From 763a127287697fe471f0e643e3bd3f5abfad85e9 Mon Sep 17 00:00:00 2001 From: wwqgtxx Date: Thu, 29 Aug 2024 23:49:16 +0800 Subject: [PATCH] feat: `RULE-SET` in rules support `,src` option should only be used with `ipcidr` behavior --- config/config.go | 4 ++-- constant/metadata.go | 7 +++++++ rules/common/base.go | 14 ++++++++------ rules/parser.go | 6 +++++- rules/provider/rule_set.go | 8 +++++++- 5 files changed, 29 insertions(+), 10 deletions(-) diff --git a/config/config.go b/config/config.go index 370506d4..c250d3ec 100644 --- a/config/config.go +++ b/config/config.go @@ -1802,7 +1802,7 @@ func parseIPRuleSet(domainSetName string, adapterName string, ruleProviders map[ default: } } - return RP.NewRuleSet(domainSetName, adapterName, true) + return RP.NewRuleSet(domainSetName, adapterName, false, true) } func parseDomainRuleSet(domainSetName string, adapterName string, ruleProviders map[string]providerTypes.RuleProvider) (C.DomainMatcher, error) { @@ -1817,5 +1817,5 @@ func parseDomainRuleSet(domainSetName string, adapterName string, ruleProviders default: } } - return RP.NewRuleSet(domainSetName, adapterName, true) + return RP.NewRuleSet(domainSetName, adapterName, false, true) } diff --git a/constant/metadata.go b/constant/metadata.go index 04537688..54362989 100644 --- a/constant/metadata.go +++ b/constant/metadata.go @@ -302,3 +302,10 @@ func (m *Metadata) SetRemoteAddress(rawAddress string) error { return nil } + +func (m *Metadata) SwapSrcDst() { + m.SrcIP, m.DstIP = m.DstIP, m.SrcIP + m.SrcPort, m.DstPort = m.DstPort, m.SrcPort + m.SrcIPASN, m.DstIPASN = m.DstIPASN, m.SrcIPASN + m.SrcGeoIP, m.DstGeoIP = m.DstGeoIP, m.SrcGeoIP +} diff --git a/rules/common/base.go b/rules/common/base.go index 670df1d9..04e3aec5 100644 --- a/rules/common/base.go +++ b/rules/common/base.go @@ -2,11 +2,14 @@ package common import ( "errors" + + "golang.org/x/exp/slices" ) var ( errPayload = errors.New("payloadRule error") noResolve = "no-resolve" + src = "src" ) type Base struct { @@ -23,10 +26,9 @@ func (b *Base) ShouldResolveIP() bool { func (b *Base) ProviderNames() []string { return nil } func HasNoResolve(params []string) bool { - for _, p := range params { - if p == noResolve { - return true - } - } - return false + return slices.Contains(params, noResolve) +} + +func HasSrc(params []string) bool { + return slices.Contains(params, src) } diff --git a/rules/parser.go b/rules/parser.go index 9b1f5520..2189cda9 100644 --- a/rules/parser.go +++ b/rules/parser.go @@ -77,7 +77,11 @@ func ParseRule(tp, payload, target string, params []string, subRules map[string] parsed, parseErr = logic.NewNOT(payload, target, ParseRule) case "RULE-SET": noResolve := RC.HasNoResolve(params) - parsed, parseErr = RP.NewRuleSet(payload, target, noResolve) + isSrc := RC.HasSrc(params) + if isSrc { + noResolve = true + } + parsed, parseErr = RP.NewRuleSet(payload, target, isSrc, noResolve) case "MATCH": parsed = RC.NewMatch(target) parseErr = nil diff --git a/rules/provider/rule_set.go b/rules/provider/rule_set.go index 23864e12..2ad0bd3d 100644 --- a/rules/provider/rule_set.go +++ b/rules/provider/rule_set.go @@ -12,6 +12,7 @@ type RuleSet struct { *common.Base ruleProviderName string adapter string + isSrc bool noResolveIP bool shouldFindProcess bool } @@ -32,6 +33,10 @@ func (rs *RuleSet) RuleType() C.RuleType { func (rs *RuleSet) Match(metadata *C.Metadata) (bool, string) { if provider, ok := rs.getProvider(); ok { + if rs.isSrc { + metadata.SwapSrcDst() + defer metadata.SwapSrcDst() + } return provider.Match(metadata), rs.adapter } return false, "" @@ -76,11 +81,12 @@ func (rs *RuleSet) getProvider() (P.RuleProvider, bool) { return pp, ok } -func NewRuleSet(ruleProviderName string, adapter string, noResolveIP bool) (*RuleSet, error) { +func NewRuleSet(ruleProviderName string, adapter string, isSrc bool, noResolveIP bool) (*RuleSet, error) { rs := &RuleSet{ Base: &common.Base{}, ruleProviderName: ruleProviderName, adapter: adapter, + isSrc: isSrc, noResolveIP: noResolveIP, } return rs, nil