Merge branch 'Alpha' into dev
This commit is contained in:
commit
a197fbd4b5
13 changed files with 200 additions and 300 deletions
6
Makefile
6
Makefile
|
@ -47,9 +47,9 @@ WINDOWS_ARCH_LIST = \
|
||||||
windows-arm64 \
|
windows-arm64 \
|
||||||
windows-arm32v7
|
windows-arm32v7
|
||||||
|
|
||||||
all:linux-amd64 linux-arm64\
|
all:linux-amd64v3 linux-arm64\
|
||||||
darwin-amd64 darwin-arm64\
|
darwin-amd64v3 darwin-arm64\
|
||||||
windows-amd64 windows-arm64\
|
windows-amd64v3 windows-arm64\
|
||||||
|
|
||||||
docker:
|
docker:
|
||||||
GOAMD64=v3 $(GOBUILD) -o $(BINDIR)/$(NAME)-$@
|
GOAMD64=v3 $(GOBUILD) -o $(BINDIR)/$(NAME)-$@
|
||||||
|
|
|
@ -1,228 +0,0 @@
|
||||||
package process
|
|
||||||
|
|
||||||
import (
|
|
||||||
"bytes"
|
|
||||||
"encoding/binary"
|
|
||||||
"fmt"
|
|
||||||
"net"
|
|
||||||
"net/netip"
|
|
||||||
"os"
|
|
||||||
"path"
|
|
||||||
"path/filepath"
|
|
||||||
"strings"
|
|
||||||
"syscall"
|
|
||||||
"unicode"
|
|
||||||
"unsafe"
|
|
||||||
|
|
||||||
"github.com/Dreamacro/clash/common/pool"
|
|
||||||
)
|
|
||||||
|
|
||||||
// from https://github.com/vishvananda/netlink/blob/bca67dfc8220b44ef582c9da4e9172bf1c9ec973/nl/nl_linux.go#L52-L62
|
|
||||||
var nativeEndian = func() binary.ByteOrder {
|
|
||||||
var x uint32 = 0x01020304
|
|
||||||
if *(*byte)(unsafe.Pointer(&x)) == 0x01 {
|
|
||||||
return binary.BigEndian
|
|
||||||
}
|
|
||||||
|
|
||||||
return binary.LittleEndian
|
|
||||||
}()
|
|
||||||
|
|
||||||
const (
|
|
||||||
sizeOfSocketDiagRequest = syscall.SizeofNlMsghdr + 8 + 48
|
|
||||||
socketDiagByFamily = 20
|
|
||||||
pathProc = "/proc"
|
|
||||||
)
|
|
||||||
|
|
||||||
func findProcessName(network string, ip netip.Addr, srcPort int) (int32, string, error) {
|
|
||||||
inode, uid, err := resolveSocketByNetlink(network, ip, srcPort)
|
|
||||||
if err != nil {
|
|
||||||
return -1, "", err
|
|
||||||
}
|
|
||||||
|
|
||||||
pp, err := resolveProcessNameByProcSearch(inode, uid)
|
|
||||||
return uid, pp, err
|
|
||||||
}
|
|
||||||
|
|
||||||
func resolveSocketByNetlink(network string, ip netip.Addr, srcPort int) (int32, int32, error) {
|
|
||||||
var family byte
|
|
||||||
var protocol byte
|
|
||||||
|
|
||||||
switch network {
|
|
||||||
case TCP:
|
|
||||||
protocol = syscall.IPPROTO_TCP
|
|
||||||
case UDP:
|
|
||||||
protocol = syscall.IPPROTO_UDP
|
|
||||||
default:
|
|
||||||
return 0, 0, ErrInvalidNetwork
|
|
||||||
}
|
|
||||||
|
|
||||||
if ip.Is4() {
|
|
||||||
family = syscall.AF_INET
|
|
||||||
} else {
|
|
||||||
family = syscall.AF_INET6
|
|
||||||
}
|
|
||||||
|
|
||||||
req := packSocketDiagRequest(family, protocol, ip, uint16(srcPort))
|
|
||||||
|
|
||||||
socket, err := syscall.Socket(syscall.AF_NETLINK, syscall.SOCK_DGRAM, syscall.NETLINK_INET_DIAG)
|
|
||||||
if err != nil {
|
|
||||||
return 0, 0, fmt.Errorf("dial netlink: %w", err)
|
|
||||||
}
|
|
||||||
defer syscall.Close(socket)
|
|
||||||
|
|
||||||
_ = syscall.SetsockoptTimeval(socket, syscall.SOL_SOCKET, syscall.SO_SNDTIMEO, &syscall.Timeval{Usec: 100})
|
|
||||||
_ = syscall.SetsockoptTimeval(socket, syscall.SOL_SOCKET, syscall.SO_RCVTIMEO, &syscall.Timeval{Usec: 100})
|
|
||||||
|
|
||||||
if err := syscall.Connect(socket, &syscall.SockaddrNetlink{
|
|
||||||
Family: syscall.AF_NETLINK,
|
|
||||||
Pad: 0,
|
|
||||||
Pid: 0,
|
|
||||||
Groups: 0,
|
|
||||||
}); err != nil {
|
|
||||||
return 0, 0, err
|
|
||||||
}
|
|
||||||
|
|
||||||
if _, err := syscall.Write(socket, req); err != nil {
|
|
||||||
return 0, 0, fmt.Errorf("write request: %w", err)
|
|
||||||
}
|
|
||||||
|
|
||||||
rb := pool.Get(pool.RelayBufferSize)
|
|
||||||
defer pool.Put(rb)
|
|
||||||
|
|
||||||
n, err := syscall.Read(socket, rb)
|
|
||||||
if err != nil {
|
|
||||||
return 0, 0, fmt.Errorf("read response: %w", err)
|
|
||||||
}
|
|
||||||
|
|
||||||
messages, err := syscall.ParseNetlinkMessage(rb[:n])
|
|
||||||
if err != nil {
|
|
||||||
return 0, 0, fmt.Errorf("parse netlink message: %w", err)
|
|
||||||
} else if len(messages) == 0 {
|
|
||||||
return 0, 0, fmt.Errorf("unexcepted netlink response")
|
|
||||||
}
|
|
||||||
|
|
||||||
message := messages[0]
|
|
||||||
if message.Header.Type&syscall.NLMSG_ERROR != 0 {
|
|
||||||
return 0, 0, fmt.Errorf("netlink message: NLMSG_ERROR")
|
|
||||||
}
|
|
||||||
|
|
||||||
uid, inode := unpackSocketDiagResponse(&messages[0])
|
|
||||||
if uid < 0 || inode < 0 {
|
|
||||||
return 0, 0, fmt.Errorf("invalid uid(%d) or inode(%d)", uid, inode)
|
|
||||||
}
|
|
||||||
|
|
||||||
return uid, inode, nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func packSocketDiagRequest(family, protocol byte, source netip.Addr, sourcePort uint16) []byte {
|
|
||||||
s := make([]byte, 16)
|
|
||||||
|
|
||||||
copy(s, source.AsSlice())
|
|
||||||
|
|
||||||
buf := make([]byte, sizeOfSocketDiagRequest)
|
|
||||||
|
|
||||||
nativeEndian.PutUint32(buf[0:4], sizeOfSocketDiagRequest)
|
|
||||||
nativeEndian.PutUint16(buf[4:6], socketDiagByFamily)
|
|
||||||
nativeEndian.PutUint16(buf[6:8], syscall.NLM_F_REQUEST|syscall.NLM_F_DUMP)
|
|
||||||
nativeEndian.PutUint32(buf[8:12], 0)
|
|
||||||
nativeEndian.PutUint32(buf[12:16], 0)
|
|
||||||
|
|
||||||
buf[16] = family
|
|
||||||
buf[17] = protocol
|
|
||||||
buf[18] = 0
|
|
||||||
buf[19] = 0
|
|
||||||
nativeEndian.PutUint32(buf[20:24], 0xFFFFFFFF)
|
|
||||||
|
|
||||||
binary.BigEndian.PutUint16(buf[24:26], sourcePort)
|
|
||||||
binary.BigEndian.PutUint16(buf[26:28], 0)
|
|
||||||
|
|
||||||
copy(buf[28:44], s)
|
|
||||||
copy(buf[44:60], net.IPv6zero)
|
|
||||||
|
|
||||||
nativeEndian.PutUint32(buf[60:64], 0)
|
|
||||||
nativeEndian.PutUint64(buf[64:72], 0xFFFFFFFFFFFFFFFF)
|
|
||||||
|
|
||||||
return buf
|
|
||||||
}
|
|
||||||
|
|
||||||
func unpackSocketDiagResponse(msg *syscall.NetlinkMessage) (inode, uid int32) {
|
|
||||||
if len(msg.Data) < 72 {
|
|
||||||
return 0, 0
|
|
||||||
}
|
|
||||||
|
|
||||||
data := msg.Data
|
|
||||||
|
|
||||||
uid = int32(nativeEndian.Uint32(data[64:68]))
|
|
||||||
inode = int32(nativeEndian.Uint32(data[68:72]))
|
|
||||||
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
func resolveProcessNameByProcSearch(inode, uid int32) (string, error) {
|
|
||||||
files, err := os.ReadDir(pathProc)
|
|
||||||
if err != nil {
|
|
||||||
return "", err
|
|
||||||
}
|
|
||||||
|
|
||||||
buffer := make([]byte, syscall.PathMax)
|
|
||||||
socket := []byte(fmt.Sprintf("socket:[%d]", inode))
|
|
||||||
|
|
||||||
for _, f := range files {
|
|
||||||
if !f.IsDir() || !isPid(f.Name()) {
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
|
|
||||||
info, err := f.Info()
|
|
||||||
if err != nil {
|
|
||||||
return "", err
|
|
||||||
}
|
|
||||||
if info.Sys().(*syscall.Stat_t).Uid != uint32(uid) {
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
|
|
||||||
processPath := path.Join(pathProc, f.Name())
|
|
||||||
fdPath := path.Join(processPath, "fd")
|
|
||||||
|
|
||||||
fds, err := os.ReadDir(fdPath)
|
|
||||||
if err != nil {
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
|
|
||||||
for _, fd := range fds {
|
|
||||||
n, err := syscall.Readlink(path.Join(fdPath, fd.Name()), buffer)
|
|
||||||
if err != nil {
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
|
|
||||||
if bytes.Equal(buffer[:n], socket) {
|
|
||||||
cmdline, err := os.ReadFile(path.Join(processPath, "cmdline"))
|
|
||||||
if err != nil {
|
|
||||||
return "", err
|
|
||||||
}
|
|
||||||
|
|
||||||
return splitCmdline(cmdline), nil
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return "", fmt.Errorf("process of uid(%d),inode(%d) not found", uid, inode)
|
|
||||||
}
|
|
||||||
|
|
||||||
func splitCmdline(cmdline []byte) string {
|
|
||||||
cmdline = bytes.Trim(cmdline, " ")
|
|
||||||
|
|
||||||
idx := bytes.IndexFunc(cmdline, func(r rune) bool {
|
|
||||||
return unicode.IsControl(r) || unicode.IsSpace(r)
|
|
||||||
})
|
|
||||||
|
|
||||||
if idx == -1 {
|
|
||||||
return filepath.Base(string(cmdline))
|
|
||||||
}
|
|
||||||
return filepath.Base(string(cmdline[:idx]))
|
|
||||||
}
|
|
||||||
|
|
||||||
func isPid(s string) bool {
|
|
||||||
return strings.IndexFunc(s, func(r rune) bool {
|
|
||||||
return !unicode.IsDigit(r)
|
|
||||||
}) == -1
|
|
||||||
}
|
|
|
@ -1,5 +1,3 @@
|
||||||
//go:build !android
|
|
||||||
|
|
||||||
package process
|
package process
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -10,6 +8,8 @@ import (
|
||||||
"net/netip"
|
"net/netip"
|
||||||
"os"
|
"os"
|
||||||
"path"
|
"path"
|
||||||
|
"path/filepath"
|
||||||
|
"runtime"
|
||||||
"strings"
|
"strings"
|
||||||
"syscall"
|
"syscall"
|
||||||
"unicode"
|
"unicode"
|
||||||
|
@ -198,8 +198,19 @@ func resolveProcessNameByProcSearch(inode, uid int32) (string, error) {
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
|
||||||
if bytes.Equal(buffer[:n], socket) {
|
if runtime.GOOS == "android" {
|
||||||
return os.Readlink(path.Join(processPath, "exe"))
|
if bytes.Equal(buffer[:n], socket) {
|
||||||
|
cmdline, err := os.ReadFile(path.Join(processPath, "cmdline"))
|
||||||
|
if err != nil {
|
||||||
|
return "", err
|
||||||
|
}
|
||||||
|
|
||||||
|
return splitCmdline(cmdline), nil
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
if bytes.Equal(buffer[:n], socket) {
|
||||||
|
return os.Readlink(path.Join(processPath, "exe"))
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -207,6 +218,19 @@ func resolveProcessNameByProcSearch(inode, uid int32) (string, error) {
|
||||||
return "", fmt.Errorf("process of uid(%d),inode(%d) not found", uid, inode)
|
return "", fmt.Errorf("process of uid(%d),inode(%d) not found", uid, inode)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func splitCmdline(cmdline []byte) string {
|
||||||
|
cmdline = bytes.Trim(cmdline, " ")
|
||||||
|
|
||||||
|
idx := bytes.IndexFunc(cmdline, func(r rune) bool {
|
||||||
|
return unicode.IsControl(r) || unicode.IsSpace(r)
|
||||||
|
})
|
||||||
|
|
||||||
|
if idx == -1 {
|
||||||
|
return filepath.Base(string(cmdline))
|
||||||
|
}
|
||||||
|
return filepath.Base(string(cmdline[:idx]))
|
||||||
|
}
|
||||||
|
|
||||||
func isPid(s string) bool {
|
func isPid(s string) bool {
|
||||||
return strings.IndexFunc(s, func(r rune) bool {
|
return strings.IndexFunc(s, func(r rune) bool {
|
||||||
return !unicode.IsDigit(r)
|
return !unicode.IsDigit(r)
|
||||||
|
|
|
@ -115,7 +115,7 @@ type Tun struct {
|
||||||
DNSHijack []netip.AddrPort `yaml:"dns-hijack" json:"dns-hijack"`
|
DNSHijack []netip.AddrPort `yaml:"dns-hijack" json:"dns-hijack"`
|
||||||
AutoRoute bool `yaml:"auto-route" json:"auto-route"`
|
AutoRoute bool `yaml:"auto-route" json:"auto-route"`
|
||||||
AutoDetectInterface bool `yaml:"auto-detect-interface" json:"auto-detect-interface"`
|
AutoDetectInterface bool `yaml:"auto-detect-interface" json:"auto-detect-interface"`
|
||||||
TunAddressPrefix *netip.Prefix `yaml:"-" json:"-"`
|
TunAddressPrefix netip.Prefix `yaml:"-" json:"-"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// IPTables config
|
// IPTables config
|
||||||
|
@ -910,9 +910,11 @@ func parseTun(rawTun RawTun, general *General, dnsCfg *DNS) (*Tun, error) {
|
||||||
dnsHijack = append(dnsHijack, addrPort)
|
dnsHijack = append(dnsHijack, addrPort)
|
||||||
}
|
}
|
||||||
|
|
||||||
var tunAddressPrefix *netip.Prefix
|
var tunAddressPrefix netip.Prefix
|
||||||
if dnsCfg.FakeIPRange != nil {
|
if dnsCfg.FakeIPRange != nil {
|
||||||
tunAddressPrefix = dnsCfg.FakeIPRange.IPNet()
|
tunAddressPrefix = *dnsCfg.FakeIPRange.IPNet()
|
||||||
|
} else {
|
||||||
|
tunAddressPrefix = netip.MustParsePrefix("198.18.0.1/16")
|
||||||
}
|
}
|
||||||
|
|
||||||
return &Tun{
|
return &Tun{
|
||||||
|
|
4
go.mod
4
go.mod
|
@ -16,7 +16,7 @@ require (
|
||||||
github.com/oschwald/geoip2-golang v1.7.0
|
github.com/oschwald/geoip2-golang v1.7.0
|
||||||
github.com/sirupsen/logrus v1.8.1
|
github.com/sirupsen/logrus v1.8.1
|
||||||
github.com/stretchr/testify v1.7.1
|
github.com/stretchr/testify v1.7.1
|
||||||
github.com/vishvananda/netlink v1.0.1-0.20190930145447-2ec5bdc52b86
|
github.com/vishvananda/netlink v1.2.0-beta.0.20220404152918-5e915e014938
|
||||||
github.com/xtls/go v0.0.0-20210920065950-d4af136d3672
|
github.com/xtls/go v0.0.0-20210920065950-d4af136d3672
|
||||||
go.etcd.io/bbolt v1.3.6
|
go.etcd.io/bbolt v1.3.6
|
||||||
go.uber.org/atomic v1.9.0
|
go.uber.org/atomic v1.9.0
|
||||||
|
@ -60,3 +60,5 @@ require (
|
||||||
)
|
)
|
||||||
|
|
||||||
replace golang.zx2c4.com/wintun v0.0.0-20211104114900-415007cec224 => github.com/MetaCubeX/wintun-go v0.0.0-20220319102620-bbc5e6b2015e
|
replace golang.zx2c4.com/wintun v0.0.0-20211104114900-415007cec224 => github.com/MetaCubeX/wintun-go v0.0.0-20220319102620-bbc5e6b2015e
|
||||||
|
|
||||||
|
replace github.com/vishvananda/netlink v1.2.0-beta.0.20220404152918-5e915e014938 => github.com/MetaCubeX/netlink v1.2.0-beta.0.20220529072258-d6853f887820
|
||||||
|
|
6
go.sum
6
go.sum
|
@ -10,6 +10,8 @@ git.apache.org/thrift.git v0.0.0-20180902110319-2566ecd5d999/go.mod h1:fPE2ZNJGy
|
||||||
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
|
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
|
||||||
github.com/Dreamacro/go-shadowsocks2 v0.1.8 h1:Ixejp5JscEc866gAvm/l6TFd7BOBvDviKgwb1quWw3g=
|
github.com/Dreamacro/go-shadowsocks2 v0.1.8 h1:Ixejp5JscEc866gAvm/l6TFd7BOBvDviKgwb1quWw3g=
|
||||||
github.com/Dreamacro/go-shadowsocks2 v0.1.8/go.mod h1:51y4Q6tJoCE7e8TmYXcQRqfoxPfE9Cvn79V6pB6Df7Y=
|
github.com/Dreamacro/go-shadowsocks2 v0.1.8/go.mod h1:51y4Q6tJoCE7e8TmYXcQRqfoxPfE9Cvn79V6pB6Df7Y=
|
||||||
|
github.com/MetaCubeX/netlink v1.2.0-beta.0.20220529072258-d6853f887820 h1:fGKWZ25VApYnuPZoNeqdH/nZtHa2XMajwH6Yj/OgoVc=
|
||||||
|
github.com/MetaCubeX/netlink v1.2.0-beta.0.20220529072258-d6853f887820/go.mod h1:twkDnbuQxJYemMlGd4JFIcuhgX83tXhKS2B/PRMpOho=
|
||||||
github.com/MetaCubeX/wintun-go v0.0.0-20220319102620-bbc5e6b2015e h1:GRfT5Lf8HP7RNczKIwTYLoCh1PPuIs/sY9hj+W+3deg=
|
github.com/MetaCubeX/wintun-go v0.0.0-20220319102620-bbc5e6b2015e h1:GRfT5Lf8HP7RNczKIwTYLoCh1PPuIs/sY9hj+W+3deg=
|
||||||
github.com/MetaCubeX/wintun-go v0.0.0-20220319102620-bbc5e6b2015e/go.mod h1:ARUuShAtcziEJ/vnZ2hgoP+zc0J7Ukcca2S/NPDoQCc=
|
github.com/MetaCubeX/wintun-go v0.0.0-20220319102620-bbc5e6b2015e/go.mod h1:ARUuShAtcziEJ/vnZ2hgoP+zc0J7Ukcca2S/NPDoQCc=
|
||||||
github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c=
|
github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c=
|
||||||
|
@ -202,8 +204,7 @@ github.com/u-root/uio v0.0.0-20220204230159-dac05f7d2cb4 h1:hl6sK6aFgTLISijk6xIz
|
||||||
github.com/u-root/uio v0.0.0-20220204230159-dac05f7d2cb4/go.mod h1:LpEX5FO/cB+WF4TYGY1V5qktpaZLkKkSegbr0V4eYXA=
|
github.com/u-root/uio v0.0.0-20220204230159-dac05f7d2cb4/go.mod h1:LpEX5FO/cB+WF4TYGY1V5qktpaZLkKkSegbr0V4eYXA=
|
||||||
github.com/viant/assertly v0.4.8/go.mod h1:aGifi++jvCrUaklKEKT0BU95igDNaqkvz+49uaYMPRU=
|
github.com/viant/assertly v0.4.8/go.mod h1:aGifi++jvCrUaklKEKT0BU95igDNaqkvz+49uaYMPRU=
|
||||||
github.com/viant/toolbox v0.24.0/go.mod h1:OxMCG57V0PXuIP2HNQrtJf2CjqdmbrOx5EkMILuUhzM=
|
github.com/viant/toolbox v0.24.0/go.mod h1:OxMCG57V0PXuIP2HNQrtJf2CjqdmbrOx5EkMILuUhzM=
|
||||||
github.com/vishvananda/netlink v1.0.1-0.20190930145447-2ec5bdc52b86 h1:7SWt9pGCMaw+N1ZhRsaLKaYNviFhxambdoaoYlDqz1w=
|
github.com/vishvananda/netns v0.0.0-20200728191858-db3c7e526aae/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0=
|
||||||
github.com/vishvananda/netlink v1.0.1-0.20190930145447-2ec5bdc52b86/go.mod h1:+SR5DhBJrl6ZM7CoCKvpw5BKroDKQ+PJqOg65H/2ktk=
|
|
||||||
github.com/vishvananda/netns v0.0.0-20211101163701-50045581ed74 h1:gga7acRE695APm9hlsSMoOoE65U4/TcqNj90mc69Rlg=
|
github.com/vishvananda/netns v0.0.0-20211101163701-50045581ed74 h1:gga7acRE695APm9hlsSMoOoE65U4/TcqNj90mc69Rlg=
|
||||||
github.com/vishvananda/netns v0.0.0-20211101163701-50045581ed74/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0=
|
github.com/vishvananda/netns v0.0.0-20211101163701-50045581ed74/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0=
|
||||||
github.com/xtls/go v0.0.0-20210920065950-d4af136d3672 h1:4mkzGhKqt3JO1BWYjtD3iRFyAx4ow67hmSqOcGjuxqQ=
|
github.com/xtls/go v0.0.0-20210920065950-d4af136d3672 h1:4mkzGhKqt3JO1BWYjtD3iRFyAx4ow67hmSqOcGjuxqQ=
|
||||||
|
@ -297,6 +298,7 @@ golang.org/x/sys v0.0.0-20200217220822-9197077df867/go.mod h1:h1NjWce9XRLGQEsW7w
|
||||||
golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20200728102440-3e129f6d46b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20200923182605-d9f96fdee20d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20200923182605-d9f96fdee20d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20201009025420-dfb3f7c4e634/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20201009025420-dfb3f7c4e634/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
|
|
@ -2,11 +2,9 @@ package proxy
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"github.com/Dreamacro/clash/common/cmd"
|
|
||||||
"github.com/Dreamacro/clash/listener/inner"
|
"github.com/Dreamacro/clash/listener/inner"
|
||||||
"github.com/Dreamacro/clash/listener/tun/ipstack/commons"
|
"github.com/Dreamacro/clash/listener/tun/ipstack/commons"
|
||||||
"net"
|
"net"
|
||||||
"runtime"
|
|
||||||
"sort"
|
"sort"
|
||||||
"strconv"
|
"strconv"
|
||||||
"sync"
|
"sync"
|
||||||
|
@ -456,12 +454,7 @@ func Cleanup(wait bool) {
|
||||||
commons.WaitForTunClose(lastTunConf.Device)
|
commons.WaitForTunClose(lastTunConf.Device)
|
||||||
}
|
}
|
||||||
|
|
||||||
if runtime.GOOS == "android" {
|
commons.CleanupRule()
|
||||||
prefs := []int{9000, 9001, 9002, 9003, 9004}
|
|
||||||
for _, pref := range prefs {
|
|
||||||
_, _ = cmd.ExecCmd(fmt.Sprintf("ip rule del pref %d", pref))
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
tunStackListener = nil
|
tunStackListener = nil
|
||||||
lastTunConf = nil
|
lastTunConf = nil
|
||||||
|
|
|
@ -2,26 +2,30 @@ package commons
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"github.com/Dreamacro/clash/common/cmd"
|
|
||||||
"github.com/Dreamacro/clash/listener/tun/device"
|
"github.com/Dreamacro/clash/listener/tun/device"
|
||||||
"github.com/Dreamacro/clash/log"
|
"github.com/Dreamacro/clash/log"
|
||||||
|
"github.com/vishvananda/netlink"
|
||||||
|
"net"
|
||||||
"net/netip"
|
"net/netip"
|
||||||
"strconv"
|
|
||||||
"strings"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
func GetAutoDetectInterface() (ifn string, err error) {
|
func GetAutoDetectInterface() (ifn string, err error) {
|
||||||
cmdRes, err := cmd.ExecCmd("ip route get 1.1.1.1 uid 4294967295")
|
routes, err := netlink.RouteGetWithOptions(
|
||||||
|
net.ParseIP("1.1.1.1"),
|
||||||
sps := strings.Split(cmdRes, " ")
|
&netlink.RouteGetOptions{
|
||||||
if len(sps) > 4 {
|
Uid: &netlink.UID{Uid: 4294967295},
|
||||||
ifn = sps[4]
|
})
|
||||||
|
if err != nil {
|
||||||
|
return "", err
|
||||||
}
|
}
|
||||||
|
|
||||||
if ifn == "" {
|
for _, route := range routes {
|
||||||
err = fmt.Errorf("interface not found")
|
if lk, err := netlink.LinkByIndex(route.LinkIndex); err == nil {
|
||||||
|
return lk.Attrs().Name, nil
|
||||||
|
}
|
||||||
}
|
}
|
||||||
return
|
|
||||||
|
return "", fmt.Errorf("interface not found")
|
||||||
}
|
}
|
||||||
|
|
||||||
func ConfigInterfaceAddress(dev device.Device, addr netip.Prefix, forceMTU int, autoRoute bool) error {
|
func ConfigInterfaceAddress(dev device.Device, addr netip.Prefix, forceMTU int, autoRoute bool) error {
|
||||||
|
@ -30,54 +34,107 @@ func ConfigInterfaceAddress(dev device.Device, addr netip.Prefix, forceMTU int,
|
||||||
ip = addr.Masked().Addr().Next()
|
ip = addr.Masked().Addr().Next()
|
||||||
)
|
)
|
||||||
|
|
||||||
_, err := cmd.ExecCmd(fmt.Sprintf("ip addr add %s dev %s", ip.String(), interfaceName))
|
metaLink, err := netlink.LinkByName(interfaceName)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
_, err = cmd.ExecCmd(fmt.Sprintf("ip link set %s up", interfaceName))
|
naddr, err := netlink.ParseAddr(addr.String())
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
if err = execRouterCmd("add", addr.Masked().String(), interfaceName, ip.String(), "main"); err != nil {
|
if err = netlink.AddrAdd(metaLink, naddr); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
if err = netlink.LinkSetUp(metaLink); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
if autoRoute {
|
if autoRoute {
|
||||||
err = configInterfaceRouting(interfaceName, addr)
|
err = configInterfaceRouting(metaLink.Attrs().Index, interfaceName, ip)
|
||||||
}
|
}
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
func configInterfaceRouting(interfaceName string, addr netip.Prefix) error {
|
func configInterfaceRouting(index int, interfaceName string, ip netip.Addr) error {
|
||||||
linkIP := addr.Masked().Addr().Next()
|
|
||||||
const tableId = 1981801
|
const tableId = 1981801
|
||||||
|
var pref = 9000
|
||||||
|
|
||||||
for _, route := range defaultRoutes {
|
for _, route := range defaultRoutes {
|
||||||
if err := execRouterCmd("add", route, interfaceName, linkIP.String(), strconv.Itoa(tableId)); err != nil {
|
_, ipn, err := net.ParseCIDR(route)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := netlink.RouteAdd(&netlink.Route{
|
||||||
|
LinkIndex: index,
|
||||||
|
Scope: netlink.SCOPE_LINK,
|
||||||
|
Protocol: 2,
|
||||||
|
Src: ip.AsSlice(),
|
||||||
|
Dst: ipn,
|
||||||
|
Table: tableId,
|
||||||
|
}); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
execAddRuleCmd(fmt.Sprintf("lookup main pref 9000"))
|
|
||||||
execAddRuleCmd(fmt.Sprintf("from 0.0.0.0 iif lo uidrange 0-4294967294 lookup %d pref 9001", tableId))
|
logIfErr := func(e error) {
|
||||||
execAddRuleCmd(fmt.Sprintf("from %s iif lo uidrange 0-4294967294 lookup %d pref 9002", linkIP, tableId))
|
if e != nil {
|
||||||
execAddRuleCmd(fmt.Sprintf("from all iif %s lookup main suppress_prefixlength 0 pref 9003", interfaceName))
|
log.Warnln("[TOUTE] config route rule: %s", e)
|
||||||
execAddRuleCmd(fmt.Sprintf("not from all iif lo lookup %d pref 9004", tableId))
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
var r *netlink.Rule
|
||||||
|
r = netlink.NewRule()
|
||||||
|
r.Table = 254
|
||||||
|
r.Priority = pref
|
||||||
|
logIfErr(netlink.RuleAdd(r))
|
||||||
|
pref += 10
|
||||||
|
|
||||||
|
r = netlink.NewRule()
|
||||||
|
_, nl, _ := net.ParseCIDR("0.0.0.0/32")
|
||||||
|
r.Table = tableId
|
||||||
|
r.Priority = pref
|
||||||
|
r.Src = nl
|
||||||
|
r.IifName = "lo"
|
||||||
|
r.UID = netlink.NewRuleUIDRange(0, 4294967294)
|
||||||
|
logIfErr(netlink.RuleAdd(r))
|
||||||
|
pref += 10
|
||||||
|
|
||||||
|
_, nl, _ = net.ParseCIDR(ip.String())
|
||||||
|
r.Priority = pref
|
||||||
|
r.Src = nl
|
||||||
|
logIfErr(netlink.RuleAdd(r))
|
||||||
|
pref += 10
|
||||||
|
|
||||||
|
r = netlink.NewRule()
|
||||||
|
r.Table = 254
|
||||||
|
r.Priority = pref
|
||||||
|
r.IifName = interfaceName
|
||||||
|
r.SuppressPrefixlen = 0
|
||||||
|
logIfErr(netlink.RuleAdd(r))
|
||||||
|
pref += 10
|
||||||
|
|
||||||
|
r = netlink.NewRule()
|
||||||
|
r.Table = tableId
|
||||||
|
r.Priority = pref
|
||||||
|
r.IifName = "lo"
|
||||||
|
r.SuppressPrefixlen = 0
|
||||||
|
r.Invert = true
|
||||||
|
logIfErr(netlink.RuleAdd(r))
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func execAddRuleCmd(rule string) {
|
func CleanupRule() {
|
||||||
_, err := cmd.ExecCmd("ip rule add " + rule)
|
r := netlink.NewRule()
|
||||||
if err != nil {
|
for i := 0; i < 5; i++ {
|
||||||
log.Warnln("%s", err)
|
r.Priority = 9000 + i*10
|
||||||
|
err := netlink.RuleDel(r)
|
||||||
|
if err != nil {
|
||||||
|
log.Warnln("[TOUTE] cleanup route rule: %s", err)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func execRouterCmd(action, route, interfaceName, linkIP, table string) error {
|
|
||||||
cmdStr := fmt.Sprintf("ip route %s %s dev %s proto kernel scope link src %s table %s", action, route, interfaceName, linkIP, table)
|
|
||||||
|
|
||||||
_, err := cmd.ExecCmd(cmdStr)
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
|
|
|
@ -61,3 +61,5 @@ func execRouterCmd(action, inet, route string, interfaceName string) error {
|
||||||
_, err := cmd.ExecCmd(fmt.Sprintf("route %s %s %s -interface %s", action, inet, route, interfaceName))
|
_, err := cmd.ExecCmd(fmt.Sprintf("route %s %s %s -interface %s", action, inet, route, interfaceName))
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func CleanupRule() {}
|
||||||
|
|
|
@ -6,15 +6,33 @@ import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"github.com/Dreamacro/clash/common/cmd"
|
"github.com/Dreamacro/clash/common/cmd"
|
||||||
"github.com/Dreamacro/clash/listener/tun/device"
|
"github.com/Dreamacro/clash/listener/tun/device"
|
||||||
|
"github.com/vishvananda/netlink"
|
||||||
|
"net"
|
||||||
"net/netip"
|
"net/netip"
|
||||||
)
|
)
|
||||||
|
|
||||||
func GetAutoDetectInterface() (string, error) {
|
func GetAutoDetectInterface() (string, error) {
|
||||||
execCmd, err := cmd.ExecCmd("bash -c ip route show | grep 'default via' | awk -F ' ' 'NR==1{print $5}' | xargs echo -n")
|
routes, err := netlink.RouteList(nil, netlink.FAMILY_V4)
|
||||||
if execCmd == "" {
|
if err != nil {
|
||||||
return "", fmt.Errorf("interface not found")
|
return "", err
|
||||||
}
|
}
|
||||||
return execCmd, err
|
|
||||||
|
for _, route := range routes {
|
||||||
|
if route.Dst == nil {
|
||||||
|
lk, err := netlink.LinkByIndex(route.LinkIndex)
|
||||||
|
if err != nil {
|
||||||
|
return "", err
|
||||||
|
}
|
||||||
|
|
||||||
|
if lk.Type() == "tuntap" {
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
|
||||||
|
return lk.Attrs().Name, nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return "", fmt.Errorf("interface not found")
|
||||||
}
|
}
|
||||||
|
|
||||||
func ConfigInterfaceAddress(dev device.Device, addr netip.Prefix, forceMTU int, autoRoute bool) error {
|
func ConfigInterfaceAddress(dev device.Device, addr netip.Prefix, forceMTU int, autoRoute bool) error {
|
||||||
|
@ -23,29 +41,55 @@ func ConfigInterfaceAddress(dev device.Device, addr netip.Prefix, forceMTU int,
|
||||||
ip = addr.Masked().Addr().Next()
|
ip = addr.Masked().Addr().Next()
|
||||||
)
|
)
|
||||||
|
|
||||||
if _, err := cmd.ExecCmd(fmt.Sprintf("ip addr add %s dev %s", ip.String(), interfaceName)); err != nil {
|
metaLink, err := netlink.LinkByName(interfaceName)
|
||||||
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
if _, err := cmd.ExecCmd(fmt.Sprintf("ip link set %s up", interfaceName)); err != nil {
|
naddr, err := netlink.ParseAddr(addr.String())
|
||||||
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
if err := execRouterCmd("add", addr.Masked().String(), interfaceName, ip.String(), "main"); err != nil {
|
if err = netlink.AddrAdd(metaLink, naddr); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
if err = netlink.LinkSetUp(metaLink); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
if err = netlink.RouteAdd(&netlink.Route{
|
||||||
|
LinkIndex: metaLink.Attrs().Index,
|
||||||
|
Scope: netlink.SCOPE_LINK,
|
||||||
|
Protocol: 2,
|
||||||
|
Src: ip.AsSlice(),
|
||||||
|
Table: 254,
|
||||||
|
}); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
if autoRoute {
|
if autoRoute {
|
||||||
_ = configInterfaceRouting(interfaceName, addr)
|
_ = configInterfaceRouting(metaLink.Attrs().Index, interfaceName, ip)
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func configInterfaceRouting(interfaceName string, addr netip.Prefix) error {
|
func configInterfaceRouting(index int, interfaceName string, ip netip.Addr) error {
|
||||||
linkIP := addr.Masked().Addr().Next()
|
|
||||||
|
|
||||||
for _, route := range defaultRoutes {
|
for _, route := range defaultRoutes {
|
||||||
if err := execRouterCmd("add", route, interfaceName, linkIP.String(), "main"); err != nil {
|
_, ipn, err := net.ParseCIDR(route)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := netlink.RouteAdd(&netlink.Route{
|
||||||
|
LinkIndex: index,
|
||||||
|
Scope: netlink.SCOPE_LINK,
|
||||||
|
Protocol: 2,
|
||||||
|
Src: ip.AsSlice(),
|
||||||
|
Dst: ipn,
|
||||||
|
Table: 254,
|
||||||
|
}); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -59,3 +103,5 @@ func execRouterCmd(action, route, interfaceName, linkIP, table string) error {
|
||||||
_, err := cmd.ExecCmd(cmdStr)
|
_, err := cmd.ExecCmd(cmdStr)
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func CleanupRule() {}
|
||||||
|
|
|
@ -17,3 +17,5 @@ func GetAutoDetectInterface() (string, error) {
|
||||||
func ConfigInterfaceAddress(device.Device, netip.Prefix, int, bool) error {
|
func ConfigInterfaceAddress(device.Device, netip.Prefix, int, bool) error {
|
||||||
return fmt.Errorf("unsupported on this OS: %s", runtime.GOOS)
|
return fmt.Errorf("unsupported on this OS: %s", runtime.GOOS)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func CleanupRule() {}
|
||||||
|
|
|
@ -269,3 +269,5 @@ func getAutoDetectInterfaceByFamily(family winipcfg.AddressFamily) (string, erro
|
||||||
|
|
||||||
return "", errors.New("ethernet interface not found")
|
return "", errors.New("ethernet interface not found")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func CleanupRule() {}
|
||||||
|
|
|
@ -26,7 +26,7 @@ import (
|
||||||
func New(tunConf *config.Tun, tcpIn chan<- C.ConnContext, udpIn chan<- *inbound.PacketAdapter) (ipstack.Stack, error) {
|
func New(tunConf *config.Tun, tcpIn chan<- C.ConnContext, udpIn chan<- *inbound.PacketAdapter) (ipstack.Stack, error) {
|
||||||
|
|
||||||
var (
|
var (
|
||||||
tunAddress = netip.Prefix{}
|
tunAddress = tunConf.TunAddressPrefix
|
||||||
devName = tunConf.Device
|
devName = tunConf.Device
|
||||||
stackType = tunConf.Stack
|
stackType = tunConf.Stack
|
||||||
autoRoute = tunConf.AutoRoute
|
autoRoute = tunConf.AutoRoute
|
||||||
|
@ -38,10 +38,6 @@ func New(tunConf *config.Tun, tcpIn chan<- C.ConnContext, udpIn chan<- *inbound.
|
||||||
err error
|
err error
|
||||||
)
|
)
|
||||||
|
|
||||||
if tunConf.TunAddressPrefix != nil {
|
|
||||||
tunAddress = *tunConf.TunAddressPrefix
|
|
||||||
}
|
|
||||||
|
|
||||||
if devName == "" {
|
if devName == "" {
|
||||||
devName = generateDeviceName()
|
devName = generateDeviceName()
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue