Browse Source

fix: allow bypass single ip address

v1.x.x
dnomd343 2 years ago
parent
commit
0ee0e5ac64
  1. 4
      cmd/config/decode.go
  2. 8
      cmd/network/tproxy.go

4
cmd/config/decode.go

@ -57,9 +57,9 @@ func decodeDns(rawConfig *RawConfig, config *Config) {
func decodeBypass(rawConfig *RawConfig, config *Config) { func decodeBypass(rawConfig *RawConfig, config *Config) {
for _, address := range rawConfig.Network.ByPass { // bypass options for _, address := range rawConfig.Network.ByPass { // bypass options
if common.IsIPv4(address, true) { if common.IsIPv4(address, true) || common.IsIPv4(address, false) {
config.IPv4.Bypass = append(config.IPv4.Bypass, address) config.IPv4.Bypass = append(config.IPv4.Bypass, address)
} else if common.IsIPv6(address, true) { } else if common.IsIPv6(address, true) || common.IsIPv6(address, false) {
config.IPv6.Bypass = append(config.IPv6.Bypass, address) config.IPv6.Bypass = append(config.IPv6.Bypass, address)
} else { } else {
log.Panicf("Invalid bypass CIDR -> %s", address) log.Panicf("Invalid bypass CIDR -> %s", address)

8
cmd/network/tproxy.go

@ -13,8 +13,8 @@ func loadV4TProxy(v4 *Config, v4SysCidr []string) {
run("ip", "-4", "route", "add", "local", "0.0.0.0/0", "dev", "lo", "table", tableNum) run("ip", "-4", "route", "add", "local", "0.0.0.0/0", "dev", "lo", "table", tableNum)
run("iptables", "-t", "mangle", "-N", "XPROXY") run("iptables", "-t", "mangle", "-N", "XPROXY")
log.Infof("Setting up IPv4 bypass CIDR -> %v", v4Bypass) log.Infof("Setting up IPv4 bypass CIDR -> %v", v4Bypass)
for _, cidr := range v4Bypass { for _, bypass := range v4Bypass {
run("iptables", "-t", "mangle", "-A", "XPROXY", "-d", cidr, "-j", "RETURN") run("iptables", "-t", "mangle", "-A", "XPROXY", "-d", bypass, "-j", "RETURN")
} }
run("iptables", "-t", "mangle", "-A", "XPROXY", run("iptables", "-t", "mangle", "-A", "XPROXY",
"-p", "tcp", "-j", "TPROXY", "--on-port", strconv.Itoa(v4.TProxyPort), "--tproxy-mark", "1") "-p", "tcp", "-j", "TPROXY", "--on-port", strconv.Itoa(v4.TProxyPort), "--tproxy-mark", "1")
@ -31,8 +31,8 @@ func loadV6TProxy(v6 *Config, v6SysCidr []string) {
run("ip", "-6", "route", "add", "local", "::/0", "dev", "lo", "table", tableNum) run("ip", "-6", "route", "add", "local", "::/0", "dev", "lo", "table", tableNum)
run("ip6tables", "-t", "mangle", "-N", "XPROXY6") run("ip6tables", "-t", "mangle", "-N", "XPROXY6")
log.Infof("Setting up IPv6 bypass CIDR -> %v", v6Bypass) log.Infof("Setting up IPv6 bypass CIDR -> %v", v6Bypass)
for _, cidr := range v6Bypass { for _, bypass := range v6Bypass {
run("ip6tables", "-t", "mangle", "-A", "XPROXY6", "-d", cidr, "-j", "RETURN") run("ip6tables", "-t", "mangle", "-A", "XPROXY6", "-d", bypass, "-j", "RETURN")
} }
run("ip6tables", "-t", "mangle", "-A", "XPROXY6", run("ip6tables", "-t", "mangle", "-A", "XPROXY6",
"-p", "tcp", "-j", "TPROXY", "--on-port", strconv.Itoa(v6.TProxyPort), "--tproxy-mark", "1") "-p", "tcp", "-j", "TPROXY", "--on-port", strconv.Itoa(v6.TProxyPort), "--tproxy-mark", "1")

Loading…
Cancel
Save