From d8285161ba9526195657c30769ea7e164be2e54d Mon Sep 17 00:00:00 2001
From: SAPikachu <sapikachu@gmail.com>
Date: Fri, 25 Jan 2019 15:49:34 +0800
Subject: [PATCH 1/3] Properly handle TPROXY UDP connections

---
 proxy/dokodemo/dokodemo.go | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/proxy/dokodemo/dokodemo.go b/proxy/dokodemo/dokodemo.go
index cabb4599..f4e26203 100644
--- a/proxy/dokodemo/dokodemo.go
+++ b/proxy/dokodemo/dokodemo.go
@@ -117,6 +117,7 @@ func (d *DokodemoDoor) Process(ctx context.Context, network net.Network, conn in
 		return nil
 	}
 
+	var tReader buf.Reader
 	responseDone := func() error {
 		defer timer.SetTimeout(plcy.Timeouts.UplinkOnly)
 
@@ -140,6 +141,13 @@ func (d *DokodemoDoor) Process(ctx context.Context, network net.Network, conn in
 					return err
 				}
 				writer = &buf.SequentialWriter{Writer: tConn}
+				tReader = buf.NewReader(tConn)
+				go func() {
+					defer tConn.Close()
+					if err := buf.Copy(tReader, link.Writer, buf.UpdateActivity(timer)); err != nil {
+						newError("failed to transport request (TPROXY conn)").Base(err).WriteToLog()
+					}
+				}()
 			}
 		}
 
@@ -153,6 +161,9 @@ func (d *DokodemoDoor) Process(ctx context.Context, network net.Network, conn in
 	if err := task.Run(ctx, task.OnSuccess(requestDone, task.Close(link.Writer)), responseDone); err != nil {
 		common.Interrupt(link.Reader)
 		common.Interrupt(link.Writer)
+		if tReader != nil {
+			common.Interrupt(tReader)
+		}
 		return newError("connection ends").Base(err)
 	}
 

From 033d2264ffc47ef591746048ba7b3ad54fcb0bd5 Mon Sep 17 00:00:00 2001
From: SAPikachu <sapikachu@gmail.com>
Date: Fri, 25 Jan 2019 15:53:24 +0800
Subject: [PATCH 2/3] Fix SO_MARK setting for UDP outbound connections

---
 transport/internet/sockopt_linux.go | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/transport/internet/sockopt_linux.go b/transport/internet/sockopt_linux.go
index 6c5afddd..db1cda9c 100644
--- a/transport/internet/sockopt_linux.go
+++ b/transport/internet/sockopt_linux.go
@@ -70,6 +70,11 @@ func applyOutboundSocketOptions(network string, address string, fd uintptr, conf
 }
 
 func applyInboundSocketOptions(network string, fd uintptr, config *SocketConfig) error {
+	if config.Mark != 0 {
+		if err := syscall.SetsockoptInt(int(fd), syscall.SOL_SOCKET, syscall.SO_MARK, int(config.Mark)); err != nil {
+			return newError("failed to set SO_MARK").Base(err)
+		}
+	}
 	if isTCPSocket(network) {
 		switch config.Tfo {
 		case SocketConfig_Enable:

From c89828e1fb0060fd644c166fb68de30498bfb3e0 Mon Sep 17 00:00:00 2001
From: SAPikachu <sapikachu@gmail.com>
Date: Sun, 27 Jan 2019 20:14:13 +0800
Subject: [PATCH 3/3] Fix potential memory leak

---
 proxy/dokodemo/dokodemo.go | 17 ++++++++++++-----
 1 file changed, 12 insertions(+), 5 deletions(-)

diff --git a/proxy/dokodemo/dokodemo.go b/proxy/dokodemo/dokodemo.go
index f4e26203..fca02b71 100644
--- a/proxy/dokodemo/dokodemo.go
+++ b/proxy/dokodemo/dokodemo.go
@@ -117,7 +117,7 @@ func (d *DokodemoDoor) Process(ctx context.Context, network net.Network, conn in
 		return nil
 	}
 
-	var tReader buf.Reader
+	var tConn net.Conn
 	responseDone := func() error {
 		defer timer.SetTimeout(plcy.Timeouts.UplinkOnly)
 
@@ -136,14 +136,16 @@ func (d *DokodemoDoor) Process(ctx context.Context, network net.Network, conn in
 					sockopt.BindAddress = dest.Address.IP()
 					sockopt.BindPort = uint32(dest.Port)
 				}
-				tConn, err := internet.DialSystem(ctx, net.DestinationFromAddr(conn.RemoteAddr()), sockopt)
+				var err error
+				tConn, err = internet.DialSystem(ctx, net.DestinationFromAddr(conn.RemoteAddr()), sockopt)
 				if err != nil {
 					return err
 				}
 				writer = &buf.SequentialWriter{Writer: tConn}
-				tReader = buf.NewReader(tConn)
+				tReader := buf.NewReader(tConn)
 				go func() {
 					defer tConn.Close()
+					defer common.Close(link.Writer)
 					if err := buf.Copy(tReader, link.Writer, buf.UpdateActivity(timer)); err != nil {
 						newError("failed to transport request (TPROXY conn)").Base(err).WriteToLog()
 					}
@@ -151,6 +153,11 @@ func (d *DokodemoDoor) Process(ctx context.Context, network net.Network, conn in
 			}
 		}
 
+		defer func() {
+			if tConn != nil {
+				tConn.Close()
+			}
+		}()
 		if err := buf.Copy(link.Reader, writer, buf.UpdateActivity(timer)); err != nil {
 			return newError("failed to transport response").Base(err)
 		}
@@ -161,8 +168,8 @@ func (d *DokodemoDoor) Process(ctx context.Context, network net.Network, conn in
 	if err := task.Run(ctx, task.OnSuccess(requestDone, task.Close(link.Writer)), responseDone); err != nil {
 		common.Interrupt(link.Reader)
 		common.Interrupt(link.Writer)
-		if tReader != nil {
-			common.Interrupt(tReader)
+		if tConn != nil {
+			tConn.Close()
 		}
 		return newError("connection ends").Base(err)
 	}