Fix missing rule_set_ipcidr_match_source item in DNS rules

2024-11-25 01:51:29 +00:00 · 2024-02-21 14:27:55 +08:00 · 2024-02-21 14:27:55 +08:00 · 71d1879bd6
parent 917514e09f
commit 71d1879bd6
8 changed files with 62 additions and 40 deletions
--- a/docs/configuration/dns/rule.md
+++ b/docs/configuration/dns/rule.md
@ -8,6 +8,7 @@ icon: material/new-box
    :material-plus: [ip_cidr](#ip_cidr)  
    :material-plus: [ip_is_private](#ip_is_private)  
    :material-plus: [client_subnet](#client_subnet)
+    :material-plus: [rule_set_ipcidr_match_source](#rule_set_ipcidr_match_source)

 !!! quote "Changes in sing-box 1.8.0"

@ -116,6 +117,7 @@ icon: material/new-box
          "geoip-cn",
          "geosite-cn"
        ],
+        "rule_set_ipcidr_match_source": false,
        "invert": false,
        "outbound": [
          "direct"
@ -303,6 +305,12 @@ Match WiFi BSSID.

 Match [Rule Set](/configuration/route/#rule_set).

+#### rule_set_ipcidr_match_source
+
+!!! question "Since sing-box 1.9.0"
+
+Make `ipcidr` in rule sets match the source IP.
+
 #### invert

 Invert match result.
--- a/docs/configuration/dns/rule.zh.md
+++ b/docs/configuration/dns/rule.zh.md
@ -8,6 +8,7 @@ icon: material/new-box
    :material-plus: [ip_cidr](#ip_cidr)  
    :material-plus: [ip_is_private](#ip_is_private)  
    :material-plus: [client_subnet](#client_subnet)
+    :material-plus: [rule_set_ipcidr_match_source](#rule_set_ipcidr_match_source)

 !!! quote "sing-box 1.8.0 中的更改"

@ -116,6 +117,7 @@ icon: material/new-box
          "geoip-cn",
          "geosite-cn"
        ],
+        "rule_set_ipcidr_match_source": false,
        "invert": false,
        "outbound": [
          "direct"
@ -301,6 +303,12 @@ DNS 查询类型。值可以为整数或者类型名称字符串。

 匹配[规则集](/zh/configuration/route/#rule_set)。

+#### rule_set_ipcidr_match_source
+
+!!! question "自 sing-box 1.9.0 起"
+
+使规则集中的 `ipcidr` 规则匹配源 IP。
+
 #### invert

 反选匹配结果。
--- a/docs/configuration/route/rule.md
+++ b/docs/configuration/route/rule.md
@ -105,6 +105,7 @@
          "geoip-cn",
          "geosite-cn"
        ],
+        "rule_set_ipcidr_match_source": false,
        "invert": false,
        "outbound": "direct"
      },
--- a/docs/configuration/route/rule.zh.md
+++ b/docs/configuration/route/rule.zh.md
@ -103,6 +103,7 @@
          "geoip-cn",
          "geosite-cn"
        ],
+        "rule_set_ipcidr_match_source": false,
        "invert": false,
        "outbound": "direct"
      },
--- a/docs/configuration/rule-set/headless-rule.md
+++ b/docs/configuration/rule-set/headless-rule.md
@ -124,7 +124,7 @@ Match source IP CIDR.

 !!! info ""

-    `ip_cidr` is an alias for `source_ip_cidr` when the Rule Set is used in DNS rules or `rule_set_ipcidr_match_source` enabled in route rules.
+    `ip_cidr` is an alias for `source_ip_cidr` when `rule_set_ipcidr_match_source` enabled in route/DNS rules.

 Match IP CIDR.

--- a/option/rule_dns.go
+++ b/option/rule_dns.go
@ -96,6 +96,7 @@ type DefaultDNSRule struct {
 	WIFISSID                 Listable[string]       `json:"wifi_ssid,omitempty"`
 	WIFIBSSID                Listable[string]       `json:"wifi_bssid,omitempty"`
 	RuleSet                  Listable[string]       `json:"rule_set,omitempty"`
+	RuleSetIPCIDRMatchSource bool                   `json:"rule_set_ipcidr_match_source,omitempty"`
 	Invert                   bool                   `json:"invert,omitempty"`
 	Server                   string                 `json:"server,omitempty"`
 	DisableCache             bool                   `json:"disable_cache,omitempty"`
--- a/route/rule_dns.go
+++ b/route/rule_dns.go
@ -219,7 +219,7 @@ func NewDefaultDNSRule(router adapter.Router, logger log.ContextLogger, options
 		rule.allItems = append(rule.allItems, item)
 	}
 	if len(options.RuleSet) > 0 {
-		item := NewRuleSetItem(router, options.RuleSet, false)
+		item := NewRuleSetItem(router, options.RuleSet, options.RuleSetIPCIDRMatchSource)
 		rule.items = append(rule.items, item)
 		rule.allItems = append(rule.allItems, item)
 	}
@ -247,7 +247,7 @@ func (r *DefaultDNSRule) WithAddressLimit() bool {
 		if !isRuleSet {
 			continue
 		}
-		if ruleSet.ContainsIPCIDRRule() {
+		if ruleSet.ContainsDestinationIPCIDRRule() {
 			return true
 		}
 	}
--- a/route/rule_item_rule_set.go
+++ b/route/rule_item_rule_set.go
@ -47,7 +47,10 @@ func (r *RuleSetItem) Match(metadata *adapter.InboundContext) bool {
 	return false
 }

-func (r *RuleSetItem) ContainsIPCIDRRule() bool {
+func (r *RuleSetItem) ContainsDestinationIPCIDRRule() bool {
+	if r.ipcidrMatchSource {
+		return false
+	}
 	return common.Any(r.setList, func(ruleSet adapter.RuleSet) bool {
 		return ruleSet.Metadata().ContainsIPCIDRRule
 	})