support mapping subnet proxy (#978)

- **support mapping subproxy network cidr** - **add command line option for proxy network mapping** - **fix Instance leak in tests.
2026-05-07 18:24:36 +00:00 · 2025-06-14 11:42:45 +08:00
parent 950cb04534
commit 25dcdc652a
23 changed files with 521 additions and 216 deletions
@@ -139,6 +139,8 @@ impl UdpNatEntry {
        self: Arc<Self>,
        mut packet_sender: Sender<ZCPacket>,
        virtual_ipv4: Ipv4Addr,
+        real_ipv4: Ipv4Addr,
+        mapped_ipv4: Ipv4Addr,
    ) {
        let (s, mut r) = tachyonix::channel(128);

@@ -197,6 +199,10 @@ impl UdpNatEntry {
                    src_v4.set_ip(virtual_ipv4);
                }

+                if *src_v4.ip() == real_ipv4 {
+                    src_v4.set_ip(mapped_ipv4);
+                }
+
                let Ok(_) = Self::compose_ipv4_packet(
                    &self_clone,
                    &mut packet_sender,
@@ -266,7 +272,10 @@ impl UdpProxy {
            return None;
        }

-        if !self.cidr_set.contains_v4(ipv4.get_destination())
+        let mut real_dst_ip = ipv4.get_destination();
+        if !self
+            .cidr_set
+            .contains_v4(ipv4.get_destination(), &mut real_dst_ip)
            && !is_exit_node
            && !(self.global_ctx.no_tun()
                && Some(ipv4.get_destination())
@@ -322,6 +331,8 @@ impl UdpProxy {
                    nat_entry.clone(),
                    self.sender.clone(),
                    self.global_ctx.get_ipv4().map(|x| x.address())?,
+                    real_dst_ip,
+                    ipv4.get_destination(),
                )));
        }

@@ -335,7 +346,7 @@ impl UdpProxy {
                .parse()
                .unwrap()
        } else {
-            SocketAddr::new(ipv4.get_destination().into(), udp_packet.get_destination())
+            SocketAddr::new(real_dst_ip.into(), udp_packet.get_destination())
        };

        let send_ret = {