mirror of
https://gitclone.com/github.com/MetaCubeX/Clash.Meta
synced 2024-11-15 13:41:23 +08:00
48a01adb7a
force-domain add '+' equivalent to force is true sniffer: enable: true force-domain: - "google.com" skip-sni: - www.baidu.com sniffing: - tls
132 lines
3.1 KiB
Go
132 lines
3.1 KiB
Go
package sniffer
|
|
|
|
import (
|
|
"errors"
|
|
"github.com/Dreamacro/clash/component/trie"
|
|
"net"
|
|
|
|
CN "github.com/Dreamacro/clash/common/net"
|
|
"github.com/Dreamacro/clash/component/resolver"
|
|
C "github.com/Dreamacro/clash/constant"
|
|
"github.com/Dreamacro/clash/log"
|
|
)
|
|
|
|
var (
|
|
ErrorUnsupportedSniffer = errors.New("unsupported sniffer")
|
|
ErrorSniffFailed = errors.New("all sniffer failed")
|
|
)
|
|
|
|
var Dispatcher SnifferDispatcher
|
|
|
|
type SnifferDispatcher struct {
|
|
enable bool
|
|
|
|
sniffers []C.Sniffer
|
|
|
|
foreDomain *trie.DomainTrie[bool]
|
|
skipSNI *trie.DomainTrie[bool]
|
|
}
|
|
|
|
func (sd *SnifferDispatcher) TCPSniff(conn net.Conn, metadata *C.Metadata) {
|
|
bufConn, ok := conn.(*CN.BufferedConn)
|
|
if !ok {
|
|
return
|
|
}
|
|
|
|
if metadata.Host == "" || sd.foreDomain.Search(metadata.Host) != nil {
|
|
if host, err := sd.sniffDomain(bufConn, metadata); err != nil {
|
|
log.Debugln("[Sniffer] All sniffing sniff failed with from [%s:%s] to [%s:%s]", metadata.SrcIP, metadata.SrcPort, metadata.String(), metadata.DstPort)
|
|
return
|
|
} else {
|
|
if sd.skipSNI.Search(host) != nil {
|
|
log.Debugln("[Sniffer] Skip sni[%s]", host)
|
|
return
|
|
}
|
|
|
|
sd.replaceDomain(metadata, host)
|
|
}
|
|
}
|
|
}
|
|
|
|
func (sd *SnifferDispatcher) replaceDomain(metadata *C.Metadata, host string) {
|
|
log.Debugln("[Sniffer] Sniff TCP [%s:%s]-->[%s:%s] success, replace domain [%s]-->[%s]",
|
|
metadata.SrcIP, metadata.SrcPort,
|
|
metadata.DstIP, metadata.DstPort,
|
|
metadata.Host, host)
|
|
|
|
metadata.AddrType = C.AtypDomainName
|
|
metadata.Host = host
|
|
metadata.DNSMode = C.DNSMapping
|
|
resolver.InsertHostByIP(metadata.DstIP, host)
|
|
metadata.DstIP = nil
|
|
}
|
|
|
|
func (sd *SnifferDispatcher) Enable() bool {
|
|
return sd.enable
|
|
}
|
|
|
|
func (sd *SnifferDispatcher) sniffDomain(conn *CN.BufferedConn, metadata *C.Metadata) (string, error) {
|
|
for _, sniffer := range sd.sniffers {
|
|
if sniffer.SupportNetwork() == C.TCP {
|
|
_, err := conn.Peek(1)
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
|
|
bufferedLen := conn.Buffered()
|
|
bytes, err := conn.Peek(bufferedLen)
|
|
if err != nil {
|
|
log.Debugln("[Sniffer] the data length not enough")
|
|
continue
|
|
}
|
|
|
|
host, err := sniffer.SniffTCP(bytes)
|
|
if err != nil {
|
|
log.Debugln("[Sniffer] [%s] Sniff data failed %s", sniffer.Protocol(), metadata.DstIP)
|
|
continue
|
|
}
|
|
|
|
return host, nil
|
|
}
|
|
}
|
|
|
|
return "", ErrorSniffFailed
|
|
}
|
|
|
|
func NewCloseSnifferDispatcher() (*SnifferDispatcher, error) {
|
|
dispatcher := SnifferDispatcher{
|
|
enable: false,
|
|
}
|
|
|
|
return &dispatcher, nil
|
|
}
|
|
|
|
func NewSnifferDispatcher(needSniffer []C.SnifferType, forceDomain *trie.DomainTrie[bool], skipSNI *trie.DomainTrie[bool]) (*SnifferDispatcher, error) {
|
|
dispatcher := SnifferDispatcher{
|
|
enable: true,
|
|
foreDomain: forceDomain,
|
|
skipSNI: skipSNI,
|
|
}
|
|
|
|
for _, snifferName := range needSniffer {
|
|
sniffer, err := NewSniffer(snifferName)
|
|
if err != nil {
|
|
log.Errorln("Sniffer name[%s] is error", snifferName)
|
|
return &SnifferDispatcher{enable: false}, err
|
|
}
|
|
|
|
dispatcher.sniffers = append(dispatcher.sniffers, sniffer)
|
|
}
|
|
|
|
return &dispatcher, nil
|
|
}
|
|
|
|
func NewSniffer(name C.SnifferType) (C.Sniffer, error) {
|
|
switch name {
|
|
case C.TLS:
|
|
return &TLSSniffer{}, nil
|
|
default:
|
|
return nil, ErrorUnsupportedSniffer
|
|
}
|
|
}
|