mirror of
https://github.com/SagerNet/sing-box.git
synced 2024-11-25 10:01:30 +00:00
Add process_path_regex
rule type
This commit is contained in:
parent
06533b7a3b
commit
846777cd0c
|
@ -37,6 +37,7 @@ const (
|
||||||
ruleItemWIFISSID
|
ruleItemWIFISSID
|
||||||
ruleItemWIFIBSSID
|
ruleItemWIFIBSSID
|
||||||
ruleItemAdGuardDomain
|
ruleItemAdGuardDomain
|
||||||
|
ruleItemProcessPathRegex
|
||||||
ruleItemFinal uint8 = 0xFF
|
ruleItemFinal uint8 = 0xFF
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -207,6 +208,8 @@ func readDefaultRule(reader varbin.Reader, recover bool) (rule option.DefaultHea
|
||||||
rule.ProcessName, err = readRuleItemString(reader)
|
rule.ProcessName, err = readRuleItemString(reader)
|
||||||
case ruleItemProcessPath:
|
case ruleItemProcessPath:
|
||||||
rule.ProcessPath, err = readRuleItemString(reader)
|
rule.ProcessPath, err = readRuleItemString(reader)
|
||||||
|
case ruleItemProcessPathRegex:
|
||||||
|
rule.ProcessPathRegex, err = readRuleItemString(reader)
|
||||||
case ruleItemPackageName:
|
case ruleItemPackageName:
|
||||||
rule.PackageName, err = readRuleItemString(reader)
|
rule.PackageName, err = readRuleItemString(reader)
|
||||||
case ruleItemWIFISSID:
|
case ruleItemWIFISSID:
|
||||||
|
@ -326,6 +329,12 @@ func writeDefaultRule(writer varbin.Writer, rule option.DefaultHeadlessRule, gen
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
if len(rule.ProcessPathRegex) > 0 {
|
||||||
|
err = writeRuleItemString(writer, ruleItemProcessPathRegex, rule.ProcessPathRegex)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
if len(rule.PackageName) > 0 {
|
if len(rule.PackageName) > 0 {
|
||||||
err = writeRuleItemString(writer, ruleItemPackageName, rule.PackageName)
|
err = writeRuleItemString(writer, ruleItemPackageName, rule.PackageName)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
|
@ -40,6 +40,7 @@ SFA provides an unprivileged TUN implementation through Android VpnService.
|
||||||
|-----------------------|------------------|-----------------------------------|
|
|-----------------------|------------------|-----------------------------------|
|
||||||
| `process_name` | :material-close: | No permission |
|
| `process_name` | :material-close: | No permission |
|
||||||
| `process_path` | :material-close: | No permission |
|
| `process_path` | :material-close: | No permission |
|
||||||
|
| `process_path_regex` | :material-close: | No permission |
|
||||||
| `package_name` | :material-check: | / |
|
| `package_name` | :material-check: | / |
|
||||||
| `user` | :material-close: | Use `package_name` instead |
|
| `user` | :material-close: | Use `package_name` instead |
|
||||||
| `user_id` | :material-close: | Use `package_name` instead |
|
| `user_id` | :material-close: | Use `package_name` instead |
|
||||||
|
|
|
@ -42,6 +42,7 @@ SFI/SFM/SFT provides an unprivileged TUN implementation through NetworkExtension
|
||||||
|-----------------------|------------------|-----------------------|
|
|-----------------------|------------------|-----------------------|
|
||||||
| `process_name` | :material-close: | No permission |
|
| `process_name` | :material-close: | No permission |
|
||||||
| `process_path` | :material-close: | No permission |
|
| `process_path` | :material-close: | No permission |
|
||||||
|
| `process_path_regex` | :material-close: | No permission |
|
||||||
| `package_name` | :material-close: | / |
|
| `package_name` | :material-close: | / |
|
||||||
| `user` | :material-close: | No permission |
|
| `user` | :material-close: | No permission |
|
||||||
| `user_id` | :material-close: | No permission |
|
| `user_id` | :material-close: | No permission |
|
||||||
|
|
|
@ -7,6 +7,7 @@ icon: material/new-box
|
||||||
:material-delete-clock: [rule_set_ipcidr_match_source](#rule_set_ipcidr_match_source)
|
:material-delete-clock: [rule_set_ipcidr_match_source](#rule_set_ipcidr_match_source)
|
||||||
:material-plus: [rule_set_ip_cidr_match_source](#rule_set_ip_cidr_match_source)
|
:material-plus: [rule_set_ip_cidr_match_source](#rule_set_ip_cidr_match_source)
|
||||||
:material-plus: [rule_set_ip_cidr_accept_empty](#rule_set_ip_cidr_accept_empty)
|
:material-plus: [rule_set_ip_cidr_accept_empty](#rule_set_ip_cidr_accept_empty)
|
||||||
|
:material-plus: [process_path_regex](#process_path_regex)
|
||||||
|
|
||||||
!!! quote "Changes in sing-box 1.9.0"
|
!!! quote "Changes in sing-box 1.9.0"
|
||||||
|
|
||||||
|
@ -103,6 +104,9 @@ icon: material/new-box
|
||||||
"process_path": [
|
"process_path": [
|
||||||
"/usr/bin/curl"
|
"/usr/bin/curl"
|
||||||
],
|
],
|
||||||
|
"process_path_regex": [
|
||||||
|
"^/usr/bin/.+"
|
||||||
|
],
|
||||||
"package_name": [
|
"package_name": [
|
||||||
"com.termux"
|
"com.termux"
|
||||||
],
|
],
|
||||||
|
@ -268,6 +272,16 @@ Match process name.
|
||||||
|
|
||||||
Match process path.
|
Match process path.
|
||||||
|
|
||||||
|
#### process_path_regex
|
||||||
|
|
||||||
|
!!! question "Since sing-box 1.10.0"
|
||||||
|
|
||||||
|
!!! quote ""
|
||||||
|
|
||||||
|
Only supported on Linux, Windows, and macOS.
|
||||||
|
|
||||||
|
Match process path using regular expression.
|
||||||
|
|
||||||
#### package_name
|
#### package_name
|
||||||
|
|
||||||
Match android package name.
|
Match android package name.
|
||||||
|
|
|
@ -7,6 +7,7 @@ icon: material/new-box
|
||||||
:material-delete-clock: [rule_set_ipcidr_match_source](#rule_set_ipcidr_match_source)
|
:material-delete-clock: [rule_set_ipcidr_match_source](#rule_set_ipcidr_match_source)
|
||||||
:material-plus: [rule_set_ip_cidr_match_source](#rule_set_ip_cidr_match_source)
|
:material-plus: [rule_set_ip_cidr_match_source](#rule_set_ip_cidr_match_source)
|
||||||
:material-plus: [rule_set_ip_cidr_accept_empty](#rule_set_ip_cidr_accept_empty)
|
:material-plus: [rule_set_ip_cidr_accept_empty](#rule_set_ip_cidr_accept_empty)
|
||||||
|
:material-plus: [process_path_regex](#process_path_regex)
|
||||||
|
|
||||||
!!! quote "sing-box 1.9.0 中的更改"
|
!!! quote "sing-box 1.9.0 中的更改"
|
||||||
|
|
||||||
|
@ -103,6 +104,9 @@ icon: material/new-box
|
||||||
"process_path": [
|
"process_path": [
|
||||||
"/usr/bin/curl"
|
"/usr/bin/curl"
|
||||||
],
|
],
|
||||||
|
"process_path_regex": [
|
||||||
|
"^/usr/bin/.+"
|
||||||
|
],
|
||||||
"package_name": [
|
"package_name": [
|
||||||
"com.termux"
|
"com.termux"
|
||||||
],
|
],
|
||||||
|
@ -266,6 +270,16 @@ DNS 查询类型。值可以为整数或者类型名称字符串。
|
||||||
|
|
||||||
匹配进程路径。
|
匹配进程路径。
|
||||||
|
|
||||||
|
#### process_path_regex
|
||||||
|
|
||||||
|
!!! question "自 sing-box 1.10.0 起"
|
||||||
|
|
||||||
|
!!! quote ""
|
||||||
|
|
||||||
|
仅支持 Linux、Windows 和 macOS.
|
||||||
|
|
||||||
|
使用正则表达式匹配进程路径。
|
||||||
|
|
||||||
#### package_name
|
#### package_name
|
||||||
|
|
||||||
匹配 Android 应用包名。
|
匹配 Android 应用包名。
|
||||||
|
|
|
@ -7,6 +7,7 @@ icon: material/alert-decagram
|
||||||
:material-plus: [client](#client)
|
:material-plus: [client](#client)
|
||||||
:material-delete-clock: [rule_set_ipcidr_match_source](#rule_set_ipcidr_match_source)
|
:material-delete-clock: [rule_set_ipcidr_match_source](#rule_set_ipcidr_match_source)
|
||||||
:material-plus: [rule_set_ip_cidr_match_source](#rule_set_ip_cidr_match_source)
|
:material-plus: [rule_set_ip_cidr_match_source](#rule_set_ip_cidr_match_source)
|
||||||
|
:material-plus: [process_path_regex](#process_path_regex)
|
||||||
|
|
||||||
!!! quote "Changes in sing-box 1.8.0"
|
!!! quote "Changes in sing-box 1.8.0"
|
||||||
|
|
||||||
|
@ -101,6 +102,9 @@ icon: material/alert-decagram
|
||||||
"process_path": [
|
"process_path": [
|
||||||
"/usr/bin/curl"
|
"/usr/bin/curl"
|
||||||
],
|
],
|
||||||
|
"process_path_regex": [
|
||||||
|
"^/usr/bin/.+"
|
||||||
|
],
|
||||||
"package_name": [
|
"package_name": [
|
||||||
"com.termux"
|
"com.termux"
|
||||||
],
|
],
|
||||||
|
@ -277,6 +281,16 @@ Match process name.
|
||||||
|
|
||||||
Match process path.
|
Match process path.
|
||||||
|
|
||||||
|
#### process_path_regex
|
||||||
|
|
||||||
|
!!! question "Since sing-box 1.10.0"
|
||||||
|
|
||||||
|
!!! quote ""
|
||||||
|
|
||||||
|
Only supported on Linux, Windows, and macOS.
|
||||||
|
|
||||||
|
Match process path using regular expression.
|
||||||
|
|
||||||
#### package_name
|
#### package_name
|
||||||
|
|
||||||
Match android package name.
|
Match android package name.
|
||||||
|
|
|
@ -6,7 +6,8 @@ icon: material/alert-decagram
|
||||||
|
|
||||||
:material-plus: [client](#client)
|
:material-plus: [client](#client)
|
||||||
:material-delete-clock: [rule_set_ipcidr_match_source](#rule_set_ipcidr_match_source)
|
:material-delete-clock: [rule_set_ipcidr_match_source](#rule_set_ipcidr_match_source)
|
||||||
:material-plus: [rule_set_ip_cidr_match_source](#rule_set_ip_cidr_match_source)
|
:material-plus: [process_path_regex](#process_path_regex)
|
||||||
|
|
||||||
|
|
||||||
!!! quote "sing-box 1.8.0 中的更改"
|
!!! quote "sing-box 1.8.0 中的更改"
|
||||||
|
|
||||||
|
@ -99,6 +100,9 @@ icon: material/alert-decagram
|
||||||
"process_path": [
|
"process_path": [
|
||||||
"/usr/bin/curl"
|
"/usr/bin/curl"
|
||||||
],
|
],
|
||||||
|
"process_path_regex": [
|
||||||
|
"^/usr/bin/.+"
|
||||||
|
],
|
||||||
"package_name": [
|
"package_name": [
|
||||||
"com.termux"
|
"com.termux"
|
||||||
],
|
],
|
||||||
|
@ -275,6 +279,16 @@ icon: material/alert-decagram
|
||||||
|
|
||||||
匹配进程路径。
|
匹配进程路径。
|
||||||
|
|
||||||
|
#### process_path_regex
|
||||||
|
|
||||||
|
!!! question "自 sing-box 1.10.0 起"
|
||||||
|
|
||||||
|
!!! quote ""
|
||||||
|
|
||||||
|
仅支持 Linux、Windows 和 macOS.
|
||||||
|
|
||||||
|
使用正则表达式匹配进程路径。
|
||||||
|
|
||||||
#### package_name
|
#### package_name
|
||||||
|
|
||||||
匹配 Android 应用包名。
|
匹配 Android 应用包名。
|
||||||
|
|
|
@ -57,6 +57,9 @@
|
||||||
"process_path": [
|
"process_path": [
|
||||||
"/usr/bin/curl"
|
"/usr/bin/curl"
|
||||||
],
|
],
|
||||||
|
"process_path_regex": [
|
||||||
|
"^/usr/bin/.+"
|
||||||
|
],
|
||||||
"package_name": [
|
"package_name": [
|
||||||
"com.termux"
|
"com.termux"
|
||||||
],
|
],
|
||||||
|
@ -160,6 +163,16 @@ Match process name.
|
||||||
|
|
||||||
Match process path.
|
Match process path.
|
||||||
|
|
||||||
|
#### process_path_regex
|
||||||
|
|
||||||
|
!!! question "Since sing-box 1.10.0"
|
||||||
|
|
||||||
|
!!! quote ""
|
||||||
|
|
||||||
|
Only supported on Linux, Windows, and macOS.
|
||||||
|
|
||||||
|
Match process path using regular expression.
|
||||||
|
|
||||||
#### package_name
|
#### package_name
|
||||||
|
|
||||||
Match android package name.
|
Match android package name.
|
||||||
|
|
|
@ -88,6 +88,7 @@ type _DefaultRule struct {
|
||||||
PortRange Listable[string] `json:"port_range,omitempty"`
|
PortRange Listable[string] `json:"port_range,omitempty"`
|
||||||
ProcessName Listable[string] `json:"process_name,omitempty"`
|
ProcessName Listable[string] `json:"process_name,omitempty"`
|
||||||
ProcessPath Listable[string] `json:"process_path,omitempty"`
|
ProcessPath Listable[string] `json:"process_path,omitempty"`
|
||||||
|
ProcessPathRegex Listable[string] `json:"process_path_regex,omitempty"`
|
||||||
PackageName Listable[string] `json:"package_name,omitempty"`
|
PackageName Listable[string] `json:"package_name,omitempty"`
|
||||||
User Listable[string] `json:"user,omitempty"`
|
User Listable[string] `json:"user,omitempty"`
|
||||||
UserID Listable[int32] `json:"user_id,omitempty"`
|
UserID Listable[int32] `json:"user_id,omitempty"`
|
||||||
|
|
|
@ -88,6 +88,7 @@ type _DefaultDNSRule struct {
|
||||||
PortRange Listable[string] `json:"port_range,omitempty"`
|
PortRange Listable[string] `json:"port_range,omitempty"`
|
||||||
ProcessName Listable[string] `json:"process_name,omitempty"`
|
ProcessName Listable[string] `json:"process_name,omitempty"`
|
||||||
ProcessPath Listable[string] `json:"process_path,omitempty"`
|
ProcessPath Listable[string] `json:"process_path,omitempty"`
|
||||||
|
ProcessPathRegex Listable[string] `json:"process_path_regex,omitempty"`
|
||||||
PackageName Listable[string] `json:"package_name,omitempty"`
|
PackageName Listable[string] `json:"package_name,omitempty"`
|
||||||
User Listable[string] `json:"user,omitempty"`
|
User Listable[string] `json:"user,omitempty"`
|
||||||
UserID Listable[int32] `json:"user_id,omitempty"`
|
UserID Listable[int32] `json:"user_id,omitempty"`
|
||||||
|
|
|
@ -158,6 +158,7 @@ type DefaultHeadlessRule struct {
|
||||||
PortRange Listable[string] `json:"port_range,omitempty"`
|
PortRange Listable[string] `json:"port_range,omitempty"`
|
||||||
ProcessName Listable[string] `json:"process_name,omitempty"`
|
ProcessName Listable[string] `json:"process_name,omitempty"`
|
||||||
ProcessPath Listable[string] `json:"process_path,omitempty"`
|
ProcessPath Listable[string] `json:"process_path,omitempty"`
|
||||||
|
ProcessPathRegex Listable[string] `json:"process_path_regex,omitempty"`
|
||||||
PackageName Listable[string] `json:"package_name,omitempty"`
|
PackageName Listable[string] `json:"package_name,omitempty"`
|
||||||
WIFISSID Listable[string] `json:"wifi_ssid,omitempty"`
|
WIFISSID Listable[string] `json:"wifi_ssid,omitempty"`
|
||||||
WIFIBSSID Listable[string] `json:"wifi_bssid,omitempty"`
|
WIFIBSSID Listable[string] `json:"wifi_bssid,omitempty"`
|
||||||
|
|
|
@ -179,6 +179,14 @@ func NewDefaultRule(router adapter.Router, logger log.ContextLogger, options opt
|
||||||
rule.items = append(rule.items, item)
|
rule.items = append(rule.items, item)
|
||||||
rule.allItems = append(rule.allItems, item)
|
rule.allItems = append(rule.allItems, item)
|
||||||
}
|
}
|
||||||
|
if len(options.ProcessPathRegex) > 0 {
|
||||||
|
item, err := NewProcessPathRegexItem(options.ProcessPathRegex)
|
||||||
|
if err != nil {
|
||||||
|
return nil, E.Cause(err, "process_path_regex")
|
||||||
|
}
|
||||||
|
rule.items = append(rule.items, item)
|
||||||
|
rule.allItems = append(rule.allItems, item)
|
||||||
|
}
|
||||||
if len(options.PackageName) > 0 {
|
if len(options.PackageName) > 0 {
|
||||||
item := NewPackageNameItem(options.PackageName)
|
item := NewPackageNameItem(options.PackageName)
|
||||||
rule.items = append(rule.items, item)
|
rule.items = append(rule.items, item)
|
||||||
|
|
|
@ -183,6 +183,14 @@ func NewDefaultDNSRule(router adapter.Router, logger log.ContextLogger, options
|
||||||
rule.items = append(rule.items, item)
|
rule.items = append(rule.items, item)
|
||||||
rule.allItems = append(rule.allItems, item)
|
rule.allItems = append(rule.allItems, item)
|
||||||
}
|
}
|
||||||
|
if len(options.ProcessPathRegex) > 0 {
|
||||||
|
item, err := NewProcessPathRegexItem(options.ProcessPathRegex)
|
||||||
|
if err != nil {
|
||||||
|
return nil, E.Cause(err, "process_path_regex")
|
||||||
|
}
|
||||||
|
rule.items = append(rule.items, item)
|
||||||
|
rule.allItems = append(rule.allItems, item)
|
||||||
|
}
|
||||||
if len(options.PackageName) > 0 {
|
if len(options.PackageName) > 0 {
|
||||||
item := NewPackageNameItem(options.PackageName)
|
item := NewPackageNameItem(options.PackageName)
|
||||||
rule.items = append(rule.items, item)
|
rule.items = append(rule.items, item)
|
||||||
|
|
|
@ -123,6 +123,14 @@ func NewDefaultHeadlessRule(router adapter.Router, options option.DefaultHeadles
|
||||||
rule.items = append(rule.items, item)
|
rule.items = append(rule.items, item)
|
||||||
rule.allItems = append(rule.allItems, item)
|
rule.allItems = append(rule.allItems, item)
|
||||||
}
|
}
|
||||||
|
if len(options.ProcessPathRegex) > 0 {
|
||||||
|
item, err := NewProcessPathRegexItem(options.ProcessPathRegex)
|
||||||
|
if err != nil {
|
||||||
|
return nil, E.Cause(err, "process_path_regex")
|
||||||
|
}
|
||||||
|
rule.items = append(rule.items, item)
|
||||||
|
rule.allItems = append(rule.allItems, item)
|
||||||
|
}
|
||||||
if len(options.PackageName) > 0 {
|
if len(options.PackageName) > 0 {
|
||||||
item := NewPackageNameItem(options.PackageName)
|
item := NewPackageNameItem(options.PackageName)
|
||||||
rule.items = append(rule.items, item)
|
rule.items = append(rule.items, item)
|
||||||
|
|
54
route/rule_item_process_path_regex.go
Normal file
54
route/rule_item_process_path_regex.go
Normal file
|
@ -0,0 +1,54 @@
|
||||||
|
package route
|
||||||
|
|
||||||
|
import (
|
||||||
|
"regexp"
|
||||||
|
"strings"
|
||||||
|
|
||||||
|
"github.com/sagernet/sing-box/adapter"
|
||||||
|
E "github.com/sagernet/sing/common/exceptions"
|
||||||
|
F "github.com/sagernet/sing/common/format"
|
||||||
|
)
|
||||||
|
|
||||||
|
var _ RuleItem = (*ProcessPathRegexItem)(nil)
|
||||||
|
|
||||||
|
type ProcessPathRegexItem struct {
|
||||||
|
matchers []*regexp.Regexp
|
||||||
|
description string
|
||||||
|
}
|
||||||
|
|
||||||
|
func NewProcessPathRegexItem(expressions []string) (*ProcessPathRegexItem, error) {
|
||||||
|
matchers := make([]*regexp.Regexp, 0, len(expressions))
|
||||||
|
for i, regex := range expressions {
|
||||||
|
matcher, err := regexp.Compile(regex)
|
||||||
|
if err != nil {
|
||||||
|
return nil, E.Cause(err, "parse expression ", i)
|
||||||
|
}
|
||||||
|
matchers = append(matchers, matcher)
|
||||||
|
}
|
||||||
|
description := "process_path_regex="
|
||||||
|
eLen := len(expressions)
|
||||||
|
if eLen == 1 {
|
||||||
|
description += expressions[0]
|
||||||
|
} else if eLen > 3 {
|
||||||
|
description += F.ToString("[", strings.Join(expressions[:3], " "), "]")
|
||||||
|
} else {
|
||||||
|
description += F.ToString("[", strings.Join(expressions, " "), "]")
|
||||||
|
}
|
||||||
|
return &ProcessPathRegexItem{matchers, description}, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (r *ProcessPathRegexItem) Match(metadata *adapter.InboundContext) bool {
|
||||||
|
if metadata.ProcessInfo == nil || metadata.ProcessInfo.ProcessPath == "" {
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
for _, matcher := range r.matchers {
|
||||||
|
if matcher.MatchString(metadata.ProcessInfo.ProcessPath) {
|
||||||
|
return true
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
|
||||||
|
func (r *ProcessPathRegexItem) String() string {
|
||||||
|
return r.description
|
||||||
|
}
|
Loading…
Reference in a new issue