xmengnet/mihomo
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

refactor: sniffer param force and reverses deprecated, will be removed when release version, replace force-domain and skip-sni,

Browse source 
force-domain add '+' equivalent to force is true
sniffer:
  enable: true
  force-domain:
    - "google.com"
  skip-sni:
    - www.baidu.com
  sniffing:
    - tls
This commit is contained in:
gVisor bot 2022-04-17 20:02:13 +08:00
parent e76e0f5e03
commit b6a134b34c
3 changed files with 73 additions and 64 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

67
component/sniffer/dispatcher.go
View file

@ -19,41 +19,12 @@ var (
var Dispatcher SnifferDispatcher var Dispatcher SnifferDispatcher
type SnifferDispatcher struct { type SnifferDispatcher struct {
enable bool enable bool
force bool
sniffers []C.Sniffer
domains *trie.DomainTrie[bool]
tcpHandler func(conn *CN.BufferedConn, metadata *C.Metadata)
}
func (sd *SnifferDispatcher) forceReplace(conn *CN.BufferedConn, metadata *C.Metadata) { sniffers []C.Sniffer
host, err := sd.sniffDomain(conn, metadata)
if err != nil {
log.Debugln("[Sniffer] All sniffing sniff failed with from [%s:%s] to [%s:%s]", metadata.SrcIP, metadata.SrcPort, metadata.String(), metadata.DstPort)
return
} else {
if sd.inReverse(host) {
log.Debugln("[Sniffer] Skip replace host:%s", host)
return
}
}
sd.replaceDomain(metadata, host) foreDomain *trie.DomainTrie[bool]
} skipSNI *trie.DomainTrie[bool]
func (sd *SnifferDispatcher) replace(conn *CN.BufferedConn, metadata *C.Metadata) {
if metadata.Host != "" && !sd.inReverse(metadata.Host) {
log.Debugln("[Sniffer] Skip Sniff domain:%s", metadata.Host)
return
}
host, err := sd.sniffDomain(conn, metadata)
if err != nil {
log.Debugln("[Sniffer] All sniffing sniff failed with from [%s:%s] to [%s:%s]", metadata.SrcIP, metadata.SrcPort, metadata.String(), metadata.DstPort)
return
}
sd.replaceDomain(metadata, host)
} }
func (sd *SnifferDispatcher) TCPSniff(conn net.Conn, metadata *C.Metadata) { func (sd *SnifferDispatcher) TCPSniff(conn net.Conn, metadata *C.Metadata) {
@ -62,11 +33,19 @@ func (sd *SnifferDispatcher) TCPSniff(conn net.Conn, metadata *C.Metadata) {
return return
} }
sd.tcpHandler(bufConn, metadata) if metadata.Host == "" || sd.foreDomain.Search(metadata.Host) != nil {
} if host, err := sd.sniffDomain(bufConn, metadata); err != nil {
log.Debugln("[Sniffer] All sniffing sniff failed with from [%s:%s] to [%s:%s]", metadata.SrcIP, metadata.SrcPort, metadata.String(), metadata.DstPort)
return
} else {
if sd.skipSNI.Search(host) != nil {
log.Debugln("[Sniffer] Skip sni[%s]", host)
return
}
func (sd *SnifferDispatcher) inReverse(host string) bool { sd.replaceDomain(metadata, host)
return sd.domains != nil && sd.domains.Search(host) != nil }
}
} }
func (sd *SnifferDispatcher) replaceDomain(metadata *C.Metadata, host string) { func (sd *SnifferDispatcher) replaceDomain(metadata *C.Metadata, host string) {
@ -122,11 +101,11 @@ func NewCloseSnifferDispatcher() (*SnifferDispatcher, error) {
return &dispatcher, nil return &dispatcher, nil
} }
func NewSnifferDispatcher(needSniffer []C.SnifferType, force bool, reverses *trie.DomainTrie[bool]) (*SnifferDispatcher, error) { func NewSnifferDispatcher(needSniffer []C.SnifferType, forceDomain *trie.DomainTrie[bool], skipSNI *trie.DomainTrie[bool]) (*SnifferDispatcher, error) {
dispatcher := SnifferDispatcher{ dispatcher := SnifferDispatcher{
enable: true, enable: true,
force: force, foreDomain: forceDomain,
domains: reverses, skipSNI: skipSNI,
} }
for _, snifferName := range needSniffer { for _, snifferName := range needSniffer {
@ -139,12 +118,6 @@ func NewSnifferDispatcher(needSniffer []C.SnifferType, force bool, reverses *tri
dispatcher.sniffers = append(dispatcher.sniffers, sniffer) dispatcher.sniffers = append(dispatcher.sniffers, sniffer)
} }
if force {
dispatcher.tcpHandler = dispatcher.forceReplace
} else {
dispatcher.tcpHandler = dispatcher.replace
}
return &dispatcher, nil return &dispatcher, nil
} }

68
config/config.go
View file

@ -121,10 +121,12 @@ type IPTables struct {
} }
type Sniffer struct { type Sniffer struct {
Enable bool Enable bool
Force bool Force bool
Sniffers []C.SnifferType Sniffers []C.SnifferType
Reverses *trie.DomainTrie[bool] Reverses *trie.DomainTrie[bool]
ForceDomain *trie.DomainTrie[bool]
SkipSNI *trie.DomainTrie[bool]
} }
// Experimental config // Experimental config
@ -216,10 +218,12 @@ type RawConfig struct {
} }
type SnifferRaw struct { type SnifferRaw struct {
Enable bool `yaml:"enable" json:"enable"` Enable bool `yaml:"enable" json:"enable"`
Force bool `yaml:"force" json:"force"` Sniffing []string `yaml:"sniffing" json:"sniffing"`
Sniffing []string `yaml:"sniffing" json:"sniffing"` Force bool `yaml:"force" json:"force"`
Reverse []string `yaml:"reverses" json:"reverses"` Reverse []string `yaml:"reverses" json:"reverses"`
ForceDomain []string `yaml:"force-domain" json:"force-domain"`
SkipSNI []string `yaml:"skip-sni" json:"skip-sni"`
} }
// Parse config // Parse config
@ -288,10 +292,12 @@ func UnmarshalRawConfig(buf []byte) (*RawConfig, error) {
}, },
}, },
Sniffer: SnifferRaw{ Sniffer: SnifferRaw{
Enable: false, Enable: false,
Force: false, Force: false,
Sniffing: []string{}, Sniffing: []string{},
Reverse: []string{}, Reverse: []string{},
ForceDomain: []string{},
SkipSNI: []string{},
}, },
Profile: Profile{ Profile: Profile{
StoreSelected: true, StoreSelected: true,
@ -928,11 +934,41 @@ func parseSniffer(snifferRaw SnifferRaw) (*Sniffer, error) {
sniffer.Sniffers = append(sniffer.Sniffers, st) sniffer.Sniffers = append(sniffer.Sniffers, st)
} }
sniffer.Reverses = trie.New[bool]() sniffer.ForceDomain = trie.New[bool]()
for _, domain := range snifferRaw.Reverse { for _, domain := range snifferRaw.ForceDomain {
err := sniffer.Reverses.Insert(domain, true) err := sniffer.ForceDomain.Insert(domain, true)
if err != nil { if err != nil {
return nil, fmt.Errorf("error domian[%s], error:%v", domain, err) return nil, fmt.Errorf("error domian[%s] in force-domain, error:%v", domain, err)
}
}
sniffer.SkipSNI = trie.New[bool]()
for _, domain := range snifferRaw.ForceDomain {
err := sniffer.SkipSNI.Insert(domain, true)
if err != nil {
return nil, fmt.Errorf("error domian[%s] in force-domain, error:%v", domain, err)
}
}
// Compatibility, remove it when release
if strings.Contains(C.Version, "alpha") || strings.Contains(C.Version, "develop") || strings.Contains(C.Version, "1.10.0") {
log.Warnln("Sniffer param force and reverses deprecated, will be removed in the release version")
if snifferRaw.Force {
// match all domain
sniffer.ForceDomain.Insert("+", true)
for _, domain := range snifferRaw.Reverse {
err := sniffer.SkipSNI.Insert(domain, true)
if err != nil {
return nil, fmt.Errorf("error domian[%s], error:%v", domain, err)
}
}
} else {
for _, domain := range snifferRaw.Reverse {
err := sniffer.ForceDomain.Insert(domain, true)
if err != nil {
return nil, fmt.Errorf("error domian[%s], error:%v", domain, err)
}
}
} }
} }

2
hub/executor/executor.go
View file

@ -222,7 +222,7 @@ func updateTun(tun *config.Tun, dns *config.DNS) {
func updateSniffer(sniffer *config.Sniffer) { func updateSniffer(sniffer *config.Sniffer) {
if sniffer.Enable { if sniffer.Enable {
dispatcher, err := SNI.NewSnifferDispatcher(sniffer.Sniffers, sniffer.Force, sniffer.Reverses) dispatcher, err := SNI.NewSnifferDispatcher(sniffer.Sniffers, sniffer.ForceDomain, sniffer.SkipSNI)
if err != nil { if err != nil {
log.Warnln("initial sniffer failed, err:%v", err) log.Warnln("initial sniffer failed, err:%v", err)
} }