filter on src and dest ip

Signed-off-by: Uncle Jack <[email protected]>
bepass-org · Jul 5, 2024 · c7226d9 · c7226d9
1 parent 2761b8f
commit c7226d9
Show file tree

Hide file tree

Showing 9 changed files with 210 additions and 37 deletions.
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -18,11 +18,16 @@ jobs:
 
     - name: preparatino
       run: |
+        echo "build the program"
         cargo build && cp ./target/debug/tunl-relay .
 
+        echo "prepare config"
+        sed -i -e '/whitelist = \[/a\' -e '    "127.0.0.1",' config.toml
+        sed -i -e '/whitelist = \[/a\' -e '    "216.239.38.120",' config.toml
+
     - name: test v1 header
       run: |
-        ./tunl-relay --version=v1 &
+        ./tunl-relay --config config.toml &
         PID=$!
         echo "tunl-relay started with PID $PID"
         sleep 2
@@ -34,7 +39,10 @@ jobs:
 
     - name: test v2 header
       run: |
-        ./tunl-relay --version=v2 &
+        echo "change config protocol version to v2"
+        sed -i -e 's/"v1"/"v2"/' config.toml
+
+        ./tunl-relay --config config.toml &
         PID=$!
         echo "tunl-relay started with PID $PID"
         sleep 2

diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -11,3 +11,5 @@ bincode = "2.0.0-rc.3"
 anyhow = "1.0"
 pretty_env_logger = "0.5"
 log = "0.4"
+cidr = { version = "0.2", features = ["serde"] }
+toml = "0.8"
diff --git a/README.md b/README.md
@@ -2,16 +2,22 @@
 
 ## Quick Start
 ```sh
-$ ./tunl-relay --bind 0.0.0.0 --port 6666 --version v2
+$ ./tunl-relay --config config.toml
 ```
 
-## Usage
-```sh
-OPTIONS:
-    -b, --bind <BIND>          [default: 0.0.0.0]
-    -h, --help                 Print help information
-    -p, --port <PORT>          [default: 6666]
-    -v, --version <VERSION>    [default: v1] [possible values: v1, v2]
+## Config
+```toml
+version = "v1"
+bind = "0.0.0.0"
+port = 6666
+
+whitelist = [
+    "173.245.48.0/20",
+    "103.21.244.0/22",
+    "103.22.200.0/22",
+    "103.31.4.0/22",
+    ...
+]
 ```
 
 **protocol version**: v1 refers to [bepass-relay protocol](https://github.com/bepass-org/bepass-relay/)
diff --git a/config.toml b/config.toml
@@ -0,0 +1,28 @@
+version = "v1"
+bind = "0.0.0.0"
+port = 6666
+
+whitelist = [
+    "173.245.48.0/20",
+    "103.21.244.0/22",
+    "103.22.200.0/22",
+    "103.31.4.0/22",
+    "141.101.64.0/18",
+    "108.162.192.0/18",
+    "190.93.240.0/20",
+    "188.114.96.0/20",
+    "197.234.240.0/22",
+    "198.41.128.0/17",
+    "162.158.0.0/15",
+    "104.16.0.0/13",
+    "104.24.0.0/14",
+    "172.64.0.0/13",
+    "131.0.72.0/22",
+    "2400:cb00::/32",
+    "2606:4700::/32",
+    "2803:f800::/32",
+    "2405:b500::/32",
+    "2405:8100::/32",
+    "2a06:98c0::/29",
+    "2c0f:f248::/32"
+]
diff --git a/src/config.rs b/src/config.rs
@@ -0,0 +1,24 @@
+use crate::proto::Version;
+use cidr::IpCidr;
+
+use std::net::IpAddr;
+
+use anyhow::{anyhow, Result};
+use serde::Deserialize;
+
+#[derive(Deserialize)]
+pub struct Config {
+    pub bind: IpAddr,
+    pub port: u16,
+    pub version: Version,
+    pub whitelist: Vec<IpCidr>,
+}
+
+impl Config {
+    pub fn new(config: &str) -> Result<Self> {
+        match toml::from_str(config) {
+            Ok(c) => Ok(c),
+            Err(e) => Err(anyhow!("could not parse config file {}", e)),
+        }
+    }
+}
diff --git a/src/main.rs b/src/main.rs
@@ -1,23 +1,18 @@
+mod config;
 mod proto;
 mod proxy;
 
-use proto::Version;
+use config::Config;
 use proxy::Proxy;
 
 use anyhow::{anyhow, Result};
 use clap::Parser;
 
-use std::net::IpAddr;
-
 #[derive(Debug, Parser)]
 #[clap(author, version)]
 pub struct Args {
-    #[clap(short, long, default_value = "0.0.0.0")]
-    pub bind: IpAddr,
-    #[clap(short, long, default_value = "6666")]
-    pub port: u16,
-    #[clap(short, long, value_enum, default_value_t)]
-    pub version: Version,
+    #[clap(short, long)]
+    pub config: String,
 }
 
 #[tokio::main]
@@ -28,7 +23,12 @@ async fn main() -> Result<()> {
 
     let args = Args::parse();
 
-    let proxy = Proxy::new(args.version, args.bind, args.port);
+    let config = match std::fs::read_to_string(args.config) {
+        Ok(c) => Config::new(&c),
+        _ => panic!("could not find the config file"),
+    }?;
+
+    let proxy = Proxy::new(config);
     match proxy.run().await {
         Err(e) => Err(anyhow!("{e}")),
         _ => Ok(()),

diff --git a/src/proto.rs b/src/proto.rs
@@ -2,10 +2,10 @@ use std::net::IpAddr;
 use std::str::FromStr;
 
 use bincode::{Decode, Encode};
-use serde::Serialize;
+use serde::{Deserialize, Serialize};
 use tokio::io::{Error, ErrorKind, Result};
 
-#[derive(clap::ValueEnum, Clone, Default, Debug, Decode, Encode, Serialize)]
+#[derive(clap::ValueEnum, Clone, Default, Debug, Decode, Encode, Serialize, Deserialize)]
 #[serde(rename_all = "lowercase")]
 pub enum Version {
     #[default]