-
Notifications
You must be signed in to change notification settings - Fork 8.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
增加 Fake IP / Fake DNS 功能 #2237
增加 Fake IP / Fake DNS 功能 #2237
Conversation
A new item "useFake" in DnsObject for controlling fake IP function. After the fake IP function enabled, the local DNS server of v2ray will response with a unique fake IP for every unique domain name. Once v2ray received a request to one of the fake IP, it will replace the domain name of its destination with the previously saved one.
Move the rules parser to the V2Ray. Considering we parse the rules in the strmatcher package, programers only need to care about the rules themselves now. In the previous version, we prase the configure file in the V2Ctl and only send the base rules to the V2Ray. It works, but is hard to add complex rules and to reuse code.
Add a class implementing strmatcher.Matcher, which is used to check whether a domain is in the fake IP list or not. Using rules from dns.useFake, which is an array, to generate domain matching rules.
Testing is necessary!
Move useFake to fake.fakeRules, and add fake.fakeNet. Fake IP will be generated in the fakeNet domain.
dc948c8
to
5e06a29
Compare
We don't need StaticHosts anymore.
To be compatible with a old version of V2Ctl, StaticHosts are still processed on the V2Ray.
Update the matching rules handler of the DNS server. Revert the name dns.Config_HostMapping.Pattern back to Domain for compatibility. Add a new matching type DomainMatchingType_New for compatibility.
Seperating means sharing. Also remove redundant code in DNS host.
WOW, what a mess. Add a argument for compressPattern method to specify the default matching method. Add external rules data to router's protobuf structure.
Merge ParsePattern method of MatcherGroup and OrMatcher. Remove Type.New method, it's not needed anymore. Change OrMatcher.New() to NewOrMatcher() for convenience.
It should not query for domain if the income is already domain.
Add LookupRealIP methods in the features.dns interface, so that others can always get the real IP no matter the fake IP is enabled or not.
Add LookupRealIP support for test cases.
Now, there are three regeneration methods when fake IP pool runs out: None: Stop generating fake IP. Oldest: Reuse the earliest generated IP. LRU: Reuse the least recently used IP.
Save generated fake IP to file to keep fake IP mapping from losing.
type lruMapper struct { | ||
domainMapper map[string]*addressNode | ||
addressMapper map[uint32]*domainNode | ||
lru *list.List | ||
next uint32 | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
domainMapper和addressMapper有线程安全问题,会发生并发读写错误,建议加锁。
if c.Fake != nil { | ||
config.Fake = new(dns.Config_Fake) | ||
if c.Fake.FakeNet == "" { | ||
config.Fake.FakeNet = "224.0.0.0/22" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
建议避免使用D类广播地址。
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
198.18.0.0/15 如何,C类地址,被保留作网络组件测试。
Please move to https://github.com/v2fly/v2ray-core/pulls |
麻烦及时提交到 https://github.com/v2fly/v2ray-core/pulls (如果无回应,我们有可能会使用您的 commits) |
It has been open 120 days with no activity. Remove stale label or comment or this will be closed in 5 days |
Fake IP / Fake DNS 的详情见 issue #2233
语法
其中,
fakeRules
指明了需要启用 Fake IP 功能的域名。fakeNet
指明了返回的 Fake IP 所在的生成域。regeneration
指明了生成域用尽时 Fake IP 的生成方式,共三种,分别为:lru
: 默认值,替换最近最少使用的 IP。oldest
: 替换最早被生成的 IP。none
: 在 IP 用尽后停止使用 Fake IP 功能。path
指明了 Fake IP 映射储存的文件位置,不指定则不储存 Fake IP 映射,将导致重启 V2Ray 之后丢失 Fake IP 于域名的映射数据。关于对规则匹配系统的重构的 commit 6c7d324
原因
为了对规则指定的域名启用 Fake IP 功能,需要用到规则匹配系统。V2Ray 现有两处可以使用匹配规则:DnsObject 和 RoutingObject 。
在原先的代码中, DnsObject 的规则匹配采用了映射 RoutingObject 的匹配规则的方式。这对于 Fake IP 的规则匹配功能开发极不友好,需要添加重复代码堆在 RoutingObject 上,因此我才重构了规则系统。
特性
后续工作
commit 66b42ab 开始对匹配规则重构的后续工作。
目前只有 Fake IP,重构后的 DnsObject 使用这种规则匹配方式。commit 5501729 完成了对所有规则匹配代码的重构。
之后可以便捷地添加新的匹配规则 / 为其他地方启用匹配规则功能。