Fix missing rule_set_ipcidr_match_source item in DNS rules

This commit is contained in:
世界 2024-02-21 14:27:55 +08:00
parent 8fc13e41d0
commit 926e436347
No known key found for this signature in database
GPG key ID: CD109927C34A63C4
8 changed files with 62 additions and 40 deletions

View file

@ -8,6 +8,7 @@ icon: material/new-box
:material-plus: [ip_cidr](#ip_cidr) :material-plus: [ip_cidr](#ip_cidr)
:material-plus: [ip_is_private](#ip_is_private) :material-plus: [ip_is_private](#ip_is_private)
:material-plus: [client_subnet](#client_subnet) :material-plus: [client_subnet](#client_subnet)
:material-plus: [rule_set_ipcidr_match_source](#rule_set_ipcidr_match_source)
!!! quote "Changes in sing-box 1.8.0" !!! quote "Changes in sing-box 1.8.0"
@ -116,6 +117,7 @@ icon: material/new-box
"geoip-cn", "geoip-cn",
"geosite-cn" "geosite-cn"
], ],
"rule_set_ipcidr_match_source": false,
"invert": false, "invert": false,
"outbound": [ "outbound": [
"direct" "direct"
@ -303,6 +305,12 @@ Match WiFi BSSID.
Match [Rule Set](/configuration/route/#rule_set). Match [Rule Set](/configuration/route/#rule_set).
#### rule_set_ipcidr_match_source
!!! question "Since sing-box 1.9.0"
Make `ipcidr` in rule sets match the source IP.
#### invert #### invert
Invert match result. Invert match result.

View file

@ -8,6 +8,7 @@ icon: material/new-box
:material-plus: [ip_cidr](#ip_cidr) :material-plus: [ip_cidr](#ip_cidr)
:material-plus: [ip_is_private](#ip_is_private) :material-plus: [ip_is_private](#ip_is_private)
:material-plus: [client_subnet](#client_subnet) :material-plus: [client_subnet](#client_subnet)
:material-plus: [rule_set_ipcidr_match_source](#rule_set_ipcidr_match_source)
!!! quote "sing-box 1.8.0 中的更改" !!! quote "sing-box 1.8.0 中的更改"
@ -116,6 +117,7 @@ icon: material/new-box
"geoip-cn", "geoip-cn",
"geosite-cn" "geosite-cn"
], ],
"rule_set_ipcidr_match_source": false,
"invert": false, "invert": false,
"outbound": [ "outbound": [
"direct" "direct"
@ -301,6 +303,12 @@ DNS 查询类型。值可以为整数或者类型名称字符串。
匹配[规则集](/zh/configuration/route/#rule_set)。 匹配[规则集](/zh/configuration/route/#rule_set)。
#### rule_set_ipcidr_match_source
!!! question "自 sing-box 1.9.0 起"
使规则集中的 `ipcidr` 规则匹配源 IP。
#### invert #### invert
反选匹配结果。 反选匹配结果。

View file

@ -105,6 +105,7 @@
"geoip-cn", "geoip-cn",
"geosite-cn" "geosite-cn"
], ],
"rule_set_ipcidr_match_source": false,
"invert": false, "invert": false,
"outbound": "direct" "outbound": "direct"
}, },

View file

@ -103,6 +103,7 @@
"geoip-cn", "geoip-cn",
"geosite-cn" "geosite-cn"
], ],
"rule_set_ipcidr_match_source": false,
"invert": false, "invert": false,
"outbound": "direct" "outbound": "direct"
}, },

View file

@ -124,7 +124,7 @@ Match source IP CIDR.
!!! info "" !!! info ""
`ip_cidr` is an alias for `source_ip_cidr` when the Rule Set is used in DNS rules or `rule_set_ipcidr_match_source` enabled in route rules. `ip_cidr` is an alias for `source_ip_cidr` when `rule_set_ipcidr_match_source` enabled in route/DNS rules.
Match IP CIDR. Match IP CIDR.

View file

@ -65,42 +65,43 @@ func (r DNSRule) IsValid() bool {
} }
type DefaultDNSRule struct { type DefaultDNSRule struct {
Inbound Listable[string] `json:"inbound,omitempty"` Inbound Listable[string] `json:"inbound,omitempty"`
IPVersion int `json:"ip_version,omitempty"` IPVersion int `json:"ip_version,omitempty"`
QueryType Listable[DNSQueryType] `json:"query_type,omitempty"` QueryType Listable[DNSQueryType] `json:"query_type,omitempty"`
Network Listable[string] `json:"network,omitempty"` Network Listable[string] `json:"network,omitempty"`
AuthUser Listable[string] `json:"auth_user,omitempty"` AuthUser Listable[string] `json:"auth_user,omitempty"`
Protocol Listable[string] `json:"protocol,omitempty"` Protocol Listable[string] `json:"protocol,omitempty"`
Domain Listable[string] `json:"domain,omitempty"` Domain Listable[string] `json:"domain,omitempty"`
DomainSuffix Listable[string] `json:"domain_suffix,omitempty"` DomainSuffix Listable[string] `json:"domain_suffix,omitempty"`
DomainKeyword Listable[string] `json:"domain_keyword,omitempty"` DomainKeyword Listable[string] `json:"domain_keyword,omitempty"`
DomainRegex Listable[string] `json:"domain_regex,omitempty"` DomainRegex Listable[string] `json:"domain_regex,omitempty"`
Geosite Listable[string] `json:"geosite,omitempty"` Geosite Listable[string] `json:"geosite,omitempty"`
SourceGeoIP Listable[string] `json:"source_geoip,omitempty"` SourceGeoIP Listable[string] `json:"source_geoip,omitempty"`
GeoIP Listable[string] `json:"geoip,omitempty"` GeoIP Listable[string] `json:"geoip,omitempty"`
IPCIDR Listable[string] `json:"ip_cidr,omitempty"` IPCIDR Listable[string] `json:"ip_cidr,omitempty"`
IPIsPrivate bool `json:"ip_is_private,omitempty"` IPIsPrivate bool `json:"ip_is_private,omitempty"`
SourceIPCIDR Listable[string] `json:"source_ip_cidr,omitempty"` SourceIPCIDR Listable[string] `json:"source_ip_cidr,omitempty"`
SourceIPIsPrivate bool `json:"source_ip_is_private,omitempty"` SourceIPIsPrivate bool `json:"source_ip_is_private,omitempty"`
SourcePort Listable[uint16] `json:"source_port,omitempty"` SourcePort Listable[uint16] `json:"source_port,omitempty"`
SourcePortRange Listable[string] `json:"source_port_range,omitempty"` SourcePortRange Listable[string] `json:"source_port_range,omitempty"`
Port Listable[uint16] `json:"port,omitempty"` Port Listable[uint16] `json:"port,omitempty"`
PortRange Listable[string] `json:"port_range,omitempty"` PortRange Listable[string] `json:"port_range,omitempty"`
ProcessName Listable[string] `json:"process_name,omitempty"` ProcessName Listable[string] `json:"process_name,omitempty"`
ProcessPath Listable[string] `json:"process_path,omitempty"` ProcessPath Listable[string] `json:"process_path,omitempty"`
PackageName Listable[string] `json:"package_name,omitempty"` PackageName Listable[string] `json:"package_name,omitempty"`
User Listable[string] `json:"user,omitempty"` User Listable[string] `json:"user,omitempty"`
UserID Listable[int32] `json:"user_id,omitempty"` UserID Listable[int32] `json:"user_id,omitempty"`
Outbound Listable[string] `json:"outbound,omitempty"` Outbound Listable[string] `json:"outbound,omitempty"`
ClashMode string `json:"clash_mode,omitempty"` ClashMode string `json:"clash_mode,omitempty"`
WIFISSID Listable[string] `json:"wifi_ssid,omitempty"` WIFISSID Listable[string] `json:"wifi_ssid,omitempty"`
WIFIBSSID Listable[string] `json:"wifi_bssid,omitempty"` WIFIBSSID Listable[string] `json:"wifi_bssid,omitempty"`
RuleSet Listable[string] `json:"rule_set,omitempty"` RuleSet Listable[string] `json:"rule_set,omitempty"`
Invert bool `json:"invert,omitempty"` RuleSetIPCIDRMatchSource bool `json:"rule_set_ipcidr_match_source,omitempty"`
Server string `json:"server,omitempty"` Invert bool `json:"invert,omitempty"`
DisableCache bool `json:"disable_cache,omitempty"` Server string `json:"server,omitempty"`
RewriteTTL *uint32 `json:"rewrite_ttl,omitempty"` DisableCache bool `json:"disable_cache,omitempty"`
ClientSubnet *ListenAddress `json:"client_subnet,omitempty"` RewriteTTL *uint32 `json:"rewrite_ttl,omitempty"`
ClientSubnet *ListenAddress `json:"client_subnet,omitempty"`
} }
func (r DefaultDNSRule) IsValid() bool { func (r DefaultDNSRule) IsValid() bool {

View file

@ -219,7 +219,7 @@ func NewDefaultDNSRule(router adapter.Router, logger log.ContextLogger, options
rule.allItems = append(rule.allItems, item) rule.allItems = append(rule.allItems, item)
} }
if len(options.RuleSet) > 0 { if len(options.RuleSet) > 0 {
item := NewRuleSetItem(router, options.RuleSet, false) item := NewRuleSetItem(router, options.RuleSet, options.RuleSetIPCIDRMatchSource)
rule.items = append(rule.items, item) rule.items = append(rule.items, item)
rule.allItems = append(rule.allItems, item) rule.allItems = append(rule.allItems, item)
} }
@ -247,7 +247,7 @@ func (r *DefaultDNSRule) WithAddressLimit() bool {
if !isRuleSet { if !isRuleSet {
continue continue
} }
if ruleSet.ContainsIPCIDRRule() { if ruleSet.ContainsDestinationIPCIDRRule() {
return true return true
} }
} }

View file

@ -47,7 +47,10 @@ func (r *RuleSetItem) Match(metadata *adapter.InboundContext) bool {
return false return false
} }
func (r *RuleSetItem) ContainsIPCIDRRule() bool { func (r *RuleSetItem) ContainsDestinationIPCIDRRule() bool {
if r.ipcidrMatchSource {
return false
}
return common.Any(r.setList, func(ruleSet adapter.RuleSet) bool { return common.Any(r.setList, func(ruleSet adapter.RuleSet) bool {
return ruleSet.Metadata().ContainsIPCIDRRule return ruleSet.Metadata().ContainsIPCIDRRule
}) })