tamipes/mc-ingress
1
0
Fork 0
Code Issues 3 Pull requests Projects Releases Packages Wiki Activity Actions

feat: add connection filters; and config struct;

Browse source 
also move sanitize_addr to mc_server module
This commit is contained in:
Tamipes 2025-12-14 12:56:21 +01:00
parent 3dcf2f03a8
commit 822330ef87
7 changed files with 94 additions and 41 deletions
Download patch file Download diff file Expand all files Collapse all files

33
src/kube_cache.rs
View file

@ -11,7 +11,7 @@ use tokio::task::JoinHandle;
use tracing::Instrument;
use crate::{
mc_server::{MinecraftAPI, MinecraftServerHandle, ServerDeploymentStatus},
mc_server::{sanitize_addr, MinecraftAPI, MinecraftServerHandle, ServerDeploymentStatus},
packets::{
clientbound::status::StatusTrait,
serverbound::handshake::{self},
@ -430,34 +430,3 @@ impl From<kube::Error> for OpaqueError {
OpaqueError::create(value.to_string().as_str())
}
}
fn terminate_at_null(str: &str) -> &str {
match str.split('\0').next() {
Some(x) => x,
None => str,
}
}
fn sanitize_addr(addr: &str) -> &str {
// Thanks to a buggy minecraft, when the client sends a join
// from a SRV DNS record, it will not use the address typed
// in the game, but use the address redicted *to* by the
// DNS record as the address for joining, plus a trailing "."
//
// For example:
// server.example.com (_minecraft._tcp.server.example.com)
// (the typed address) I (the DNS SRV record which gets read)
// V
// 5 25565 server.example.com
// I (the response for the DNS SRV query)
// V
// server.example.com.
// (the address used in the protocol)
let addr = addr.trim_end_matches(".");
// Modded minecraft clients send null terminated strings,
// after which they have extra data. This just removes them
// from the addr lookup
let addr = terminate_at_null(addr);
addr
}

53
src/main.rs
View file

@ -1,3 +1,4 @@
use evalexpr::*;
use std::env;
use std::net::SocketAddr;
use std::time::Duration;
@ -38,23 +39,22 @@ async fn main() {
let api = kube_cache::McApi::create().unwrap();
tracing::info!("initialized kube api");
let addr = match env::var("BIND_ADDR") {
Ok(x) => x,
Err(_) => "0.0.0.0:25565".to_string(),
};
let listener = TcpListener::bind(addr.clone()).await.unwrap();
tracing::info!(addr, "started tcp server");
let config: Config = Default::default();
let listener = TcpListener::bind(config.bind_addr.clone()).await.unwrap();
tracing::info!(bind_addr = config.bind_addr, "started tcp server");
loop {
let (socket, addr) = listener.accept().await.unwrap();
let api = api.clone();
let config = config.clone();
tokio::spawn(async move {
tracing::debug!(
addr = format!("{}:{}", addr.ip().to_string(), addr.port().to_string()),
"Client connected"
);
if let Err(e) = process_connection(socket, addr, api).await {
if let Err(e) = process_connection(socket, addr, api, config).await {
tracing::error!(
// addr = format!("{}:{}", addr.ip().to_string(), addr.port().to_string()),
trace = format!("{}", e.get_span_trace()),
@ -71,11 +71,12 @@ async fn main() {
}
}
#[tracing::instrument(level = "info", skip(api, client_stream))]
#[tracing::instrument(level = "info", skip(api, client_stream, config))]
async fn process_connection<T: MinecraftServerHandle>(
mut client_stream: TcpStream,
addr: SocketAddr,
api: impl MinecraftAPI<T>,
config: Config,
) -> Result<(), OpaqueError> {
let client_packet = Packet::parse(&mut client_stream).await?;
@ -92,6 +93,18 @@ async fn process_connection<T: MinecraftServerHandle>(
.await
.ok_or_else(|| "Client HANDSHAKE -> malformed packet; Disconnecting...".to_string())?;
let filter = eval_boolean(&format!(
"addr=\"{}\";{}",
handshake.get_server_address(),
config.filter_conn
))
.map_err(|e| format!("filter error! err={:?}", e))?;
if filter {
// TODO: if the server just returns here, the client does not know it
// and sends a packet with the 122 WeirdID
return Ok(());
}
next_server_state = handshake.get_next_state();
match next_server_state {
@ -256,3 +269,27 @@ async fn handle_login<T: MinecraftServerHandle>(
}
Ok(())
}
#[derive(Clone)]
struct Config {
pub filter_conn: String,
pub bind_addr: String,
}
impl Default for Config {
fn default() -> Self {
let filter_conn = match env::var("FILTER_CONN") {
Ok(x) => x,
Err(_) => "(addr == \"10.100.0.1\")".to_string(),
};
let bind_addr = match env::var("BIND_ADDR") {
Ok(x) => x,
Err(_) => "0.0.0.0:25565".to_string(),
};
Self {
filter_conn,
bind_addr,
}
}
}

33
src/mc_server.rs
View file

@ -3,7 +3,7 @@ use tokio::{io::AsyncWriteExt, net::TcpStream};
use crate::{
packets::{
clientbound::status::{StatusStructNew, StatusTrait},
serverbound::handshake::{self, Handshake},
serverbound::handshake::Handshake,
Packet, SendPacket,
},
OpaqueError,
@ -137,3 +137,34 @@ pub enum ServerDeploymentStatus {
PodOk,
Offline,
}
pub fn sanitize_addr(addr: &str) -> &str {
// Thanks to a buggy minecraft, when the client sends a join
// from a SRV DNS record, it will not use the address typed
// in the game, but use the address redicted *to* by the
// DNS record as the address for joining, plus a trailing "."
//
// For example:
// server.example.com (_minecraft._tcp.server.example.com)
// (the typed address) I (the DNS SRV record which gets read)
// V
// 5 25565 server.example.com
// I (the response for the DNS SRV query)
// V
// server.example.com.
// (the address used in the protocol)
let addr = addr.trim_end_matches(".");
// Modded minecraft clients send null terminated strings,
// after which they have extra data. This just removes them
// from the addr lookup
let addr = terminate_at_null(addr);
addr
}
fn terminate_at_null(str: &str) -> &str {
match str.split('\0').next() {
Some(x) => x,
None => str,
}
}