mirror of
https://github.com/bol-van/zapret.git
synced 2024-12-27 11:50:34 +05:00
tpws: --skip
This commit is contained in:
parent
4856be4ef1
commit
1779cfad30
@ -155,22 +155,26 @@ void hexdump_limited_dlog(const uint8_t *data, size_t size, size_t limit)
|
|||||||
if (bcut) VPRINT(" ...");
|
if (bcut) VPRINT(" ...");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void dp_init(struct desync_profile *dp)
|
||||||
|
{
|
||||||
|
LIST_INIT(&dp->hl_collection);
|
||||||
|
LIST_INIT(&dp->hl_collection_exclude);
|
||||||
|
LIST_INIT(&dp->ips_collection);
|
||||||
|
LIST_INIT(&dp->ips_collection_exclude);
|
||||||
|
LIST_INIT(&dp->pf_tcp);
|
||||||
|
|
||||||
|
dp->filter_ipv4 = dp->filter_ipv6 = true;
|
||||||
|
memcpy(dp->hostspell, "host", 4); // default hostspell
|
||||||
|
dp->hostlist_auto_fail_threshold = HOSTLIST_AUTO_FAIL_THRESHOLD_DEFAULT;
|
||||||
|
dp->hostlist_auto_fail_time = HOSTLIST_AUTO_FAIL_TIME_DEFAULT;
|
||||||
|
}
|
||||||
|
|
||||||
struct desync_profile_list *dp_list_add(struct desync_profile_list_head *head)
|
struct desync_profile_list *dp_list_add(struct desync_profile_list_head *head)
|
||||||
{
|
{
|
||||||
struct desync_profile_list *entry = calloc(1,sizeof(struct desync_profile_list));
|
struct desync_profile_list *entry = calloc(1,sizeof(struct desync_profile_list));
|
||||||
if (!entry) return NULL;
|
if (!entry) return NULL;
|
||||||
|
|
||||||
LIST_INIT(&entry->dp.hl_collection);
|
dp_init(&entry->dp);
|
||||||
LIST_INIT(&entry->dp.hl_collection_exclude);
|
|
||||||
LIST_INIT(&entry->dp.ips_collection);
|
|
||||||
LIST_INIT(&entry->dp.ips_collection_exclude);
|
|
||||||
LIST_INIT(&entry->dp.pf_tcp);
|
|
||||||
|
|
||||||
entry->dp.filter_ipv4 = entry->dp.filter_ipv6 = true;
|
|
||||||
memcpy(entry->dp.hostspell, "host", 4); // default hostspell
|
|
||||||
entry->dp.hostlist_auto_fail_threshold = HOSTLIST_AUTO_FAIL_THRESHOLD_DEFAULT;
|
|
||||||
entry->dp.hostlist_auto_fail_time = HOSTLIST_AUTO_FAIL_TIME_DEFAULT;
|
|
||||||
|
|
||||||
// add to the tail
|
// add to the tail
|
||||||
struct desync_profile_list *dpn,*dpl=LIST_FIRST(¶ms.desync_profiles);
|
struct desync_profile_list *dpn,*dpl=LIST_FIRST(¶ms.desync_profiles);
|
||||||
@ -184,14 +188,23 @@ struct desync_profile_list *dp_list_add(struct desync_profile_list_head *head)
|
|||||||
|
|
||||||
return entry;
|
return entry;
|
||||||
}
|
}
|
||||||
static void dp_entry_destroy(struct desync_profile_list *entry)
|
static void dp_clear_dynamic(struct desync_profile *dp)
|
||||||
{
|
{
|
||||||
hostlist_collection_destroy(&entry->dp.hl_collection);
|
hostlist_collection_destroy(&dp->hl_collection);
|
||||||
hostlist_collection_destroy(&entry->dp.hl_collection_exclude);
|
hostlist_collection_destroy(&dp->hl_collection_exclude);
|
||||||
ipset_collection_destroy(&entry->dp.ips_collection);
|
ipset_collection_destroy(&dp->ips_collection);
|
||||||
ipset_collection_destroy(&entry->dp.ips_collection_exclude);
|
ipset_collection_destroy(&dp->ips_collection_exclude);
|
||||||
port_filters_destroy(&entry->dp.pf_tcp);
|
port_filters_destroy(&dp->pf_tcp);
|
||||||
HostFailPoolDestroy(&entry->dp.hostlist_auto_fail_counters);
|
HostFailPoolDestroy(&dp->hostlist_auto_fail_counters);
|
||||||
|
}
|
||||||
|
void dp_clear(struct desync_profile *dp)
|
||||||
|
{
|
||||||
|
dp_clear_dynamic(dp);
|
||||||
|
memset(dp,0,sizeof(*dp));
|
||||||
|
}
|
||||||
|
void dp_entry_destroy(struct desync_profile_list *entry)
|
||||||
|
{
|
||||||
|
dp_clear_dynamic(&entry->dp);
|
||||||
free(entry);
|
free(entry);
|
||||||
}
|
}
|
||||||
void dp_list_destroy(struct desync_profile_list_head *head)
|
void dp_list_destroy(struct desync_profile_list_head *head)
|
||||||
|
@ -83,7 +83,10 @@ struct desync_profile_list {
|
|||||||
};
|
};
|
||||||
LIST_HEAD(desync_profile_list_head, desync_profile_list);
|
LIST_HEAD(desync_profile_list_head, desync_profile_list);
|
||||||
struct desync_profile_list *dp_list_add(struct desync_profile_list_head *head);
|
struct desync_profile_list *dp_list_add(struct desync_profile_list_head *head);
|
||||||
|
void dp_entry_destroy(struct desync_profile_list *entry);
|
||||||
void dp_list_destroy(struct desync_profile_list_head *head);
|
void dp_list_destroy(struct desync_profile_list_head *head);
|
||||||
|
void dp_init(struct desync_profile *dp);
|
||||||
|
void dp_clear(struct desync_profile *dp);
|
||||||
|
|
||||||
struct params_s
|
struct params_s
|
||||||
{
|
{
|
||||||
|
79
tpws/tpws.c
79
tpws/tpws.c
@ -177,6 +177,7 @@ static void exithelp(void)
|
|||||||
" --debug-level=0|1|2\t\t\t; specify debug level\n"
|
" --debug-level=0|1|2\t\t\t; specify debug level\n"
|
||||||
"\nMULTI-STRATEGY:\n"
|
"\nMULTI-STRATEGY:\n"
|
||||||
" --new\t\t\t\t\t; begin new strategy\n"
|
" --new\t\t\t\t\t; begin new strategy\n"
|
||||||
|
" --skip\t\t\t\t\t; do not use this strategy\n"
|
||||||
" --filter-l3=ipv4|ipv6\t\t\t; L3 protocol filter. multiple comma separated values allowed.\n"
|
" --filter-l3=ipv4|ipv6\t\t\t; L3 protocol filter. multiple comma separated values allowed.\n"
|
||||||
" --filter-tcp=[~]port1[-port2]|*\t; TCP port filter. ~ means negation. multiple comma separated values allowed.\n"
|
" --filter-tcp=[~]port1[-port2]|*\t; TCP port filter. ~ means negation. multiple comma separated values allowed.\n"
|
||||||
" --filter-l7=[http|tls|unknown]\t\t; L6-L7 protocol filter. multiple comma separated values allowed.\n"
|
" --filter-l7=[http|tls|unknown]\t\t; L6-L7 protocol filter. multiple comma separated values allowed.\n"
|
||||||
@ -524,6 +525,7 @@ void parse_params(int argc, char *argv[])
|
|||||||
{
|
{
|
||||||
int option_index = 0;
|
int option_index = 0;
|
||||||
int v, i;
|
int v, i;
|
||||||
|
bool bSkip=false;
|
||||||
|
|
||||||
memset(¶ms, 0, sizeof(params));
|
memset(¶ms, 0, sizeof(params));
|
||||||
params.maxconn = DEFAULT_MAX_CONN;
|
params.maxconn = DEFAULT_MAX_CONN;
|
||||||
@ -630,24 +632,25 @@ void parse_params(int argc, char *argv[])
|
|||||||
{ "connect-bind-addr",required_argument,0,0 },// optidx=55
|
{ "connect-bind-addr",required_argument,0,0 },// optidx=55
|
||||||
|
|
||||||
{ "new",no_argument,0,0 }, // optidx=56
|
{ "new",no_argument,0,0 }, // optidx=56
|
||||||
{ "filter-l3",required_argument,0,0 }, // optidx=57
|
{ "skip",no_argument,0,0 }, // optidx=57
|
||||||
{ "filter-tcp",required_argument,0,0 }, // optidx=58
|
{ "filter-l3",required_argument,0,0 }, // optidx=58
|
||||||
{ "filter-l7",required_argument,0,0 }, // optidx=59
|
{ "filter-tcp",required_argument,0,0 }, // optidx=59
|
||||||
{ "ipset",required_argument,0,0 }, // optidx=60
|
{ "filter-l7",required_argument,0,0 }, // optidx=60
|
||||||
{ "ipset-exclude",required_argument,0,0 }, // optidx=61
|
{ "ipset",required_argument,0,0 }, // optidx=61
|
||||||
|
{ "ipset-exclude",required_argument,0,0 }, // optidx=62
|
||||||
|
|
||||||
#if defined(__FreeBSD__)
|
#if defined(__FreeBSD__)
|
||||||
{ "enable-pf",no_argument,0,0 },// optidx=62
|
{ "enable-pf",no_argument,0,0 },// optidx=62
|
||||||
#elif defined(__APPLE__)
|
#elif defined(__APPLE__)
|
||||||
{ "local-tcp-user-timeout",required_argument,0,0 }, // optidx=62
|
{ "local-tcp-user-timeout",required_argument,0,0 }, // optidx=63
|
||||||
{ "remote-tcp-user-timeout",required_argument,0,0 }, // optidx=63
|
{ "remote-tcp-user-timeout",required_argument,0,0 }, // optidx=64
|
||||||
#elif defined(__linux__)
|
#elif defined(__linux__)
|
||||||
{ "local-tcp-user-timeout",required_argument,0,0 }, // optidx=62
|
{ "local-tcp-user-timeout",required_argument,0,0 }, // optidx=63
|
||||||
{ "remote-tcp-user-timeout",required_argument,0,0 }, // optidx=63
|
{ "remote-tcp-user-timeout",required_argument,0,0 }, // optidx=64
|
||||||
{ "mss",required_argument,0,0 }, // optidx=64
|
{ "mss",required_argument,0,0 }, // optidx=65
|
||||||
{ "fix-seg",optional_argument,0,0 }, // optidx=65
|
{ "fix-seg",optional_argument,0,0 }, // optidx=66
|
||||||
#ifdef SPLICE_PRESENT
|
#ifdef SPLICE_PRESENT
|
||||||
{ "nosplice",no_argument,0,0 }, // optidx=66
|
{ "nosplice",no_argument,0,0 }, // optidx=67
|
||||||
#endif
|
#endif
|
||||||
#endif
|
#endif
|
||||||
{ "hostlist-auto-retrans-threshold",optional_argument,0,0}, // ignored. for nfqws command line compatibility
|
{ "hostlist-auto-retrans-threshold",optional_argument,0,0}, // ignored. for nfqws command line compatibility
|
||||||
@ -1160,36 +1163,49 @@ void parse_params(int argc, char *argv[])
|
|||||||
|
|
||||||
|
|
||||||
case 56: /* new */
|
case 56: /* new */
|
||||||
if (!(dpl = dp_list_add(¶ms.desync_profiles)))
|
if (bSkip)
|
||||||
{
|
{
|
||||||
DLOG_ERR("desync_profile_add: out of memory\n");
|
dp_clear(dp);
|
||||||
exit_clean(1);
|
dp_init(dp);
|
||||||
|
dp->n = desync_profile_count;
|
||||||
|
bSkip = false;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (!(dpl = dp_list_add(¶ms.desync_profiles)))
|
||||||
|
{
|
||||||
|
DLOG_ERR("desync_profile_add: out of memory\n");
|
||||||
|
exit_clean(1);
|
||||||
|
}
|
||||||
|
dp = &dpl->dp;
|
||||||
|
dp->n = ++desync_profile_count;
|
||||||
}
|
}
|
||||||
dp = &dpl->dp;
|
|
||||||
dp->n = ++desync_profile_count;
|
|
||||||
break;
|
break;
|
||||||
case 57: /* filter-l3 */
|
case 57: /* skip */
|
||||||
|
bSkip = true;
|
||||||
|
break;
|
||||||
|
case 58: /* filter-l3 */
|
||||||
if (!wf_make_l3(optarg,&dp->filter_ipv4,&dp->filter_ipv6))
|
if (!wf_make_l3(optarg,&dp->filter_ipv4,&dp->filter_ipv6))
|
||||||
{
|
{
|
||||||
DLOG_ERR("bad value for --filter-l3\n");
|
DLOG_ERR("bad value for --filter-l3\n");
|
||||||
exit_clean(1);
|
exit_clean(1);
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case 58: /* filter-tcp */
|
case 59: /* filter-tcp */
|
||||||
if (!parse_pf_list(optarg,&dp->pf_tcp))
|
if (!parse_pf_list(optarg,&dp->pf_tcp))
|
||||||
{
|
{
|
||||||
DLOG_ERR("Invalid port filter : %s\n",optarg);
|
DLOG_ERR("Invalid port filter : %s\n",optarg);
|
||||||
exit_clean(1);
|
exit_clean(1);
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case 59: /* filter-l7 */
|
case 60: /* filter-l7 */
|
||||||
if (!parse_l7_list(optarg,&dp->filter_l7))
|
if (!parse_l7_list(optarg,&dp->filter_l7))
|
||||||
{
|
{
|
||||||
DLOG_ERR("Invalid l7 filter : %s\n",optarg);
|
DLOG_ERR("Invalid l7 filter : %s\n",optarg);
|
||||||
exit_clean(1);
|
exit_clean(1);
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case 60: /* ipset */
|
case 61: /* ipset */
|
||||||
if (!RegisterIpset(dp, false, optarg))
|
if (!RegisterIpset(dp, false, optarg))
|
||||||
{
|
{
|
||||||
DLOG_ERR("failed to register ipset '%s'\n", optarg);
|
DLOG_ERR("failed to register ipset '%s'\n", optarg);
|
||||||
@ -1197,7 +1213,7 @@ void parse_params(int argc, char *argv[])
|
|||||||
}
|
}
|
||||||
params.tamper = true;
|
params.tamper = true;
|
||||||
break;
|
break;
|
||||||
case 61: /* ipset-exclude */
|
case 62: /* ipset-exclude */
|
||||||
if (!RegisterIpset(dp, true, optarg))
|
if (!RegisterIpset(dp, true, optarg))
|
||||||
{
|
{
|
||||||
DLOG_ERR("failed to register ipset '%s'\n", optarg);
|
DLOG_ERR("failed to register ipset '%s'\n", optarg);
|
||||||
@ -1207,11 +1223,11 @@ void parse_params(int argc, char *argv[])
|
|||||||
break;
|
break;
|
||||||
|
|
||||||
#if defined(__FreeBSD__)
|
#if defined(__FreeBSD__)
|
||||||
case 62: /* enable-pf */
|
case 63: /* enable-pf */
|
||||||
params.pf_enable = true;
|
params.pf_enable = true;
|
||||||
break;
|
break;
|
||||||
#elif defined(__linux__) || defined(__APPLE__)
|
#elif defined(__linux__) || defined(__APPLE__)
|
||||||
case 62: /* local-tcp-user-timeout */
|
case 63: /* local-tcp-user-timeout */
|
||||||
params.tcp_user_timeout_local = atoi(optarg);
|
params.tcp_user_timeout_local = atoi(optarg);
|
||||||
if (params.tcp_user_timeout_local<0 || params.tcp_user_timeout_local>86400)
|
if (params.tcp_user_timeout_local<0 || params.tcp_user_timeout_local>86400)
|
||||||
{
|
{
|
||||||
@ -1219,7 +1235,7 @@ void parse_params(int argc, char *argv[])
|
|||||||
exit_clean(1);
|
exit_clean(1);
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case 63: /* remote-tcp-user-timeout */
|
case 64: /* remote-tcp-user-timeout */
|
||||||
params.tcp_user_timeout_remote = atoi(optarg);
|
params.tcp_user_timeout_remote = atoi(optarg);
|
||||||
if (params.tcp_user_timeout_remote<0 || params.tcp_user_timeout_remote>86400)
|
if (params.tcp_user_timeout_remote<0 || params.tcp_user_timeout_remote>86400)
|
||||||
{
|
{
|
||||||
@ -1230,7 +1246,7 @@ void parse_params(int argc, char *argv[])
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if defined(__linux__)
|
#if defined(__linux__)
|
||||||
case 64: /* mss */
|
case 65: /* mss */
|
||||||
// this option does not work in any BSD and MacOS. OS may accept but it changes nothing
|
// this option does not work in any BSD and MacOS. OS may accept but it changes nothing
|
||||||
dp->mss = atoi(optarg);
|
dp->mss = atoi(optarg);
|
||||||
if (dp->mss<88 || dp->mss>32767)
|
if (dp->mss<88 || dp->mss>32767)
|
||||||
@ -1239,7 +1255,7 @@ void parse_params(int argc, char *argv[])
|
|||||||
exit_clean(1);
|
exit_clean(1);
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case 65: /* fix-seg */
|
case 66: /* fix-seg */
|
||||||
if (!params.fix_seg_avail)
|
if (!params.fix_seg_avail)
|
||||||
{
|
{
|
||||||
DLOG_ERR("--fix-seg is supported since kernel 4.6\n");
|
DLOG_ERR("--fix-seg is supported since kernel 4.6\n");
|
||||||
@ -1259,13 +1275,20 @@ void parse_params(int argc, char *argv[])
|
|||||||
params.fix_seg = FIX_SEG_DEFAULT_MAX_WAIT;
|
params.fix_seg = FIX_SEG_DEFAULT_MAX_WAIT;
|
||||||
break;
|
break;
|
||||||
#ifdef SPLICE_PRESENT
|
#ifdef SPLICE_PRESENT
|
||||||
case 66: /* nosplice */
|
case 67: /* nosplice */
|
||||||
params.nosplice = true;
|
params.nosplice = true;
|
||||||
break;
|
break;
|
||||||
#endif
|
#endif
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
if (bSkip)
|
||||||
|
{
|
||||||
|
dp_entry_destroy(dpl);
|
||||||
|
LIST_REMOVE(dpl,next);
|
||||||
|
desync_profile_count--;
|
||||||
|
}
|
||||||
|
|
||||||
if (!params.bind_wait_only && !params.port)
|
if (!params.bind_wait_only && !params.port)
|
||||||
{
|
{
|
||||||
DLOG_ERR("Need port number\n");
|
DLOG_ERR("Need port number\n");
|
||||||
|
@ -485,7 +485,7 @@ static bool connect_remote_conn(tproxy_conn_t *conn)
|
|||||||
|
|
||||||
apply_desync_profile(&conn->track, (struct sockaddr *)&conn->dest);
|
apply_desync_profile(&conn->track, (struct sockaddr *)&conn->dest);
|
||||||
|
|
||||||
if (conn->track.dp)
|
if (conn->track.dp && conn->track.dp->mss)
|
||||||
{
|
{
|
||||||
mss = conn->track.dp->mss;
|
mss = conn->track.dp->mss;
|
||||||
if (conn->track.dp->hostlist_auto)
|
if (conn->track.dp->hostlist_auto)
|
||||||
@ -836,7 +836,6 @@ static bool proxy_mode_connect_remote(tproxy_conn_t *conn, struct tailhead *conn
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
if (!(conn->partner = new_conn(remote_fd, true)))
|
if (!(conn->partner = new_conn(remote_fd, true)))
|
||||||
{
|
{
|
||||||
close(remote_fd);
|
close(remote_fd);
|
||||||
|
Loading…
Reference in New Issue
Block a user