mirror of
https://github.com/SagerNet/sing-box.git
synced 2024-12-27 16:45:39 +08:00
Remove unused reject methods
This commit is contained in:
parent
2a40003034
commit
51c0ee6c90
|
@ -2,7 +2,6 @@ package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"bytes"
|
"bytes"
|
||||||
"context"
|
|
||||||
"os"
|
"os"
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
|
|
||||||
|
@ -39,7 +38,7 @@ func format() error {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
for _, optionsEntry := range optionsList {
|
for _, optionsEntry := range optionsList {
|
||||||
optionsEntry.options, err = badjson.Omitempty(context.TODO(), optionsEntry.options)
|
optionsEntry.options, err = badjson.Omitempty(globalCtx, optionsEntry.options)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
|
@ -35,9 +35,5 @@ const (
|
||||||
|
|
||||||
const (
|
const (
|
||||||
RuleActionRejectMethodDefault = "default"
|
RuleActionRejectMethodDefault = "default"
|
||||||
RuleActionRejectMethodReset = "reset"
|
|
||||||
RuleActionRejectMethodNetworkUnreachable = "network-unreachable"
|
|
||||||
RuleActionRejectMethodHostUnreachable = "host-unreachable"
|
|
||||||
RuleActionRejectMethodPortUnreachable = "port-unreachable"
|
|
||||||
RuleActionRejectMethodDrop = "drop"
|
RuleActionRejectMethodDrop = "drop"
|
||||||
)
|
)
|
||||||
|
|
|
@ -76,8 +76,6 @@ type _DNSRuleAction struct {
|
||||||
Action string `json:"action,omitempty"`
|
Action string `json:"action,omitempty"`
|
||||||
RouteOptions DNSRouteActionOptions `json:"-"`
|
RouteOptions DNSRouteActionOptions `json:"-"`
|
||||||
RejectOptions RejectActionOptions `json:"-"`
|
RejectOptions RejectActionOptions `json:"-"`
|
||||||
SniffOptions RouteActionSniff `json:"-"`
|
|
||||||
ResolveOptions RouteActionResolve `json:"-"`
|
|
||||||
}
|
}
|
||||||
|
|
||||||
type DNSRuleAction _DNSRuleAction
|
type DNSRuleAction _DNSRuleAction
|
||||||
|
@ -139,6 +137,7 @@ type DNSRouteActionOptions struct {
|
||||||
|
|
||||||
type _RejectActionOptions struct {
|
type _RejectActionOptions struct {
|
||||||
Method string `json:"method,omitempty"`
|
Method string `json:"method,omitempty"`
|
||||||
|
NoDrop bool `json:"no_drop,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type RejectActionOptions _RejectActionOptions
|
type RejectActionOptions _RejectActionOptions
|
||||||
|
@ -151,14 +150,13 @@ func (r *RejectActionOptions) UnmarshalJSON(bytes []byte) error {
|
||||||
switch r.Method {
|
switch r.Method {
|
||||||
case "", C.RuleActionRejectMethodDefault:
|
case "", C.RuleActionRejectMethodDefault:
|
||||||
r.Method = C.RuleActionRejectMethodDefault
|
r.Method = C.RuleActionRejectMethodDefault
|
||||||
case C.RuleActionRejectMethodReset,
|
case C.RuleActionRejectMethodDrop:
|
||||||
C.RuleActionRejectMethodNetworkUnreachable,
|
|
||||||
C.RuleActionRejectMethodHostUnreachable,
|
|
||||||
C.RuleActionRejectMethodPortUnreachable,
|
|
||||||
C.RuleActionRejectMethodDrop:
|
|
||||||
default:
|
default:
|
||||||
return E.New("unknown reject method: " + r.Method)
|
return E.New("unknown reject method: " + r.Method)
|
||||||
}
|
}
|
||||||
|
if r.Method == C.RuleActionRejectMethodDrop && r.NoDrop {
|
||||||
|
return E.New("no_drop is not allowed when method is drop")
|
||||||
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -343,19 +343,25 @@ func (t *Inbound) Start() error {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
monitor.Start("initiating tun stack")
|
|
||||||
err = tunStack.Start()
|
|
||||||
monitor.Finish()
|
|
||||||
t.tunStack = tunStack
|
t.tunStack = tunStack
|
||||||
if err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
t.logger.Info("started at ", t.tunOptions.Name)
|
t.logger.Info("started at ", t.tunOptions.Name)
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (t *Inbound) PostStart() error {
|
func (t *Inbound) PostStart() error {
|
||||||
monitor := taskmonitor.New(t.logger, C.StartTimeout)
|
monitor := taskmonitor.New(t.logger, C.StartTimeout)
|
||||||
|
monitor.Start("starting tun stack")
|
||||||
|
err := t.tunStack.Start()
|
||||||
|
monitor.Finish()
|
||||||
|
if err != nil {
|
||||||
|
return E.Cause(err, "starting tun stack")
|
||||||
|
}
|
||||||
|
monitor.Start("starting tun interface")
|
||||||
|
err = t.tunIf.Start()
|
||||||
|
monitor.Finish()
|
||||||
|
if err != nil {
|
||||||
|
return E.Cause(err, "starting TUN interface")
|
||||||
|
}
|
||||||
if t.autoRedirect != nil {
|
if t.autoRedirect != nil {
|
||||||
t.routeAddressSet = common.FlatMap(t.routeRuleSet, adapter.RuleSet.ExtractIPSet)
|
t.routeAddressSet = common.FlatMap(t.routeRuleSet, adapter.RuleSet.ExtractIPSet)
|
||||||
for _, routeRuleSet := range t.routeRuleSet {
|
for _, routeRuleSet := range t.routeRuleSet {
|
||||||
|
|
|
@ -8,7 +8,6 @@ import (
|
||||||
"os"
|
"os"
|
||||||
"os/user"
|
"os/user"
|
||||||
"strings"
|
"strings"
|
||||||
"syscall"
|
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/sagernet/sing-box/adapter"
|
"github.com/sagernet/sing-box/adapter"
|
||||||
|
@ -107,7 +106,7 @@ func (r *Router) routeConnection(ctx context.Context, conn net.Conn, metadata ad
|
||||||
selectReturn = true
|
selectReturn = true
|
||||||
case *rule.RuleActionReject:
|
case *rule.RuleActionReject:
|
||||||
buf.ReleaseMulti(buffers)
|
buf.ReleaseMulti(buffers)
|
||||||
N.CloseOnHandshakeFailure(conn, onClose, action.Error())
|
N.CloseOnHandshakeFailure(conn, onClose, action.Error(ctx))
|
||||||
return nil
|
return nil
|
||||||
case *rule.RuleActionHijackDNS:
|
case *rule.RuleActionHijackDNS:
|
||||||
for _, buffer := range buffers {
|
for _, buffer := range buffers {
|
||||||
|
@ -252,7 +251,7 @@ func (r *Router) routePacketConnection(ctx context.Context, conn N.PacketConn, m
|
||||||
selectReturn = true
|
selectReturn = true
|
||||||
case *rule.RuleActionReject:
|
case *rule.RuleActionReject:
|
||||||
N.ReleaseMultiPacketBuffer(packetBuffers)
|
N.ReleaseMultiPacketBuffer(packetBuffers)
|
||||||
N.CloseOnHandshakeFailure(conn, onClose, syscall.ECONNREFUSED)
|
N.CloseOnHandshakeFailure(conn, onClose, action.Error(ctx))
|
||||||
return nil
|
return nil
|
||||||
case *rule.RuleActionHijackDNS:
|
case *rule.RuleActionHijackDNS:
|
||||||
r.hijackDNSPacket(ctx, conn, packetBuffers, metadata)
|
r.hijackDNSPacket(ctx, conn, packetBuffers, metadata)
|
||||||
|
@ -317,7 +316,7 @@ func (r *Router) PreMatch(metadata adapter.InboundContext) error {
|
||||||
if !isReject {
|
if !isReject {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
return rejectAction.Error()
|
return rejectAction.Error(nil)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (r *Router) matchRule(
|
func (r *Router) matchRule(
|
||||||
|
|
|
@ -1,10 +1,10 @@
|
||||||
package rule
|
package rule
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"context"
|
||||||
"net/netip"
|
"net/netip"
|
||||||
"os"
|
|
||||||
"strings"
|
"strings"
|
||||||
"syscall"
|
"sync"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/sagernet/sing-box/adapter"
|
"github.com/sagernet/sing-box/adapter"
|
||||||
|
@ -13,11 +13,15 @@ import (
|
||||||
"github.com/sagernet/sing-box/option"
|
"github.com/sagernet/sing-box/option"
|
||||||
"github.com/sagernet/sing-dns"
|
"github.com/sagernet/sing-dns"
|
||||||
"github.com/sagernet/sing-tun"
|
"github.com/sagernet/sing-tun"
|
||||||
|
"github.com/sagernet/sing/common"
|
||||||
E "github.com/sagernet/sing/common/exceptions"
|
E "github.com/sagernet/sing/common/exceptions"
|
||||||
F "github.com/sagernet/sing/common/format"
|
F "github.com/sagernet/sing/common/format"
|
||||||
|
"github.com/sagernet/sing/common/logger"
|
||||||
|
|
||||||
|
"golang.org/x/sys/unix"
|
||||||
)
|
)
|
||||||
|
|
||||||
func NewRuleAction(action option.RuleAction) (adapter.RuleAction, error) {
|
func NewRuleAction(logger logger.ContextLogger, action option.RuleAction) (adapter.RuleAction, error) {
|
||||||
switch action.Action {
|
switch action.Action {
|
||||||
case C.RuleActionTypeRoute:
|
case C.RuleActionTypeRoute:
|
||||||
return &RuleActionRoute{
|
return &RuleActionRoute{
|
||||||
|
@ -29,6 +33,8 @@ func NewRuleAction(action option.RuleAction) (adapter.RuleAction, error) {
|
||||||
case C.RuleActionTypeReject:
|
case C.RuleActionTypeReject:
|
||||||
return &RuleActionReject{
|
return &RuleActionReject{
|
||||||
Method: action.RejectOptions.Method,
|
Method: action.RejectOptions.Method,
|
||||||
|
NoDrop: action.RejectOptions.NoDrop,
|
||||||
|
logger: logger,
|
||||||
}, nil
|
}, nil
|
||||||
case C.RuleActionTypeHijackDNS:
|
case C.RuleActionTypeHijackDNS:
|
||||||
return &RuleActionHijackDNS{}, nil
|
return &RuleActionHijackDNS{}, nil
|
||||||
|
@ -48,7 +54,7 @@ func NewRuleAction(action option.RuleAction) (adapter.RuleAction, error) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewDNSRuleAction(action option.DNSRuleAction) adapter.RuleAction {
|
func NewDNSRuleAction(logger logger.ContextLogger, action option.DNSRuleAction) adapter.RuleAction {
|
||||||
switch action.Action {
|
switch action.Action {
|
||||||
case C.RuleActionTypeRoute:
|
case C.RuleActionTypeRoute:
|
||||||
return &RuleActionDNSRoute{
|
return &RuleActionDNSRoute{
|
||||||
|
@ -62,6 +68,8 @@ func NewDNSRuleAction(action option.DNSRuleAction) adapter.RuleAction {
|
||||||
case C.RuleActionTypeReject:
|
case C.RuleActionTypeReject:
|
||||||
return &RuleActionReject{
|
return &RuleActionReject{
|
||||||
Method: action.RejectOptions.Method,
|
Method: action.RejectOptions.Method,
|
||||||
|
NoDrop: action.RejectOptions.NoDrop,
|
||||||
|
logger: logger,
|
||||||
}
|
}
|
||||||
default:
|
default:
|
||||||
panic(F.ToString("unknown rule action: ", action.Action))
|
panic(F.ToString("unknown rule action: ", action.Action))
|
||||||
|
@ -108,6 +116,10 @@ func (r *RuleActionReturn) String() string {
|
||||||
|
|
||||||
type RuleActionReject struct {
|
type RuleActionReject struct {
|
||||||
Method string
|
Method string
|
||||||
|
NoDrop bool
|
||||||
|
logger logger.ContextLogger
|
||||||
|
dropAccess sync.Mutex
|
||||||
|
dropCounter []time.Time
|
||||||
}
|
}
|
||||||
|
|
||||||
func (r *RuleActionReject) Type() string {
|
func (r *RuleActionReject) Type() string {
|
||||||
|
@ -121,21 +133,30 @@ func (r *RuleActionReject) String() string {
|
||||||
return F.ToString("reject(", r.Method, ")")
|
return F.ToString("reject(", r.Method, ")")
|
||||||
}
|
}
|
||||||
|
|
||||||
func (r *RuleActionReject) Error() error {
|
func (r *RuleActionReject) Error(ctx context.Context) error {
|
||||||
|
var returnErr error
|
||||||
switch r.Method {
|
switch r.Method {
|
||||||
case C.RuleActionRejectMethodReset:
|
case C.RuleActionRejectMethodDefault:
|
||||||
return os.ErrClosed
|
returnErr = unix.ECONNREFUSED
|
||||||
case C.RuleActionRejectMethodNetworkUnreachable:
|
|
||||||
return syscall.ENETUNREACH
|
|
||||||
case C.RuleActionRejectMethodHostUnreachable:
|
|
||||||
return syscall.EHOSTUNREACH
|
|
||||||
case C.RuleActionRejectMethodDefault, C.RuleActionRejectMethodPortUnreachable:
|
|
||||||
return syscall.ECONNREFUSED
|
|
||||||
case C.RuleActionRejectMethodDrop:
|
case C.RuleActionRejectMethodDrop:
|
||||||
return tun.ErrDrop
|
return tun.ErrDrop
|
||||||
default:
|
default:
|
||||||
panic(F.ToString("unknown reject method: ", r.Method))
|
panic(F.ToString("unknown reject method: ", r.Method))
|
||||||
}
|
}
|
||||||
|
r.dropAccess.Lock()
|
||||||
|
defer r.dropAccess.Unlock()
|
||||||
|
timeNow := time.Now()
|
||||||
|
r.dropCounter = common.Filter(r.dropCounter, func(t time.Time) bool {
|
||||||
|
return timeNow.Sub(t) <= 30*time.Second
|
||||||
|
})
|
||||||
|
r.dropCounter = append(r.dropCounter, timeNow)
|
||||||
|
if len(r.dropCounter) > 50 {
|
||||||
|
if ctx != nil {
|
||||||
|
r.logger.DebugContext(ctx, "dropped due to flooding")
|
||||||
|
}
|
||||||
|
return tun.ErrDrop
|
||||||
|
}
|
||||||
|
return returnErr
|
||||||
}
|
}
|
||||||
|
|
||||||
type RuleActionHijackDNS struct{}
|
type RuleActionHijackDNS struct{}
|
||||||
|
|
|
@ -52,7 +52,7 @@ type RuleItem interface {
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewDefaultRule(ctx context.Context, router adapter.Router, logger log.ContextLogger, options option.DefaultRule) (*DefaultRule, error) {
|
func NewDefaultRule(ctx context.Context, router adapter.Router, logger log.ContextLogger, options option.DefaultRule) (*DefaultRule, error) {
|
||||||
action, err := NewRuleAction(options.RuleAction)
|
action, err := NewRuleAction(logger, options.RuleAction)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, E.Cause(err, "action")
|
return nil, E.Cause(err, "action")
|
||||||
}
|
}
|
||||||
|
@ -254,7 +254,7 @@ type LogicalRule struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewLogicalRule(ctx context.Context, router adapter.Router, logger log.ContextLogger, options option.LogicalRule) (*LogicalRule, error) {
|
func NewLogicalRule(ctx context.Context, router adapter.Router, logger log.ContextLogger, options option.LogicalRule) (*LogicalRule, error) {
|
||||||
action, err := NewRuleAction(options.RuleAction)
|
action, err := NewRuleAction(logger, options.RuleAction)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, E.Cause(err, "action")
|
return nil, E.Cause(err, "action")
|
||||||
}
|
}
|
||||||
|
|
|
@ -51,7 +51,7 @@ func NewDefaultDNSRule(ctx context.Context, router adapter.Router, logger log.Co
|
||||||
rule := &DefaultDNSRule{
|
rule := &DefaultDNSRule{
|
||||||
abstractDefaultRule: abstractDefaultRule{
|
abstractDefaultRule: abstractDefaultRule{
|
||||||
invert: options.Invert,
|
invert: options.Invert,
|
||||||
action: NewDNSRuleAction(options.DNSRuleAction),
|
action: NewDNSRuleAction(logger, options.DNSRuleAction),
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
if len(options.Inbound) > 0 {
|
if len(options.Inbound) > 0 {
|
||||||
|
@ -287,7 +287,7 @@ func NewLogicalDNSRule(ctx context.Context, router adapter.Router, logger log.Co
|
||||||
abstractLogicalRule: abstractLogicalRule{
|
abstractLogicalRule: abstractLogicalRule{
|
||||||
rules: make([]adapter.HeadlessRule, len(options.Rules)),
|
rules: make([]adapter.HeadlessRule, len(options.Rules)),
|
||||||
invert: options.Invert,
|
invert: options.Invert,
|
||||||
action: NewDNSRuleAction(options.DNSRuleAction),
|
action: NewDNSRuleAction(logger, options.DNSRuleAction),
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
switch options.Mode {
|
switch options.Mode {
|
||||||
|
|
Loading…
Reference in New Issue
Block a user