mirror of
https://github.com/SagerNet/sing-box.git
synced 2024-11-25 01:51:29 +00:00
Fix port rule match logic
This commit is contained in:
parent
92bf784f4f
commit
d9aa0a67d6
|
@ -104,8 +104,10 @@
|
||||||
|
|
||||||
The default rule uses the following matching logic:
|
The default rule uses the following matching logic:
|
||||||
(`domain` || `domain_suffix` || `domain_keyword` || `domain_regex` || `geosite`) &&
|
(`domain` || `domain_suffix` || `domain_keyword` || `domain_regex` || `geosite`) &&
|
||||||
|
(`port` || `port_range`) &&
|
||||||
(`source_geoip` || `source_ip_cidr`) &&
|
(`source_geoip` || `source_ip_cidr`) &&
|
||||||
`other fields`
|
(`source_port` || `source_port_range`) &&
|
||||||
|
`other fields`
|
||||||
|
|
||||||
#### inbound
|
#### inbound
|
||||||
|
|
||||||
|
|
|
@ -103,8 +103,10 @@
|
||||||
|
|
||||||
默认规则使用以下匹配逻辑:
|
默认规则使用以下匹配逻辑:
|
||||||
(`domain` || `domain_suffix` || `domain_keyword` || `domain_regex` || `geosite`) &&
|
(`domain` || `domain_suffix` || `domain_keyword` || `domain_regex` || `geosite`) &&
|
||||||
|
(`port` || `port_range`) &&
|
||||||
(`source_geoip` || `source_ip_cidr`) &&
|
(`source_geoip` || `source_ip_cidr`) &&
|
||||||
`other fields`
|
(`source_port` || `source_port_range`) &&
|
||||||
|
`other fields`
|
||||||
|
|
||||||
#### inbound
|
#### inbound
|
||||||
|
|
||||||
|
|
|
@ -107,8 +107,10 @@
|
||||||
|
|
||||||
The default rule uses the following matching logic:
|
The default rule uses the following matching logic:
|
||||||
(`domain` || `domain_suffix` || `domain_keyword` || `domain_regex` || `geosite` || `geoip` || `ip_cidr`) &&
|
(`domain` || `domain_suffix` || `domain_keyword` || `domain_regex` || `geosite` || `geoip` || `ip_cidr`) &&
|
||||||
|
(`port` || `port_range`) &&
|
||||||
(`source_geoip` || `source_ip_cidr`) &&
|
(`source_geoip` || `source_ip_cidr`) &&
|
||||||
`other fields`
|
(`source_port` || `source_port_range`) &&
|
||||||
|
`other fields`
|
||||||
|
|
||||||
#### inbound
|
#### inbound
|
||||||
|
|
||||||
|
|
|
@ -105,8 +105,10 @@
|
||||||
|
|
||||||
默认规则使用以下匹配逻辑:
|
默认规则使用以下匹配逻辑:
|
||||||
(`domain` || `domain_suffix` || `domain_keyword` || `domain_regex` || `geosite` || `geoip` || `ip_cidr`) &&
|
(`domain` || `domain_suffix` || `domain_keyword` || `domain_regex` || `geosite` || `geoip` || `ip_cidr`) &&
|
||||||
|
(`port` || `port_range`) &&
|
||||||
(`source_geoip` || `source_ip_cidr`) &&
|
(`source_geoip` || `source_ip_cidr`) &&
|
||||||
`other fields`
|
(`source_port` || `source_port_range`) &&
|
||||||
|
`other fields`
|
||||||
|
|
||||||
#### inbound
|
#### inbound
|
||||||
|
|
||||||
|
|
|
@ -41,7 +41,9 @@ var _ adapter.Rule = (*DefaultRule)(nil)
|
||||||
type DefaultRule struct {
|
type DefaultRule struct {
|
||||||
items []RuleItem
|
items []RuleItem
|
||||||
sourceAddressItems []RuleItem
|
sourceAddressItems []RuleItem
|
||||||
|
sourcePortItems []RuleItem
|
||||||
destinationAddressItems []RuleItem
|
destinationAddressItems []RuleItem
|
||||||
|
destinationPortItems []RuleItem
|
||||||
allItems []RuleItem
|
allItems []RuleItem
|
||||||
invert bool
|
invert bool
|
||||||
outbound string
|
outbound string
|
||||||
|
@ -143,7 +145,7 @@ func NewDefaultRule(router adapter.Router, logger log.ContextLogger, options opt
|
||||||
}
|
}
|
||||||
if len(options.SourcePort) > 0 {
|
if len(options.SourcePort) > 0 {
|
||||||
item := NewPortItem(true, options.SourcePort)
|
item := NewPortItem(true, options.SourcePort)
|
||||||
rule.items = append(rule.items, item)
|
rule.sourcePortItems = append(rule.sourcePortItems, item)
|
||||||
rule.allItems = append(rule.allItems, item)
|
rule.allItems = append(rule.allItems, item)
|
||||||
}
|
}
|
||||||
if len(options.SourcePortRange) > 0 {
|
if len(options.SourcePortRange) > 0 {
|
||||||
|
@ -151,12 +153,12 @@ func NewDefaultRule(router adapter.Router, logger log.ContextLogger, options opt
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, E.Cause(err, "source_port_range")
|
return nil, E.Cause(err, "source_port_range")
|
||||||
}
|
}
|
||||||
rule.items = append(rule.items, item)
|
rule.sourcePortItems = append(rule.sourcePortItems, item)
|
||||||
rule.allItems = append(rule.allItems, item)
|
rule.allItems = append(rule.allItems, item)
|
||||||
}
|
}
|
||||||
if len(options.Port) > 0 {
|
if len(options.Port) > 0 {
|
||||||
item := NewPortItem(false, options.Port)
|
item := NewPortItem(false, options.Port)
|
||||||
rule.items = append(rule.items, item)
|
rule.destinationPortItems = append(rule.destinationPortItems, item)
|
||||||
rule.allItems = append(rule.allItems, item)
|
rule.allItems = append(rule.allItems, item)
|
||||||
}
|
}
|
||||||
if len(options.PortRange) > 0 {
|
if len(options.PortRange) > 0 {
|
||||||
|
@ -164,7 +166,7 @@ func NewDefaultRule(router adapter.Router, logger log.ContextLogger, options opt
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, E.Cause(err, "port_range")
|
return nil, E.Cause(err, "port_range")
|
||||||
}
|
}
|
||||||
rule.items = append(rule.items, item)
|
rule.destinationPortItems = append(rule.destinationPortItems, item)
|
||||||
rule.allItems = append(rule.allItems, item)
|
rule.allItems = append(rule.allItems, item)
|
||||||
}
|
}
|
||||||
if len(options.ProcessName) > 0 {
|
if len(options.ProcessName) > 0 {
|
||||||
|
@ -256,6 +258,19 @@ func (r *DefaultRule) Match(metadata *adapter.InboundContext) bool {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if len(r.sourcePortItems) > 0 {
|
||||||
|
var sourcePortMatch bool
|
||||||
|
for _, item := range r.sourcePortItems {
|
||||||
|
if item.Match(metadata) {
|
||||||
|
sourcePortMatch = true
|
||||||
|
break
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if !sourcePortMatch {
|
||||||
|
return r.invert
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if len(r.destinationAddressItems) > 0 {
|
if len(r.destinationAddressItems) > 0 {
|
||||||
var destinationAddressMatch bool
|
var destinationAddressMatch bool
|
||||||
for _, item := range r.destinationAddressItems {
|
for _, item := range r.destinationAddressItems {
|
||||||
|
@ -269,6 +284,19 @@ func (r *DefaultRule) Match(metadata *adapter.InboundContext) bool {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if len(r.destinationPortItems) > 0 {
|
||||||
|
var destinationPortMatch bool
|
||||||
|
for _, item := range r.destinationPortItems {
|
||||||
|
if item.Match(metadata) {
|
||||||
|
destinationPortMatch = true
|
||||||
|
break
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if !destinationPortMatch {
|
||||||
|
return r.invert
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
return !r.invert
|
return !r.invert
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -39,12 +39,15 @@ func NewDNSRule(router adapter.Router, logger log.ContextLogger, options option.
|
||||||
var _ adapter.DNSRule = (*DefaultDNSRule)(nil)
|
var _ adapter.DNSRule = (*DefaultDNSRule)(nil)
|
||||||
|
|
||||||
type DefaultDNSRule struct {
|
type DefaultDNSRule struct {
|
||||||
items []RuleItem
|
items []RuleItem
|
||||||
addressItems []RuleItem
|
sourceAddressItems []RuleItem
|
||||||
allItems []RuleItem
|
sourcePortItems []RuleItem
|
||||||
invert bool
|
destinationAddressItems []RuleItem
|
||||||
outbound string
|
destinationPortItems []RuleItem
|
||||||
disableCache bool
|
allItems []RuleItem
|
||||||
|
invert bool
|
||||||
|
outbound string
|
||||||
|
disableCache bool
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewDefaultDNSRule(router adapter.Router, logger log.ContextLogger, options option.DefaultDNSRule) (*DefaultDNSRule, error) {
|
func NewDefaultDNSRule(router adapter.Router, logger log.ContextLogger, options option.DefaultDNSRule) (*DefaultDNSRule, error) {
|
||||||
|
@ -90,12 +93,12 @@ func NewDefaultDNSRule(router adapter.Router, logger log.ContextLogger, options
|
||||||
}
|
}
|
||||||
if len(options.Domain) > 0 || len(options.DomainSuffix) > 0 {
|
if len(options.Domain) > 0 || len(options.DomainSuffix) > 0 {
|
||||||
item := NewDomainItem(options.Domain, options.DomainSuffix)
|
item := NewDomainItem(options.Domain, options.DomainSuffix)
|
||||||
rule.addressItems = append(rule.addressItems, item)
|
rule.destinationAddressItems = append(rule.destinationAddressItems, item)
|
||||||
rule.allItems = append(rule.allItems, item)
|
rule.allItems = append(rule.allItems, item)
|
||||||
}
|
}
|
||||||
if len(options.DomainKeyword) > 0 {
|
if len(options.DomainKeyword) > 0 {
|
||||||
item := NewDomainKeywordItem(options.DomainKeyword)
|
item := NewDomainKeywordItem(options.DomainKeyword)
|
||||||
rule.addressItems = append(rule.addressItems, item)
|
rule.destinationAddressItems = append(rule.destinationAddressItems, item)
|
||||||
rule.allItems = append(rule.allItems, item)
|
rule.allItems = append(rule.allItems, item)
|
||||||
}
|
}
|
||||||
if len(options.DomainRegex) > 0 {
|
if len(options.DomainRegex) > 0 {
|
||||||
|
@ -103,17 +106,17 @@ func NewDefaultDNSRule(router adapter.Router, logger log.ContextLogger, options
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, E.Cause(err, "domain_regex")
|
return nil, E.Cause(err, "domain_regex")
|
||||||
}
|
}
|
||||||
rule.addressItems = append(rule.addressItems, item)
|
rule.destinationAddressItems = append(rule.destinationAddressItems, item)
|
||||||
rule.allItems = append(rule.allItems, item)
|
rule.allItems = append(rule.allItems, item)
|
||||||
}
|
}
|
||||||
if len(options.Geosite) > 0 {
|
if len(options.Geosite) > 0 {
|
||||||
item := NewGeositeItem(router, logger, options.Geosite)
|
item := NewGeositeItem(router, logger, options.Geosite)
|
||||||
rule.addressItems = append(rule.addressItems, item)
|
rule.destinationAddressItems = append(rule.destinationAddressItems, item)
|
||||||
rule.allItems = append(rule.allItems, item)
|
rule.allItems = append(rule.allItems, item)
|
||||||
}
|
}
|
||||||
if len(options.SourceGeoIP) > 0 {
|
if len(options.SourceGeoIP) > 0 {
|
||||||
item := NewGeoIPItem(router, logger, true, options.SourceGeoIP)
|
item := NewGeoIPItem(router, logger, true, options.SourceGeoIP)
|
||||||
rule.items = append(rule.items, item)
|
rule.sourceAddressItems = append(rule.sourceAddressItems, item)
|
||||||
rule.allItems = append(rule.allItems, item)
|
rule.allItems = append(rule.allItems, item)
|
||||||
}
|
}
|
||||||
if len(options.SourceIPCIDR) > 0 {
|
if len(options.SourceIPCIDR) > 0 {
|
||||||
|
@ -121,12 +124,12 @@ func NewDefaultDNSRule(router adapter.Router, logger log.ContextLogger, options
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, E.Cause(err, "source_ipcidr")
|
return nil, E.Cause(err, "source_ipcidr")
|
||||||
}
|
}
|
||||||
rule.items = append(rule.items, item)
|
rule.sourceAddressItems = append(rule.sourceAddressItems, item)
|
||||||
rule.allItems = append(rule.allItems, item)
|
rule.allItems = append(rule.allItems, item)
|
||||||
}
|
}
|
||||||
if len(options.SourcePort) > 0 {
|
if len(options.SourcePort) > 0 {
|
||||||
item := NewPortItem(true, options.SourcePort)
|
item := NewPortItem(true, options.SourcePort)
|
||||||
rule.items = append(rule.items, item)
|
rule.sourcePortItems = append(rule.sourcePortItems, item)
|
||||||
rule.allItems = append(rule.allItems, item)
|
rule.allItems = append(rule.allItems, item)
|
||||||
}
|
}
|
||||||
if len(options.SourcePortRange) > 0 {
|
if len(options.SourcePortRange) > 0 {
|
||||||
|
@ -134,12 +137,12 @@ func NewDefaultDNSRule(router adapter.Router, logger log.ContextLogger, options
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, E.Cause(err, "source_port_range")
|
return nil, E.Cause(err, "source_port_range")
|
||||||
}
|
}
|
||||||
rule.items = append(rule.items, item)
|
rule.sourcePortItems = append(rule.sourcePortItems, item)
|
||||||
rule.allItems = append(rule.allItems, item)
|
rule.allItems = append(rule.allItems, item)
|
||||||
}
|
}
|
||||||
if len(options.Port) > 0 {
|
if len(options.Port) > 0 {
|
||||||
item := NewPortItem(false, options.Port)
|
item := NewPortItem(false, options.Port)
|
||||||
rule.items = append(rule.items, item)
|
rule.destinationPortItems = append(rule.destinationPortItems, item)
|
||||||
rule.allItems = append(rule.allItems, item)
|
rule.allItems = append(rule.allItems, item)
|
||||||
}
|
}
|
||||||
if len(options.PortRange) > 0 {
|
if len(options.PortRange) > 0 {
|
||||||
|
@ -147,7 +150,7 @@ func NewDefaultDNSRule(router adapter.Router, logger log.ContextLogger, options
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, E.Cause(err, "port_range")
|
return nil, E.Cause(err, "port_range")
|
||||||
}
|
}
|
||||||
rule.items = append(rule.items, item)
|
rule.destinationPortItems = append(rule.destinationPortItems, item)
|
||||||
rule.allItems = append(rule.allItems, item)
|
rule.allItems = append(rule.allItems, item)
|
||||||
}
|
}
|
||||||
if len(options.ProcessName) > 0 {
|
if len(options.ProcessName) > 0 {
|
||||||
|
@ -230,18 +233,59 @@ func (r *DefaultDNSRule) Match(metadata *adapter.InboundContext) bool {
|
||||||
return r.invert
|
return r.invert
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if len(r.addressItems) > 0 {
|
|
||||||
var addressMatch bool
|
if len(r.sourceAddressItems) > 0 {
|
||||||
for _, item := range r.addressItems {
|
var sourceAddressMatch bool
|
||||||
|
for _, item := range r.sourceAddressItems {
|
||||||
if item.Match(metadata) {
|
if item.Match(metadata) {
|
||||||
addressMatch = true
|
sourceAddressMatch = true
|
||||||
break
|
break
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if !addressMatch {
|
if !sourceAddressMatch {
|
||||||
return r.invert
|
return r.invert
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if len(r.sourcePortItems) > 0 {
|
||||||
|
var sourcePortMatch bool
|
||||||
|
for _, item := range r.sourcePortItems {
|
||||||
|
if item.Match(metadata) {
|
||||||
|
sourcePortMatch = true
|
||||||
|
break
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if !sourcePortMatch {
|
||||||
|
return r.invert
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(r.destinationAddressItems) > 0 {
|
||||||
|
var destinationAddressMatch bool
|
||||||
|
for _, item := range r.destinationAddressItems {
|
||||||
|
if item.Match(metadata) {
|
||||||
|
destinationAddressMatch = true
|
||||||
|
break
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if !destinationAddressMatch {
|
||||||
|
return r.invert
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(r.destinationPortItems) > 0 {
|
||||||
|
var destinationPortMatch bool
|
||||||
|
for _, item := range r.destinationPortItems {
|
||||||
|
if item.Match(metadata) {
|
||||||
|
destinationPortMatch = true
|
||||||
|
break
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if !destinationPortMatch {
|
||||||
|
return r.invert
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
return !r.invert
|
return !r.invert
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue