Fix: should always drop packet when handle UDP packet (#2659)

xishang0128 · Apr 6, 2023 · 8ab70d7 · 8ab70d7
1 parent f92f34b
commit 8ab70d7
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 2 deletions.
diff --git a/tunnel/connection.go b/tunnel/connection.go
@@ -13,8 +13,6 @@ import (
 )
 
 func handleUDPToRemote(packet C.UDPPacket, pc C.PacketConn, metadata *C.Metadata) error {
-	defer packet.Drop()
-
 	addr := metadata.UDPAddr()
 	if addr == nil {
 		return errors.New("udp addr invalid")

diff --git a/tunnel/tunnel.go b/tunnel/tunnel.go
@@ -273,6 +273,7 @@ func resolveMetadata(ctx C.PlainContext, metadata *C.Metadata) (proxy C.Proxy, r
 func handleUDPConn(packet C.PacketAdapter) {
 	metadata := packet.Metadata()
 	if !metadata.Valid() {
+		packet.Drop()
 		log.Warnln("[Metadata] not valid: %#v", metadata)
 		return
 	}
@@ -284,6 +285,7 @@ func handleUDPConn(packet C.PacketAdapter) {
 	}
 
 	if err := preHandleMetadata(metadata); err != nil {
+		packet.Drop()
 		log.Debugln("[Metadata PreHandle] error: %s", err)
 		return
 	}
@@ -292,6 +294,7 @@ func handleUDPConn(packet C.PacketAdapter) {
 	if !metadata.Resolved() {
 		ip, err := resolver.ResolveIP(context.Background(), metadata.Host)
 		if err != nil {
+			packet.Drop()
 			return
 		}
 		metadata.DstIP = ip
@@ -309,13 +312,16 @@ func handleUDPConn(packet C.PacketAdapter) {
 	}
 
 	if handle() {
+		packet.Drop()
 		return
 	}
 
 	lockKey := key + "-lock"
 	cond, loaded := natTable.GetOrCreateLock(lockKey)
 
 	go func() {
+		defer packet.Drop()
+
 		if loaded {
 			cond.L.Lock()
 			cond.Wait()