chore(phantun) bump to v0.2.3, bump fake-tcp dependency to v0.2.0

Server

.github/dependabot.yml

@@ -0,0 +1,12 @@
+version: 2
+updates:
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+
+  - package-ecosystem: "cargo"
+    directory: "/"
+    schedule:
+      interval: "daily"

.github/workflows/release.yml

@@ -16,12 +16,19 @@ jobs:
       matrix:
         target:
           - x86_64-unknown-linux-gnu
+          - x86_64-unknown-linux-musl
           - i686-unknown-linux-gnu
+          - i686-unknown-linux-musl
           - armv7-unknown-linux-gnueabihf
+          - armv7-unknown-linux-musleabihf
           - arm-unknown-linux-gnueabihf
+          - arm-unknown-linux-musleabihf
           - aarch64-unknown-linux-gnu
+          - aarch64-unknown-linux-musl
           - mips-unknown-linux-gnu
+          - mips-unknown-linux-musl
           - mipsel-unknown-linux-gnu
+          - mipsel-unknown-linux-musl
 
     steps:
       - uses: actions/checkout@v2

.github/workflows/rust.yml

@@ -12,6 +12,9 @@ jobs:
 
     steps:
     - uses: actions/checkout@v2
+    - uses: actions-rs/toolchain@v1
+      with:
+        toolchain: stable
     - name: Run lint
       run: cargo clippy --verbose
     - name: Build

README.md

@@ -31,7 +31,7 @@ Table of Contents
 
 # Latest release
 
-[v0.1.0](https://github.com/dndx/phantun/releases/tag/v0.1.0)
+[v0.2.2](https://github.com/dndx/phantun/releases/tag/v0.2.2)
 
 # Overview
 
@@ -55,11 +55,39 @@ to make it pass through stateful firewall/NATs as TCP packets.
 
 # Usage
 
+For the example below, it is assumed that **Phantun Server** listens for incoming Phantun Client connections at
+port `4567` (the `--local` option for server), and it forwards UDP packets to UDP server at `127.0.0.1:1234`
+(the `--remote` option for server).
+
+It is also assumed that **Phantun Client** listens for incoming UDP packets at
+`127.0.0.1:1234` (the `--local` option for client) and connects to Phantun Server at `10.0.0.1:4567`
+(the `--remote` option for client).
+
 Phantun creates TUN interface for both the Client and Server. For Client, Phantun assigns itself the IP address
-`192.168.200.2` and for Server, it assigns `192.168.201.2`. Therefore, your Kernel must have
+`192.168.200.2` by default and for Server, it assigns `192.168.201.2` by default. Therefore, your Kernel must have
 `net.ipv4.ip_forward` enabled and setup appropriate iptables rules for NAT between your physical
 NIC address and Phantun's TUN interface address.
 
+You may customize the name of Tun interface created by Phantun and the assigned addresses. Please
+run the executable with `-h` options to see how to change them.
+
+Another way to help understand this network topology:
+
+Phantun Client is like a machine with private IP address (`192.168.200.2`) behind a router.
+In order for it to reach the Internet, you will need to SNAT the private IP address before it's traffic
+leaves the NIC.
+
+Phantun Server is like a server with private IP address (`192.168.201.2`) behind a router.
+In order to access it from the Internet, you need to `DNAT` it's listening port on the router
+and change the destination IP address to where the server is listening for incoming connections.
+
+In those cases, the machine/iptables running Phantun acts as the "router" that allows Phantun
+to communicate with outside using it's private IP addresses.
+
+As of Phantun v0.2.2, IPv6 support for UDP endpoints has been added, however Fake TCP IPv6 support
+has not been finished yet. To specify an IPv6 address, use the following format: `[::1]:1234` with
+the command line options.
+
 [Back to TOC](#table-of-contents)
 
 ## 1. Enable Kernel IP forwarding
@@ -96,7 +124,7 @@ table inet nat {
 #### Using iptables
 
 ```
-iptables -t nat -A POSTROUTING -i tun0 -o eth0 -j MASQUERADE
+iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
 ```
 
 [Back to TOC](#table-of-contents)
@@ -146,6 +174,8 @@ sudo setcap cap_net_admin=+pe phantun_client
 
 ## 4. Start Phantun daemon
 
+**Note:** Run Phantun executable with `-h` option to see full detailed options.
+
 ### Server
 
 Note: `4567` is the TCP port Phantun should listen on and must corresponds to the DNAT
@@ -192,18 +222,13 @@ of obfuscation.
 For people who use Phantun to tunnel [WireGuard®](https://www.wireguard.com) UDP packets, here are some guidelines on figuring
 out the correct MTU to use for your WireGuard interface.
 
-WireGuard MTU = `MAX_OF_16`(Interface MTU - IP header (20 bytes) - TCP header (20 bytes) - WireGuard overhead (32 bytes))
+WireGuard MTU = Interface MTU - IP header (20 bytes) - TCP header (20 bytes) - WireGuard overhead (32 bytes)
-
-Where:
-
-`MAX_OF_16` takes an input integer and calculates the maximum multiple of 16 not exceeding the input. This
-is needed because WireGuard will always pad it's payloads to multiple of 16 bytes.
 
 For example, for a Ethernet interface with 1500 bytes MTU, the WireGuard interface MTU should be set as:
 
-`MAX_OF_16`(1500 - 20 - 20 - 32) = 1424 bytes
+1500 - 20 - 20 - 32 = 1428 bytes
 
-The resulted Phantun TCP data packet will be 1424 + 20 + 20 + 32 = 1496 bytes which does not exceed the
+The resulted Phantun TCP data packet will be 1500 bytes which does not exceed the
 interface MTU of 1500.
 
 [Back to TOC](#table-of-contents)
@@ -229,7 +254,7 @@ for tunneling TCP/UDP traffic between two test instances and MTU has been tuned
 
 # Future plans
 
-* IPv6 support
+* IPv6 support for fake-tcp
 * Load balancing a single UDP stream into multiple TCP streams
 * Integration tests
 * Auto insertion/removal of required firewall rules
@@ -257,7 +282,7 @@ Here is a quick overview of comparison between those two to help you choose:
 | Tunneling MTU overhead                           |    12 bytes   |      44 bytes     |
 | Seprate TCP connections for each UDP connection  | Client/Server |    Server only    |
 | Anti-replay, encryption                          |       ❌       |         ✅         |
-| IPv6                                             |    Planned    |         ✅         |
+| IPv6                                             |    UDP only    |         ✅         |
 
 [Back to TOC](#table-of-contents)
 

fake-tcp/Cargo.toml

@@ -1,7 +1,7 @@
 [package]
 name = "fake-tcp"
-version = "0.1.1"
+version = "0.2.0"
-edition = "2018"
+edition = "2021"
 authors = ["Datong Sun <dndx@idndx.com>"]
 license = "MIT OR Apache-2.0"
 repository = "https://github.com/dndx/phantun"
@@ -21,4 +21,4 @@ tokio = { version = "1.12.0", features = ["full"] }
 rand = { version = "0.8.4", features = ["small_rng"] }
 log = "0.4"
 internet-checksum = "0.2.0"
-dndx-fork-tokio-tun = "0.3.16"
+dndx-fork-tokio-tun = "0.4.0"

fake-tcp/src/lib.rs

@@ -15,7 +15,6 @@ use std::sync::atomic::{AtomicU32, Ordering};
 use std::sync::{Arc, RwLock};
 use tokio::sync::broadcast;
 use tokio::sync::mpsc::{self, Receiver, Sender};
-use tokio::sync::watch;
 use tokio::sync::Mutex as AsyncMutex;
 use tokio::time;
 use tokio_tun::Tun;
@@ -58,6 +57,7 @@ pub enum State {
     SynSent,
     SynReceived,
     Established,
+    Closed,
 }
 
 pub struct Socket {
@@ -69,8 +69,6 @@ pub struct Socket {
     seq: AtomicU32,
     ack: AtomicU32,
     state: State,
-    closing_tx: watch::Sender<()>,
-    closing_rx: watch::Receiver<()>,
 }
 
 impl Socket {
@@ -83,7 +81,6 @@ impl Socket {
         state: State,
     ) -> (Socket, Sender<Bytes>) {
         let (incoming_tx, incoming_rx) = mpsc::channel(MPSC_BUFFER_LEN);
-        let (closing_tx, closing_rx) = watch::channel(());
 
         (
             Socket {
@@ -95,8 +92,6 @@ impl Socket {
                 seq: AtomicU32::new(0),
                 ack: AtomicU32::new(ack.unwrap_or(0)),
                 state,
-                closing_tx,
-                closing_rx,
             },
             incoming_tx,
         )
@@ -114,8 +109,6 @@ impl Socket {
     }
 
     pub async fn send(&self, payload: &[u8]) -> Option<()> {
-        let mut closing = self.closing_rx.clone();
-
         match self.state {
             State::Established => {
                 let buf = self.build_tcp_packet(tcp::TcpFlags::ACK, Some(payload));
@@ -126,53 +119,40 @@ impl Socket {
                         res.unwrap();
                         Some(())
                     },
-                    _ = closing.changed() => {
-                        None
-                    }
                 }
             }
+            State::Closed => None,
             _ => unreachable!(),
         }
     }
 
     pub async fn recv(&self, buf: &mut [u8]) -> Option<usize> {
-        let mut closing = self.closing_rx.clone();
-
         match self.state {
             State::Established => {
                 let mut incoming = self.incoming.lock().await;
-                tokio::select! {
+                incoming.recv().await.and_then(|raw_buf| {
-                    Some(raw_buf) = incoming.recv() => {
+                    let (_v4_packet, tcp_packet) = parse_ipv4_packet(&raw_buf);
-                        let (_v4_packet, tcp_packet) = parse_ipv4_packet(&raw_buf);
 
-                        if (tcp_packet.get_flags() & tcp::TcpFlags::RST) != 0 {
+                    if (tcp_packet.get_flags() & tcp::TcpFlags::RST) != 0 {
-                            info!("Connection {} reset by peer", self);
+                        info!("Connection {} reset by peer", self);
-                            self.close();
+                        return None;
-                            return None;
-                        }
-
-                        let payload = tcp_packet.payload();
-
-                        self.ack
-                            .store(tcp_packet.get_sequence().wrapping_add(1), Ordering::Relaxed);
-
-                        buf[..payload.len()].copy_from_slice(payload);
-
-                        Some(payload.len())
-                    },
-                    _ = closing.changed() => {
-                        None
                     }
-                }
+
+                    let payload = tcp_packet.payload();
+
+                    self.ack
+                        .store(tcp_packet.get_sequence().wrapping_add(1), Ordering::Relaxed);
+
+                    buf[..payload.len()].copy_from_slice(payload);
+
+                    Some(payload.len())
+                })
             }
+            State::Closed => None,
             _ => unreachable!(),
         }
     }
 
-    pub fn close(&self) {
-        self.closing_tx.send(()).unwrap();
-    }
-
     async fn accept(mut self) {
         for _ in 0..RETRIES {
             match self.state {
@@ -272,6 +252,8 @@ impl Socket {
 
 impl Drop for Socket {
     fn drop(&mut self) {
+        self.state = State::Closed;
+
         let tuple = AddrTuple::new(self.local_addr, self.remote_addr);
         // dissociates ourself from the dispatch map
         assert!(self.shared.tuples.write().unwrap().remove(&tuple).is_some());
@@ -282,7 +264,7 @@ impl Drop for Socket {
         if let Err(e) = self.tun.try_send(&buf) {
             warn!("Unable to send RST to remote end: {}", e);
         }
-        self.close();
+
         info!("Fake TCP connection to {} closed", self);
     }
 }
@@ -385,16 +367,21 @@ impl Stack {
 
                     let tuple = AddrTuple::new(local_addr, remote_addr);
                     if let Some(c) = tuples.get(&tuple) {
-                        c.send(buf).await.unwrap();
+                        if c.send(buf).await.is_err() {
+                            trace!("Cache hit, but receiver already closed, dropping packet");
+                        }
+
                         continue;
 
+                        // If not Ok, receiver has been closed and just fall through to the slow
+                        // path below
+
                     } else {
                         trace!("Cache miss, checking the shared tuples table for connection");
-                        let sender;
+                        let sender = {
-                        {
                             let tuples = shared.tuples.read().unwrap();
-                            sender = tuples.get(&tuple).cloned();
+                            tuples.get(&tuple).cloned()
-                        }
+                        };
 
                         if let Some(c) = sender {
                             trace!("Storing connection information into local tuples");

fake-tcp/src/packet.rs

@@ -32,7 +32,7 @@ pub fn build_tcp_packet(
     v4.set_version(4);
     v4.set_header_length(IPV4_HEADER_LEN as u8 / 4);
     v4.set_next_level_protocol(ip::IpNextHeaderProtocols::Tcp);
-    v4.set_ttl(32);
+    v4.set_ttl(64);
     v4.set_source(*local_addr.ip());
     v4.set_destination(*remote_addr.ip());
     v4.set_total_length(total_len.try_into().unwrap());

phantun/Cargo.toml

@@ -1,7 +1,7 @@
 [package]
 name = "phantun"
-version = "0.1.1"
+version = "0.2.3"
-edition = "2018"
+edition = "2021"
 authors = ["Datong Sun <dndx@idndx.com>"]
 license = "MIT OR Apache-2.0"
 repository = "https://github.com/dndx/phantun"
@@ -13,9 +13,9 @@ Layer 3 & Layer 4 (NAPT) firewalls/NATs.
 [dependencies]
 clap = "2.33.3"
 socket2 = { version = "0.4.2", features = ["all"] }
-fake-tcp = "0.1.1"
+fake-tcp = "0.2.0"
 tokio = { version = "1.12.0", features = ["full"] }
 log = "0.4"
 pretty_env_logger = "0.4.0"
-dndx-fork-tokio-tun = "0.3.16"
+dndx-fork-tokio-tun = "0.4.0"
 num_cpus = "1.13.0"

phantun/src/bin/client.rs

@@ -1,12 +1,12 @@
 extern crate dndx_fork_tokio_tun as tokio_tun;
 
-use clap::{App, Arg};
+use clap::{crate_version, App, Arg};
 use fake_tcp::packet::MAX_PACKET_LEN;
 use fake_tcp::{Socket, Stack};
 use log::{debug, error, info};
 use std::collections::HashMap;
 use std::convert::TryInto;
-use std::net::{SocketAddr, SocketAddrV4};
+use std::net::{Ipv4Addr, SocketAddr};
 use std::sync::Arc;
 use std::time::Duration;
 use tokio::net::UdpSocket;
@@ -16,8 +16,17 @@ use tokio_tun::TunBuilder;
 
 const UDP_TTL: Duration = Duration::from_secs(180);
 
-fn new_udp_reuseport(addr: SocketAddrV4) -> UdpSocket {
+fn new_udp_reuseport(addr: SocketAddr) -> UdpSocket {
-    let udp_sock = socket2::Socket::new(socket2::Domain::IPV4, socket2::Type::DGRAM, None).unwrap();
+    let udp_sock = socket2::Socket::new(
+        if addr.is_ipv4() {
+            socket2::Domain::IPV4
+        } else {
+            socket2::Domain::IPV6
+        },
+        socket2::Type::DGRAM,
+        None,
+    )
+    .unwrap();
     udp_sock.set_reuse_port(true).unwrap();
     // from tokio-rs/mio/blob/master/src/sys/unix/net.rs
     udp_sock.set_cloexec(true).unwrap();
@@ -32,15 +41,15 @@ async fn main() {
     pretty_env_logger::init();
 
     let matches = App::new("Phantun Client")
-        .version("1.0")
+        .version(crate_version!())
-        .author("dndx@GitHub")
+        .author("Datong Sun (github.com/dndx)")
         .arg(
             Arg::with_name("local")
                 .short("l")
                 .long("local")
                 .required(true)
                 .value_name("IP:PORT")
-                .help("Sets the listening socket address")
+                .help("Sets the IP and port where Phantun Client listens for incoming UDP datagrams, IPv6 address need to be specified as: \"[IPv6]:PORT\"")
                 .takes_value(true),
         )
         .arg(
@@ -48,37 +57,84 @@ async fn main() {
                 .short("r")
                 .long("remote")
                 .required(true)
-                .value_name("IP:PORT")
+                .value_name("IP or HOST NAME:PORT")
-                .help("Sets the connecting socket address")
+                .help("Sets the address or host name and port where Phantun Client connects to Phantun Server")
+                .takes_value(true),
+        )
+        .arg(
+            Arg::with_name("tun")
+                .long("tun")
+                .required(false)
+                .value_name("tunX")
+                .help("Sets the Tun interface name, if absent, pick the next available name")
+                .default_value("")
+                .takes_value(true),
+        )
+        .arg(
+            Arg::with_name("tun_local")
+                .long("tun-local")
+                .required(false)
+                .value_name("IP")
+                .help("Sets the Tun interface local address (O/S's end)")
+                .default_value("192.168.200.1")
+                .takes_value(true),
+        )
+        .arg(
+            Arg::with_name("tun_peer")
+                .long("tun-peer")
+                .required(false)
+                .value_name("IP")
+                .help("Sets the Tun interface destination (peer) address (Phantun Client's end). \
+                       You will need to setup SNAT/MASQUERADE rules on your Internet facing interface \
+                       in order for Phantun Client to connect to Phantun Server")
+                .default_value("192.168.200.2")
                 .takes_value(true),
         )
         .get_matches();
 
-    let local_addr: SocketAddrV4 = matches
+    let local_addr: SocketAddr = matches
         .value_of("local")
         .unwrap()
         .parse()
         .expect("bad local address");
-    let remote_addr: SocketAddrV4 = matches
+
-        .value_of("remote")
+    let remote_addr = tokio::net::lookup_host(matches.value_of("remote").unwrap())
+        .await
+        .expect("bad remote address or host")
+        .next()
+        .expect("unable to resolve remote host name");
+    let remote_addr = if let SocketAddr::V4(addr) = remote_addr {
+        addr
+    } else {
+        panic!("only IPv4 remote address is supported");
+    };
+    info!("Remote address is: {}", remote_addr);
+
+    let tun_local: Ipv4Addr = matches
+        .value_of("tun_local")
         .unwrap()
         .parse()
-        .expect("bad remote address");
+        .expect("bad local address for Tun interface");
+    let tun_peer: Ipv4Addr = matches
+        .value_of("tun_peer")
+        .unwrap()
+        .parse()
+        .expect("bad peer address for Tun interface");
 
     let tun = TunBuilder::new()
-        .name("") // if name is empty, then it is set by kernel.
+        .name(matches.value_of("tun").unwrap()) // if name is empty, then it is set by kernel.
         .tap(false) // false (default): TUN, true: TAP.
         .packet_info(false) // false: IFF_NO_PI, default is true.
         .up() // or set it up manually using `sudo ip link set <tun-name> up`.
-        .address("192.168.200.1".parse().unwrap())
+        .address(tun_local)
-        .destination("192.168.200.2".parse().unwrap())
+        .destination(tun_peer)
         .try_build_mq(num_cpus::get())
         .unwrap();
 
     info!("Created TUN device {}", tun[0].name());
 
     let udp_sock = Arc::new(new_udp_reuseport(local_addr));
-    let connections = Arc::new(RwLock::new(HashMap::<SocketAddrV4, Arc<Socket>>::new()));
+    let connections = Arc::new(RwLock::new(HashMap::<SocketAddr, Arc<Socket>>::new()));
 
     let mut stack = Stack::new(tun);
 
@@ -87,7 +143,7 @@ async fn main() {
 
         loop {
             tokio::select! {
-                Ok((size, SocketAddr::V4(addr))) = udp_sock.recv_from(&mut buf_r) => {
+                Ok((size, addr)) = udp_sock.recv_from(&mut buf_r) => {
                     // seen UDP packet to listening socket, this means:
                     // 1. It is a new UDP connection, or
                     // 2. It is some extra packets not filtered by more specific
@@ -139,7 +195,11 @@ async fn main() {
                                     match res {
                                         Some(size) => {
                                             if size > 0 {
-                                                udp_sock.send(&buf_tcp[..size]).await.unwrap();
+                                                if let Err(e) = udp_sock.send(&buf_tcp[..size]).await {
+                                                    connections.write().await.remove(&addr);
+                                                    error!("Unable to send UDP packet to {}: {}, closing connection", e, addr);
+                                                    return;
+                                                }
                                             }
                                         },
                                         None => {

phantun/src/bin/server.rs

@@ -1,10 +1,10 @@
 extern crate dndx_fork_tokio_tun as tokio_tun;
 
-use clap::{App, Arg};
+use clap::{crate_version, App, Arg};
 use fake_tcp::packet::MAX_PACKET_LEN;
 use fake_tcp::Stack;
-use log::info;
+use log::{error, info};
-use std::net::SocketAddrV4;
+use std::net::Ipv4Addr;
 use tokio::net::UdpSocket;
 use tokio::time::{self, Duration};
 use tokio_tun::TunBuilder;
@@ -15,15 +15,15 @@ async fn main() {
     pretty_env_logger::init();
 
     let matches = App::new("Phantun Server")
-        .version("1.0")
+        .version(crate_version!())
-        .author("dndx@GitHub")
+        .author("Datong Sun (github.com/dndx)")
         .arg(
             Arg::with_name("local")
                 .short("l")
                 .long("local")
                 .required(true)
                 .value_name("PORT")
-                .help("Sets the listening port")
+                .help("Sets the port where Phantun Server listens for incoming Phantun Client TCP connections")
                 .takes_value(true),
         )
         .arg(
@@ -31,8 +31,37 @@ async fn main() {
                 .short("r")
                 .long("remote")
                 .required(true)
-                .value_name("IP:PORT")
+                .value_name("IP or HOST NAME:PORT")
-                .help("Sets the connecting socket address")
+                .help("Sets the address or host name and port where Phantun Server forwards UDP packets to, IPv6 address need to be specified as: \"[IPv6]:PORT\"")
+                .takes_value(true),
+        )
+        .arg(
+            Arg::with_name("tun")
+                .long("tun")
+                .required(false)
+                .value_name("tunX")
+                .help("Sets the Tun interface name, if absent, pick the next available name")
+                .default_value("")
+                .takes_value(true),
+        )
+        .arg(
+            Arg::with_name("tun_local")
+                .long("tun-local")
+                .required(false)
+                .value_name("IP")
+                .help("Sets the Tun interface local address (O/S's end)")
+                .default_value("192.168.201.1")
+                .takes_value(true),
+        )
+        .arg(
+            Arg::with_name("tun_peer")
+                .long("tun-peer")
+                .required(false)
+                .value_name("IP")
+                .help("Sets the Tun interface destination (peer) address (Phantun Server's end). \
+                       You will need to setup DNAT rules to this address in order for Phantun Server \
+                       to accept TCP traffic from Phantun Client")
+                .default_value("192.168.201.2")
                 .takes_value(true),
         )
         .get_matches();
@@ -42,19 +71,32 @@ async fn main() {
         .unwrap()
         .parse()
         .expect("bad local port");
-    let remote_addr: SocketAddrV4 = matches
+
-        .value_of("remote")
+    let remote_addr = tokio::net::lookup_host(matches.value_of("remote").unwrap())
+        .await
+        .expect("bad remote address or host")
+        .next()
+        .expect("unable to resolve remote host name");
+    info!("Remote address is: {}", remote_addr);
+
+    let tun_local: Ipv4Addr = matches
+        .value_of("tun_local")
         .unwrap()
         .parse()
-        .expect("bad remote address");
+        .expect("bad local address for Tun interface");
+    let tun_peer: Ipv4Addr = matches
+        .value_of("tun_peer")
+        .unwrap()
+        .parse()
+        .expect("bad peer address for Tun interface");
 
     let tun = TunBuilder::new()
-        .name("") // if name is empty, then it is set by kernel.
+        .name(matches.value_of("tun").unwrap()) // if name is empty, then it is set by kernel.
         .tap(false) // false (default): TUN, true: TAP.
         .packet_info(false) // false: IFF_NO_PI, default is true.
         .up() // or set it up manually using `sudo ip link set <tun-name> up`.
-        .address("192.168.201.1".parse().unwrap())
+        .address(tun_local)
-        .destination("192.168.201.2".parse().unwrap())
+        .destination(tun_peer)
         .try_build_mq(num_cpus::get())
         .unwrap();
 
@@ -74,7 +116,13 @@ async fn main() {
             info!("New connection: {}", sock);
 
             tokio::spawn(async move {
-                let udp_sock = UdpSocket::bind("0.0.0.0:0").await.unwrap();
+                let udp_sock = UdpSocket::bind(if remote_addr.is_ipv4() {
+                    "0.0.0.0:0"
+                } else {
+                    "[::]:0"
+                })
+                .await
+                .unwrap();
                 udp_sock.connect(remote_addr).await.unwrap();
 
                 loop {
@@ -90,7 +138,10 @@ async fn main() {
                             match res {
                                 Some(size) => {
                                     if size > 0 {
-                                        udp_sock.send(&buf_tcp[..size]).await.unwrap();
+                                        if let Err(e) = udp_sock.send(&buf_tcp[..size]).await {
+                                            error!("Unable to send UDP packet to {}: {}, closing connection", e, remote_addr);
+                                            return;
+                                        }
                                     }
                                 },
                                 None => { return; },