From 8b09db5f7f720bddfb868cfb69554a3eb322bf88 Mon Sep 17 00:00:00 2001 From: adlyq Date: Wed, 18 May 2022 18:43:44 +0800 Subject: [PATCH] =?UTF-8?q?fix:=20Rule-Set=E4=B8=AD=E4=B8=8D=E8=A7=A3?= =?UTF-8?q?=E6=9E=90DNS=20feat:=20RULE-SET=E6=94=AF=E6=8C=81no-resolve?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- component/sniffer/dispatcher.go | 4 ++-- rule/logic/common.go | 3 ++- rule/parser.go | 3 ++- rule/provider/classical_strategy.go | 14 ++++---------- rule/provider/domain_strategy.go | 9 ++++----- rule/provider/rule_set.go | 6 ++++-- 6 files changed, 18 insertions(+), 21 deletions(-) diff --git a/component/sniffer/dispatcher.go b/component/sniffer/dispatcher.go index aca77842..cfcc58fb 100644 --- a/component/sniffer/dispatcher.go +++ b/component/sniffer/dispatcher.go @@ -117,13 +117,13 @@ func (sd *SnifferDispatcher) sniffDomain(conn *CN.BufferedConn, metadata *C.Meta host, err := sniffer.SniffTCP(bytes) if err != nil { - log.Debugln("[Sniffer] [%s] Sniff data failed %s", sniffer.Protocol(), metadata.DstIP) + //log.Debugln("[Sniffer] [%s] Sniff data failed %s", sniffer.Protocol(), metadata.DstIP) continue } _, err = netip.ParseAddr(host) if err == nil { - log.Debugln("[Sniffer] [%s] Sniff data failed %s", sniffer.Protocol(), metadata.DstIP) + //log.Debugln("[Sniffer] [%s] Sniff data failed %s", sniffer.Protocol(), metadata.DstIP) continue } diff --git a/rule/logic/common.go b/rule/logic/common.go index 75e3c319..1f9a56c1 100644 --- a/rule/logic/common.go +++ b/rule/logic/common.go @@ -102,7 +102,8 @@ func parseRule(tp, payload string, params []string) (C.Rule, error) { case "PROCESS-PATH": parsed, parseErr = RC.NewProcess(payload, "", false) case "RULE-SET": - parsed, parseErr = provider.NewRuleSet(payload, "") + noResolve := RC.HasNoResolve(params) + parsed, parseErr = provider.NewRuleSet(payload, "", noResolve) case "NOT": parsed, parseErr = NewNOT(payload, "") case "AND": diff --git a/rule/parser.go b/rule/parser.go index 05595c10..e1d27371 100644 --- a/rule/parser.go +++ b/rule/parser.go @@ -50,7 +50,8 @@ func ParseRule(tp, payload, target string, params []string) (C.Rule, error) { case "NOT": parsed, parseErr = logic.NewNOT(payload, target) case "RULE-SET": - parsed, parseErr = RP.NewRuleSet(payload, target) + noResolve := RC.HasNoResolve(params) + parsed, parseErr = RP.NewRuleSet(payload, target, noResolve) case "MATCH": parsed = RC.NewMatch(target) default: diff --git a/rule/provider/classical_strategy.go b/rule/provider/classical_strategy.go index 1c2cba4f..4ce69389 100644 --- a/rule/provider/classical_strategy.go +++ b/rule/provider/classical_strategy.go @@ -30,26 +30,20 @@ func (c *classicalStrategy) ShouldResolveIP() bool { } func (c *classicalStrategy) OnUpdate(rules []string) { - var classicalRules []C.Rule - shouldResolveIP := false - count := 0 for _, rawRule := range rules { ruleType, rule, params := ruleParse(rawRule) r, err := parseRule(ruleType, rule, "", params) if err != nil { log.Warnln("parse rule error:[%s]", err.Error()) } else { - if !shouldResolveIP { - shouldResolveIP = shouldResolveIP || r.ShouldResolveIP() + if !c.shouldResolveIP { + c.shouldResolveIP = r.ShouldResolveIP() } - classicalRules = append(classicalRules, r) - count++ + c.rules = append(c.rules, r) + c.count++ } } - - c.rules = classicalRules - c.count = count } func NewClassicalStrategy() *classicalStrategy { diff --git a/rule/provider/domain_strategy.go b/rule/provider/domain_strategy.go index 81979658..d78bb44c 100644 --- a/rule/provider/domain_strategy.go +++ b/rule/provider/domain_strategy.go @@ -8,9 +8,8 @@ import ( ) type domainStrategy struct { - shouldResolveIP bool - count int - domainRules *trie.DomainTrie[bool] + count int + domainRules *trie.DomainTrie[bool] } func (d *domainStrategy) Match(metadata *C.Metadata) bool { @@ -22,7 +21,7 @@ func (d *domainStrategy) Count() int { } func (d *domainStrategy) ShouldResolveIP() bool { - return d.shouldResolveIP + return false } func (d *domainStrategy) OnUpdate(rules []string) { @@ -55,5 +54,5 @@ func ruleParse(ruleRaw string) (string, string, []string) { } func NewDomainStrategy() *domainStrategy { - return &domainStrategy{shouldResolveIP: false} + return &domainStrategy{} } diff --git a/rule/provider/rule_set.go b/rule/provider/rule_set.go index d5f0a7c9..5d0cb67a 100644 --- a/rule/provider/rule_set.go +++ b/rule/provider/rule_set.go @@ -12,6 +12,7 @@ type RuleSet struct { ruleProviderName string adapter string ruleProvider P.RuleProvider + noResolveIP bool } func (rs *RuleSet) ShouldFindProcess() bool { @@ -35,7 +36,7 @@ func (rs *RuleSet) Payload() string { } func (rs *RuleSet) ShouldResolveIP() bool { - return rs.getProviders().ShouldResolveIP() + return !rs.noResolveIP && rs.getProviders().ShouldResolveIP() } func (rs *RuleSet) getProviders() P.RuleProvider { if rs.ruleProvider == nil { @@ -46,7 +47,7 @@ func (rs *RuleSet) getProviders() P.RuleProvider { return rs.ruleProvider } -func NewRuleSet(ruleProviderName string, adapter string) (*RuleSet, error) { +func NewRuleSet(ruleProviderName string, adapter string, noResolveIP bool) (*RuleSet, error) { rp, ok := RuleProviders()[ruleProviderName] if !ok { return nil, fmt.Errorf("rule set %s not found", ruleProviderName) @@ -56,5 +57,6 @@ func NewRuleSet(ruleProviderName string, adapter string) (*RuleSet, error) { ruleProviderName: ruleProviderName, adapter: adapter, ruleProvider: rp, + noResolveIP: noResolveIP, }, nil }