Add "xudpProxyUDP443" to Mux config & XUDP rejects UDP/443 traffic by default (client side, excluding reverse proxy)

2025-04-29 16:58:34 +00:00 · 2023-04-14 22:51:18 +00:00 · 2023-04-14 22:51:18 +00:00 · 06c9e50c52
commit 06c9e50c52
parent 4f601530fa
5 changed files with 72 additions and 29 deletions
--- a/infra/conf/xray.go
+++ b/infra/conf/xray.go
@ -107,17 +107,26 @@ func (c *SniffingConfig) Build() (*proxyman.SniffingConfig, error) {
 }

 type MuxConfig struct {
-	Enabled         bool  `json:"enabled"`
-	Concurrency     int16 `json:"concurrency"`
-	XudpConcurrency int16 `json:"xudpConcurrency"`
+	Enabled         bool   `json:"enabled"`
+	Concurrency     int16  `json:"concurrency"`
+	XudpConcurrency int16  `json:"xudpConcurrency"`
+	XudpProxyUDP443 string `json:"xudpProxyUDP443"`
 }

 // Build creates MultiplexingConfig, Concurrency < 0 completely disables mux.
 func (m *MuxConfig) Build() (*proxyman.MultiplexingConfig, error) {
+	switch m.XudpProxyUDP443 {
+	case "":
+		m.XudpProxyUDP443 = "reject"
+	case "reject", "allow", "skip":
+	default:
+		return nil, newError(`unknown "xudpProxyUDP443": `, m.XudpProxyUDP443)
+	}
 	return &proxyman.MultiplexingConfig{
 		Enabled:         m.Enabled,
 		Concurrency:     int32(m.Concurrency),
 		XudpConcurrency: int32(m.XudpConcurrency),
+		XudpProxyUDP443: m.XudpProxyUDP443,
 	}, nil
 }

--- a/infra/conf/xray_test.go
+++ b/infra/conf/xray_test.go
@ -340,20 +340,28 @@ func TestMuxConfig_Build(t *testing.T) {
 		want   *proxyman.MultiplexingConfig
 	}{
 		{"default", `{"enabled": true, "concurrency": 16}`, &proxyman.MultiplexingConfig{
-			Enabled:     true,
-			Concurrency: 16,
+			Enabled:         true,
+			Concurrency:     16,
+			XudpConcurrency: 0,
+			XudpProxyUDP443: "reject",
 		}},
 		{"empty def", `{}`, &proxyman.MultiplexingConfig{
-			Enabled:     false,
-			Concurrency: 0,
+			Enabled:         false,
+			Concurrency:     0,
+			XudpConcurrency: 0,
+			XudpProxyUDP443: "reject",
 		}},
 		{"not enable", `{"enabled": false, "concurrency": 4}`, &proxyman.MultiplexingConfig{
-			Enabled:     false,
-			Concurrency: 4,
+			Enabled:         false,
+			Concurrency:     4,
+			XudpConcurrency: 0,
+			XudpProxyUDP443: "reject",
 		}},
 		{"forbidden", `{"enabled": false, "concurrency": -1}`, &proxyman.MultiplexingConfig{
-			Enabled:     false,
-			Concurrency: -1,
+			Enabled:         false,
+			Concurrency:     -1,
+			XudpConcurrency: 0,
+			XudpProxyUDP443: "reject",
 		}},
 	}
 	for _, tt := range tests {