From 8a7027e8d6ae9dab8ddd77d657fe8d4eae4a8c24 Mon Sep 17 00:00:00 2001 From: Larvan2 <78135608+Larvan2@users.noreply.github.com> Date: Fri, 20 Jan 2023 16:29:08 +0800 Subject: [PATCH] Fix: Remove EnableProcess from config.go and enable-process from config.yaml. Fix: FindProcess is now enabled by default when the rule set contains process-name rules. --- config/config.go | 6 +----- constant/provider/interface.go | 1 + docs/config.yaml | 7 +++++++ hub/executor/executor.go | 2 +- rules/provider/classical_strategy.go | 5 +++++ rules/provider/domain_strategy.go | 4 ++++ rules/provider/ipcidr_strategy.go | 4 ++++ rules/provider/provider.go | 5 +++++ rules/provider/rule_set.go | 11 ++++++----- tunnel/tunnel.go | 8 ++------ 10 files changed, 36 insertions(+), 17 deletions(-) diff --git a/config/config.go b/config/config.go index e20c8540..c5ba80fc 100644 --- a/config/config.go +++ b/config/config.go @@ -53,7 +53,6 @@ type General struct { GeodataMode bool `json:"geodata-mode"` GeodataLoader string `json:"geodata-loader"` TCPConcurrent bool `json:"tcp-concurrent"` - EnableProcess bool `json:"enable-process"` FindProcessMode P.FindProcessMode `json:"find-process-mode"` Sniffing bool `json:"sniffing"` EBpf EBpf `json:"-"` @@ -117,7 +116,7 @@ type Profile struct { } type TLS struct { - RawCert `yaml:",inline"` + RawCert `yaml:",inline"` CustomTrustCert []RawCert `yaml:"custom-certifactes"` } @@ -259,7 +258,6 @@ type RawConfig struct { GeodataMode bool `yaml:"geodata-mode"` GeodataLoader string `yaml:"geodata-loader"` TCPConcurrent bool `yaml:"tcp-concurrent" json:"tcp-concurrent"` - EnableProcess bool `yaml:"enable-process" json:"enable-process"` FindProcessMode P.FindProcessMode `yaml:"find-process-mode" json:"find-process-mode"` Sniffer RawSniffer `yaml:"sniffer"` @@ -337,7 +335,6 @@ func UnmarshalRawConfig(buf []byte) (*RawConfig, error) { Proxy: []map[string]any{}, ProxyGroup: []map[string]any{}, TCPConcurrent: false, - EnableProcess: false, FindProcessMode: P.FindProcessStrict, Tun: RawTun{ Enable: false, @@ -555,7 +552,6 @@ func parseGeneral(cfg *RawConfig) (*General, error) { GeodataMode: cfg.GeodataMode, GeodataLoader: cfg.GeodataLoader, TCPConcurrent: cfg.TCPConcurrent, - EnableProcess: cfg.EnableProcess, FindProcessMode: cfg.FindProcessMode, EBpf: cfg.EBpf, }, nil diff --git a/constant/provider/interface.go b/constant/provider/interface.go index 8bc3c0fe..b42bbe71 100644 --- a/constant/provider/interface.go +++ b/constant/provider/interface.go @@ -102,5 +102,6 @@ type RuleProvider interface { Behavior() RuleType Match(*constant.Metadata) bool ShouldResolveIP() bool + ShouldFindProcess() bool AsRule(adaptor string) constant.Rule } diff --git a/docs/config.yaml b/docs/config.yaml index a55aa9b2..206548b2 100644 --- a/docs/config.yaml +++ b/docs/config.yaml @@ -9,6 +9,13 @@ mixed-port: 10801 # HTTP(S) 和 SOCKS 代理混合端口 allow-lan: true # 允许局域网连接 bind-address: "*" # 绑定IP地址,仅作用于 allow-lan 为 true,'*'表示所有地址 + +# find-process-mode has 3 values: always, strict, off +# - always, 开启,强制匹配所有进程 +# - strict, 默认,由clash判断是否开启 +# - off, 不匹配进程,推荐在路由器上使用此模式 +find-process-mode: strict + mode: rule log-level: debug # 日志等级 silent/error/warning/info/debug diff --git a/hub/executor/executor.go b/hub/executor/executor.go index be682f36..94398db1 100644 --- a/hub/executor/executor.go +++ b/hub/executor/executor.go @@ -308,7 +308,7 @@ func updateTunnels(tunnels []LC.Tunnel) { func updateGeneral(general *config.General, force bool) { tunnel.SetMode(general.Mode) - tunnel.SetFindProcessMode(general.EnableProcess, general.FindProcessMode) + tunnel.SetFindProcessMode(general.FindProcessMode) dialer.DisableIPv6 = !general.IPv6 if !dialer.DisableIPv6 { log.Infoln("Use IPv6") diff --git a/rules/provider/classical_strategy.go b/rules/provider/classical_strategy.go index 73426e85..25360ec7 100644 --- a/rules/provider/classical_strategy.go +++ b/rules/provider/classical_strategy.go @@ -42,6 +42,11 @@ func (c *classicalStrategy) OnUpdate(rules []string) { shouldResolveIP := false for _, rawRule := range rules { ruleType, rule, params := ruleParse(rawRule) + + if ruleType == "PROCESS-NAME" { + c.shouldFindProcess = true + } + r, err := c.parse(ruleType, rule, "", params) if err != nil { log.Warnln("parse rule error:[%s]", err.Error()) diff --git a/rules/provider/domain_strategy.go b/rules/provider/domain_strategy.go index 61fe93a6..85528f40 100644 --- a/rules/provider/domain_strategy.go +++ b/rules/provider/domain_strategy.go @@ -12,6 +12,10 @@ type domainStrategy struct { domainRules *trie.DomainTrie[struct{}] } +func (d *domainStrategy) ShouldFindProcess() bool { + return false +} + func (d *domainStrategy) Match(metadata *C.Metadata) bool { return d.domainRules != nil && d.domainRules.Search(metadata.Host) != nil } diff --git a/rules/provider/ipcidr_strategy.go b/rules/provider/ipcidr_strategy.go index bba9ddc5..88228301 100644 --- a/rules/provider/ipcidr_strategy.go +++ b/rules/provider/ipcidr_strategy.go @@ -12,6 +12,10 @@ type ipcidrStrategy struct { trie *trie.IpCidrTrie } +func (i *ipcidrStrategy) ShouldFindProcess() bool { + return false +} + func (i *ipcidrStrategy) Match(metadata *C.Metadata) bool { return i.trie != nil && i.trie.IsContain(metadata.DstIP.AsSlice()) } diff --git a/rules/provider/provider.go b/rules/provider/provider.go index 347bebaa..175917c2 100644 --- a/rules/provider/provider.go +++ b/rules/provider/provider.go @@ -37,6 +37,7 @@ type ruleStrategy interface { Match(metadata *C.Metadata) bool Count() int ShouldResolveIP() bool + ShouldFindProcess() bool OnUpdate(rules []string) } @@ -86,6 +87,10 @@ func (rp *ruleSetProvider) ShouldResolveIP() bool { return rp.strategy.ShouldResolveIP() } +func (rp *ruleSetProvider) ShouldFindProcess() bool { + return rp.strategy.ShouldFindProcess() +} + func (rp *ruleSetProvider) AsRule(adaptor string) C.Rule { panic("implement me") } diff --git a/rules/provider/rule_set.go b/rules/provider/rule_set.go index 326e3b0d..4a49ad41 100644 --- a/rules/provider/rule_set.go +++ b/rules/provider/rule_set.go @@ -9,14 +9,15 @@ import ( type RuleSet struct { *common.Base - ruleProviderName string - adapter string - ruleProvider P.RuleProvider - noResolveIP bool + ruleProviderName string + adapter string + ruleProvider P.RuleProvider + noResolveIP bool + shouldFindProcess bool } func (rs *RuleSet) ShouldFindProcess() bool { - return false + return !rs.shouldFindProcess && rs.getProviders().ShouldFindProcess() } func (rs *RuleSet) RuleType() C.RuleType { diff --git a/tunnel/tunnel.go b/tunnel/tunnel.go index c5534062..0cc045c3 100644 --- a/tunnel/tunnel.go +++ b/tunnel/tunnel.go @@ -148,12 +148,8 @@ func SetMode(m TunnelMode) { // SetFindProcessMode replace SetAlwaysFindProcess // always find process info if legacyAlways = true or mode.Always() = true, may be increase many memory -func SetFindProcessMode(legacyAlways bool, mode P.FindProcessMode) { - if legacyAlways { - findProcessMode = P.FindProcessAlways - } else { - findProcessMode = mode - } +func SetFindProcessMode(mode P.FindProcessMode) { + findProcessMode = mode } // processUDP starts a loop to handle udp packet