him411/UA3F
1
0
Fork 0
mirror of https://github.com/SunBK201/UA3F.git synced 2025-12-16 16:57:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor: update iptables and nftables methods to use receiver functions

Browse Source
This commit is contained in:
SunBK201 2025-11-12 00:56:05 +08:00
parent ba1ec470ee
commit 90097acb85
2 changed files with 16 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/internal/server/netlink/iptables.go
View File

@ -36,19 +36,19 @@ func (s *Server) iptSetup() error {
return err
}
if s.cfg.SetTTL {
err = IptSetTTL(ipt)
err = s.IptSetTTL(ipt)
if err != nil {
return err
}
}
if s.cfg.DelTCPTimestamp && !s.cfg.SetIPID {
err = IptDelTCPTS(ipt)
err = s.IptDelTCPTS(ipt)
if err != nil {
return err
}
}
if s.cfg.SetIPID {
err = IptSetIP(ipt)
err = s.IptSetIP(ipt)
if err != nil {
return err
}
@ -67,7 +67,7 @@ func (s *Server) iptCleanup() error {
return nil
}
func IptSetTTL(ipt *iptables.IPTables) error {
func (s *Server) IptSetTTL(ipt *iptables.IPTables) error {
err := ipt.Append(table, chain, RuleTTL...)
if err != nil {
return err
@ -75,7 +75,7 @@ func IptSetTTL(ipt *iptables.IPTables) error {
return nil
}
func IptDelTCPTS(ipt *iptables.IPTables) error {
func (s *Server) IptDelTCPTS(ipt *iptables.IPTables) error {
err := ipt.Append(table, chain, RuleDelTCPTS...)
if err != nil {
return err
@ -83,7 +83,7 @@ func IptDelTCPTS(ipt *iptables.IPTables) error {
return nil
}
func IptSetIP(ipt *iptables.IPTables) error {
func (s *Server) IptSetIP(ipt *iptables.IPTables) error {
err := ipt.Append(table, chain, RuleIP...)
if err != nil {
return err

18
src/internal/server/netlink/nftables.go
View File

@ -4,6 +4,7 @@ package netlink
import (
"context"
"fmt"
"sigs.k8s.io/knftables"
)
@ -18,13 +19,13 @@ func (s *Server) nftSetup() error {
tx.Add(s.nftable)
if s.cfg.SetTTL {
NftSetTTL(tx, s.nftable)
s.NftSetTTL(tx, s.nftable)
}
if s.cfg.DelTCPTimestamp && !s.cfg.SetIPID {
NftDelTCPTS(tx, s.nftable)
s.NftDelTCPTS(tx, s.nftable)
}
if s.cfg.SetIPID {
NftSetIP(tx, s.nftable)
s.NftSetIP(tx, s.nftable)
}
if err := nft.Run(context.TODO(), tx); err != nil {
@ -48,7 +49,7 @@ func (s *Server) nftCleanup() error {
return nil
}
func NftSetTTL(tx *knftables.Transaction, table *knftables.Table) {
func (s *Server) NftSetTTL(tx *knftables.Transaction, table *knftables.Table) {
chain := &knftables.Chain{
Name: "TTL64",
Type: knftables.PtrTo(knftables.FilterType),
@ -66,7 +67,7 @@ func NftSetTTL(tx *knftables.Transaction, table *knftables.Table) {
tx.Add(rule)
}
func NftDelTCPTS(tx *knftables.Transaction, table *knftables.Table) {
func (s *Server) NftDelTCPTS(tx *knftables.Transaction, table *knftables.Table) {
chain := &knftables.Chain{
Name: "HELPER_QUEUE",
Type: knftables.PtrTo(knftables.FilterType),
@ -77,14 +78,15 @@ func NftDelTCPTS(tx *knftables.Transaction, table *knftables.Table) {
rule := &knftables.Rule{
Chain: chain.Name,
Rule: knftables.Concat(
"tcp flags syn counter queue num 10301 bypass",
"tcp flags syn",
fmt.Sprintf("counter queue num %d bypass", s.nfqServer.QueueNum),
),
}
tx.Add(chain)
tx.Add(rule)
}
func NftSetIP(tx *knftables.Transaction, table *knftables.Table) {
func (s *Server) NftSetIP(tx *knftables.Transaction, table *knftables.Table) {
chain := &knftables.Chain{
Name: "HELPER_QUEUE",
Type: knftables.PtrTo(knftables.FilterType),
@ -95,7 +97,7 @@ func NftSetIP(tx *knftables.Transaction, table *knftables.Table) {
rule := &knftables.Rule{
Chain: chain.Name,
Rule: knftables.Concat(
"counter queue num 10301 bypass",
fmt.Sprintf("counter queue num %d bypass", s.nfqServer.QueueNum),
),
}
tx.Add(chain)