mirror of
https://github.com/XTLS/Xray-core.git
synced 2026-07-08 20:58:44 +00:00
Sniffing: Add ipsExcluded (supports IP, CIDR, "geoip:", "ext:") (#5929)
https://github.com/XTLS/Xray-core/pull/5927#issuecomment-4238197075 https://github.com/XTLS/Xray-core/pull/5929#issuecomment-4238550443
This commit is contained in:
+15
-8
@@ -55,37 +55,44 @@ type SniffingConfig struct {
|
||||
Enabled bool `json:"enabled"`
|
||||
DestOverride StringList `json:"destOverride"`
|
||||
DomainsExcluded StringList `json:"domainsExcluded"`
|
||||
IPsExcluded StringList `json:"ipsExcluded"`
|
||||
MetadataOnly bool `json:"metadataOnly"`
|
||||
RouteOnly bool `json:"routeOnly"`
|
||||
}
|
||||
|
||||
// Build implements Buildable.
|
||||
func (c *SniffingConfig) Build() (*proxyman.SniffingConfig, error) {
|
||||
var p []string
|
||||
var protocols []string
|
||||
for _, protocol := range c.DestOverride {
|
||||
switch strings.ToLower(protocol) {
|
||||
case "http":
|
||||
p = append(p, "http")
|
||||
protocols = append(protocols, "http")
|
||||
case "tls", "https", "ssl":
|
||||
p = append(p, "tls")
|
||||
protocols = append(protocols, "tls")
|
||||
case "quic":
|
||||
p = append(p, "quic")
|
||||
protocols = append(protocols, "quic")
|
||||
case "fakedns", "fakedns+others":
|
||||
p = append(p, "fakedns")
|
||||
protocols = append(protocols, "fakedns")
|
||||
default:
|
||||
return nil, errors.New("unknown protocol: ", protocol)
|
||||
}
|
||||
}
|
||||
|
||||
d, err := geodata.ParseDomainRules(c.DomainsExcluded, geodata.Domain_Substr)
|
||||
domains, err := geodata.ParseDomainRules(c.DomainsExcluded, geodata.Domain_Substr)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
ips, err := geodata.ParseIPRules(c.IPsExcluded)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return &proxyman.SniffingConfig{
|
||||
Enabled: c.Enabled,
|
||||
DestinationOverride: p,
|
||||
DomainsExcluded: d,
|
||||
DestinationOverride: protocols,
|
||||
DomainsExcluded: domains,
|
||||
IpsExcluded: ips,
|
||||
MetadataOnly: c.MetadataOnly,
|
||||
RouteOnly: c.RouteOnly,
|
||||
}, nil
|
||||
|
||||
@@ -163,6 +163,7 @@ func TestSniffingConfig_Build(t *testing.T) {
|
||||
Enabled: true,
|
||||
DestOverride: StringList{"http", "tls"},
|
||||
DomainsExcluded: StringList{"full:api.example.com", "domain:blocked.example", "regexp:^test[0-9]+\\.internal$"},
|
||||
IPsExcluded: StringList{"192.168.1.1", "2001:db8::/32"},
|
||||
MetadataOnly: true,
|
||||
RouteOnly: true,
|
||||
}
|
||||
@@ -181,6 +182,9 @@ func TestSniffingConfig_Build(t *testing.T) {
|
||||
if len(built.DomainsExcluded) != 3 {
|
||||
t.Fatalf("SniffingConfig.Build() produced %d domain rules", len(built.DomainsExcluded))
|
||||
}
|
||||
if len(built.IpsExcluded) != 2 {
|
||||
t.Fatalf("SniffingConfig.Build() produced %d ip rules", len(built.IpsExcluded))
|
||||
}
|
||||
|
||||
want := []struct {
|
||||
ruleType geodata.Domain_Type
|
||||
@@ -199,6 +203,23 @@ func TestSniffingConfig_Build(t *testing.T) {
|
||||
t.Fatalf("SniffingConfig.Build() produced wrong rule at index %d: got (%v, %q), want (%v, %q)", i, rule.Type, rule.Value, tc.ruleType, tc.value)
|
||||
}
|
||||
}
|
||||
|
||||
wantIPs := []struct {
|
||||
ip []byte
|
||||
prefix uint32
|
||||
}{
|
||||
{ip: []byte(net.ParseAddress("192.168.1.1").IP()), prefix: 32},
|
||||
{ip: []byte(net.ParseAddress("2001:db8::").IP()), prefix: 32},
|
||||
}
|
||||
for i, tc := range wantIPs {
|
||||
rule := built.IpsExcluded[i].GetCustom()
|
||||
if rule == nil {
|
||||
t.Fatalf("SniffingConfig.Build() produced a non-custom ip rule at index %d", i)
|
||||
}
|
||||
if !reflect.DeepEqual(rule.Ip, tc.ip) || rule.Prefix != tc.prefix {
|
||||
t.Fatalf("SniffingConfig.Build() produced wrong ip rule at index %d: got (%v, %d), want (%v, %d)", i, rule.Ip, rule.Prefix, tc.ip, tc.prefix)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func TestMuxConfig_Build(t *testing.T) {
|
||||
|
||||
Reference in New Issue
Block a user