAddr) -> Option<PeerId> {
match ip {
std::net::IpAddr::V4(v4) => self.get_peer_id_by_ipv4(v4).await,
std::net::IpAddr::V6(v6) => self.get_peer_id_by_ipv6(v6).await,
}
}
async fn list_peers_own_foreign_network(
&self,
_network_identity: &NetworkIdentity,

5
easytier/src/proto/common.proto
View File

@@ -28,7 +28,7 @@ message FlagsInConfig {
bool enable_kcp_proxy = 18;
// does this peer allow kcp input
bool disable_kcp_input = 19;
// allow relay kcp packets (for public server, this can reduce the throughput)
// disable relay local network kcp packets
bool disable_relay_kcp = 20;
bool proxy_forward_by_system = 21;
@@ -46,6 +46,9 @@ message FlagsInConfig {
uint64 foreign_relay_bps_limit = 26;
uint32 multi_thread_count = 27;
// enable relay foreign network kcp packets
bool enable_relay_foreign_network_kcp = 28;
}
message RpcDescriptor {

19
easytier/src/tests/three_node.rs
View File

@@ -1150,6 +1150,8 @@ pub async fn port_forward_test(
#[values(true, false)] no_tun: bool,
#[values(64, 1900)] buf_size: u64,
#[values(true, false)] enable_kcp: bool,
#[values(true, false)] dst_disable_kcp_input: bool,
#[values(true, false)] disable_relay_kcp: bool,
) {
prepare_linux_namespaces();
@@ -1183,14 +1185,23 @@ pub async fn port_forward_test(
proto: "udp".to_string(),
},
]);
let mut flags = cfg.get_flags();
flags.no_tun = no_tun;
flags.enable_kcp_proxy = enable_kcp;
cfg.set_flags(flags);
} else if cfg.get_inst_name() == "inst3" {
cfg.add_proxy_cidr("10.1.2.0/24".parse().unwrap(), None)
.unwrap();
let mut flags = cfg.get_flags();
flags.disable_kcp_input = dst_disable_kcp_input;
cfg.set_flags(flags);
} else if cfg.get_inst_name() == "inst2" {
let mut flags = cfg.get_flags();
flags.disable_relay_kcp = disable_relay_kcp;
cfg.set_flags(flags);
}
let mut flags = cfg.get_flags();
flags.no_tun = no_tun;
flags.enable_kcp_proxy = enable_kcp;
cfg.set_flags(flags);
cfg
},
false,