config

package
v0.1.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 1, 2024 License: GPL-3.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	DefaultConfig = `
version: 1
cgroup-root: AUTO
route-table: 300
rules:
  - match: \/.*
    direct: true
`
	IPv4LocalhostStr = "127.0.0.1"
)

Variables

View Source 
var (
	ErrCannotFoundCgroupv2Root = errors.New("`cgroup2` mount point not found.")
)

Functions

This section is empty.

Types

type Bypass 

type Bypass []string

type CGroupRoot 

type CGroupRoot string

type Config 

type Config struct {
	Version string `yaml:"version" validate:"required,eq=1"`

	CgroupRoot CGroupRoot `yaml:"cgroup-root" validate:"required,dirpath|eq=AUTO"`
	// Bypass describes the bypass rules apply to all the TPROXY servers.
	// If the destination matched in Bypass, the traffic will not be touched.
	Bypass   Bypass             `yaml:"bypass" validate:"dive,ipv4|cidrv4|ipv6|cidrv6"`
	TProxies map[string]*TProxy `yaml:"tproxies" validate:"dive"`
	Rules    []Rule             `yaml:"rules" validate:"dive"`
	// The route table number cgtproxy will create to route TPROXY traffic.
	// This table will be removed when cgtproxy stopped.
	RouteTable int `yaml:"route-table" validate:"required"`
	// contains filtered or unexported fields
}

func New 

func New(opts ...Opt) (ret *Config, err error)

type DNSHijack 

type DNSHijack struct {
	IP   *string `yaml:"ip" validate:"ip4_addr"`
	Port uint16  `yaml:"port"`
	// If TCP is set to true,
	// tcp traffic will be hijacked, too,
	// when it's destination port is 53.
	TCP bool `yaml:"tcp"`
}

type FireWallMark 

type FireWallMark uint32

type Opt 

type Opt func(c *Config) (ret *Config, err error)

func WithContent 

func WithContent(raw []byte) Opt

func WithLogger 

func WithLogger(log *zap.SugaredLogger) Opt

type Rule 

type Rule struct {
	// Match is an regex expression
	// to match an cgroup path relative to the root of cgroupfs.
	Match string `yaml:"match" validate:"required"`

	// TProxy means that the traffic comes from this cgroup
	// should be redirected to a TPROXY server.
	TProxy string `yaml:"tproxy" validate:"required_without_all=Drop Direct,excluded_with=Drop Direct"`
	// Drop means that the traffic comes from this cgroup will be dropped.
	Drop bool `yaml:"drop" validate:"required_without_all=TProxy Direct,excluded_with=TProxy Direct"`
	// Direct means that the traffic comes from this cgroup will not be touched.
	Direct bool `yaml:"direct" validate:"required_without_all=TProxy Drop,excluded_with=TProxy Drop"`
}

Rule describes a rule about how to handle traffic comes from a cgroup.

func (*Rule) String 

func (r *Rule) String() string

type TProxy 

type TProxy struct {
	Name   string `yaml:"-"`
	NoUDP  bool   `yaml:"no-udp"`
	NoIPv6 bool   `yaml:"no-ipv6"`
	Port   uint16 `yaml:"port" validate:"required"`
	// Mark is the fire wall mark used to identify the TPROXY server
	// and trigger reroute operation of netfliter
	// from OUTPUT to PREROUTING internally.
	// It **NOT** means that this TPROXY server
	// must send traffic with the fwmark.
	// This mark is designed to be changeable for user
	// to make sure this mark is not conflict
	// with any fire wall mark in use.
	Mark FireWallMark `yaml:"mark" validate:"required"`
	// DNSHijack will hijack the dns request traffic
	// should redirect to this TPROXY server,
	// and send them to directory to a dns server described in DNSHijack.
	// This option is for fake-ip.
	DNSHijack *DNSHijack `yaml:"dns-hijack"`
}

TProxy describes a TPROXY server.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.