package executor import ( "fmt" "net" "os" "runtime" "strconv" "strings" "sync" "github.com/Dreamacro/clash/adapter" "github.com/Dreamacro/clash/adapter/outboundgroup" "github.com/Dreamacro/clash/component/auth" "github.com/Dreamacro/clash/component/dialer" "github.com/Dreamacro/clash/component/iface" "github.com/Dreamacro/clash/component/profile" "github.com/Dreamacro/clash/component/profile/cachefile" "github.com/Dreamacro/clash/component/resolver" S "github.com/Dreamacro/clash/component/script" "github.com/Dreamacro/clash/component/trie" "github.com/Dreamacro/clash/config" C "github.com/Dreamacro/clash/constant" "github.com/Dreamacro/clash/constant/provider" "github.com/Dreamacro/clash/dns" P "github.com/Dreamacro/clash/listener" authStore "github.com/Dreamacro/clash/listener/auth" "github.com/Dreamacro/clash/listener/tproxy" "github.com/Dreamacro/clash/listener/tun/dev" "github.com/Dreamacro/clash/log" "github.com/Dreamacro/clash/tunnel" ) var mux sync.Mutex func readConfig(path string) ([]byte, error) { if _, err := os.Stat(path); os.IsNotExist(err) { return nil, err } data, err := os.ReadFile(path) if err != nil { return nil, err } if len(data) == 0 { return nil, fmt.Errorf("configuration file %s is empty", path) } return data, err } // Parse config with default config path func Parse() (*config.Config, error) { return ParseWithPath(C.Path.Config()) } // ParseWithPath parse config with custom config path func ParseWithPath(path string) (*config.Config, error) { buf, err := readConfig(path) if err != nil { return nil, err } return ParseWithBytes(buf) } // ParseWithBytes config with buffer func ParseWithBytes(buf []byte) (*config.Config, error) { return config.Parse(buf) } // ApplyConfig dispatch configure to all parts func ApplyConfig(cfg *config.Config, force bool) { mux.Lock() defer mux.Unlock() updateUsers(cfg.Users) updateProxies(cfg.Proxies, cfg.Providers) updateRules(cfg.Rules) updateRuleProviders(cfg.RuleProviders) updateHosts(cfg.Hosts) updateProfile(cfg) updateIPTables(cfg.DNS, cfg.General) updateDNS(cfg.DNS, cfg.General) updateGeneral(cfg.General, force) updateExperimental(cfg) } func GetGeneral() *config.General { ports := P.GetPorts() authenticator := []string{} if auth := authStore.Authenticator(); auth != nil { authenticator = auth.Users() } general := &config.General{ Inbound: config.Inbound{ Port: ports.Port, SocksPort: ports.SocksPort, RedirPort: ports.RedirPort, TProxyPort: ports.TProxyPort, MixedPort: ports.MixedPort, Tun: P.Tun(), Authentication: authenticator, AllowLan: P.AllowLan(), BindAddress: P.BindAddress(), }, Mode: tunnel.Mode(), LogLevel: log.Level(), IPv6: !resolver.DisableIPv6, } return general } func updateExperimental(c *config.Config) {} func updateDNS(c *config.DNS, general *config.General) { if !c.Enable { resolver.DefaultResolver = nil resolver.DefaultHostMapper = nil dns.ReCreateServer("", nil, nil) return } cfg := dns.Config{ Main: c.NameServer, Fallback: c.Fallback, IPv6: c.IPv6, EnhancedMode: c.EnhancedMode, Pool: c.FakeIPRange, Hosts: c.Hosts, FallbackFilter: dns.FallbackFilter{ GeoIP: c.FallbackFilter.GeoIP, GeoIPCode: c.FallbackFilter.GeoIPCode, IPCIDR: c.FallbackFilter.IPCIDR, Domain: c.FallbackFilter.Domain, }, Default: c.DefaultNameserver, Policy: c.NameServerPolicy, } r := dns.NewResolver(cfg) m := dns.NewEnhancer(cfg) // reuse cache of old host mapper if old := resolver.DefaultHostMapper; old != nil { m.PatchFrom(old.(*dns.ResolverEnhancer)) } resolver.DefaultResolver = r resolver.DefaultHostMapper = m if general.Tun.Enable && !strings.EqualFold(general.Tun.Stack, "gvisor") { resolver.DefaultLocalServer = dns.NewLocalServer(r, m) } else { resolver.DefaultLocalServer = nil } if err := dns.ReCreateServer(c.Listen, r, m); err != nil { log.Errorln("Start DNS server error: %s", err.Error()) return } if c.Listen != "" { log.Infoln("DNS server listening at: %s", c.Listen) } } func updateHosts(tree *trie.DomainTrie) { resolver.DefaultHosts = tree } func updateProxies(proxies map[string]C.Proxy, providers map[string]provider.ProxyProvider) { tunnel.UpdateProxies(proxies, providers) } func updateRules(rules []C.Rule) { tunnel.UpdateRules(rules) } func updateRuleProviders(providers map[string]C.Rule) { S.UpdateRuleProviders(providers) } func updateGeneral(general *config.General, force bool) { tunnel.SetMode(general.Mode) resolver.DisableIPv6 = !general.IPv6 if (general.Tun.Enable || general.TProxyPort != 0) && general.Interface == "" { autoDetectInterfaceName, err := dev.GetAutoDetectInterface() if err == nil { if autoDetectInterfaceName != "" && autoDetectInterfaceName != "" { general.Interface = autoDetectInterfaceName } else { log.Debugln("Auto detect interface name is empty.") } } else { log.Debugln("Can not find auto detect interface. %s", err.Error()) } } if general.Interface != "" { dialer.DefaultOptions = []dialer.Option{dialer.WithInterface(general.Interface)} log.Infoln("Use interface name: %s", general.Interface) } else { dialer.DefaultOptions = nil } iface.FlushCache() if !force { log.SetLevel(general.LogLevel) return } allowLan := general.AllowLan P.SetAllowLan(allowLan) bindAddress := general.BindAddress P.SetBindAddress(bindAddress) tcpIn := tunnel.TCPIn() udpIn := tunnel.UDPIn() if err := P.ReCreateHTTP(general.Port, tcpIn); err != nil { log.Errorln("Start HTTP server error: %s", err.Error()) } if err := P.ReCreateSocks(general.SocksPort, tcpIn, udpIn); err != nil { log.Errorln("Start SOCKS server error: %s", err.Error()) } if err := P.ReCreateRedir(general.RedirPort, tcpIn, udpIn); err != nil { log.Errorln("Start Redir server error: %s", err.Error()) } if err := P.ReCreateTProxy(general.TProxyPort, tcpIn, udpIn); err != nil { log.Errorln("Start TProxy server error: %s", err.Error()) } if err := P.ReCreateMixed(general.MixedPort, tcpIn, udpIn); err != nil { log.Errorln("Start Mixed(http and socks) server error: %s", err.Error()) } if err := P.ReCreateTun(general.Tun, tcpIn, udpIn); err != nil { log.Errorln("Start Tun interface error: %s", err.Error()) S.Py_Finalize() os.Exit(2) } log.SetLevel(general.LogLevel) } func updateUsers(users []auth.AuthUser) { authenticator := auth.NewAuthenticator(users) authStore.SetAuthenticator(authenticator) if authenticator != nil { log.Infoln("Authentication of local server updated") } } func updateProfile(cfg *config.Config) { profileCfg := cfg.Profile profile.StoreSelected.Store(profileCfg.StoreSelected) if profileCfg.StoreSelected { patchSelectGroup(cfg.Proxies) } } func patchSelectGroup(proxies map[string]C.Proxy) { mapping := cachefile.Cache().SelectedMap() if mapping == nil { return } for name, proxy := range proxies { outbound, ok := proxy.(*adapter.Proxy) if !ok { continue } selector, ok := outbound.ProxyAdapter.(*outboundgroup.Selector) if !ok { continue } selected, exist := mapping[name] if !exist { continue } selector.Set(selected) } } func updateIPTables(dns *config.DNS, general *config.General) { if runtime.GOOS != "linux" || dns.Listen == "" || general.TProxyPort == 0 || general.Tun.Enable { return } _, dnsPortStr, err := net.SplitHostPort(dns.Listen) if dnsPortStr == "0" || dnsPortStr == "" || err != nil { return } dnsPort, err := strconv.Atoi(dnsPortStr) if err != nil { return } tproxy.CleanUpTProxyLinuxIPTables() err = tproxy.SetTProxyLinuxIPTables(general.Interface, general.TProxyPort, dnsPort) if err != nil { log.Errorln("Can not setting iptables for TProxy on linux, %s", err.Error()) os.Exit(2) } } func CleanUp() { P.CleanUp() if runtime.GOOS == "linux" { tproxy.CleanUpTProxyLinuxIPTables() } S.Py_Finalize() }