chore: wireguard outbound only can set ip and ipv6 outside peers

#522

adapter/outbound/wireguard.go

@@ -47,6 +47,8 @@ type WireGuardOption struct {
 	BasicOption
 	WireGuardPeerOption
 	Name                string `proxy:"name"`
+	Ip                  string `proxy:"ip,omitempty"`
+	Ipv6                string `proxy:"ipv6,omitempty"`
 	PrivateKey          string `proxy:"private-key"`
 	Workers             int    `proxy:"workers,omitempty"`
 	MTU                 int    `proxy:"mtu,omitempty"`
@@ -62,8 +64,6 @@ type WireGuardOption struct {
 type WireGuardPeerOption struct {
 	Server       string   `proxy:"server"`
 	Port         int      `proxy:"port"`
-	Ip           string   `proxy:"ip,omitempty"`
-	Ipv6         string   `proxy:"ipv6,omitempty"`
 	PublicKey    string   `proxy:"public-key,omitempty"`
 	PreSharedKey string   `proxy:"pre-shared-key,omitempty"`
 	Reserved     []uint8  `proxy:"reserved,omitempty"`
@@ -98,7 +98,7 @@ func (option WireGuardPeerOption) Addr() M.Socksaddr {
 	return M.ParseSocksaddrHostPort(option.Server, uint16(option.Port))
 }
 
-func (option WireGuardPeerOption) Prefixes() ([]netip.Prefix, error) {
+func (option WireGuardOption) Prefixes() ([]netip.Prefix, error) {
 	localPrefixes := make([]netip.Prefix, 0, 2)
 	if len(option.Ip) > 0 {
 		if !strings.Contains(option.Ip, "/") {
@@ -160,7 +160,10 @@ func NewWireGuard(option WireGuardOption) (*WireGuard, error) {
 	}
 	outbound.bind = wireguard.NewClientBind(context.Background(), wgSingErrorHandler{outbound.Name()}, outbound.dialer, isConnect, connectAddr, reserved)
 
-	var localPrefixes []netip.Prefix
+	localPrefixes, err := option.Prefixes()
+	if err != nil {
+		return nil, err
+	}
 
 	var privateKey string
 	{
@@ -172,7 +175,6 @@ func NewWireGuard(option WireGuardOption) (*WireGuard, error) {
 	}
 	ipcConf := "private_key=" + privateKey
 	if peersLen := len(option.Peers); peersLen > 0 {
-		localPrefixes = make([]netip.Prefix, 0, peersLen*2)
 		for i, peer := range option.Peers {
 			var peerPublicKey, preSharedKey string
 			{
@@ -208,11 +210,6 @@ func NewWireGuard(option WireGuardOption) (*WireGuard, error) {
 				copy(reserved[:], option.Reserved)
 				outbound.bind.SetReservedForEndpoint(destination, reserved)
 			}
-			prefixes, err := peer.Prefixes()
-			if err != nil {
-				return nil, err
-			}
-			localPrefixes = append(localPrefixes, prefixes...)
 		}
 	} else {
 		var peerPublicKey, preSharedKey string
@@ -235,11 +232,6 @@ func NewWireGuard(option WireGuardOption) (*WireGuard, error) {
 		if preSharedKey != "" {
 			ipcConf += "\npreshared_key=" + preSharedKey
 		}
-		var err error
-		localPrefixes, err = option.Prefixes()
-		if err != nil {
-			return nil, err
-		}
 		var has4, has6 bool
 		for _, address := range localPrefixes {
 			if address.Addr().Is4() {
@@ -266,7 +258,6 @@ func NewWireGuard(option WireGuardOption) (*WireGuard, error) {
 	if len(localPrefixes) == 0 {
 		return nil, E.New("missing local address")
 	}
-	var err error
 	outbound.tunDevice, err = wireguard.NewStackDevice(localPrefixes, uint32(mtu))
 	if err != nil {
 		return nil, E.Cause(err, "create WireGuard device")

docs/config.yaml

@@ -708,12 +708,10 @@ proxies: # socks5
     # dialer-proxy: "ss1"
     # remote-dns-resolve: true # 强制dns远程解析，默认值为false
     # dns: [ 1.1.1.1, 8.8.8.8 ] # 仅在remote-dns-resolve为true时生效
-    # 如果peers不为空，该段落中的allowed-ips不可为空；前面段落的server,port,ip,ipv6,public-key,pre-shared-key均会被忽略，但private-key会被保留且只能在顶层指定
+    # 如果peers不为空，该段落中的allowed-ips不可为空；前面段落的server,port,public-key,pre-shared-key均会被忽略，但private-key会被保留且只能在顶层指定
     # peers:
     #   - server: 162.159.192.1
     #     port: 2480
-    #     ip: 172.16.0.2
-    #     ipv6: fd01:5ca1:ab1e:80fa:ab85:6eea:213f:f4a5
     #     public-key: Cr8hWlKvtDt7nrvf+f0brNQQzabAqrjfBvas9pmowjo=
     #     # pre-shared-key: 31aIhAPwktDGpH4JDhA8GNvjFXEf/a6+UaQRyOAiyfM=
     #     allowed-ips: ['0.0.0.0/0']