Feature: add source ipcidr condition to rule final

This commit is contained in:
gVisor bot 2021-09-01 18:29:48 +08:00
parent 01d76959ff
commit 3817f2ae91
4 changed files with 25 additions and 13 deletions

View file

@ -404,15 +404,22 @@ func parseRules(cfg *RawConfig, proxies map[string]C.Proxy) ([]C.Rule, error) {
for idx, line := range rulesConfig { for idx, line := range rulesConfig {
rule := trimArr(strings.Split(line, ",")) rule := trimArr(strings.Split(line, ","))
var ( var (
payload string payload string
target string target string
params = []string{} params = []string{}
ruleName = strings.ToUpper(rule[0])
) )
switch l := len(rule); { switch l := len(rule); {
case l == 2: case l == 2:
target = rule[1] target = rule[1]
case l == 3: case l == 3:
if ruleName == "MATCH" {
payload = ""
target = rule[1]
params = rule[2:]
break
}
payload = rule[1] payload = rule[1]
target = rule[2] target = rule[2]
case l >= 4: case l >= 4:
@ -427,10 +434,10 @@ func parseRules(cfg *RawConfig, proxies map[string]C.Proxy) ([]C.Rule, error) {
return nil, fmt.Errorf("rules[%d] [%s] error: proxy [%s] not found", idx, line, target) return nil, fmt.Errorf("rules[%d] [%s] error: proxy [%s] not found", idx, line, target)
} }
rule = trimArr(rule) //rule = trimArr(rule)
params = trimArr(params) params = trimArr(params)
parsed, parseErr := R.ParseRule(rule[0], payload, target, params) parsed, parseErr := R.ParseRule(ruleName, payload, target, params)
if parseErr != nil { if parseErr != nil {
return nil, fmt.Errorf("rules[%d] [%s] error: %s", idx, line, parseErr.Error()) return nil, fmt.Errorf("rules[%d] [%s] error: %s", idx, line, parseErr.Error())
} }

View file

@ -22,7 +22,7 @@ type geoipFilter struct {
func (gf *geoipFilter) Match(ip net.IP) bool { func (gf *geoipFilter) Match(ip net.IP) bool {
if multiGeoIPMatcher == nil { if multiGeoIPMatcher == nil {
countryCodeCN := gf.code countryCode := gf.code
countryCodePrivate := "private" countryCodePrivate := "private"
geoLoader, err := geodata.GetGeoDataLoader("standard") geoLoader, err := geodata.GetGeoDataLoader("standard")
if err != nil { if err != nil {
@ -30,7 +30,7 @@ func (gf *geoipFilter) Match(ip net.IP) bool {
return false return false
} }
recordsCN, err := geoLoader.LoadGeoIP(countryCodeCN) recordsCN, err := geoLoader.LoadGeoIP(countryCode)
if err != nil { if err != nil {
log.Errorln("[GeoIPFilter] LoadGeoIP error: %s", err.Error()) log.Errorln("[GeoIPFilter] LoadGeoIP error: %s", err.Error())
return false return false
@ -44,7 +44,7 @@ func (gf *geoipFilter) Match(ip net.IP) bool {
geoips := []*router.GeoIP{ geoips := []*router.GeoIP{
{ {
CountryCode: countryCodeCN, CountryCode: countryCode,
Cidr: recordsCN, Cidr: recordsCN,
ReverseMatch: false, ReverseMatch: false,
}, },

View file

@ -5,7 +5,8 @@ import (
) )
type Match struct { type Match struct {
adapter string adapter string
ruleExtra *C.RuleExtra
} }
func (f *Match) RuleType() C.RuleType { func (f *Match) RuleType() C.RuleType {
@ -29,11 +30,15 @@ func (f *Match) ShouldResolveIP() bool {
} }
func (f *Match) RuleExtra() *C.RuleExtra { func (f *Match) RuleExtra() *C.RuleExtra {
return nil return f.ruleExtra
} }
func NewMatch(adapter string) *Match { func NewMatch(adapter string, ruleExtra *C.RuleExtra) *Match {
if ruleExtra.SourceIPs == nil {
ruleExtra = nil
}
return &Match{ return &Match{
adapter: adapter, adapter: adapter,
ruleExtra: ruleExtra,
} }
} }

View file

@ -41,7 +41,7 @@ func ParseRule(tp, payload, target string, params []string) (C.Rule, error) {
case "PROCESS-NAME": case "PROCESS-NAME":
parsed, parseErr = NewProcess(payload, target, ruleExtra) parsed, parseErr = NewProcess(payload, target, ruleExtra)
case "MATCH": case "MATCH":
parsed = NewMatch(target) parsed = NewMatch(target, ruleExtra)
default: default:
parseErr = fmt.Errorf("unsupported rule type %s", tp) parseErr = fmt.Errorf("unsupported rule type %s", tp)
} }