package router
import (
"context"
"regexp"
"strings"
"sync"
"time"
"v2ray.com/core/common/net"
"v2ray.com/core/common/protocol"
"v2ray.com/core/proxy"
)
type Condition interface {
Apply(ctx context.Context) bool
}
type ConditionChan []Condition
func NewConditionChan() *ConditionChan {
var condChan ConditionChan = make([]Condition, 0, 8)
return &condChan
}
func (v *ConditionChan) Add(cond Condition) *ConditionChan {
*v = append(*v, cond)
return v
}
func (v *ConditionChan) Apply(ctx context.Context) bool {
for _, cond := range *v {
if !cond.Apply(ctx) {
return false
}
}
return true
}
func (v *ConditionChan) Len() int {
return len(*v)
}
type AnyCondition []Condition
func NewAnyCondition() *AnyCondition {
var anyCond AnyCondition = make([]Condition, 0, 8)
return &anyCond
}
func (v *AnyCondition) Add(cond Condition) *AnyCondition {
*v = append(*v, cond)
return v
}
func (v *AnyCondition) Apply(ctx context.Context) bool {
for _, cond := range *v {
if cond.Apply(ctx) {
return true
}
}
return false
}
func (v *AnyCondition) Len() int {
return len(*v)
}
type timedResult struct {
timestamp time.Time
result bool
}
type CachableDomainMatcher struct {
sync.Mutex
matchers []domainMatcher
cache map[string]timedResult
lastScan time.Time
}
func NewCachableDomainMatcher() *CachableDomainMatcher {
return &CachableDomainMatcher{
matchers: make([]domainMatcher, 0, 64),
cache: make(map[string]timedResult, 512),
}
}
func (m *CachableDomainMatcher) Add(domain *Domain) error {
switch domain.Type {
case Domain_Plain:
m.matchers = append(m.matchers, NewPlainDomainMatcher(domain.Value))
case Domain_Regex:
rm, err := NewRegexpDomainMatcher(domain.Value)
if err != nil {
return err
}
m.matchers = append(m.matchers, rm)
case Domain_Domain:
m.matchers = append(m.matchers, NewSubDomainMatcher(domain.Value))
default:
return newError("unknown domain type: ", domain.Type).AtError()
}
return nil
}
func (m *CachableDomainMatcher) applyInternal(domain string) bool {
for _, matcher := range m.matchers {
if matcher.Apply(domain) {
return true
}
}
return false
}
type cacheResult int
const (
cacheMiss cacheResult = iota
cacheHitTrue
cacheHitFalse
)
func (m *CachableDomainMatcher) findInCache(domain string) cacheResult {
m.Lock()
defer m.Unlock()
r, f := m.cache[domain]
if !f {
return cacheMiss
}
r.timestamp = time.Now()
m.cache[domain] = r
if r.result {
return cacheHitTrue
}
return cacheHitFalse
}
func (m *CachableDomainMatcher) ApplyDomain(domain string) bool {
if len(m.matchers) < 64 {
return m.applyInternal(domain)
}
cr := m.findInCache(domain)
if cr == cacheHitTrue {
return true
}
if cr == cacheHitFalse {
return false
}
r := m.applyInternal(domain)
m.Lock()
defer m.Unlock()
m.cache[domain] = timedResult{
result: r,
timestamp: time.Now(),
}
now := time.Now()
if len(m.cache) > 256 && now.Sub(m.lastScan)/time.Second > 5 {
remove := make([]string, 0, 128)
now := time.Now()
for k, v := range m.cache {
if now.Sub(v.timestamp)/time.Second > 60 {
remove = append(remove, k)
}
}
for _, v := range remove {
delete(m.cache, v)
}
m.lastScan = now
}
return r
}
func (m *CachableDomainMatcher) Apply(ctx context.Context) bool {
dest, ok := proxy.TargetFromContext(ctx)
if !ok {
return false
}
if !dest.Address.Family().IsDomain() {
return false
}
return m.ApplyDomain(dest.Address.Domain())
}
type domainMatcher interface {
Apply(domain string) bool
}
type PlainDomainMatcher string
func NewPlainDomainMatcher(pattern string) PlainDomainMatcher {
return PlainDomainMatcher(pattern)
}
func (v PlainDomainMatcher) Apply(domain string) bool {
return strings.Contains(domain, string(v))
}
type RegexpDomainMatcher struct {
pattern *regexp.Regexp
}
func NewRegexpDomainMatcher(pattern string) (*RegexpDomainMatcher, error) {
r, err := regexp.Compile(pattern)
if err != nil {
return nil, err
}
return &RegexpDomainMatcher{
pattern: r,
}, nil
}
func (v *RegexpDomainMatcher) Apply(domain string) bool {
return v.pattern.MatchString(strings.ToLower(domain))
}
type SubDomainMatcher string
func NewSubDomainMatcher(p string) SubDomainMatcher {
return SubDomainMatcher(p)
}
func (m SubDomainMatcher) Apply(domain string) bool {
pattern := string(m)
if !strings.HasSuffix(domain, pattern) {
return false
}
return len(domain) == len(pattern) || domain[len(domain)-len(pattern)-1] == '.'
}
type CIDRMatcher struct {
cidr *net.IPNet
onSource bool
}
func NewCIDRMatcher(ip []byte, mask uint32, onSource bool) (*CIDRMatcher, error) {
cidr := &net.IPNet{
IP: net.IP(ip),
Mask: net.CIDRMask(int(mask), len(ip)*8),
}
return &CIDRMatcher{
cidr: cidr,
onSource: onSource,
}, nil
}
func (v *CIDRMatcher) Apply(ctx context.Context) bool {
ips := make([]net.IP, 0, 4)
if resolver, ok := proxy.ResolvedIPsFromContext(ctx); ok {
resolvedIPs := resolver.Resolve()
for _, rip := range resolvedIPs {
if !rip.Family().IsIPv6() {
continue
}
ips = append(ips, rip.IP())
}
}
var dest net.Destination
var ok bool
if v.onSource {
dest, ok = proxy.SourceFromContext(ctx)
} else {
dest, ok = proxy.TargetFromContext(ctx)
}
if ok && dest.Address.Family().IsIPv6() {
ips = append(ips, dest.Address.IP())
}
for _, ip := range ips {
if v.cidr.Contains(ip) {
return true
}
}
return false
}
type IPv4Matcher struct {
ipv4net *net.IPNetTable
onSource bool
}
func NewIPv4Matcher(ipnet *net.IPNetTable, onSource bool) *IPv4Matcher {
return &IPv4Matcher{
ipv4net: ipnet,
onSource: onSource,
}
}
func (v *IPv4Matcher) Apply(ctx context.Context) bool {
ips := make([]net.IP, 0, 4)
if resolver, ok := proxy.ResolvedIPsFromContext(ctx); ok {
resolvedIPs := resolver.Resolve()
for _, rip := range resolvedIPs {
if !rip.Family().IsIPv4() {
continue
}
ips = append(ips, rip.IP())
}
}
var dest net.Destination
var ok bool
if v.onSource {
dest, ok = proxy.SourceFromContext(ctx)
} else {
dest, ok = proxy.TargetFromContext(ctx)
}
if ok && dest.Address.Family().IsIPv4() {
ips = append(ips, dest.Address.IP())
}
for _, ip := range ips {
if v.ipv4net.Contains(ip) {
return true
}
}
return false
}
type PortMatcher struct {
port net.PortRange
}
func NewPortMatcher(portRange net.PortRange) *PortMatcher {
return &PortMatcher{
port: portRange,
}
}
func (v *PortMatcher) Apply(ctx context.Context) bool {
dest, ok := proxy.TargetFromContext(ctx)
if !ok {
return false
}
return v.port.Contains(dest.Port)
}
type NetworkMatcher struct {
network *net.NetworkList
}
func NewNetworkMatcher(network *net.NetworkList) *NetworkMatcher {
return &NetworkMatcher{
network: network,
}
}
func (v *NetworkMatcher) Apply(ctx context.Context) bool {
dest, ok := proxy.TargetFromContext(ctx)
if !ok {
return false
}
return v.network.HasNetwork(dest.Network)
}
type UserMatcher struct {
user []string
}
func NewUserMatcher(users []string) *UserMatcher {
usersCopy := make([]string, 0, len(users))
for _, user := range users {
if len(user) > 0 {
usersCopy = append(usersCopy, user)
}
}
return &UserMatcher{
user: usersCopy,
}
}
func (v *UserMatcher) Apply(ctx context.Context) bool {
user := protocol.UserFromContext(ctx)
if user == nil {
return false
}
for _, u := range v.user {
if u == user.Email {
return true
}
}
return false
}
type InboundTagMatcher struct {
tags []string
}
func NewInboundTagMatcher(tags []string) *InboundTagMatcher {
tagsCopy := make([]string, 0, len(tags))
for _, tag := range tags {
if len(tag) > 0 {
tagsCopy = append(tagsCopy, tag)
}
}
return &InboundTagMatcher{
tags: tagsCopy,
}
}
func (v *InboundTagMatcher) Apply(ctx context.Context) bool {
tag, ok := proxy.InboundTagFromContext(ctx)
if !ok {
return false
}
for _, t := range v.tags {
if t == tag {
return true
}
}
return false
}