From 2700bc33d5a83346c154101f63f2e8aeb65ab4ce Mon Sep 17 00:00:00 2001
From: dnomd343 <i@343.re>
Date: Sun, 21 Aug 2022 16:45:23 +0800
Subject: [PATCH] feat: add exclude options

---
 cmd/config/decode.go  | 29 ++++++++++++++++++++++-------
 cmd/config/main.go    |  1 +
 cmd/controller.go     |  2 --
 cmd/network/main.go   |  1 +
 cmd/network/tproxy.go |  6 ++++++
 5 files changed, 30 insertions(+), 9 deletions(-)

diff --git a/cmd/config/decode.go b/cmd/config/decode.go
index 68d17cf..1692575 100644
--- a/cmd/config/decode.go
+++ b/cmd/config/decode.go
@@ -21,10 +21,11 @@ type RawConfig struct {
     Radvd   radvd.Config `yaml:"radvd" json:"radvd"`
     Proxy   proxy.Config `yaml:"proxy" json:"proxy"`
     Network struct {
-        DNS    []string  `yaml:"dns" json:"dns"`
-        ByPass []string  `yaml:"bypass" json:"bypass"`
-        IPv4   NetConfig `yaml:"ipv4" json:"ipv4"`
-        IPv6   NetConfig `yaml:"ipv6" json:"ipv6"`
+        DNS     []string  `yaml:"dns" json:"dns"`
+        ByPass  []string  `yaml:"bypass" json:"bypass"`
+        Exclude []string  `yaml:"exclude" json:"exclude"`
+        IPv4    NetConfig `yaml:"ipv4" json:"ipv4"`
+        IPv6    NetConfig `yaml:"ipv6" json:"ipv6"`
     } `yaml:"network" json:"network"`
 }
 
@@ -62,11 +63,25 @@ func decodeBypass(rawConfig *RawConfig, config *Config) {
         } else if common.IsIPv6(address, true) || common.IsIPv6(address, false) {
             config.IPv6.Bypass = append(config.IPv6.Bypass, address)
         } else {
-            log.Panicf("Invalid bypass CIDR -> %s", address)
+            log.Panicf("Invalid bypass IP or CIDR -> %s", address)
         }
     }
-    log.Debugf("IPv4 bypass CIDR -> %s", config.IPv4.Bypass)
-    log.Debugf("IPv6 bypass CIDR -> %s", config.IPv6.Bypass)
+    log.Debugf("IPv4 bypass -> %s", config.IPv4.Bypass)
+    log.Debugf("IPv6 bypass -> %s", config.IPv6.Bypass)
+}
+
+func decodeExclude(rawConfig *RawConfig, config *Config) {
+    for _, address := range rawConfig.Network.Exclude { // exclude options
+        if common.IsIPv4(address, true) || common.IsIPv4(address, false) {
+            config.IPv4.Exclude = append(config.IPv4.Exclude, address)
+        } else if common.IsIPv6(address, true) || common.IsIPv6(address, false) {
+            config.IPv6.Exclude = append(config.IPv6.Exclude, address)
+        } else {
+            log.Panicf("Invalid exclude IP or CIDR -> %s", address)
+        }
+    }
+    log.Debugf("IPv4 exclude -> %s", config.IPv4.Exclude)
+    log.Debugf("IPv6 exclude -> %s", config.IPv6.Exclude)
 }
 
 func decodeIPv4(rawConfig *RawConfig, config *Config) {
diff --git a/cmd/config/main.go b/cmd/config/main.go
index f57bb09..8571103 100644
--- a/cmd/config/main.go
+++ b/cmd/config/main.go
@@ -33,6 +33,7 @@ func Load(configFile string, config *Config) {
     rawConfig := configDecode(raw, path.Ext(configFile)) // decode configure content
     decodeDns(&rawConfig, config)
     decodeBypass(&rawConfig, config)
+    decodeExclude(&rawConfig, config)
     decodeIPv4(&rawConfig, config)
     decodeIPv6(&rawConfig, config)
     decodeProxy(&rawConfig, config)
diff --git a/cmd/controller.go b/cmd/controller.go
index 7dcf40b..a975590 100644
--- a/cmd/controller.go
+++ b/cmd/controller.go
@@ -14,7 +14,6 @@ import (
     "path"
     "strconv"
     "syscall"
-    "time"
 )
 
 func runProcess(env []string, command ...string) {
@@ -79,7 +78,6 @@ func runRadvd(settings *config.Config) {
             radvdCmd = append(radvdCmd, "--logmethod", "logfile")
             radvdCmd = append(radvdCmd, "--logfile", path.Join(exposeDir, "log/radvd.log"))
             radvdCmd = append(radvdCmd, "--debug", strconv.Itoa(settings.Radvd.Log))
-            time.Sleep(time.Second) // radvd will crash on first boot without delay (enable debug), why???
         }
         runProcess(nil, radvdCmd...)
     }
diff --git a/cmd/network/main.go b/cmd/network/main.go
index 0c2908f..3763683 100644
--- a/cmd/network/main.go
+++ b/cmd/network/main.go
@@ -12,6 +12,7 @@ type Config struct {
     Address    string
     Gateway    string
     Bypass     []string
+    Exclude    []string
 }
 
 var run = common.RunCommand
diff --git a/cmd/network/tproxy.go b/cmd/network/tproxy.go
index f6c7507..df25287 100644
--- a/cmd/network/tproxy.go
+++ b/cmd/network/tproxy.go
@@ -16,6 +16,9 @@ func loadV4TProxy(v4 *Config, v4SysCidr []string) {
     for _, bypass := range v4Bypass {
         run("iptables", "-t", "mangle", "-A", "XPROXY", "-d", bypass, "-j", "RETURN")
     }
+    for _, exclude := range v4.Exclude {
+        run("iptables", "-t", "mangle", "-A", "XPROXY", "-s", exclude, "-j", "RETURN")
+    }
     run("iptables", "-t", "mangle", "-A", "XPROXY",
         "-p", "tcp", "-j", "TPROXY", "--on-port", strconv.Itoa(v4.TProxyPort), "--tproxy-mark", "1")
     run("iptables", "-t", "mangle", "-A", "XPROXY",
@@ -34,6 +37,9 @@ func loadV6TProxy(v6 *Config, v6SysCidr []string) {
     for _, bypass := range v6Bypass {
         run("ip6tables", "-t", "mangle", "-A", "XPROXY6", "-d", bypass, "-j", "RETURN")
     }
+    for _, exclude := range v6.Exclude {
+        run("ip6tables", "-t", "mangle", "-A", "XPROXY6", "-s", exclude, "-j", "RETURN")
+    }
     run("ip6tables", "-t", "mangle", "-A", "XPROXY6",
         "-p", "tcp", "-j", "TPROXY", "--on-port", strconv.Itoa(v6.TProxyPort), "--tproxy-mark", "1")
     run("ip6tables", "-t", "mangle", "-A", "XPROXY6",