package internet import ( "net" "syscall" "golang.org/x/sys/unix" ) const ( // For incoming connections. TCP_FASTOPEN = 23 // For out-going connections. TCP_FASTOPEN_CONNECT = 30 ) func bindAddr(fd uintptr, ip []byte, port uint32) error { setReuseAddr(fd) setReusePort(fd) var sockaddr syscall.Sockaddr switch len(ip) { case net.IPv4len: a4 := &syscall.SockaddrInet4{ Port: int(port), } copy(a4.Addr[:], ip) sockaddr = a4 case net.IPv6len: a6 := &syscall.SockaddrInet6{ Port: int(port), } copy(a6.Addr[:], ip) sockaddr = a6 default: return newError("unexpected length of ip") } return syscall.Bind(int(fd), sockaddr) } func applyOutboundSocketOptions(network string, address string, fd uintptr, config *SocketConfig) error { if config.Mark != 0 { if err := syscall.SetsockoptInt(int(fd), syscall.SOL_SOCKET, syscall.SO_MARK, int(config.Mark)); err != nil { return newError("failed to set SO_MARK").Base(err) } } if isTCPSocket(network) { tfo := config.ParseTFOValue() if tfo > 0 { tfo = 1 } if tfo >= 0 { if err := syscall.SetsockoptInt(int(fd), syscall.SOL_TCP, TCP_FASTOPEN_CONNECT, tfo); err != nil { return newError("failed to set TCP_FASTOPEN_CONNECT=", tfo).Base(err) } } if config.TcpKeepAliveInterval > 0 || config.TcpKeepAliveIdle > 0 { if config.TcpKeepAliveInterval > 0 { if err := syscall.SetsockoptInt(int(fd), syscall.IPPROTO_TCP, syscall.TCP_KEEPINTVL, int(config.TcpKeepAliveInterval)); err != nil { return newError("failed to set TCP_KEEPINTVL", err) } } if config.TcpKeepAliveIdle > 0 { if err := syscall.SetsockoptInt(int(fd), syscall.IPPROTO_TCP, syscall.TCP_KEEPIDLE, int(config.TcpKeepAliveIdle)); err != nil { return newError("failed to set TCP_KEEPIDLE", err) } } if err := syscall.SetsockoptInt(int(fd), syscall.SOL_SOCKET, syscall.SO_KEEPALIVE, 1); err != nil { return newError("failed to set SO_KEEPALIVE", err) } } else if config.TcpKeepAliveInterval < 0 || config.TcpKeepAliveIdle < 0 { if err := syscall.SetsockoptInt(int(fd), syscall.SOL_SOCKET, syscall.SO_KEEPALIVE, 0); err != nil { return newError("failed to unset SO_KEEPALIVE", err) } } } if config.Tproxy.IsEnabled() { if err := syscall.SetsockoptInt(int(fd), syscall.SOL_IP, syscall.IP_TRANSPARENT, 1); err != nil { return newError("failed to set IP_TRANSPARENT").Base(err) } } return nil } func applyInboundSocketOptions(network string, fd uintptr, config *SocketConfig) error { if config.Mark != 0 { if err := syscall.SetsockoptInt(int(fd), syscall.SOL_SOCKET, syscall.SO_MARK, int(config.Mark)); err != nil { return newError("failed to set SO_MARK").Base(err) } } if isTCPSocket(network) { tfo := config.ParseTFOValue() if tfo >= 0 { if err := syscall.SetsockoptInt(int(fd), syscall.SOL_TCP, TCP_FASTOPEN, tfo); err != nil { return newError("failed to set TCP_FASTOPEN=", tfo).Base(err) } } if config.TcpKeepAliveInterval > 0 || config.TcpKeepAliveIdle > 0 { if config.TcpKeepAliveInterval > 0 { if err := syscall.SetsockoptInt(int(fd), syscall.IPPROTO_TCP, syscall.TCP_KEEPINTVL, int(config.TcpKeepAliveInterval)); err != nil { return newError("failed to set TCP_KEEPINTVL", err) } } if config.TcpKeepAliveIdle > 0 { if err := syscall.SetsockoptInt(int(fd), syscall.IPPROTO_TCP, syscall.TCP_KEEPIDLE, int(config.TcpKeepAliveIdle)); err != nil { return newError("failed to set TCP_KEEPIDLE", err) } } if err := syscall.SetsockoptInt(int(fd), syscall.SOL_SOCKET, syscall.SO_KEEPALIVE, 1); err != nil { return newError("failed to set SO_KEEPALIVE", err) } } else if config.TcpKeepAliveInterval < 0 || config.TcpKeepAliveIdle < 0 { if err := syscall.SetsockoptInt(int(fd), syscall.SOL_SOCKET, syscall.SO_KEEPALIVE, 0); err != nil { return newError("failed to unset SO_KEEPALIVE", err) } } } if config.Tproxy.IsEnabled() { if err := syscall.SetsockoptInt(int(fd), syscall.SOL_IP, syscall.IP_TRANSPARENT, 1); err != nil { return newError("failed to set IP_TRANSPARENT").Base(err) } } if config.ReceiveOriginalDestAddress && isUDPSocket(network) { err1 := syscall.SetsockoptInt(int(fd), syscall.SOL_IPV6, unix.IPV6_RECVORIGDSTADDR, 1) err2 := syscall.SetsockoptInt(int(fd), syscall.SOL_IP, syscall.IP_RECVORIGDSTADDR, 1) if err1 != nil && err2 != nil { return err1 } } return nil } func setReuseAddr(fd uintptr) error { if err := syscall.SetsockoptInt(int(fd), syscall.SOL_SOCKET, syscall.SO_REUSEADDR, 1); err != nil { return newError("failed to set SO_REUSEADDR").Base(err).AtWarning() } return nil } func setReusePort(fd uintptr) error { if err := syscall.SetsockoptInt(int(fd), syscall.SOL_SOCKET, unix.SO_REUSEPORT, 1); err != nil { return newError("failed to set SO_REUSEPORT").Base(err).AtWarning() } return nil }