aheh/MasterHttpRelayVPN-RUST
1
0
Fork 0
mirror of https://github.com/therealaleph/MasterHttpRelayVPN-RUST.git synced 2026-05-17 21:24:48 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
MasterHttpRelayVPN-RUST/docs/changelog/v1.6.0.md
T
therealaleph 1b22dce568 v1.6.0: end-to-end UDP support in Full Tunnel mode 
Ships PR #183. SOCKS5 UDP ASSOCIATE → tunnel-mux udp_open/udp_data ops
→ tunnel-node UDP sessions → real UDP egress. QUIC/HTTP3, DNS, and
STUN now traverse the tunnel instead of falling back to TCP or
leaking outside it.

- 256-session-per-associate cap with FIFO eviction
- 9 KB datagram size guard (DNS/STUN tiny, QUIC max ~1452, leaves
  IPv6 PMTUD headroom without burning Apps Script quota on rogue
  traffic)
- Source-IP pinned to the control TCP peer; port locked to first
  parseable datagram (malformed datagrams from the right IP no
  longer DoS the legitimate flow)
- Event-driven UDP drain reusing v1.5.0's long-poll knobs

Backward compat: TunnelResponse.pkts is `Option<Vec<String>>` with
serde default; v1.5.0 clients hitting v1.6.0 tunnel-nodes ignore
the new field; v1.6.0 clients hitting v1.5.0 tunnel-nodes get
UNSUPPORTED_OP on udp_open and the existing fallback path takes
over (TCP-only). Apps Script CodeFull.gs is opaque to the new ops
— no redeploy needed; just doc-comment update.

98 lib tests + 22 tunnel-node tests pass (was 92 + 17 before).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-25 15:42:52 +03:00

1.9 KiB
Raw Permalink Blame History

• پشتیبانی کامل UDP در حالت Full Tunnel (#183): SOCKS5 UDP ASSOCIATE کلاینت → opهای جدید udp_open و udp_data در tunnel-mux → سشن‌های UDP در tunnel-node. حالا QUIC/HTTP3، DNS، و STUN از داخل تونل عبور می‌کنن، نه از طریق fallback به TCP یا leak خارج تونل. سقف ۲۵۶ سشن UDP در هر UDP ASSOCIATE، سقف ۹ کیلوبایت برای datagram، source-IP pinning به peer کنترل، long-poll مبتنی بر event برای drain (با همون knobهای ACTIVE_DRAIN_DEADLINE / LONGPOLL_DEADLINE که در v1.5.0 معرفی شدن). افزودن backward-compatible: tunnel-nodeهای قدیمی‌تر با UNSUPPORTED_OP پاسخ میدن و کلاینت به مسیر TCP-only برمی‌گرده. CodeFull.gs بدون نیاز به redeploy — opها به‌صورت opaque عبور می‌کنن

• End-to-end UDP support in Full Tunnel mode (#183): SOCKS5 client UDP ASSOCIATE → new udp_open / udp_data ops on the tunnel mux → UDP sessions on the tunnel-node. QUIC/HTTP3, DNS, and STUN now traverse the tunnel instead of falling back to TCP or leaking outside it. 256 UDP sessions per UDP ASSOCIATE cap with FIFO eviction, 9 KB datagram size guard, source-IP pinning to the control TCP peer, event-driven drain reusing the v1.5.0 long-poll knobs. Wire-additive: older tunnel-nodes return UNSUPPORTED_OP and clients fall back to TCP-only. CodeFull.gs doesn't need re-deploy — the new ops pass through opaquely. 98 lib tests + 22 tunnel-node tests pass (was 92 + 17; 6 new SOCKS5 UDP parser tests + 5 new UDP session lifecycle tests including a mixed TCP/UDP batch regression test)

Reference in New Issue View Git Blame Copy Permalink