diff --git a/listener/tun/ipstack/commons/dns.go b/listener/tun/ipstack/commons/dns.go index 46f47071..06049708 100644 --- a/listener/tun/ipstack/commons/dns.go +++ b/listener/tun/ipstack/commons/dns.go @@ -27,15 +27,9 @@ func RelayDnsPacket(payload []byte) ([]byte, error) { r, err := resolver.ServeMsg(msg) if err != nil { - return nil, err - } - - for _, ans := range r.Answer { - header := ans.Header() - - if header.Class == D.ClassINET && (header.Rrtype == D.TypeA || header.Rrtype == D.TypeAAAA) { - header.Ttl = 1 - } + m := new(D.Msg) + m.SetRcode(msg, D.RcodeServerFailure) + return m.Pack() } r.SetRcode(msg, r.Rcode) diff --git a/listener/tun/ipstack/system/mars/nat/udp.go b/listener/tun/ipstack/system/mars/nat/udp.go index b28614a5..4e7a4f9e 100644 --- a/listener/tun/ipstack/system/mars/nat/udp.go +++ b/listener/tun/ipstack/system/mars/nat/udp.go @@ -74,8 +74,8 @@ func (u *UDP) WriteTo(buf []byte, local net.Addr, remote net.Addr) (int, error) srcIP, _ := netip.AddrFromSlice(srcAddr.IP) dstIp, _ := netip.AddrFromSlice(dstAddr.IP) - srcAddrPort := netip.AddrPortFrom(srcIP, uint16(srcAddr.Port)) - dstAddrPort := netip.AddrPortFrom(dstIp, uint16(dstAddr.Port)) + srcAddrPort := netip.AddrPortFrom(srcIP.Unmap(), uint16(srcAddr.Port)) + dstAddrPort := netip.AddrPortFrom(dstIp.Unmap(), uint16(dstAddr.Port)) if !srcAddrPort.Addr().Is4() || !dstAddrPort.Addr().Is4() { return 0, net.InvalidAddrError("invalid ip version") diff --git a/listener/tun/ipstack/system/stack.go b/listener/tun/ipstack/system/stack.go index 01e4c952..ad3f465d 100644 --- a/listener/tun/ipstack/system/stack.go +++ b/listener/tun/ipstack/system/stack.go @@ -176,7 +176,7 @@ func New(device device.Device, dnsHijack []netip.AddrPort, tunAddress netip.Pref local: lAddr, data: raw, writeBack: func(b []byte, addr net.Addr) (int, error) { - return stack.UDP().WriteTo(b, addr, lAddr) + return stack.UDP().WriteTo(b, rAddr, lAddr) }, drop: func() { pool.Put(buf)