From 7fd5902e6bce535deedd693137b7fe4c90edd380 Mon Sep 17 00:00:00 2001 From: wwqgtxx Date: Wed, 20 Mar 2024 11:30:39 +0800 Subject: [PATCH] chore: wireguard outbound only can set `ip` and `ipv6` outside `peers` https://github.com/MetaCubeX/mihomo/issues/522 --- adapter/outbound/wireguard.go | 23 +++++++---------------- docs/config.yaml | 4 +--- 2 files changed, 8 insertions(+), 19 deletions(-) diff --git a/adapter/outbound/wireguard.go b/adapter/outbound/wireguard.go index 7c021c87a..798038423 100644 --- a/adapter/outbound/wireguard.go +++ b/adapter/outbound/wireguard.go @@ -47,6 +47,8 @@ type WireGuardOption struct { BasicOption WireGuardPeerOption Name string `proxy:"name"` + Ip string `proxy:"ip,omitempty"` + Ipv6 string `proxy:"ipv6,omitempty"` PrivateKey string `proxy:"private-key"` Workers int `proxy:"workers,omitempty"` MTU int `proxy:"mtu,omitempty"` @@ -62,8 +64,6 @@ type WireGuardOption struct { type WireGuardPeerOption struct { Server string `proxy:"server"` Port int `proxy:"port"` - Ip string `proxy:"ip,omitempty"` - Ipv6 string `proxy:"ipv6,omitempty"` PublicKey string `proxy:"public-key,omitempty"` PreSharedKey string `proxy:"pre-shared-key,omitempty"` Reserved []uint8 `proxy:"reserved,omitempty"` @@ -98,7 +98,7 @@ func (option WireGuardPeerOption) Addr() M.Socksaddr { return M.ParseSocksaddrHostPort(option.Server, uint16(option.Port)) } -func (option WireGuardPeerOption) Prefixes() ([]netip.Prefix, error) { +func (option WireGuardOption) Prefixes() ([]netip.Prefix, error) { localPrefixes := make([]netip.Prefix, 0, 2) if len(option.Ip) > 0 { if !strings.Contains(option.Ip, "/") { @@ -160,7 +160,10 @@ func NewWireGuard(option WireGuardOption) (*WireGuard, error) { } outbound.bind = wireguard.NewClientBind(context.Background(), wgSingErrorHandler{outbound.Name()}, outbound.dialer, isConnect, connectAddr, reserved) - var localPrefixes []netip.Prefix + localPrefixes, err := option.Prefixes() + if err != nil { + return nil, err + } var privateKey string { @@ -172,7 +175,6 @@ func NewWireGuard(option WireGuardOption) (*WireGuard, error) { } ipcConf := "private_key=" + privateKey if peersLen := len(option.Peers); peersLen > 0 { - localPrefixes = make([]netip.Prefix, 0, peersLen*2) for i, peer := range option.Peers { var peerPublicKey, preSharedKey string { @@ -208,11 +210,6 @@ func NewWireGuard(option WireGuardOption) (*WireGuard, error) { copy(reserved[:], option.Reserved) outbound.bind.SetReservedForEndpoint(destination, reserved) } - prefixes, err := peer.Prefixes() - if err != nil { - return nil, err - } - localPrefixes = append(localPrefixes, prefixes...) } } else { var peerPublicKey, preSharedKey string @@ -235,11 +232,6 @@ func NewWireGuard(option WireGuardOption) (*WireGuard, error) { if preSharedKey != "" { ipcConf += "\npreshared_key=" + preSharedKey } - var err error - localPrefixes, err = option.Prefixes() - if err != nil { - return nil, err - } var has4, has6 bool for _, address := range localPrefixes { if address.Addr().Is4() { @@ -266,7 +258,6 @@ func NewWireGuard(option WireGuardOption) (*WireGuard, error) { if len(localPrefixes) == 0 { return nil, E.New("missing local address") } - var err error outbound.tunDevice, err = wireguard.NewStackDevice(localPrefixes, uint32(mtu)) if err != nil { return nil, E.Cause(err, "create WireGuard device") diff --git a/docs/config.yaml b/docs/config.yaml index d912eb655..4d0e995e5 100644 --- a/docs/config.yaml +++ b/docs/config.yaml @@ -708,12 +708,10 @@ proxies: # socks5 # dialer-proxy: "ss1" # remote-dns-resolve: true # 强制dns远程解析,默认值为false # dns: [ 1.1.1.1, 8.8.8.8 ] # 仅在remote-dns-resolve为true时生效 - # 如果peers不为空,该段落中的allowed-ips不可为空;前面段落的server,port,ip,ipv6,public-key,pre-shared-key均会被忽略,但private-key会被保留且只能在顶层指定 + # 如果peers不为空,该段落中的allowed-ips不可为空;前面段落的server,port,public-key,pre-shared-key均会被忽略,但private-key会被保留且只能在顶层指定 # peers: # - server: 162.159.192.1 # port: 2480 - # ip: 172.16.0.2 - # ipv6: fd01:5ca1:ab1e:80fa:ab85:6eea:213f:f4a5 # public-key: Cr8hWlKvtDt7nrvf+f0brNQQzabAqrjfBvas9pmowjo= # # pre-shared-key: 31aIhAPwktDGpH4JDhA8GNvjFXEf/a6+UaQRyOAiyfM= # allowed-ips: ['0.0.0.0/0']