it works

Cargo.lock

@@ -328,12 +328,6 @@ version = "1.0.14"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "d75a2a4b1b190afb6f5425f10f6a8f959d2ea0b9c2b1d79553551850539e4674"
 
-[[package]]
-name = "lazy_static"
-version = "1.5.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "bbd2bcb4c963f2ddae06a2efc7e9f3591312473c50c6685e1f298068316e66fe"
-
 [[package]]
 name = "libc"
 version = "0.2.167"
@@ -671,9 +665,7 @@ dependencies = [
  "crossbeam",
  "crossbeam-utils",
  "grouping_by",
- "lazy_static",
  "pnet",
- "pnet_macros",
  "serde",
  "serde_json",
  "socket2",

Cargo.toml

@@ -7,11 +7,9 @@ edition = "2021"
 tun = "0.7"
 socket2 = { version = "0.5.8", features = ["all"] }
 pnet = "0.35.0"
-pnet_macros = "0.35.0"
 serde = { version = "1.0.217", features = ["derive"] }
 serde_json = "1.0"
 base64 = "0.22.1"
-lazy_static = "1.5.0"
 crossbeam = "0.8.4"
 crossbeam-utils = "0.8.20"
 grouping_by = "0.2.2"

Dockerfile

@@ -2,19 +2,19 @@ FROM rust:alpine as builder
 RUN apk add --no-cache musl-dev
 WORKDIR /usr/src/app
 
-COPY Cargo.* .
+COPY Cargo.toml Cargo.lock ./
 RUN mkdir src && \
     echo 'fn main() {}' > src/main.rs && \
-    cargo build && \
+    cargo build --release && \
     cargo clean --package $(awk '/name/ {gsub(/"/,""); print $3}' Cargo.toml | sed ':a;N;$!ba;s/\n//g' | tr -d '\r') && \
     rm -rf src
 
-COPY . .
-RUN cargo install --path .
+COPY src src
+RUN cargo build --release
 
 FROM alpine
 RUN apk --no-cache add libgcc libstdc++ bash iproute2 iptables iptables-legacy ipset netcat-openbsd jq
-COPY --from=builder /usr/local/cargo/bin/tun1 /usr/local/bin/tun
+COPY --from=builder /usr/src/app/target/release/tun1 /usr/local/bin/tun
 COPY ./entrypoint.sh /entrypoint.sh
 
 ENTRYPOINT ["/entrypoint.sh"]

src/main.rs

@@ -16,9 +16,9 @@ pub struct Meta {
     pub reversed: u16,
 }
 
-use serde::{Deserialize, Serialize};
+use serde::Deserialize;
 
-#[derive(Debug, Serialize, Deserialize)]
+#[derive(Deserialize)]
 pub struct ConfigRouter {
     pub remote_id: u8,
     pub proto: i32,
@@ -30,7 +30,7 @@ pub struct ConfigRouter {
     pub up: String,
 }
 
-#[derive(Debug, Serialize, Deserialize)]
+#[derive(Deserialize)]
 pub struct Config {
     pub local_id: u8,
     pub local_secret: String,
@@ -42,7 +42,7 @@ use pnet::packet::ipv4::Ipv4Packet;
 use socket2::Socket;
 
 fn main() -> Result<(), Box<dyn Error>> {
-    let config: Config = serde_json::from_str(env::args().nth(0).ok_or("need param")?.as_str())?;
+    let config: Config = serde_json::from_str(env::args().nth(1).ok_or("need param")?.as_str())?;
     let local_secret: [u8; SECRET_LENGTH] = Router::create_secret(config.local_secret.as_str())?;
 
     let mut sockets: HashMap<u16, Arc<Socket>> = HashMap::new();
@@ -97,7 +97,7 @@ fn main() -> Result<(), Box<dyn Error>> {
                     if let Some(ref addr) = *router.endpoint.read().unwrap() {
                         router.encrypt(&mut buffer[meta_size..meta_size + n]);
                         #[cfg(target_os = "linux")]
-                        router.socket.set_mark(router.config.mark);
+                        let _ = router.socket.set_mark(router.config.mark)?;
                         let _ = router.socket.send_to(&buffer[..meta_size + n], addr);
                     }
                 }
@@ -114,11 +114,17 @@ fn main() -> Result<(), Box<dyn Error>> {
 
                         let packet = Ipv4Packet::new(data).ok_or("malformed packet")?;
                         let header_len = packet.get_header_length() as usize * 4;
-                        let (_ip_header, rest) = data.split_at_mut_checked(header_len).ok_or("malformed packet")?;
-                        let (meta_bytes, payload) = rest.split_at_mut_checked(size_of::<Meta>()).ok_or("malformed packet")?;
+                        let (_ip_header, rest) = data
+                            .split_at_mut_checked(header_len)
+                            .ok_or("malformed packet")?;
+                        let (meta_bytes, payload) = rest
+                            .split_at_mut_checked(size_of::<Meta>())
+                            .ok_or("malformed packet")?;
                         let meta: &Meta = unsafe { transmute(meta_bytes.as_ptr()) };
                         if meta.dst_id == config.local_id && meta.reversed == 0 {
-                            let router = router_writers.get_mut(&meta.src_id).ok_or("missing router")?;
+                            let router = router_writers
+                                .get_mut(&meta.src_id)
+                                .ok_or("missing router")?;
                             *router.endpoint.write().unwrap() = Some(addr);
                             router.decrypt(payload, &local_secret);
                             router.tun_writer.write_all(payload)?;

src/router.rs

@@ -6,8 +6,8 @@ use std::process::{Command, ExitStatus};
 use std::sync::{Arc, RwLock};
 use tun::{Reader, Writer};
 pub const SECRET_LENGTH: usize = 32;
-use base64::prelude::*;
 use crate::ConfigRouter;
+use base64::prelude::*;
 
 // tun -> raw
 pub struct RouterReader<'a> {
@@ -99,13 +99,16 @@ impl<'a> Router<'a> {
         Ok(dev.split())
     }
     fn run_up_script(config: &ConfigRouter) -> std::io::Result<ExitStatus> {
-        Command::new(config.up.as_str()).status()
+        Command::new("sh").args(["-c", config.up.as_str()]).status()
     }
 
     fn create_endpoint(
         config: &ConfigRouter,
     ) -> Result<Arc<RwLock<Option<SockAddr>>>, Box<dyn std::error::Error>> {
-        let parsed = config.endpoint.to_socket_addrs()?.next().unwrap();
+        let parsed = (config.endpoint.clone(), 0u16)
+            .to_socket_addrs()?
+            .next()
+            .ok_or(config.endpoint.clone())?;
         Ok(Arc::new(RwLock::new(Some(parsed.into()))))
     }