mirror of
https://github.com/SagerNet/sing-box.git
synced 2024-11-14 04:43:17 +00:00
Fix missing rule_set_ipcidr_match_source
item in DNS rules
This commit is contained in:
parent
8fc13e41d0
commit
926e436347
|
@ -8,6 +8,7 @@ icon: material/new-box
|
||||||
:material-plus: [ip_cidr](#ip_cidr)
|
:material-plus: [ip_cidr](#ip_cidr)
|
||||||
:material-plus: [ip_is_private](#ip_is_private)
|
:material-plus: [ip_is_private](#ip_is_private)
|
||||||
:material-plus: [client_subnet](#client_subnet)
|
:material-plus: [client_subnet](#client_subnet)
|
||||||
|
:material-plus: [rule_set_ipcidr_match_source](#rule_set_ipcidr_match_source)
|
||||||
|
|
||||||
!!! quote "Changes in sing-box 1.8.0"
|
!!! quote "Changes in sing-box 1.8.0"
|
||||||
|
|
||||||
|
@ -116,6 +117,7 @@ icon: material/new-box
|
||||||
"geoip-cn",
|
"geoip-cn",
|
||||||
"geosite-cn"
|
"geosite-cn"
|
||||||
],
|
],
|
||||||
|
"rule_set_ipcidr_match_source": false,
|
||||||
"invert": false,
|
"invert": false,
|
||||||
"outbound": [
|
"outbound": [
|
||||||
"direct"
|
"direct"
|
||||||
|
@ -303,6 +305,12 @@ Match WiFi BSSID.
|
||||||
|
|
||||||
Match [Rule Set](/configuration/route/#rule_set).
|
Match [Rule Set](/configuration/route/#rule_set).
|
||||||
|
|
||||||
|
#### rule_set_ipcidr_match_source
|
||||||
|
|
||||||
|
!!! question "Since sing-box 1.9.0"
|
||||||
|
|
||||||
|
Make `ipcidr` in rule sets match the source IP.
|
||||||
|
|
||||||
#### invert
|
#### invert
|
||||||
|
|
||||||
Invert match result.
|
Invert match result.
|
||||||
|
|
|
@ -8,6 +8,7 @@ icon: material/new-box
|
||||||
:material-plus: [ip_cidr](#ip_cidr)
|
:material-plus: [ip_cidr](#ip_cidr)
|
||||||
:material-plus: [ip_is_private](#ip_is_private)
|
:material-plus: [ip_is_private](#ip_is_private)
|
||||||
:material-plus: [client_subnet](#client_subnet)
|
:material-plus: [client_subnet](#client_subnet)
|
||||||
|
:material-plus: [rule_set_ipcidr_match_source](#rule_set_ipcidr_match_source)
|
||||||
|
|
||||||
!!! quote "sing-box 1.8.0 中的更改"
|
!!! quote "sing-box 1.8.0 中的更改"
|
||||||
|
|
||||||
|
@ -116,6 +117,7 @@ icon: material/new-box
|
||||||
"geoip-cn",
|
"geoip-cn",
|
||||||
"geosite-cn"
|
"geosite-cn"
|
||||||
],
|
],
|
||||||
|
"rule_set_ipcidr_match_source": false,
|
||||||
"invert": false,
|
"invert": false,
|
||||||
"outbound": [
|
"outbound": [
|
||||||
"direct"
|
"direct"
|
||||||
|
@ -301,6 +303,12 @@ DNS 查询类型。值可以为整数或者类型名称字符串。
|
||||||
|
|
||||||
匹配[规则集](/zh/configuration/route/#rule_set)。
|
匹配[规则集](/zh/configuration/route/#rule_set)。
|
||||||
|
|
||||||
|
#### rule_set_ipcidr_match_source
|
||||||
|
|
||||||
|
!!! question "自 sing-box 1.9.0 起"
|
||||||
|
|
||||||
|
使规则集中的 `ipcidr` 规则匹配源 IP。
|
||||||
|
|
||||||
#### invert
|
#### invert
|
||||||
|
|
||||||
反选匹配结果。
|
反选匹配结果。
|
||||||
|
|
|
@ -105,6 +105,7 @@
|
||||||
"geoip-cn",
|
"geoip-cn",
|
||||||
"geosite-cn"
|
"geosite-cn"
|
||||||
],
|
],
|
||||||
|
"rule_set_ipcidr_match_source": false,
|
||||||
"invert": false,
|
"invert": false,
|
||||||
"outbound": "direct"
|
"outbound": "direct"
|
||||||
},
|
},
|
||||||
|
|
|
@ -103,6 +103,7 @@
|
||||||
"geoip-cn",
|
"geoip-cn",
|
||||||
"geosite-cn"
|
"geosite-cn"
|
||||||
],
|
],
|
||||||
|
"rule_set_ipcidr_match_source": false,
|
||||||
"invert": false,
|
"invert": false,
|
||||||
"outbound": "direct"
|
"outbound": "direct"
|
||||||
},
|
},
|
||||||
|
|
|
@ -124,7 +124,7 @@ Match source IP CIDR.
|
||||||
|
|
||||||
!!! info ""
|
!!! info ""
|
||||||
|
|
||||||
`ip_cidr` is an alias for `source_ip_cidr` when the Rule Set is used in DNS rules or `rule_set_ipcidr_match_source` enabled in route rules.
|
`ip_cidr` is an alias for `source_ip_cidr` when `rule_set_ipcidr_match_source` enabled in route/DNS rules.
|
||||||
|
|
||||||
Match IP CIDR.
|
Match IP CIDR.
|
||||||
|
|
||||||
|
|
|
@ -65,42 +65,43 @@ func (r DNSRule) IsValid() bool {
|
||||||
}
|
}
|
||||||
|
|
||||||
type DefaultDNSRule struct {
|
type DefaultDNSRule struct {
|
||||||
Inbound Listable[string] `json:"inbound,omitempty"`
|
Inbound Listable[string] `json:"inbound,omitempty"`
|
||||||
IPVersion int `json:"ip_version,omitempty"`
|
IPVersion int `json:"ip_version,omitempty"`
|
||||||
QueryType Listable[DNSQueryType] `json:"query_type,omitempty"`
|
QueryType Listable[DNSQueryType] `json:"query_type,omitempty"`
|
||||||
Network Listable[string] `json:"network,omitempty"`
|
Network Listable[string] `json:"network,omitempty"`
|
||||||
AuthUser Listable[string] `json:"auth_user,omitempty"`
|
AuthUser Listable[string] `json:"auth_user,omitempty"`
|
||||||
Protocol Listable[string] `json:"protocol,omitempty"`
|
Protocol Listable[string] `json:"protocol,omitempty"`
|
||||||
Domain Listable[string] `json:"domain,omitempty"`
|
Domain Listable[string] `json:"domain,omitempty"`
|
||||||
DomainSuffix Listable[string] `json:"domain_suffix,omitempty"`
|
DomainSuffix Listable[string] `json:"domain_suffix,omitempty"`
|
||||||
DomainKeyword Listable[string] `json:"domain_keyword,omitempty"`
|
DomainKeyword Listable[string] `json:"domain_keyword,omitempty"`
|
||||||
DomainRegex Listable[string] `json:"domain_regex,omitempty"`
|
DomainRegex Listable[string] `json:"domain_regex,omitempty"`
|
||||||
Geosite Listable[string] `json:"geosite,omitempty"`
|
Geosite Listable[string] `json:"geosite,omitempty"`
|
||||||
SourceGeoIP Listable[string] `json:"source_geoip,omitempty"`
|
SourceGeoIP Listable[string] `json:"source_geoip,omitempty"`
|
||||||
GeoIP Listable[string] `json:"geoip,omitempty"`
|
GeoIP Listable[string] `json:"geoip,omitempty"`
|
||||||
IPCIDR Listable[string] `json:"ip_cidr,omitempty"`
|
IPCIDR Listable[string] `json:"ip_cidr,omitempty"`
|
||||||
IPIsPrivate bool `json:"ip_is_private,omitempty"`
|
IPIsPrivate bool `json:"ip_is_private,omitempty"`
|
||||||
SourceIPCIDR Listable[string] `json:"source_ip_cidr,omitempty"`
|
SourceIPCIDR Listable[string] `json:"source_ip_cidr,omitempty"`
|
||||||
SourceIPIsPrivate bool `json:"source_ip_is_private,omitempty"`
|
SourceIPIsPrivate bool `json:"source_ip_is_private,omitempty"`
|
||||||
SourcePort Listable[uint16] `json:"source_port,omitempty"`
|
SourcePort Listable[uint16] `json:"source_port,omitempty"`
|
||||||
SourcePortRange Listable[string] `json:"source_port_range,omitempty"`
|
SourcePortRange Listable[string] `json:"source_port_range,omitempty"`
|
||||||
Port Listable[uint16] `json:"port,omitempty"`
|
Port Listable[uint16] `json:"port,omitempty"`
|
||||||
PortRange Listable[string] `json:"port_range,omitempty"`
|
PortRange Listable[string] `json:"port_range,omitempty"`
|
||||||
ProcessName Listable[string] `json:"process_name,omitempty"`
|
ProcessName Listable[string] `json:"process_name,omitempty"`
|
||||||
ProcessPath Listable[string] `json:"process_path,omitempty"`
|
ProcessPath Listable[string] `json:"process_path,omitempty"`
|
||||||
PackageName Listable[string] `json:"package_name,omitempty"`
|
PackageName Listable[string] `json:"package_name,omitempty"`
|
||||||
User Listable[string] `json:"user,omitempty"`
|
User Listable[string] `json:"user,omitempty"`
|
||||||
UserID Listable[int32] `json:"user_id,omitempty"`
|
UserID Listable[int32] `json:"user_id,omitempty"`
|
||||||
Outbound Listable[string] `json:"outbound,omitempty"`
|
Outbound Listable[string] `json:"outbound,omitempty"`
|
||||||
ClashMode string `json:"clash_mode,omitempty"`
|
ClashMode string `json:"clash_mode,omitempty"`
|
||||||
WIFISSID Listable[string] `json:"wifi_ssid,omitempty"`
|
WIFISSID Listable[string] `json:"wifi_ssid,omitempty"`
|
||||||
WIFIBSSID Listable[string] `json:"wifi_bssid,omitempty"`
|
WIFIBSSID Listable[string] `json:"wifi_bssid,omitempty"`
|
||||||
RuleSet Listable[string] `json:"rule_set,omitempty"`
|
RuleSet Listable[string] `json:"rule_set,omitempty"`
|
||||||
Invert bool `json:"invert,omitempty"`
|
RuleSetIPCIDRMatchSource bool `json:"rule_set_ipcidr_match_source,omitempty"`
|
||||||
Server string `json:"server,omitempty"`
|
Invert bool `json:"invert,omitempty"`
|
||||||
DisableCache bool `json:"disable_cache,omitempty"`
|
Server string `json:"server,omitempty"`
|
||||||
RewriteTTL *uint32 `json:"rewrite_ttl,omitempty"`
|
DisableCache bool `json:"disable_cache,omitempty"`
|
||||||
ClientSubnet *ListenAddress `json:"client_subnet,omitempty"`
|
RewriteTTL *uint32 `json:"rewrite_ttl,omitempty"`
|
||||||
|
ClientSubnet *ListenAddress `json:"client_subnet,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
func (r DefaultDNSRule) IsValid() bool {
|
func (r DefaultDNSRule) IsValid() bool {
|
||||||
|
|
|
@ -219,7 +219,7 @@ func NewDefaultDNSRule(router adapter.Router, logger log.ContextLogger, options
|
||||||
rule.allItems = append(rule.allItems, item)
|
rule.allItems = append(rule.allItems, item)
|
||||||
}
|
}
|
||||||
if len(options.RuleSet) > 0 {
|
if len(options.RuleSet) > 0 {
|
||||||
item := NewRuleSetItem(router, options.RuleSet, false)
|
item := NewRuleSetItem(router, options.RuleSet, options.RuleSetIPCIDRMatchSource)
|
||||||
rule.items = append(rule.items, item)
|
rule.items = append(rule.items, item)
|
||||||
rule.allItems = append(rule.allItems, item)
|
rule.allItems = append(rule.allItems, item)
|
||||||
}
|
}
|
||||||
|
@ -247,7 +247,7 @@ func (r *DefaultDNSRule) WithAddressLimit() bool {
|
||||||
if !isRuleSet {
|
if !isRuleSet {
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
if ruleSet.ContainsIPCIDRRule() {
|
if ruleSet.ContainsDestinationIPCIDRRule() {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -47,7 +47,10 @@ func (r *RuleSetItem) Match(metadata *adapter.InboundContext) bool {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
func (r *RuleSetItem) ContainsIPCIDRRule() bool {
|
func (r *RuleSetItem) ContainsDestinationIPCIDRRule() bool {
|
||||||
|
if r.ipcidrMatchSource {
|
||||||
|
return false
|
||||||
|
}
|
||||||
return common.Any(r.setList, func(ruleSet adapter.RuleSet) bool {
|
return common.Any(r.setList, func(ruleSet adapter.RuleSet) bool {
|
||||||
return ruleSet.Metadata().ContainsIPCIDRRule
|
return ruleSet.Metadata().ContainsIPCIDRRule
|
||||||
})
|
})
|
||||||
|
|
Loading…
Reference in a new issue