2023-07-27 21:13:11 -04:00
|
|
|
package sing
|
|
|
|
|
|
|
|
|
|
import (
|
2023-08-04 11:25:27 -04:00
|
|
|
"context"
|
2025-01-10 02:33:05 -05:00
|
|
|
"fmt"
|
2023-07-27 21:13:11 -04:00
|
|
|
"net"
|
2023-07-29 06:47:47 -04:00
|
|
|
"sync"
|
|
|
|
|
|
2024-03-13 09:15:04 -04:00
|
|
|
"github.com/InazumaV/V2bX/common/format"
|
2023-07-29 07:27:15 -04:00
|
|
|
"github.com/InazumaV/V2bX/common/rate"
|
2023-07-29 06:47:47 -04:00
|
|
|
|
2023-07-29 07:27:15 -04:00
|
|
|
"github.com/InazumaV/V2bX/limiter"
|
2023-07-27 21:13:11 -04:00
|
|
|
|
2023-07-29 07:27:15 -04:00
|
|
|
"github.com/InazumaV/V2bX/common/counter"
|
2023-10-26 01:06:43 -04:00
|
|
|
"github.com/sagernet/sing-box/adapter"
|
|
|
|
|
"github.com/sagernet/sing-box/log"
|
2023-07-27 21:13:11 -04:00
|
|
|
N "github.com/sagernet/sing/common/network"
|
|
|
|
|
)
|
|
|
|
|
|
2024-12-12 16:22:44 -05:00
|
|
|
var _ adapter.ConnectionTracker = (*HookServer)(nil)
|
2024-07-14 11:33:54 -04:00
|
|
|
|
2023-07-27 21:13:11 -04:00
|
|
|
type HookServer struct {
|
2025-01-10 02:33:05 -05:00
|
|
|
counter sync.Map
|
2023-07-27 21:13:11 -04:00
|
|
|
}
|
|
|
|
|
|
2023-09-13 14:25:33 -04:00
|
|
|
func (h *HookServer) ModeList() []string {
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2025-01-10 02:33:05 -05:00
|
|
|
func NewHookServer() *HookServer {
|
2024-07-14 11:33:54 -04:00
|
|
|
server := &HookServer{
|
2025-01-10 02:33:05 -05:00
|
|
|
counter: sync.Map{},
|
2023-07-27 21:13:11 -04:00
|
|
|
}
|
2024-07-14 11:33:54 -04:00
|
|
|
return server
|
2023-07-27 21:13:11 -04:00
|
|
|
}
|
|
|
|
|
|
2024-12-12 16:22:44 -05:00
|
|
|
func (h *HookServer) RoutedConnection(_ context.Context, conn net.Conn, m adapter.InboundContext, _ adapter.Rule, _ adapter.Outbound) net.Conn {
|
2023-08-04 11:25:27 -04:00
|
|
|
l, err := limiter.GetLimiter(m.Inbound)
|
2023-07-29 06:47:47 -04:00
|
|
|
if err != nil {
|
2023-10-26 01:06:43 -04:00
|
|
|
log.Warn("get limiter for ", m.Inbound, " error: ", err)
|
2024-12-12 16:22:44 -05:00
|
|
|
return conn
|
2023-08-04 11:25:27 -04:00
|
|
|
}
|
|
|
|
|
ip := m.Source.Addr.String()
|
2024-07-24 06:50:55 -04:00
|
|
|
if b, r := l.CheckLimit(format.UserTag(m.Inbound, m.User), ip, true, true); r {
|
2023-08-04 11:25:27 -04:00
|
|
|
conn.Close()
|
2023-10-26 01:06:43 -04:00
|
|
|
log.Error("[", m.Inbound, "] ", "Limited ", m.User, " by ip or conn")
|
2024-12-12 16:22:44 -05:00
|
|
|
return conn
|
2023-07-29 06:47:47 -04:00
|
|
|
} else if b != nil {
|
|
|
|
|
conn = rate.NewConnRateLimiter(conn, b)
|
|
|
|
|
}
|
2025-01-10 02:33:05 -05:00
|
|
|
if l != nil {
|
|
|
|
|
destStr := m.Destination.AddrString()
|
|
|
|
|
protocol := m.Destination.Network()
|
|
|
|
|
if l.CheckDomainRule(destStr) {
|
|
|
|
|
log.Error(fmt.Sprintf(
|
|
|
|
|
"User %s access domain %s reject by rule",
|
|
|
|
|
m.User,
|
|
|
|
|
destStr))
|
|
|
|
|
conn.Close()
|
|
|
|
|
return conn
|
2023-10-13 03:32:06 -04:00
|
|
|
}
|
2025-01-10 02:33:05 -05:00
|
|
|
if len(protocol) != 0 {
|
|
|
|
|
if l.CheckProtocolRule(protocol) {
|
|
|
|
|
log.Error(fmt.Sprintf(
|
|
|
|
|
"User %s access protocol %s reject by rule",
|
|
|
|
|
m.User,
|
|
|
|
|
protocol))
|
|
|
|
|
conn.Close()
|
|
|
|
|
return conn
|
|
|
|
|
}
|
2023-10-13 03:32:06 -04:00
|
|
|
}
|
2023-08-04 11:25:27 -04:00
|
|
|
}
|
|
|
|
|
if c, ok := h.counter.Load(m.Inbound); ok {
|
2024-12-12 16:22:44 -05:00
|
|
|
return counter.NewConnCounter(conn, c.(*counter.TrafficCounter).GetCounter(m.User))
|
2023-07-29 06:47:47 -04:00
|
|
|
} else {
|
|
|
|
|
c := counter.NewTrafficCounter()
|
2023-08-04 11:25:27 -04:00
|
|
|
h.counter.Store(m.Inbound, c)
|
2024-12-12 16:22:44 -05:00
|
|
|
return counter.NewConnCounter(conn, c.GetCounter(m.User))
|
2023-07-27 21:13:11 -04:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2024-12-12 16:22:44 -05:00
|
|
|
func (h *HookServer) RoutedPacketConnection(_ context.Context, conn N.PacketConn, m adapter.InboundContext, _ adapter.Rule, _ adapter.Outbound) N.PacketConn {
|
2023-08-04 11:25:27 -04:00
|
|
|
l, err := limiter.GetLimiter(m.Inbound)
|
|
|
|
|
if err != nil {
|
2023-10-26 01:06:43 -04:00
|
|
|
log.Warn("get limiter for ", m.Inbound, " error: ", err)
|
2024-12-12 16:22:44 -05:00
|
|
|
return conn
|
2023-08-04 11:25:27 -04:00
|
|
|
}
|
|
|
|
|
ip := m.Source.Addr.String()
|
2024-07-29 12:28:39 -04:00
|
|
|
if b, r := l.CheckLimit(format.UserTag(m.Inbound, m.User), ip, false, false); r {
|
2023-08-04 11:25:27 -04:00
|
|
|
conn.Close()
|
2023-10-26 01:06:43 -04:00
|
|
|
log.Error("[", m.Inbound, "] ", "Limited ", m.User, " by ip or conn")
|
2024-12-12 16:22:44 -05:00
|
|
|
return conn
|
2023-08-04 11:25:27 -04:00
|
|
|
} else if b != nil {
|
2024-08-13 12:35:30 -04:00
|
|
|
//conn = rate.NewPacketConnCounter(conn, b)
|
2023-08-04 11:25:27 -04:00
|
|
|
}
|
2025-01-10 02:33:05 -05:00
|
|
|
if l != nil {
|
|
|
|
|
destStr := m.Destination.AddrString()
|
|
|
|
|
protocol := m.Destination.Network()
|
|
|
|
|
if l.CheckDomainRule(destStr) {
|
|
|
|
|
log.Error(fmt.Sprintf(
|
|
|
|
|
"User %s access domain %s reject by rule",
|
|
|
|
|
m.User,
|
|
|
|
|
destStr))
|
|
|
|
|
conn.Close()
|
|
|
|
|
return conn
|
2023-10-13 03:32:06 -04:00
|
|
|
}
|
2025-01-10 02:33:05 -05:00
|
|
|
if len(protocol) != 0 {
|
|
|
|
|
if l.CheckProtocolRule(protocol) {
|
|
|
|
|
log.Error(fmt.Sprintf(
|
|
|
|
|
"User %s access protocol %s reject by rule",
|
|
|
|
|
m.User,
|
|
|
|
|
protocol))
|
|
|
|
|
conn.Close()
|
|
|
|
|
return conn
|
|
|
|
|
}
|
2023-10-13 03:32:06 -04:00
|
|
|
}
|
|
|
|
|
}
|
2023-08-04 11:25:27 -04:00
|
|
|
if c, ok := h.counter.Load(m.Inbound); ok {
|
2024-12-12 16:22:44 -05:00
|
|
|
return counter.NewPacketConnCounter(conn, c.(*counter.TrafficCounter).GetCounter(m.User))
|
2023-07-29 06:47:47 -04:00
|
|
|
} else {
|
|
|
|
|
c := counter.NewTrafficCounter()
|
2023-08-04 11:25:27 -04:00
|
|
|
h.counter.Store(m.Inbound, c)
|
2024-12-12 16:22:44 -05:00
|
|
|
return counter.NewPacketConnCounter(conn, c.GetCounter(m.User))
|
2023-07-27 21:13:11 -04:00
|
|
|
}
|
|
|
|
|
}
|
