Browse Source

feat: add exclude options

v1.x.x
dnomd343 2 years ago
parent
commit
2700bc33d5
  1. 21
      cmd/config/decode.go
  2. 1
      cmd/config/main.go
  3. 2
      cmd/controller.go
  4. 1
      cmd/network/main.go
  5. 6
      cmd/network/tproxy.go

21
cmd/config/decode.go

@ -23,6 +23,7 @@ type RawConfig struct {
Network struct {
DNS []string `yaml:"dns" json:"dns"`
ByPass []string `yaml:"bypass" json:"bypass"`
Exclude []string `yaml:"exclude" json:"exclude"`
IPv4 NetConfig `yaml:"ipv4" json:"ipv4"`
IPv6 NetConfig `yaml:"ipv6" json:"ipv6"`
} `yaml:"network" json:"network"`
@ -62,11 +63,25 @@ func decodeBypass(rawConfig *RawConfig, config *Config) {
} else if common.IsIPv6(address, true) || common.IsIPv6(address, false) {
config.IPv6.Bypass = append(config.IPv6.Bypass, address)
} else {
log.Panicf("Invalid bypass CIDR -> %s", address)
log.Panicf("Invalid bypass IP or CIDR -> %s", address)
}
}
log.Debugf("IPv4 bypass CIDR -> %s", config.IPv4.Bypass)
log.Debugf("IPv6 bypass CIDR -> %s", config.IPv6.Bypass)
log.Debugf("IPv4 bypass -> %s", config.IPv4.Bypass)
log.Debugf("IPv6 bypass -> %s", config.IPv6.Bypass)
}
func decodeExclude(rawConfig *RawConfig, config *Config) {
for _, address := range rawConfig.Network.Exclude { // exclude options
if common.IsIPv4(address, true) || common.IsIPv4(address, false) {
config.IPv4.Exclude = append(config.IPv4.Exclude, address)
} else if common.IsIPv6(address, true) || common.IsIPv6(address, false) {
config.IPv6.Exclude = append(config.IPv6.Exclude, address)
} else {
log.Panicf("Invalid exclude IP or CIDR -> %s", address)
}
}
log.Debugf("IPv4 exclude -> %s", config.IPv4.Exclude)
log.Debugf("IPv6 exclude -> %s", config.IPv6.Exclude)
}
func decodeIPv4(rawConfig *RawConfig, config *Config) {

1
cmd/config/main.go

@ -33,6 +33,7 @@ func Load(configFile string, config *Config) {
rawConfig := configDecode(raw, path.Ext(configFile)) // decode configure content
decodeDns(&rawConfig, config)
decodeBypass(&rawConfig, config)
decodeExclude(&rawConfig, config)
decodeIPv4(&rawConfig, config)
decodeIPv6(&rawConfig, config)
decodeProxy(&rawConfig, config)

2
cmd/controller.go

@ -14,7 +14,6 @@ import (
"path"
"strconv"
"syscall"
"time"
)
func runProcess(env []string, command ...string) {
@ -79,7 +78,6 @@ func runRadvd(settings *config.Config) {
radvdCmd = append(radvdCmd, "--logmethod", "logfile")
radvdCmd = append(radvdCmd, "--logfile", path.Join(exposeDir, "log/radvd.log"))
radvdCmd = append(radvdCmd, "--debug", strconv.Itoa(settings.Radvd.Log))
time.Sleep(time.Second) // radvd will crash on first boot without delay (enable debug), why???
}
runProcess(nil, radvdCmd...)
}

1
cmd/network/main.go

@ -12,6 +12,7 @@ type Config struct {
Address string
Gateway string
Bypass []string
Exclude []string
}
var run = common.RunCommand

6
cmd/network/tproxy.go

@ -16,6 +16,9 @@ func loadV4TProxy(v4 *Config, v4SysCidr []string) {
for _, bypass := range v4Bypass {
run("iptables", "-t", "mangle", "-A", "XPROXY", "-d", bypass, "-j", "RETURN")
}
for _, exclude := range v4.Exclude {
run("iptables", "-t", "mangle", "-A", "XPROXY", "-s", exclude, "-j", "RETURN")
}
run("iptables", "-t", "mangle", "-A", "XPROXY",
"-p", "tcp", "-j", "TPROXY", "--on-port", strconv.Itoa(v4.TProxyPort), "--tproxy-mark", "1")
run("iptables", "-t", "mangle", "-A", "XPROXY",
@ -34,6 +37,9 @@ func loadV6TProxy(v6 *Config, v6SysCidr []string) {
for _, bypass := range v6Bypass {
run("ip6tables", "-t", "mangle", "-A", "XPROXY6", "-d", bypass, "-j", "RETURN")
}
for _, exclude := range v6.Exclude {
run("ip6tables", "-t", "mangle", "-A", "XPROXY6", "-s", exclude, "-j", "RETURN")
}
run("ip6tables", "-t", "mangle", "-A", "XPROXY6",
"-p", "tcp", "-j", "TPROXY", "--on-port", strconv.Itoa(v6.TProxyPort), "--tproxy-mark", "1")
run("ip6tables", "-t", "mangle", "-A", "XPROXY6",

Loading…
Cancel
Save