Allow customizing TUN DNS mode and hijack interface DNS by default

2026-05-13 13:57:05 +00:00 · 2026-05-02 18:36:58 +08:00 · 2026-05-02 18:36:58 +08:00 · bb60b58f00
commit bb60b58f00
parent 85889fc701
17 changed files with 187 additions and 63 deletions
--- a/protocol/tun/hook.go
+++ b/protocol/tun/hook.go
@ -1,3 +0,0 @@
-package tun
-
-var HookBeforeCreatePlatformInterface func()
--- a/protocol/tun/inbound.go
+++ b/protocol/tun/inbound.go
@ -42,6 +42,7 @@ type Inbound struct {
 	logger                      log.ContextLogger
 	tunOptions                  tun.Options
 	udpTimeout                  time.Duration
+	dnsHijackAddress            []netip.Addr
 	stack                       string
 	tunIf                       tun.Tun
 	tunStack                    tun.Stack
@ -190,6 +191,8 @@ func NewInbound(ctx context.Context, router adapter.Router, logger log.ContextLo
 			GSO:                                   enableGSO,
 			Inet4Address:                          inet4Address,
 			Inet6Address:                          inet6Address,
+			DNSMode:                               options.DNSMode,
+			DNSAddress:                            options.DNSAddress,
 			AutoRoute:                             options.AutoRoute,
 			IPRoute2TableIndex:                    tableIndex,
 			IPRoute2RuleIndex:                     ruleIndex,
@ -310,6 +313,12 @@ func (t *Inbound) Tag() string {

 func (t *Inbound) Start(stage adapter.StartStage) error {
 	switch stage {
+	case adapter.StartStateInitialize:
+		if t.tunOptions.DNSModeOrDefault() != tun.DNSModeDisabled && len(t.tunOptions.DNSAddress) == 0 {
+			inet4DNSAddress, _ := t.tunOptions.Inet4DNSAddress()
+			inet6DNSAddress, _ := t.tunOptions.Inet6DNSAddress()
+			t.dnsHijackAddress = append(inet4DNSAddress, inet6DNSAddress...)
+		}
 	case adapter.StartStateStart:
 		if C.IsAndroid && t.platformInterface == nil {
 			t.tunOptions.BuildAndroidRules(t.networkManager.PackageManager())
@ -373,9 +382,6 @@ func (t *Inbound) Start(stage adapter.StartStage) error {
 		if t.platformInterface != nil && t.platformInterface.UsePlatformInterface() {
 			tunInterface, err = t.platformInterface.OpenInterface(&tunOptions, t.platformOptions)
 		} else {
-			if HookBeforeCreatePlatformInterface != nil {
-				HookBeforeCreatePlatformInterface()
-			}
 			tunInterface, err = tun.New(tunOptions)
 		}
 		monitor.Finish()
@ -490,9 +496,17 @@ func (t *Inbound) NewConnectionEx(ctx context.Context, conn net.Conn, source M.S
 	metadata.InboundType = C.TypeTun
 	metadata.Source = source
 	metadata.Destination = destination
-
-	t.logger.InfoContext(ctx, "inbound connection from ", metadata.Source)
-	t.logger.InfoContext(ctx, "inbound connection to ", metadata.Destination)
+	for _, dnsHijackAddress := range t.dnsHijackAddress {
+		if destination.Addr == dnsHijackAddress {
+			metadata.Protocol = C.ProtocolDNS
+		}
+	}
+	if metadata.Protocol == C.ProtocolDNS {
+		t.logger.InfoContext(ctx, "inbound DNS connection from ", metadata.Source)
+	} else {
+		t.logger.InfoContext(ctx, "inbound connection from ", metadata.Source)
+		t.logger.InfoContext(ctx, "inbound connection to ", metadata.Destination)
+	}
 	t.router.RouteConnectionEx(ctx, conn, metadata, onClose)
 }

@ -503,9 +517,17 @@ func (t *Inbound) NewPacketConnectionEx(ctx context.Context, conn N.PacketConn,
 	metadata.InboundType = C.TypeTun
 	metadata.Source = source
 	metadata.Destination = destination
-
-	t.logger.InfoContext(ctx, "inbound packet connection from ", metadata.Source)
-	t.logger.InfoContext(ctx, "inbound packet connection to ", metadata.Destination)
+	for _, dnsHijackAddress := range t.dnsHijackAddress {
+		if destination.Addr == dnsHijackAddress {
+			metadata.Protocol = C.ProtocolDNS
+		}
+	}
+	if metadata.Protocol == C.ProtocolDNS {
+		t.logger.InfoContext(ctx, "inbound DNS packet connection from ", metadata.Source)
+	} else {
+		t.logger.InfoContext(ctx, "inbound packet connection from ", metadata.Source)
+		t.logger.InfoContext(ctx, "inbound packet connection to ", metadata.Destination)
+	}
 	t.router.RoutePacketConnectionEx(ctx, conn, metadata, onClose)
 }

@ -548,9 +570,17 @@ func (t *autoRedirectHandler) NewConnectionEx(ctx context.Context, conn net.Conn
 	metadata.InboundType = C.TypeTun
 	metadata.Source = source
 	metadata.Destination = destination
-
-	t.logger.InfoContext(ctx, "inbound redirect connection from ", metadata.Source)
-	t.logger.InfoContext(ctx, "inbound connection to ", metadata.Destination)
+	for _, dnsHijackAddress := range t.dnsHijackAddress {
+		if destination.Addr == dnsHijackAddress {
+			metadata.Protocol = C.ProtocolDNS
+		}
+	}
+	if metadata.Protocol == C.ProtocolDNS {
+		t.logger.InfoContext(ctx, "inbound redirect DNS connection from ", metadata.Source)
+	} else {
+		t.logger.InfoContext(ctx, "inbound redirect connection from ", metadata.Source)
+		t.logger.InfoContext(ctx, "inbound connection to ", metadata.Destination)
+	}
 	t.router.RouteConnectionEx(ctx, conn, metadata, onClose)
 }