dnomd343
/
shadowsocksr
mirror of https://github.com/dnomd343/shadowsocksr
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

add forbidden support for UDP and add tests

master
clowwindy 10 years ago
parent
eb94bd1cc3
commit
4312eb9e58
4 changed files with 34 additions and 10 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      .jenkins.sh
  2. 4
      shadowsocks/tcprelay.py
  3. 11
      shadowsocks/udprelay.py
  4. 18
      tests/test.py

1
.jenkins.sh
View File

@ -45,6 +45,7 @@ run_test python tests/test.py --with-coverage -c tests/workers.json
run_test python tests/test.py --with-coverage -s tests/ipv6.json -c tests/ipv6-client-side.json run_test python tests/test.py --with-coverage -s tests/ipv6.json -c tests/ipv6-client-side.json
run_test python tests/test.py --with-coverage -b "-m rc4-md5 -k testrc4 -s 127.0.0.1 -p 8388 -q" -a "-m rc4-md5 -k testrc4 -s 127.0.0.1 -p 8388 -l 1081 -vv" run_test python tests/test.py --with-coverage -b "-m rc4-md5 -k testrc4 -s 127.0.0.1 -p 8388 -q" -a "-m rc4-md5 -k testrc4 -s 127.0.0.1 -p 8388 -l 1081 -vv"
run_test python tests/test.py --with-coverage -b "-m aes-256-cfb -k testrc4 -s 127.0.0.1 -p 8388 --workers 1" -a "-m aes-256-cfb -k testrc4 -s 127.0.0.1 -p 8388 -l 1081 -t 30 -qq -b 127.0.0.1" run_test python tests/test.py --with-coverage -b "-m aes-256-cfb -k testrc4 -s 127.0.0.1 -p 8388 --workers 1" -a "-m aes-256-cfb -k testrc4 -s 127.0.0.1 -p 8388 -l 1081 -t 30 -qq -b 127.0.0.1"
run_test python tests/test.py --with-coverage --should-fail --url="http://127.0.0.1/" -b "-m aes-256-cfb -k testrc4 -s 127.0.0.1 -p 8388 --forbidden-ip=127.0.0.1,::1,8.8.8.8" -a "-m aes-256-cfb -k testrc4 -s 127.0.0.1 -p 8388 -l 1081 -t 30 -b 127.0.0.1"
if [ -f /proc/sys/net/ipv4/tcp_fastopen ] ; then if [ -f /proc/sys/net/ipv4/tcp_fastopen ] ; then
if [ 3 -eq `cat /proc/sys/net/ipv4/tcp_fastopen` ] ; then if [ 3 -eq `cat /proc/sys/net/ipv4/tcp_fastopen` ] ; then

4
shadowsocks/tcprelay.py
View File

@ -123,8 +123,8 @@ class TCPRelayHandler(object):
self._downstream_status = WAIT_STATUS_INIT self._downstream_status = WAIT_STATUS_INIT
self._client_address = local_sock.getpeername()[:2] self._client_address = local_sock.getpeername()[:2]
self._remote_address = None self._remote_address = None
if 'forbidden_ip' in self._config: if 'forbidden_ip' in config:
self._forbidden_iplist = self._config['forbidden_ip'] self._forbidden_iplist = config['forbidden_ip']
else: else:
self._forbidden_iplist = None self._forbidden_iplist = None
if is_local: if is_local:

11
shadowsocks/udprelay.py
View File

@ -112,6 +112,11 @@ class UDPRelay(object):
self._closed = False self._closed = False
self._last_time = time.time() self._last_time = time.time()
self._sockets = set() self._sockets = set()
print(config)
if 'forbidden_ip' in config:
self._forbidden_iplist = config['forbidden_ip']
else:
self._forbidden_iplist = None
addrs = socket.getaddrinfo(self._listen_addr, self._listen_port, 0, addrs = socket.getaddrinfo(self._listen_addr, self._listen_port, 0,
socket.SOCK_DGRAM, socket.SOL_UDP) socket.SOCK_DGRAM, socket.SOL_UDP)
@ -178,6 +183,12 @@ class UDPRelay(object):
socket.SOCK_DGRAM, socket.SOL_UDP) socket.SOCK_DGRAM, socket.SOL_UDP)
if addrs: if addrs:
af, socktype, proto, canonname, sa = addrs[0] af, socktype, proto, canonname, sa = addrs[0]
if self._forbidden_iplist:
if common.to_str(sa[0]) in self._forbidden_iplist:
logging.warn('IP %s is in forbidden list, drop' %
common.to_str(sa[0]))
# drop
return
client = socket.socket(af, socktype, proto) client = socket.socket(af, socktype, proto)
client.setblocking(False) client.setblocking(False)
self._cache[key] = client self._cache[key] = client

18
tests/test.py
View File

@ -40,6 +40,9 @@ parser.add_argument('-s', '--server-conf', type=str, default=None)
parser.add_argument('-a', '--client-args', type=str, default=None) parser.add_argument('-a', '--client-args', type=str, default=None)
parser.add_argument('-b', '--server-args', type=str, default=None) parser.add_argument('-b', '--server-args', type=str, default=None)
parser.add_argument('--with-coverage', action='store_true', default=None) parser.add_argument('--with-coverage', action='store_true', default=None)
parser.add_argument('--should-fail', action='store_true', default=None)
parser.add_argument('--url', type=str, default='http://www.example.com/')
parser.add_argument('--dns', type=str, default='8.8.8.8')
config = parser.parse_args() config = parser.parse_args()
@ -87,6 +90,7 @@ try:
for fd in r: for fd in r:
line = fd.readline() line = fd.readline()
sys.stderr.write(line)
if not line: if not line:
if stage == 2 and fd == p3.stdout: if stage == 2 and fd == p3.stdout:
stage = 3 stage = 3
@ -94,7 +98,6 @@ try:
stage = 5 stage = 5
if bytes != str: if bytes != str:
line = str(line, 'utf8') line = str(line, 'utf8')
sys.stdout.write(line)
if line.find('starting local') >= 0: if line.find('starting local') >= 0:
local_ready = True local_ready = True
if line.find('starting server') >= 0: if line.find('starting server') >= 0:
@ -103,7 +106,7 @@ try:
if stage == 1: if stage == 1:
time.sleep(2) time.sleep(2)
p3 = Popen(['curl', 'http://www.example.com/', '-v', '-L', p3 = Popen(['curl', config.url, '-v', '-L',
'--socks5-hostname', '127.0.0.1:1081', '--socks5-hostname', '127.0.0.1:1081',
'-m', '15', '--connect-timeout', '10'], '-m', '15', '--connect-timeout', '10'],
stdin=PIPE, stdout=PIPE, stderr=PIPE, close_fds=True) stdin=PIPE, stdout=PIPE, stderr=PIPE, close_fds=True)
@ -118,9 +121,13 @@ try:
fdset.remove(p3.stdout) fdset.remove(p3.stdout)
fdset.remove(p3.stderr) fdset.remove(p3.stderr)
r = p3.wait() r = p3.wait()
if config.should_fail:
if r == 0:
sys.exit(1)
else:
if r != 0: if r != 0:
sys.exit(1) sys.exit(1)
p4 = Popen(['socksify', 'dig', '@8.8.8.8', 'www.google.com'], p4 = Popen(['socksify', 'dig', '@%s' % config.dns, 'www.google.com'],
stdin=PIPE, stdout=PIPE, stderr=PIPE, close_fds=True) stdin=PIPE, stdout=PIPE, stderr=PIPE, close_fds=True)
if p4 is not None: if p4 is not None:
fdset.append(p4.stdout) fdset.append(p4.stdout)
@ -131,6 +138,11 @@ try:
if stage == 5: if stage == 5:
r = p4.wait() r = p4.wait()
if config.should_fail:
if r == 0:
sys.exit(1)
print('test passed (expecting failure)')
else:
if r != 0: if r != 0:
sys.exit(1) sys.exit(1)
print('test passed') print('test passed')

Write Preview
Loading…
Cancel
Save