diff --git a/src/internal/rewrite/packet.go b/src/internal/rewrite/packet.go index 4a90ff0..949ed6b 100644 --- a/src/internal/rewrite/packet.go +++ b/src/internal/rewrite/packet.go @@ -10,10 +10,9 @@ import ( // RewriteResult contains the result of TCP rewriting type RewriteResult struct { - Modified bool // Whether the packet was modified - HasUA bool // Whether User-Agent was found - InCache bool // Whether destination address is in cache - InWhitelist bool // Whether User-Agent was in whitelist + Modified bool // Whether the packet was modified + HasUA bool // Whether User-Agent was found + InCache bool // Whether destination address is in cache } // shouldRewriteUA checks if the given User-Agent should be rewritten @@ -68,18 +67,18 @@ func (r *Rewriter) buildReplacement(srcAddr, dstAddr string, originalUA string, // RewritePacketUserAgent rewrites User-Agent in a raw packet payload in-place // Returns metadata about the operation -func (r *Rewriter) RewritePacketUserAgent(payload []byte, srcAddr, dstAddr string) (hasUA, modified, inWhitelist bool) { +func (r *Rewriter) RewritePacketUserAgent(payload []byte, srcAddr, dstAddr string) (hasUA, modified bool) { // Find all User-Agent positions positions, unterm := findUserAgentInPayload(payload) if unterm { log.LogInfoWithAddr(srcAddr, dstAddr, "Unterminated User-Agent found, not rewriting") - return true, false, false + return true, false } if len(positions) == 0 { log.LogDebugWithAddr(srcAddr, dstAddr, "No User-Agent found in payload") - return false, false, false + return false, false } // Replace each User-Agent value in-place @@ -95,17 +94,6 @@ func (r *Rewriter) RewritePacketUserAgent(payload []byte, srcAddr, dstAddr strin log.LogInfoWithAddr(srcAddr, dstAddr, fmt.Sprintf("Original User-Agent: %s", originalUA)) - // Check whitelist first - if r.inWhitelist(originalUA) { - log.LogInfoWithAddr(srcAddr, dstAddr, fmt.Sprintf("User-Agent in whitelist, not rewriting: %s", originalUA)) - statistics.AddPassThroughRecord(&statistics.PassThroughRecord{ - SrcAddr: srcAddr, - DestAddr: dstAddr, - UA: originalUA, - }) - return true, false, true - } - // Check if should rewrite if !r.shouldRewriteUA(srcAddr, dstAddr, originalUA) { statistics.AddPassThroughRecord(&statistics.PassThroughRecord{ @@ -113,7 +101,7 @@ func (r *Rewriter) RewritePacketUserAgent(payload []byte, srcAddr, dstAddr strin DestAddr: dstAddr, UA: originalUA, }) - return true, false, false + return true, false } // Build replacement with regex matching @@ -123,7 +111,7 @@ func (r *Rewriter) RewritePacketUserAgent(payload []byte, srcAddr, dstAddr strin modified = true } } - return true, modified, false + return true, modified } // RewriteTCP rewrites the TCP packet's User-Agent if applicable @@ -133,11 +121,9 @@ func (r *Rewriter) RewriteTCP(tcp *layers.TCP, srcAddr, dstAddr string) *Rewrite return &RewriteResult{Modified: false} } - hasUA, modified, inWhitelist := r.RewritePacketUserAgent(tcp.Payload, srcAddr, dstAddr) - + hasUA, modified := r.RewritePacketUserAgent(tcp.Payload, srcAddr, dstAddr) return &RewriteResult{ - Modified: modified, - HasUA: hasUA, - InWhitelist: inWhitelist, + Modified: modified, + HasUA: hasUA, } } diff --git a/src/internal/server/nfqueue/nfqueue_linux.go b/src/internal/server/nfqueue/nfqueue_linux.go index 70b9fe9..5d64e4b 100644 --- a/src/internal/server/nfqueue/nfqueue_linux.go +++ b/src/internal/server/nfqueue/nfqueue_linux.go @@ -141,10 +141,6 @@ func (s *Server) getNextMark(packet *netfilter.Packet, result *rewrite.RewriteRe return true, s.NotHTTPCtMark } - if result.InWhitelist { - return true, s.NotHTTPCtMark - } - if result.Modified { return true, s.HTTPCtMark }