him411/UA3F
1
0
Fork 0
mirror of https://github.com/SunBK201/UA3F.git synced 2025-12-16 08:44:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor: move base nfqueue server

Browse Source
This commit is contained in:
SunBK201 2025-12-06 16:38:20 +08:00
parent bef94bdc9d
commit 6877f608ad
6 changed files with 18 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/internal/netfilter/frame.go → src/internal/server/base/frame.go
View File

@ -1,4 +1,4 @@
package netfilter package base
import ( import (
"crypto/rand" "crypto/rand"

2
src/internal/netfilter/nfqueue.go → src/internal/server/base/nfqueue.go
View File

@ -1,4 +1,4 @@
package netfilter package base
import ( import (
"context" "context"

2
src/internal/netfilter/packet.go → src/internal/server/base/packet.go
View File

@ -1,4 +1,4 @@
package netfilter package base
import ( import (
"encoding/binary" "encoding/binary"

9
src/internal/server/desync/desync_linux.go
View File

@ -8,13 +8,14 @@ import (
nfq "github.com/florianl/go-nfqueue/v2" nfq "github.com/florianl/go-nfqueue/v2"
"github.com/sunbk201/ua3f/internal/config" "github.com/sunbk201/ua3f/internal/config"
"github.com/sunbk201/ua3f/internal/netfilter" "github.com/sunbk201/ua3f/internal/netfilter"
"github.com/sunbk201/ua3f/internal/server/base"
"sigs.k8s.io/knftables" "sigs.k8s.io/knftables"
) )
type Server struct { type Server struct {
netfilter.Firewall netfilter.Firewall
cfg *config.Config cfg *config.Config
nfqServer *netfilter.NfqueueServer nfqServer *base.NfqueueServer
CtByte uint32 CtByte uint32
CtPackets uint32 CtPackets uint32
} }
@ -22,7 +23,7 @@ type Server struct {
func New(cfg *config.Config) *Server { func New(cfg *config.Config) *Server {
s := &Server{ s := &Server{
cfg: cfg, cfg: cfg,
nfqServer: &netfilter.NfqueueServer{ nfqServer: &base.NfqueueServer{
QueueNum: netfilter.DESYNC_QUEUE, QueueNum: netfilter.DESYNC_QUEUE,
}, },
CtByte: 1500, CtByte: 1500,
@ -68,7 +69,7 @@ func (s *Server) Close() error {
return err return err
} }
func (s *Server) HandlePacket(frame *netfilter.Packet) { func (s *Server) HandlePacket(frame *base.Packet) {
fragment := s.cfg.TCPDesync.Enabled fragment := s.cfg.TCPDesync.Enabled
if frame.TCP == nil || len(frame.TCP.Payload) <= 1 || frame.TCP.FIN { if frame.TCP == nil || len(frame.TCP.Payload) <= 1 || frame.TCP.FIN {
fragment = false fragment = false
@ -76,7 +77,7 @@ func (s *Server) HandlePacket(frame *netfilter.Packet) {
s.sendVerdict(frame, fragment) s.sendVerdict(frame, fragment)
} }
func (s *Server) sendVerdict(packet *netfilter.Packet, fragment bool) { func (s *Server) sendVerdict(packet *base.Packet, fragment bool) {
nf := s.nfqServer.Nf nf := s.nfqServer.Nf
id := *packet.A.PacketID id := *packet.A.PacketID

9
src/internal/server/netlink/netlink_linux.go
View File

@ -9,19 +9,20 @@ import (
"github.com/google/gopacket/layers" "github.com/google/gopacket/layers"
"github.com/sunbk201/ua3f/internal/config" "github.com/sunbk201/ua3f/internal/config"
"github.com/sunbk201/ua3f/internal/netfilter" "github.com/sunbk201/ua3f/internal/netfilter"
"github.com/sunbk201/ua3f/internal/server/base"
"sigs.k8s.io/knftables" "sigs.k8s.io/knftables"
) )
type Server struct { type Server struct {
netfilter.Firewall netfilter.Firewall
cfg *config.Config cfg *config.Config
nfqServer *netfilter.NfqueueServer nfqServer *base.NfqueueServer
} }
func New(cfg *config.Config) *Server { func New(cfg *config.Config) *Server {
s := &Server{ s := &Server{
cfg: cfg, cfg: cfg,
nfqServer: &netfilter.NfqueueServer{ nfqServer: &base.NfqueueServer{
QueueNum: netfilter.HELPER_QUEUE, QueueNum: netfilter.HELPER_QUEUE,
}, },
} }
@ -59,7 +60,7 @@ func (s *Server) Close() error {
} }
// handlePacket processes a single NFQUEUE packet // handlePacket processes a single NFQUEUE packet
func (s *Server) handlePacket(packet *netfilter.Packet) { func (s *Server) handlePacket(packet *base.Packet) {
nf := s.nfqServer.Nf nf := s.nfqServer.Nf
modified := false modified := false
@ -129,7 +130,7 @@ func (s *Server) setInitialTCPWindow(tcp *layers.TCP) bool {
// zeroIPID sets the IP ID field to zero for IPv4 packets // zeroIPID sets the IP ID field to zero for IPv4 packets
// Returns true if the packet was modified // Returns true if the packet was modified
func (s *Server) zeroIPID(packet *netfilter.Packet) bool { func (s *Server) zeroIPID(packet *base.Packet) bool {
if packet.IsIPv6 { if packet.IsIPv6 {
return false return false
} }

10
src/internal/server/nfqueue/nfqueue_linux.go
View File

@ -22,7 +22,7 @@ import (
type Server struct { type Server struct {
base.Server base.Server
netfilter.Firewall netfilter.Firewall
nfqServer *netfilter.NfqueueServer nfqServer *base.NfqueueServer
SniffCtMarkLower uint32 SniffCtMarkLower uint32
SniffCtMarkUpper uint32 SniffCtMarkUpper uint32
HTTPCtMark uint32 HTTPCtMark uint32
@ -41,7 +41,7 @@ func New(cfg *config.Config, rw *rewrite.Rewriter, rc *statistics.Recorder) *Ser
SniffCtMarkUpper: 10216, SniffCtMarkUpper: 10216,
NotHTTPCtMark: 201, NotHTTPCtMark: 201,
HTTPCtMark: 202, HTTPCtMark: 202,
nfqServer: &netfilter.NfqueueServer{ nfqServer: &base.NfqueueServer{
QueueNum: 10201, QueueNum: 10201,
}, },
} }
@ -76,7 +76,7 @@ func (s *Server) Close() error {
} }
// handlePacket processes a single NFQUEUE packet // handlePacket processes a single NFQUEUE packet
func (s *Server) handlePacket(packet *netfilter.Packet) { func (s *Server) handlePacket(packet *base.Packet) {
if s.Cfg.RewriteMode == config.RewriteModeDirect || packet.TCP == nil || len(packet.TCP.Payload) == 0 { if s.Cfg.RewriteMode == config.RewriteModeDirect || packet.TCP == nil || len(packet.TCP.Payload) == 0 {
_ = s.nfqServer.Nf.SetVerdict(*packet.A.PacketID, nfq.NfAccept) _ = s.nfqServer.Nf.SetVerdict(*packet.A.PacketID, nfq.NfAccept)
return return
@ -90,7 +90,7 @@ func (s *Server) handlePacket(packet *netfilter.Packet) {
s.sendVerdict(packet, result) s.sendVerdict(packet, result)
} }
func (s *Server) sendVerdict(packet *netfilter.Packet, result *rewrite.RewriteResult) { func (s *Server) sendVerdict(packet *base.Packet, result *rewrite.RewriteResult) {
nf := s.nfqServer.Nf nf := s.nfqServer.Nf
id := *packet.A.PacketID id := *packet.A.PacketID
setMark, nextMark := s.getNextMark(packet, result) setMark, nextMark := s.getNextMark(packet, result)
@ -129,7 +129,7 @@ func (s *Server) sendVerdict(packet *netfilter.Packet, result *rewrite.RewriteRe
} }
} }
func (s *Server) getNextMark(packet *netfilter.Packet, result *rewrite.RewriteResult) (setMark bool, mark uint32) { func (s *Server) getNextMark(packet *base.Packet, result *rewrite.RewriteResult) (setMark bool, mark uint32) {
mark, found := packet.GetCtMark() mark, found := packet.GetCtMark()
if !found { if !found {
return true, s.SniffCtMarkLower return true, s.SniffCtMarkLower