Parse X-Forward-For in HTTP requests

inbound/default.go

@@ -63,29 +63,18 @@ func (a *myInboundAdapter) Tag() string {
 
 func (a *myInboundAdapter) Start() error {
 	var err error
-	bindAddr := M.SocksaddrFrom(netip.Addr(a.listenOptions.Listen), a.listenOptions.ListenPort)
 	if common.Contains(a.network, N.NetworkTCP) {
-		var tcpListener *net.TCPListener
-		if !a.listenOptions.TCPFastOpen {
-			tcpListener, err = net.ListenTCP(M.NetworkFromNetAddr(N.NetworkTCP, bindAddr.Addr), bindAddr.TCPAddr())
-		} else {
-			tcpListener, err = tfo.ListenTCP(M.NetworkFromNetAddr(N.NetworkTCP, bindAddr.Addr), bindAddr.TCPAddr())
-		}
+		_, err = a.ListenTCP()
 		if err != nil {
 			return err
 		}
-		a.tcpListener = tcpListener
 		go a.loopTCPIn()
-		a.logger.Info("tcp server started at ", tcpListener.Addr())
 	}
 	if common.Contains(a.network, N.NetworkUDP) {
-		var udpConn *net.UDPConn
-		udpConn, err = net.ListenUDP(M.NetworkFromNetAddr(N.NetworkUDP, bindAddr.Addr), bindAddr.UDPAddr())
+		_, err = a.ListenUDP()
 		if err != nil {
 			return err
 		}
-		a.udpConn = udpConn
-		a.udpAddr = bindAddr
 		a.packetOutboundClosed = make(chan struct{})
 		a.packetOutbound = make(chan *myInboundPacket)
 		if a.oobPacketHandler != nil {
@@ -102,7 +91,6 @@ func (a *myInboundAdapter) Start() error {
 			}
 			go a.loopUDPOut()
 		}
-		a.logger.Info("udp server started at ", udpConn.LocalAddr())
 	}
 	if a.setSystemProxy {
 		a.clearSystemProxy, err = settings.SetSystemProxy(a.router, M.SocksaddrFromNet(a.tcpListener.Addr()).Port, a.protocol == C.TypeMixed)
@@ -188,8 +176,7 @@ func (a *myInboundAdapter) loopTCPIn() {
 	}
 }
 
-func (a *myInboundAdapter) createMetadata(conn net.Conn) adapter.InboundContext {
-	var metadata adapter.InboundContext
+func (a *myInboundAdapter) createMetadata(conn net.Conn, metadata adapter.InboundContext) adapter.InboundContext {
 	metadata.Inbound = a.tag
 	metadata.InboundType = a.protocol
 	metadata.SniffEnabled = a.listenOptions.SniffEnabled
@@ -203,7 +190,7 @@ func (a *myInboundAdapter) createMetadata(conn net.Conn) adapter.InboundContext
 
 func (a *myInboundAdapter) injectTCP(conn net.Conn) {
 	ctx := log.ContextWithNewID(a.ctx)
-	metadata := a.createMetadata(conn)
+	metadata := a.createMetadata(conn, adapter.InboundContext{})
 	a.logger.InfoContext(ctx, "inbound connection from ", metadata.Source)
 	hErr := a.connHandler.NewConnection(ctx, conn, metadata)
 	if hErr != nil {

inbound/http.go

@@ -13,7 +13,6 @@ import (
 	"github.com/sagernet/sing/common"
 	"github.com/sagernet/sing/common/auth"
 	E "github.com/sagernet/sing/common/exceptions"
-	M "github.com/sagernet/sing/common/metadata"
 	N "github.com/sagernet/sing/common/network"
 	"github.com/sagernet/sing/protocol/http"
 )
@@ -72,7 +71,7 @@ func (h *HTTP) NewConnection(ctx context.Context, conn net.Conn, metadata adapte
 	if h.tlsConfig != nil {
 		conn = tls.Server(conn, h.tlsConfig.Config())
 	}
-	return http.HandleConnection(ctx, conn, std_bufio.NewReader(conn), h.authenticator, h.upstreamUserHandler(metadata), M.Metadata{})
+	return http.HandleConnection(ctx, conn, std_bufio.NewReader(conn), h.authenticator, h.upstreamUserHandler(metadata), adapter.UpstreamMetadata(metadata))
 }
 
 func (a *myInboundAdapter) upstreamUserHandler(metadata adapter.InboundContext) adapter.UpstreamHandlerAdapter {

inbound/mixed.go

@@ -12,7 +12,6 @@ import (
 	"github.com/sagernet/sing/common/auth"
 	"github.com/sagernet/sing/common/buf"
 	"github.com/sagernet/sing/common/bufio"
-	M "github.com/sagernet/sing/common/metadata"
 	N "github.com/sagernet/sing/common/network"
 	"github.com/sagernet/sing/common/rw"
 	"github.com/sagernet/sing/protocol/http"
@@ -53,8 +52,8 @@ func (h *Mixed) NewConnection(ctx context.Context, conn net.Conn, metadata adapt
 	}
 	switch headerType {
 	case socks4.Version, socks5.Version:
-		return socks.HandleConnection0(ctx, conn, headerType, h.authenticator, h.upstreamUserHandler(metadata), M.Metadata{})
+		return socks.HandleConnection0(ctx, conn, headerType, h.authenticator, h.upstreamUserHandler(metadata), adapter.UpstreamMetadata(metadata))
 	}
 	reader := std_bufio.NewReader(bufio.NewCachedReader(conn, buf.As([]byte{headerType})))
-	return http.HandleConnection(ctx, conn, reader, h.authenticator, h.upstreamUserHandler(metadata), M.Metadata{})
+	return http.HandleConnection(ctx, conn, reader, h.authenticator, h.upstreamUserHandler(metadata), adapter.UpstreamMetadata(metadata))
 }

inbound/naive.go

@@ -25,6 +25,7 @@ import (
 	M "github.com/sagernet/sing/common/metadata"
 	N "github.com/sagernet/sing/common/network"
 	"github.com/sagernet/sing/common/rw"
+	sHttp "github.com/sagernet/sing/protocol/http"
 )
 
 var _ adapter.Inbound = (*Naive)(nil)
@@ -155,7 +156,7 @@ func (n *Naive) ServeHTTP(writer http.ResponseWriter, request *http.Request) {
 	if hostPort == "" {
 		hostPort = request.Host
 	}
-	source := M.ParseSocksaddr(request.RemoteAddr)
+	source := sHttp.SourceAddress(request)
 	destination := M.ParseSocksaddr(hostPort)
 
 	if hijacker, isHijacker := writer.(http.Hijacker); isHijacker {
@@ -170,10 +171,10 @@ func (n *Naive) ServeHTTP(writer http.ResponseWriter, request *http.Request) {
 }
 
 func (n *Naive) newConnection(ctx context.Context, conn net.Conn, source, destination M.Socksaddr) {
-	metadata := n.createMetadata(conn)
-	metadata.Source = source
-	metadata.Destination = destination
-	n.routeTCP(ctx, conn, metadata)
+	n.routeTCP(ctx, conn, n.createMetadata(conn, adapter.InboundContext{
+		Source:      source,
+		Destination: destination,
+	}))
 }
 
 func (n *Naive) badRequest(ctx context.Context, request *http.Request, err error) {

inbound/socks.go

@@ -9,7 +9,6 @@ import (
 	"github.com/sagernet/sing-box/log"
 	"github.com/sagernet/sing-box/option"
 	"github.com/sagernet/sing/common/auth"
-	M "github.com/sagernet/sing/common/metadata"
 	N "github.com/sagernet/sing/common/network"
 	"github.com/sagernet/sing/protocol/socks"
 )
@@ -39,5 +38,5 @@ func NewSocks(ctx context.Context, router adapter.Router, logger log.ContextLogg
 }
 
 func (h *Socks) NewConnection(ctx context.Context, conn net.Conn, metadata adapter.InboundContext) error {
-	return socks.HandleConnection(ctx, conn, h.authenticator, h.upstreamUserHandler(metadata), M.Metadata{})
+	return socks.HandleConnection(ctx, conn, h.authenticator, h.upstreamUserHandler(metadata), adapter.UpstreamMetadata(metadata))
 }

inbound/tproxy.go

@@ -4,6 +4,7 @@ import (
 	"context"
 	"net"
 	"net/netip"
+	"syscall"
 
 	"github.com/sagernet/sing-box/adapter"
 	"github.com/sagernet/sing-box/common/redir"
@@ -55,7 +56,7 @@ func (t *TProxy) Start() error {
 		return err
 	}
 	if t.tcpListener != nil {
-		err = control.Conn(t.tcpListener, func(fd uintptr) error {
+		err = control.Conn(common.MustCast[syscall.Conn](t.tcpListener), func(fd uintptr) error {
 			return redir.TProxy(fd, M.SocksaddrFromNet(t.tcpListener.Addr()).Addr.Is6())
 		})
 		if err != nil {

inbound/trojan.go

@@ -133,7 +133,7 @@ func (h *Trojan) NewConnection(ctx context.Context, conn net.Conn, metadata adap
 }
 
 func (h *Trojan) newTransportConnection(ctx context.Context, conn net.Conn, metadata adapter.InboundContext) error {
-	metadata = h.createMetadata(conn)
+	metadata = h.createMetadata(conn, metadata)
 	return h.service.NewConnection(adapter.WithContext(log.ContextWithNewID(ctx), &metadata), conn, adapter.UpstreamMetadata(metadata))
 }
 

inbound/vmess.go

@@ -131,7 +131,7 @@ func (h *VMess) NewConnection(ctx context.Context, conn net.Conn, metadata adapt
 }
 
 func (h *VMess) newTransportConnection(ctx context.Context, conn net.Conn, metadata adapter.InboundContext) error {
-	metadata = h.createMetadata(conn)
+	metadata = h.createMetadata(conn, metadata)
 	return h.service.NewConnection(adapter.WithContext(log.ContextWithNewID(ctx), &metadata), conn, adapter.UpstreamMetadata(metadata))
 }