From c36e7373e8fc8b89fcb36d33498237e9dd0dca7f Mon Sep 17 00:00:00 2001 From: ospab Date: Sun, 14 Jun 2026 01:34:34 +0300 Subject: [PATCH] fix(tun): hide verbose split tunneling logs behind debug flag --- ostp-client/src/tunnel/native_handler.rs | 26 ++++++++++++++++-------- ostp-client/src/tunnel/udp_nat.rs | 24 +++++++++++++++------- 2 files changed, 35 insertions(+), 15 deletions(-) diff --git a/ostp-client/src/tunnel/native_handler.rs b/ostp-client/src/tunnel/native_handler.rs index 9de2649..b1fe5b1 100644 --- a/ostp-client/src/tunnel/native_handler.rs +++ b/ostp-client/src/tunnel/native_handler.rs @@ -230,7 +230,7 @@ pub async fn run_native_tunnel( tokio::spawn(async move { let matcher = matcher_arc.read().await.clone(); - if true { + if debug { tracing::debug!("TUN TCP {local} → {remote}"); } @@ -254,15 +254,19 @@ pub async fn run_native_tunnel( #[cfg(target_os = "windows")] if !should_bypass { if let Some(proc_name) = crate::tunnel::process_lookup::get_process_name_from_port(local.port()) { - tracing::info!("TUN TCP lookup: port {} -> process {}", local.port(), proc_name); + if debug { + tracing::info!("TUN TCP lookup: port {} -> process {}", local.port(), proc_name); + } if matcher.match_process(&proc_name) { - if true { + if debug { tracing::info!("TUN TCP BYPASS (Process match): {} → {remote}", proc_name); } should_bypass = true; } } else { - tracing::info!("TUN TCP lookup: port {} -> no process found", local.port()); + if debug { + tracing::info!("TUN TCP lookup: port {} -> no process found", local.port()); + } } } @@ -271,11 +275,11 @@ pub async fn run_native_tunnel( if let Some(sni) = crate::tunnel::sni_sniff::extract_sni(&sniff_buf[..sniff_len]) { - if true { + if debug { tracing::debug!("TUN SNI: {sni}"); } if matcher.match_domain(&sni) { - if true { + if debug { tracing::info!("TUN TCP BYPASS (SNI domain): {sni} → {remote}"); } should_bypass = true; @@ -285,7 +289,7 @@ pub async fn run_native_tunnel( // 3. Destination IP CIDR check (for IPs not in routing table / IPv6) if !should_bypass && matcher.match_ip(&remote.ip()) { - if true { + if debug { tracing::info!("TUN TCP BYPASS (IP match): {remote}"); } should_bypass = true; @@ -308,8 +312,14 @@ pub async fn run_native_tunnel( remote.is_ipv6(), idx, ) { - tracing::warn!("bind_socket_to_interface failed: {e}"); + tracing::error!("TUN TCP BYPASS failed to bind to physical interface {}: {}", idx, e); + } else { + if debug { + tracing::info!("TUN TCP BYPASS bound to physical interface {}", idx); + } } + } else { + tracing::warn!("TUN TCP BYPASS has no physical interface index!"); } #[cfg(target_os = "linux")] if let Some(ref name) = lin_name { diff --git a/ostp-client/src/tunnel/udp_nat.rs b/ostp-client/src/tunnel/udp_nat.rs index 6749814..ad99dcb 100644 --- a/ostp-client/src/tunnel/udp_nat.rs +++ b/ostp-client/src/tunnel/udp_nat.rs @@ -9,7 +9,7 @@ use futures::StreamExt; pub async fn run_udp_nat( udp_socket: netstack_smoltcp::UdpSocket, proxy_addr: String, - _debug: bool, + debug: bool, matcher: std::sync::Arc>, phys_if_index: Option, phys_if_name: Option, @@ -41,19 +41,27 @@ pub async fn run_udp_nat( let matcher_guard = matcher.read().await; if matcher_guard.match_ip(&dst.ip()) { should_bypass = true; - tracing::info!("TUN UDP BYPASS (IP match): {} → {}", src, dst); + if debug { + tracing::info!("TUN UDP BYPASS (IP match): {} → {}", src, dst); + } } #[cfg(target_os = "windows")] if !should_bypass { if let Some(proc_name) = crate::tunnel::process_lookup::get_process_name_from_port_udp(src.port()) { - tracing::info!("TUN UDP lookup: port {} -> process {}", src.port(), proc_name); + if debug { + tracing::info!("TUN UDP lookup: port {} -> process {}", src.port(), proc_name); + } if matcher_guard.match_process(&proc_name) { should_bypass = true; - tracing::info!("TUN UDP BYPASS (Process match): {} ({} → {})", proc_name, src, dst); + if debug { + tracing::info!("TUN UDP BYPASS (Process match): {} ({} → {})", proc_name, src, dst); + } } } else { - tracing::info!("TUN UDP lookup: port {} -> no process found", src.port()); + if debug { + tracing::info!("TUN UDP lookup: port {} -> no process found", src.port()); + } } } } @@ -63,7 +71,9 @@ pub async fn run_udp_nat( tokio::spawn(async move { if should_bypass { - tracing::info!("Starting UDP BYPASS session for {}", src); + if debug { + tracing::info!("Starting UDP BYPASS session for {}", src); + } let res = start_udp_bypass_session(src, p_if_idx, p_if_name, &mut session_rx, tx_clone).await; if res.is_err() { tracing::debug!("UDP BYPASS session for {} ended: {:?}", src, res.err()); @@ -111,7 +121,7 @@ async fn start_udp_bypass_session( if let Err(e) = crate::tunnel::proxy::bind_socket_to_interface(&socket, client_src.is_ipv6(), idx) { tracing::error!("TUN UDP BYPASS failed to bind to physical interface {}: {}", idx, e); } else { - tracing::info!("TUN UDP BYPASS bound to physical interface {}", idx); + // Keep debug log } } else { tracing::warn!("TUN UDP BYPASS has no physical interface index!");