-
Notifications
You must be signed in to change notification settings - Fork 115
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: should not dial bind addr directly #8
Conversation
When server returns an any ip, we should use conventional ip to replace the any ip given. This behaviour adapts to most situations. See v2fly/v2ray-core#523
First of all, thanks for your PR, and I read the rfc again.
rfc1928, part 6:
RFC has clarified BND.PORT and BND.ADDR.
I support your point of not being clear about the part of rfc1928, but this issue BND.PORT and BND.ADDR, it is clear. Thank you again. |
The problem is that in some NAT situation, the server may can not confirm a solid outer IP. Thus, the server may expect the client to connect the address the same as TCP's. |
There are many situations about UDP server address(IP:PORT) to process UDP request:
So MAY is not better, because MAY is a guess, not a guarantee. I think this is why RFC let server tell client its UDP IP:PORT |
In reality, the use case of SOCKS5 as a means of communication between censorship circumvention tools can make it difficult to determine the actual
That would mean we have to change the behavior of
You can't possibly change them all. "Fixing" the behavior would also make it more difficult to configure the SOCKS5 server. Standard compliance is important. But it's even more important to make sure the protocol actually works well under the desired use cases. The Internet Area Working Group also acknowledged the widespread use of SOCKS5 among censorship circumvention tools in the SOCKS6 draft. So my opinion is that we should be flexible in this case and accept the widespread use of |
NAT server exactly know the port but may not know the IP address, so if it reply 0.0.0.0 with the port specified the client will know the thing. |
Because this is not a standard, so I added a hijack func |
When server returns an any ip (0.0.0.0 or [::]), we should use conventional ip to replace the any ip given (0.0.0.0 or [::]). This behaviour adapts to most situations.
See v2fly/v2ray-core#523
Problem happens when socks5 proxy works on remote servers and different implementation will given different
bind addr
.For most situations it is issues of servers. However, clients should behave normally in one case that returned
bind addr
is an ANYIP (0.0.0.0 or [::]), which indicate that we should use a conventional remote address to connect.RFC does not illustrate the mechanism of bind addr; it is based on experience.