[tunnel/netstack] Use host upstream instead of localhost

Author: dilyevsky

pkg/netstack/tcp_forwarder.go

@@ -33,18 +33,23 @@ func TCPForwarder(ctx context.Context, ipstack *stack.Stack, upstream network.Ne
 
 // Unmap4in6 converts an IPv6 address to an IPv4 address if it is an IPv4-mapped IPv6 address.
 // If the address is not an IPv4-mapped IPv6 address, it is returned unchanged.
+// If the IPv4 address is zero, returns 127.0.0.1.
 // It is following /96 embedding scheme from RFC 6052 (https://datatracker.ietf.org/doc/html/rfc6052#section-2.2).
 func Unmap4in6(addr netip.Addr) netip.Addr {
 if !addr.Is6() {
 return addr
 }
 b16 := addr.As16()
-return netip.AddrFrom4([4]byte{
+v4addr := netip.AddrFrom4([4]byte{
 b16[12],
 b16[13],
 b16[14],
 b16[15],
 })
+if !v4addr.IsValid() {
+return netip.AddrFrom4([4]byte{127, 0, 0, 1})
+}
+return v4addr
 }
 
 func tcpHandler(ctx context.Context, upstream network.Network) func(req *tcp.ForwarderRequest) {

pkg/tunnel/router/client_netstack.go

@@ -101,7 +101,7 @@ func (r *NetstackRouter) Start(ctx context.Context) error {
 
 if err := r.tunDev.ForwardTo(ctx, network.Filtered(&network.FilteredNetworkConfig{
 DeniedPorts: []uint16{uint16(socksListenPort)},
-Upstream: network.Loopback(),
+Upstream: network.Host(),
 })); err != nil {
 return fmt.Errorf("failed to forward to loopback: %w", err)
 }