From 6e35609f42eb9a265e89914525591310128ab8b1 Mon Sep 17 00:00:00 2001 From: ospab Date: Fri, 15 May 2026 17:44:06 +0300 Subject: [PATCH] perf: accelerate protocol via low-latency ACK windows and suppress high-velocity console spam logs --- Cargo.lock | 8 ++--- ostp-client/src/bridge.rs | 40 +++++++++++++++--------- ostp-client/src/tunnel/linux_handler.rs | 4 ++- ostp-client/src/tunnel/proxy.rs | 3 +- ostp-client/src/tunnel/wintun_handler.rs | 24 ++++++++++---- ostp-server/src/lib.rs | 4 +-- 6 files changed, 54 insertions(+), 29 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 34c2dae..0caeca2 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -476,7 +476,7 @@ checksum = "c08d65885ee38876c4f86fa503fb49d7b507c2b62552df7c70b2fce627e06381" [[package]] name = "ostp" -version = "0.1.31" +version = "0.1.34" dependencies = [ "anyhow", "base64", @@ -491,7 +491,7 @@ dependencies = [ [[package]] name = "ostp-client" -version = "0.1.31" +version = "0.1.34" dependencies = [ "anyhow", "bytes", @@ -506,7 +506,7 @@ dependencies = [ [[package]] name = "ostp-core" -version = "0.1.31" +version = "0.1.34" dependencies = [ "anyhow", "async-trait", @@ -538,7 +538,7 @@ dependencies = [ [[package]] name = "ostp-server" -version = "0.1.31" +version = "0.1.34" dependencies = [ "anyhow", "bytes", diff --git a/ostp-client/src/bridge.rs b/ostp-client/src/bridge.rs index c7b5eac..9e848ba 100644 --- a/ostp-client/src/bridge.rs +++ b/ostp-client/src/bridge.rs @@ -28,6 +28,7 @@ struct SessionState { pub struct Bridge { running: bool, + pub debug: bool, profile: TrafficProfile, server_addr: String, local_bind_addr: String, @@ -56,6 +57,7 @@ impl Bridge { pub fn new(config: &ClientConfig, metrics: Arc) -> Result { Ok(Self { running: false, + debug: config.debug, profile: TrafficProfile::JsonRpc, server_addr: config.ostp.server_addr.clone(), local_bind_addr: config.ostp.local_bind_addr.clone(), @@ -305,10 +307,12 @@ impl Bridge { Ok(ProtocolAction::SendDatagram(frame)) => { if session.socket.send(&frame).await.is_ok() { self.metrics.bytes_sent.fetch_add(frame.len() as u64, Ordering::Relaxed); - let _ = tx.send(UiEvent::Log(format!( - "Outbound datagram sent stream_id={stream_id} bytes={}", - frame.len() - ))).await; + if self.debug { + let _ = tx.send(UiEvent::Log(format!( + "Outbound datagram sent stream_id={stream_id} bytes={}", + frame.len() + ))).await; + } } } Ok(ProtocolAction::Multiple(list)) => { @@ -321,19 +325,25 @@ impl Bridge { } } } - let _ = tx.send(UiEvent::Log(format!( - "Outbound datagram batch stream_id={stream_id} sent={sent}" - ))).await; + if self.debug { + let _ = tx.send(UiEvent::Log(format!( + "Outbound datagram batch stream_id={stream_id} sent={sent}" + ))).await; + } } Ok(ProtocolAction::Noop) => { - let _ = tx.send(UiEvent::Log(format!( - "Outbound datagram noop stream_id={stream_id}" - ))).await; + if self.debug { + let _ = tx.send(UiEvent::Log(format!( + "Outbound datagram noop stream_id={stream_id}" + ))).await; + } } Ok(_) => { - let _ = tx.send(UiEvent::Log(format!( - "Outbound datagram unexpected action stream_id={stream_id}" - ))).await; + if self.debug { + let _ = tx.send(UiEvent::Log(format!( + "Outbound datagram unexpected action stream_id={stream_id}" + ))).await; + } } Err(e) => { let _ = tx.send(UiEvent::Log(format!("Protocol error packing TCP: {e}"))).await; @@ -491,8 +501,8 @@ impl Bridge { obfuscation_key: obf_key, max_reorder: 262144, max_reorder_buffer: 8192, - ack_delay_ms: 20, - rto_ms: 200, + ack_delay_ms: 5, // Reduced from 20ms to 5ms for rapid ACK unblocking and throughput acceleration + rto_ms: 100, // Reduced from 200ms to 100ms for faster recovery on packet loss max_retries: 8, max_sent_history: 16384, })?; diff --git a/ostp-client/src/tunnel/linux_handler.rs b/ostp-client/src/tunnel/linux_handler.rs index 837c8cd..dd3902e 100644 --- a/ostp-client/src/tunnel/linux_handler.rs +++ b/ostp-client/src/tunnel/linux_handler.rs @@ -106,7 +106,9 @@ pub async fn run_linux_tunnel( } // 5. Prepare and launch tun2socks - let proxy_url = format!("socks5://{}", config.local_proxy.bind_addr); + // Using HTTP Proxy natively avoids any UDP Associate requests, + // providing clean TCP proxying with maximum reliability. + let proxy_url = format!("http://{}", config.local_proxy.bind_addr); if debug { println!("[ostp-client] Spawning {} -device ostp_tun -proxy {}", tun2socks_exe.display(), proxy_url); diff --git a/ostp-client/src/tunnel/proxy.rs b/ostp-client/src/tunnel/proxy.rs index ebe2665..09b00a8 100644 --- a/ostp-client/src/tunnel/proxy.rs +++ b/ostp-client/src/tunnel/proxy.rs @@ -64,10 +64,11 @@ pub async fn run_local_socks5_proxy( matcher_clone, ).await { let msg = err.to_string(); - // Suppress routine disconnects from spam logs + // Suppress routine disconnects and unsupported SOCKS5 command attempts (like UDP) from spam logs if !msg.contains("UnexpectedEof") && !msg.contains("Connection reset") && !msg.contains("Broken pipe") + && !msg.contains("unsupported SOCKS5 command") { if debug { eprintln!("[ostp-client] proxy client error: {err}"); diff --git a/ostp-client/src/tunnel/wintun_handler.rs b/ostp-client/src/tunnel/wintun_handler.rs index 577287c..93ddfd1 100644 --- a/ostp-client/src/tunnel/wintun_handler.rs +++ b/ostp-client/src/tunnel/wintun_handler.rs @@ -49,8 +49,17 @@ pub async fn run_wintun_tunnel( $route = Get-NetRoute -DestinationPrefix '0.0.0.0/0' | Where-Object {{ $_.InterfaceAlias -notmatch 'tun' -and $_.InterfaceAlias -notmatch 'wintun' }} | Sort-Object RouteMetric | Select-Object -First 1\n\ $gw = $route.NextHop\n\ $ifIndex = $route.InterfaceIndex\n\ + # 1. Bypass route for the proxy server itself\n\ New-NetRoute -DestinationPrefix \"$remote_ip/32\" -NextHop $gw -InterfaceIndex $ifIndex -RouteMetric 1 -ErrorAction SilentlyContinue\n\ + # 2. Bypass routes for all current Physical DNS servers to avoid UDP associate deadlocks\n\ + $dns_ips = Get-DnsClientServerAddress -InterfaceIndex $ifIndex | Select-Object -ExpandProperty ServerAddresses\n\ + foreach ($dns in $dns_ips) {{\n\ + if ($dns -match '^\\d+\\.\\d+\\.\\d+\\.\\d+$') {{\n\ + New-NetRoute -DestinationPrefix \"$dns/32\" -NextHop $gw -InterfaceIndex $ifIndex -RouteMetric 1 -ErrorAction SilentlyContinue\n\ + }}\n\ + }}\n\ New-NetRoute -DestinationPrefix \"1.1.1.1/32\" -NextHop $gw -InterfaceIndex $ifIndex -RouteMetric 1 -ErrorAction SilentlyContinue\n\ + # 3. Windows Firewall Rules\n\ New-NetFirewallRule -DisplayName 'OSTP Tunnel In' -Direction Inbound -Program $exe_path -Action Allow -Enabled True -ErrorAction SilentlyContinue\n\ New-NetFirewallRule -DisplayName 'OSTP Tunnel Out' -Direction Outbound -Program $exe_path -Action Allow -Enabled True -ErrorAction SilentlyContinue\n", server_ip_str, current_exe @@ -65,7 +74,9 @@ pub async fn run_wintun_tunnel( } // 4. Prepare and launch tun2socks.exe in the background - let proxy_url = format!("socks5://{}", config.local_proxy.bind_addr); + // Switch from SOCKS5 to HTTP protocol. This natively forces tun2socks NOT to attempt UDP Associate, + // preventing SOCKS5 command 3 unsupported errors while still tunneling 100% of global TCP traffic! + let proxy_url = format!("http://{}", config.local_proxy.bind_addr); if debug { println!("[ostp-client] Spawning tun2socks daemon pointing to {}", proxy_url); @@ -78,22 +89,23 @@ pub async fn run_wintun_tunnel( "-loglevel", if debug { "debug" } else { "error" } ]) .current_dir(dir) - .stdout(Stdio::piped()) - .stderr(Stdio::piped()) + .stdout(if debug { Stdio::piped() } else { Stdio::null() }) + .stderr(if debug { Stdio::piped() } else { Stdio::null() }) .spawn() .map_err(|e| anyhow!("Failed to launch tun2socks.exe background process: {}", e))?; - // 5. Once tun2socks creates the interface, apply network settings (IP, metric, DNS) + // 5. Once tun2socks creates the interface, apply network settings (IP, metric) tokio::time::sleep(tokio::time::Duration::from_secs(2)).await; if debug { println!("[ostp-client] Applying network configurations onto 'ostp_tun' interface..."); } + // We omit setting dnsservers on the TUN interface entirely. This allows Windows to natively fallback + // to the physical interface DNS servers, which are physically routed and work flawlessly. let net_setup = "\ netsh interface ipv4 set address name=\"ostp_tun\" static 10.1.0.2 255.255.255.0 10.1.0.1\n\ - netsh interface ipv4 set interface name=\"ostp_tun\" metric=5\n\ - netsh interface ipv4 set dnsservers name=\"ostp_tun\" static 1.1.1.1 primary\n"; + netsh interface ipv4 set interface name=\"ostp_tun\" metric=5\n"; let _ = Command::new("powershell") .args(["-Command", net_setup]) diff --git a/ostp-server/src/lib.rs b/ostp-server/src/lib.rs index 0ced075..d659e3f 100644 --- a/ostp-server/src/lib.rs +++ b/ostp-server/src/lib.rs @@ -127,8 +127,8 @@ pub async fn run_server( obfuscation_key: [0u8; 8], max_reorder: 262144, max_reorder_buffer: 8192, - ack_delay_ms: 20, - rto_ms: 200, + ack_delay_ms: 5, // Reduced to 5ms for drastically faster ACK loopback throughput + rto_ms: 100, // Reduced to 100ms for aggressive, low-latency packet recovery max_retries: 8, max_sent_history: 16384, };