Skip to content

Commit 29a3e4b

Browse files
bjdgycbjdgyc
committed
默认加白出口ip
1 parent d73816a commit 29a3e4b

File tree

5 files changed

+26
-15
lines changed

5 files changed

+26
-15
lines changed

server/base/cfg.go

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -81,7 +81,8 @@ type ServerConfig struct {
8181
Compression bool `json:"compression"` // bool
8282
NoCompressLimit int `json:"no_compress_limit"` // int
8383

84-
DisplayError bool `json:"display_error"`
84+
DisplayError bool `json:"display_error"`
85+
ExcludeExportIp bool `json:"exclude_export_ip"`
8586
}
8687

8788
func initServerCfg() {

server/base/config.go

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -48,7 +48,7 @@ var configs = []config{
4848
{Typ: cfgStr, Name: "ipv4_start", Usage: "IPV4开始地址", ValStr: "192.168.90.100"},
4949
{Typ: cfgStr, Name: "ipv4_end", Usage: "IPV4结束", ValStr: "192.168.90.200"},
5050
{Typ: cfgStr, Name: "default_group", Usage: "默认用户组", ValStr: "one"},
51-
{Typ: cfgStr, Name: "default_domain", Usage: "要发布的默认域", ValStr: ""},
51+
{Typ: cfgStr, Name: "default_domain", Usage: "客户端dns的默认搜索域", ValStr: ""},
5252

5353
{Typ: cfgInt, Name: "ip_lease", Usage: "IP租期(秒)", ValInt: 86400},
5454
{Typ: cfgInt, Name: "max_client", Usage: "最大用户连接", ValInt: 200},
@@ -69,6 +69,7 @@ var configs = []config{
6969
{Typ: cfgInt, Name: "no_compress_limit", Usage: "低于及等于多少字节不压缩", ValInt: 256},
7070

7171
{Typ: cfgBool, Name: "display_error", Usage: "客户端显示详细错误信息(线上环境慎开启)", ValBool: false},
72+
{Typ: cfgBool, Name: "exclude_export_ip", Usage: "排除出口ip路由(出口ip不加密传输)", ValBool: true},
7273
}
7374

7475
var envs = map[string]string{}

server/conf/server-sample.toml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -69,7 +69,7 @@ mobile_dpd = 22
6969
#设置最大传输单元
7070
mtu = 1460
7171

72-
# 要发布的默认域
72+
# 客户端dns的默认搜索域
7373
default_domain = "example.com"
7474
#default_domain = "example.com abc.example.com"
7575

server/handler/link_tunnel.go

Lines changed: 16 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -66,6 +66,8 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
6666
cstpBaseMtu := r.Header.Get("X-CSTP-Base-MTU")
6767
masterSecret := r.Header.Get("X-DTLS-Master-Secret")
6868
localIp := r.Header.Get("X-Cstp-Local-Address-Ip4")
69+
// 出口ip
70+
exportIp4 := r.Header.Get("X-Cstp-Remote-Address-Ip4")
6971
mobile := r.Header.Get("X-Cstp-License")
7072

7173
cSess.SetMtu(cstpMtu)
@@ -96,14 +98,6 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
9698
dtlsCiphersuite := checkDtls12Ciphersuite(r.Header.Get("X-Dtls12-Ciphersuite"))
9799
base.Trace("dtlsCiphersuite", dtlsCiphersuite)
98100

99-
// 压缩
100-
if cmpName, ok := cSess.SetPickCmp("cstp", r.Header.Get("X-Cstp-Accept-Encoding")); ok {
101-
HttpSetHeader(w, "X-CSTP-Content-Encoding", cmpName)
102-
}
103-
if cmpName, ok := cSess.SetPickCmp("dtls", r.Header.Get("X-Dtls-Accept-Encoding")); ok {
104-
HttpSetHeader(w, "X-DTLS-Content-Encoding", cmpName)
105-
}
106-
107101
// 返回客户端数据
108102
HttpSetHeader(w, "Server", fmt.Sprintf("%s %s", base.APP_NAME, base.APP_VER))
109103
HttpSetHeader(w, "X-CSTP-Version", "1")
@@ -113,11 +107,19 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
113107
HttpSetHeader(w, "X-CSTP-Netmask", sessdata.IpPool.Ipv4Mask.String()) // 子网掩码
114108
HttpSetHeader(w, "X-CSTP-Hostname", hn) // 机器名称
115109
HttpSetHeader(w, "X-CSTP-Base-MTU", cstpBaseMtu)
116-
// 要发布的默认域
110+
// 客户端dns的默认搜索域
117111
if base.Cfg.DefaultDomain != "" {
118112
HttpSetHeader(w, "X-CSTP-Default-Domain", base.Cfg.DefaultDomain)
119113
}
120114

115+
// 压缩
116+
if cmpName, ok := cSess.SetPickCmp("cstp", r.Header.Get("X-Cstp-Accept-Encoding")); ok {
117+
HttpSetHeader(w, "X-CSTP-Content-Encoding", cmpName)
118+
}
119+
if cmpName, ok := cSess.SetPickCmp("dtls", r.Header.Get("X-Dtls-Accept-Encoding")); ok {
120+
HttpSetHeader(w, "X-DTLS-Content-Encoding", cmpName)
121+
}
122+
121123
// 设置用户策略
122124
SetUserPolicy(cSess.Username, cSess.Group)
123125

@@ -136,10 +138,14 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
136138
}
137139
HttpAddHeader(w, "X-CSTP-Split-Include", v.IpMask)
138140
}
139-
// 不允许的路由 X-Cstp-Remote-Address-Ip4:
141+
// 不允许的路由
140142
for _, v := range cSess.Group.RouteExclude {
141143
HttpAddHeader(w, "X-CSTP-Split-Exclude", v.IpMask)
142144
}
145+
// 排除出口ip路由(出口ip不加密传输)
146+
if base.Cfg.ExcludeExportIp && exportIp4 != "" {
147+
HttpAddHeader(w, "X-CSTP-Split-Exclude", exportIp4+"/255.255.255.255")
148+
}
143149

144150
HttpSetHeader(w, "X-CSTP-Lease-Duration", "1209600") // ip地址租期
145151
HttpSetHeader(w, "X-CSTP-Session-Timeout", "none")

server/handler/server.go

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@ import (
66
"io"
77
"net"
88
"net/http"
9+
"net/http/httputil"
910
"os"
1011
"time"
1112

@@ -116,8 +117,10 @@ func initRoute() http.Handler {
116117

117118
func notFound(w http.ResponseWriter, r *http.Request) {
118119
// fmt.Println(r.RemoteAddr)
119-
// hu, _ := httputil.DumpRequest(r, true)
120-
// fmt.Println("NotFound: ", string(hu))
120+
if base.GetLogLevel() == base.LogLevelTrace {
121+
hd, _ := httputil.DumpRequest(r, true)
122+
base.Trace("NotFound: ", string(hd))
123+
}
121124

122125
w.WriteHeader(http.StatusNotFound)
123126
fmt.Fprintln(w, "404 page not found")

0 commit comments

Comments
 (0)