Merge dns (#722)

* DNS: add clientip for specific nameserver * Refactoring: DNS App * DNS: add DNS over QUIC support * Feat: add disableCache option for DNS * Feat: add queryStrategy option for DNS * Feat: add disableFallback & skipFallback option for DNS * Feat: DNS hosts support multiple addresses * Feat: DNS transport over TCP * DNS: fix typo & refine code * DNS: refine code * Add disableFallbackIfMatch dns option * Feat: routing and freedom outbound ignore Fake DNS Turn off fake DNS for request sent from Routing and Freedom outbound. Fake DNS now only apply to DNS outbound. This is important for Android, where VPN service take over all system DNS traffic and pass it to core. "UseIp" option can be used in Freedom outbound to avoid getting fake IP and fail connection. * Fix test * Fix dns return * Fix local dns return empty * Apply timeout to dns outbound * Update app/dns/config.go Co-authored-by: Loyalsoldier <10487845+loyalsoldier@users.noreply.github.com> Co-authored-by: Ye Zhihao <vigilans@foxmail.com> Co-authored-by: maskedeken <52683904+maskedeken@users.noreply.github.com> Co-authored-by: V2Fly Team <51714622+vcptr@users.noreply.github.com> Co-authored-by: CalmLong <37164399+calmlong@users.noreply.github.com> Co-authored-by: Shelikhoo <xiaokangwang@outlook.com> Co-authored-by: 秋のかえで <autmaple@protonmail.com> Co-authored-by: 朱聖黎 <digglife@gmail.com> Co-authored-by: rurirei <72071920+rurirei@users.noreply.github.com> Co-authored-by: yuhan6665 <1588741+yuhan6665@users.noreply.github.com> Co-authored-by: Arthur Morgan <4637240+badO1a5A90@users.noreply.github.com>
2025-04-29 16:58:34 +00:00 · 2021-10-16 21:02:51 +08:00 · 2021-10-16 21:02:51 +08:00 · cd4631ce99
commit cd4631ce99
parent 5e606169f1
33 changed files with 2252 additions and 880 deletions
--- a/infra/conf/dns.go
+++ b/infra/conf/dns.go
@ -11,10 +11,12 @@ import (
 )

 type NameServerConfig struct {
-	Address   *Address
-	Port      uint16
-	Domains   []string
-	ExpectIPs StringList
+	Address      *Address
+	ClientIP     *Address
+	Port         uint16
+	SkipFallback bool
+	Domains      []string
+	ExpectIPs    StringList
 }

 func (c *NameServerConfig) UnmarshalJSON(data []byte) error {
@ -25,14 +27,18 @@ func (c *NameServerConfig) UnmarshalJSON(data []byte) error {
 	}

 	var advanced struct {
-		Address   *Address   `json:"address"`
-		Port      uint16     `json:"port"`
-		Domains   []string   `json:"domains"`
-		ExpectIPs StringList `json:"expectIps"`
+		Address      *Address   `json:"address"`
+		ClientIP     *Address   `json:"clientIp"`
+		Port         uint16     `json:"port"`
+		SkipFallback bool       `json:"skipFallback"`
+		Domains      []string   `json:"domains"`
+		ExpectIPs    StringList `json:"expectIps"`
 	}
 	if err := json.Unmarshal(data, &advanced); err == nil {
 		c.Address = advanced.Address
+		c.ClientIP = advanced.ClientIP
 		c.Port = advanced.Port
+		c.SkipFallback = advanced.SkipFallback
 		c.Domains = advanced.Domains
 		c.ExpectIPs = advanced.ExpectIPs
 		return nil
@ -87,12 +93,22 @@ func (c *NameServerConfig) Build() (*dns.NameServer, error) {
 		return nil, newError("invalid IP rule: ", c.ExpectIPs).Base(err)
 	}

+	var myClientIP []byte
+	if c.ClientIP != nil {
+		if !c.ClientIP.Family().IsIP() {
+			return nil, newError("not an IP address:", c.ClientIP.String())
+		}
+		myClientIP = []byte(c.ClientIP.IP())
+	}
+
 	return &dns.NameServer{
 		Address: &net.Endpoint{
 			Network: net.Network_UDP,
 			Address: c.Address.Build(),
 			Port:    uint32(c.Port),
 		},
+		ClientIp:          myClientIP,
+		SkipFallback:      c.SkipFallback,
 		PrioritizedDomain: domains,
 		Geoip:             geoipList,
 		OriginalRules:     originalRules,
@ -108,28 +124,193 @@ var typeMap = map[router.Domain_Type]dns.DomainMatchingType{

 // DNSConfig is a JSON serializable object for dns.Config.
 type DNSConfig struct {
-	Servers  []*NameServerConfig `json:"servers"`
-	Hosts    map[string]*Address `json:"hosts"`
-	ClientIP *Address            `json:"clientIp"`
-	Tag      string              `json:"tag"`
+	Servers                []*NameServerConfig `json:"servers"`
+	Hosts                  *HostsWrapper       `json:"hosts"`
+	ClientIP               *Address            `json:"clientIp"`
+	Tag                    string              `json:"tag"`
+	QueryStrategy          string              `json:"queryStrategy"`
+	DisableCache           bool                `json:"disableCache"`
+	DisableFallback        bool                `json:"disableFallback"`
+	DisableFallbackIfMatch bool                `json:"disableFallbackIfMatch"`
 }

-func getHostMapping(addr *Address) *dns.Config_HostMapping {
-	if addr.Family().IsIP() {
-		return &dns.Config_HostMapping{
-			Ip: [][]byte{[]byte(addr.IP())},
+type HostAddress struct {
+	addr  *Address
+	addrs []*Address
+}
+
+// UnmarshalJSON implements encoding/json.Unmarshaler.UnmarshalJSON
+func (h *HostAddress) UnmarshalJSON(data []byte) error {
+	addr := new(Address)
+	var addrs []*Address
+	switch {
+	case json.Unmarshal(data, &addr) == nil:
+		h.addr = addr
+	case json.Unmarshal(data, &addrs) == nil:
+		h.addrs = addrs
+	default:
+		return newError("invalid address")
+	}
+	return nil
+}
+
+type HostsWrapper struct {
+	Hosts map[string]*HostAddress
+}
+
+func getHostMapping(ha *HostAddress) *dns.Config_HostMapping {
+	if ha.addr != nil {
+		if ha.addr.Family().IsDomain() {
+			return &dns.Config_HostMapping{
+				ProxiedDomain: ha.addr.Domain(),
+			}
 		}
-	} else {
 		return &dns.Config_HostMapping{
-			ProxiedDomain: addr.Domain(),
+			Ip: [][]byte{ha.addr.IP()},
 		}
 	}
+
+	ips := make([][]byte, 0, len(ha.addrs))
+	for _, addr := range ha.addrs {
+		if addr.Family().IsDomain() {
+			return &dns.Config_HostMapping{
+				ProxiedDomain: addr.Domain(),
+			}
+		}
+		ips = append(ips, []byte(addr.IP()))
+	}
+	return &dns.Config_HostMapping{
+		Ip: ips,
+	}
+}
+
+// UnmarshalJSON implements encoding/json.Unmarshaler.UnmarshalJSON
+func (m *HostsWrapper) UnmarshalJSON(data []byte) error {
+	hosts := make(map[string]*HostAddress)
+	err := json.Unmarshal(data, &hosts)
+	if err == nil {
+		m.Hosts = hosts
+		return nil
+	}
+	return newError("invalid DNS hosts").Base(err)
+}
+
+// Build implements Buildable
+func (m *HostsWrapper) Build() ([]*dns.Config_HostMapping, error) {
+	mappings := make([]*dns.Config_HostMapping, 0, 20)
+
+	domains := make([]string, 0, len(m.Hosts))
+	for domain := range m.Hosts {
+		domains = append(domains, domain)
+	}
+	sort.Strings(domains)
+
+	for _, domain := range domains {
+		switch {
+		case strings.HasPrefix(domain, "domain:"):
+			domainName := domain[7:]
+			if len(domainName) == 0 {
+				return nil, newError("empty domain type of rule: ", domain)
+			}
+			mapping := getHostMapping(m.Hosts[domain])
+			mapping.Type = dns.DomainMatchingType_Subdomain
+			mapping.Domain = domainName
+			mappings = append(mappings, mapping)
+
+		case strings.HasPrefix(domain, "geosite:"):
+			listName := domain[8:]
+			if len(listName) == 0 {
+				return nil, newError("empty geosite rule: ", domain)
+			}
+			geositeList, err := loadGeositeWithAttr("geosite.dat", listName)
+			if err != nil {
+				return nil, newError("failed to load geosite: ", listName).Base(err)
+			}
+			for _, d := range geositeList {
+				mapping := getHostMapping(m.Hosts[domain])
+				mapping.Type = typeMap[d.Type]
+				mapping.Domain = d.Value
+				mappings = append(mappings, mapping)
+			}
+
+		case strings.HasPrefix(domain, "regexp:"):
+			regexpVal := domain[7:]
+			if len(regexpVal) == 0 {
+				return nil, newError("empty regexp type of rule: ", domain)
+			}
+			mapping := getHostMapping(m.Hosts[domain])
+			mapping.Type = dns.DomainMatchingType_Regex
+			mapping.Domain = regexpVal
+			mappings = append(mappings, mapping)
+
+		case strings.HasPrefix(domain, "keyword:"):
+			keywordVal := domain[8:]
+			if len(keywordVal) == 0 {
+				return nil, newError("empty keyword type of rule: ", domain)
+			}
+			mapping := getHostMapping(m.Hosts[domain])
+			mapping.Type = dns.DomainMatchingType_Keyword
+			mapping.Domain = keywordVal
+			mappings = append(mappings, mapping)
+
+		case strings.HasPrefix(domain, "full:"):
+			fullVal := domain[5:]
+			if len(fullVal) == 0 {
+				return nil, newError("empty full domain type of rule: ", domain)
+			}
+			mapping := getHostMapping(m.Hosts[domain])
+			mapping.Type = dns.DomainMatchingType_Full
+			mapping.Domain = fullVal
+			mappings = append(mappings, mapping)
+
+		case strings.HasPrefix(domain, "dotless:"):
+			mapping := getHostMapping(m.Hosts[domain])
+			mapping.Type = dns.DomainMatchingType_Regex
+			switch substr := domain[8:]; {
+			case substr == "":
+				mapping.Domain = "^[^.]*$"
+			case !strings.Contains(substr, "."):
+				mapping.Domain = "^[^.]*" + substr + "[^.]*$"
+			default:
+				return nil, newError("substr in dotless rule should not contain a dot: ", substr)
+			}
+			mappings = append(mappings, mapping)
+
+		case strings.HasPrefix(domain, "ext:"):
+			kv := strings.Split(domain[4:], ":")
+			if len(kv) != 2 {
+				return nil, newError("invalid external resource: ", domain)
+			}
+			filename := kv[0]
+			list := kv[1]
+			geositeList, err := loadGeositeWithAttr(filename, list)
+			if err != nil {
+				return nil, newError("failed to load domain list: ", list, " from ", filename).Base(err)
+			}
+			for _, d := range geositeList {
+				mapping := getHostMapping(m.Hosts[domain])
+				mapping.Type = typeMap[d.Type]
+				mapping.Domain = d.Value
+				mappings = append(mappings, mapping)
+			}
+
+		default:
+			mapping := getHostMapping(m.Hosts[domain])
+			mapping.Type = dns.DomainMatchingType_Full
+			mapping.Domain = domain
+			mappings = append(mappings, mapping)
+		}
+	}
+	return mappings, nil
 }

 // Build implements Buildable
 func (c *DNSConfig) Build() (*dns.Config, error) {
 	config := &dns.Config{
-		Tag: c.Tag,
+		Tag:                    c.Tag,
+		DisableCache:           c.DisableCache,
+		DisableFallback:        c.DisableFallback,
+		DisableFallbackIfMatch: c.DisableFallbackIfMatch,
 	}

 	if c.ClientIP != nil {
@ -139,6 +320,16 @@ func (c *DNSConfig) Build() (*dns.Config, error) {
 		config.ClientIp = []byte(c.ClientIP.IP())
 	}

+	config.QueryStrategy = dns.QueryStrategy_USE_IP
+	switch strings.ToLower(c.QueryStrategy) {
+	case "useip", "use_ip", "use-ip":
+		config.QueryStrategy = dns.QueryStrategy_USE_IP
+	case "useip4", "useipv4", "use_ip4", "use_ipv4", "use_ip_v4", "use-ip4", "use-ipv4", "use-ip-v4":
+		config.QueryStrategy = dns.QueryStrategy_USE_IP4
+	case "useip6", "useipv6", "use_ip6", "use_ipv6", "use_ip_v6", "use-ip6", "use-ipv6", "use-ip-v6":
+		config.QueryStrategy = dns.QueryStrategy_USE_IP6
+	}
+
 	for _, server := range c.Servers {
 		ns, err := server.Build()
 		if err != nil {
@ -147,113 +338,12 @@ func (c *DNSConfig) Build() (*dns.Config, error) {
 		config.NameServer = append(config.NameServer, ns)
 	}

-	if c.Hosts != nil && len(c.Hosts) > 0 {
-		domains := make([]string, 0, len(c.Hosts))
-		for domain := range c.Hosts {
-			domains = append(domains, domain)
-		}
-		sort.Strings(domains)
-
-		for _, domain := range domains {
-			addr := c.Hosts[domain]
-			var mappings []*dns.Config_HostMapping
-			switch {
-			case strings.HasPrefix(domain, "domain:"):
-				domainName := domain[7:]
-				if len(domainName) == 0 {
-					return nil, newError("empty domain type of rule: ", domain)
-				}
-				mapping := getHostMapping(addr)
-				mapping.Type = dns.DomainMatchingType_Subdomain
-				mapping.Domain = domainName
-				mappings = append(mappings, mapping)
-
-			case strings.HasPrefix(domain, "geosite:"):
-				listName := domain[8:]
-				if len(listName) == 0 {
-					return nil, newError("empty geosite rule: ", domain)
-				}
-				domains, err := loadGeositeWithAttr("geosite.dat", listName)
-				if err != nil {
-					return nil, newError("failed to load geosite: ", listName).Base(err)
-				}
-				for _, d := range domains {
-					mapping := getHostMapping(addr)
-					mapping.Type = typeMap[d.Type]
-					mapping.Domain = d.Value
-					mappings = append(mappings, mapping)
-				}
-
-			case strings.HasPrefix(domain, "regexp:"):
-				regexpVal := domain[7:]
-				if len(regexpVal) == 0 {
-					return nil, newError("empty regexp type of rule: ", domain)
-				}
-				mapping := getHostMapping(addr)
-				mapping.Type = dns.DomainMatchingType_Regex
-				mapping.Domain = regexpVal
-				mappings = append(mappings, mapping)
-
-			case strings.HasPrefix(domain, "keyword:"):
-				keywordVal := domain[8:]
-				if len(keywordVal) == 0 {
-					return nil, newError("empty keyword type of rule: ", domain)
-				}
-				mapping := getHostMapping(addr)
-				mapping.Type = dns.DomainMatchingType_Keyword
-				mapping.Domain = keywordVal
-				mappings = append(mappings, mapping)
-
-			case strings.HasPrefix(domain, "full:"):
-				fullVal := domain[5:]
-				if len(fullVal) == 0 {
-					return nil, newError("empty full domain type of rule: ", domain)
-				}
-				mapping := getHostMapping(addr)
-				mapping.Type = dns.DomainMatchingType_Full
-				mapping.Domain = fullVal
-				mappings = append(mappings, mapping)
-
-			case strings.HasPrefix(domain, "dotless:"):
-				mapping := getHostMapping(addr)
-				mapping.Type = dns.DomainMatchingType_Regex
-				switch substr := domain[8:]; {
-				case substr == "":
-					mapping.Domain = "^[^.]*$"
-				case !strings.Contains(substr, "."):
-					mapping.Domain = "^[^.]*" + substr + "[^.]*$"
-				default:
-					return nil, newError("substr in dotless rule should not contain a dot: ", substr)
-				}
-				mappings = append(mappings, mapping)
-
-			case strings.HasPrefix(domain, "ext:"):
-				kv := strings.Split(domain[4:], ":")
-				if len(kv) != 2 {
-					return nil, newError("invalid external resource: ", domain)
-				}
-				filename := kv[0]
-				list := kv[1]
-				domains, err := loadGeositeWithAttr(filename, list)
-				if err != nil {
-					return nil, newError("failed to load domain list: ", list, " from ", filename).Base(err)
-				}
-				for _, d := range domains {
-					mapping := getHostMapping(addr)
-					mapping.Type = typeMap[d.Type]
-					mapping.Domain = d.Value
-					mappings = append(mappings, mapping)
-				}
-
-			default:
-				mapping := getHostMapping(addr)
-				mapping.Type = dns.DomainMatchingType_Full
-				mapping.Domain = domain
-				mappings = append(mappings, mapping)
-			}
-
-			config.StaticHosts = append(config.StaticHosts, mappings...)
+	if c.Hosts != nil {
+		staticHosts, err := c.Hosts.Build()
+		if err != nil {
+			return nil, newError("failed to build hosts").Base(err)
 		}
+		config.StaticHosts = append(config.StaticHosts, staticHosts...)
 	}

 	return config, nil
--- a/infra/conf/dns_proxy.go
+++ b/infra/conf/dns_proxy.go
@ -8,9 +8,10 @@ import (
 )

 type DNSOutboundConfig struct {
-	Network Network  `json:"network"`
-	Address *Address `json:"address"`
-	Port    uint16   `json:"port"`
+	Network   Network  `json:"network"`
+	Address   *Address `json:"address"`
+	Port      uint16   `json:"port"`
+	UserLevel uint32   `json:"userLevel"`
 }

 func (c *DNSOutboundConfig) Build() (proto.Message, error) {
@ -19,6 +20,7 @@ func (c *DNSOutboundConfig) Build() (proto.Message, error) {
 			Network: c.Network.Build(),
 			Port:    uint32(c.Port),
 		},
+		UserLevel: c.UserLevel,
 	}
 	if c.Address != nil {
 		config.Server.Address = c.Address.Build()
--- a/infra/conf/dns_test.go
+++ b/infra/conf/dns_test.go
@ -69,16 +69,20 @@ func TestDNSConfigParsing(t *testing.T) {
 				"servers": [{
 					"address": "8.8.8.8",
 					"port": 5353,
+					"skipFallback": true,
 					"domains": ["domain:example.com"]
 				}],
 				"hosts": {
-					"example.com": "127.0.0.1",
 					"domain:example.com": "google.com",
-					"geosite:test": "10.0.0.1",
-					"keyword:google": "8.8.8.8",
-					"regexp:.*\\.com": "8.8.4.4"
+					"example.com": "127.0.0.1",
+					"keyword:google": ["8.8.8.8", "8.8.4.4"],
+					"regexp:.*\\.com": "8.8.4.4",
+					"www.example.org": ["127.0.0.1", "127.0.0.2"]
 				},
-				"clientIp": "10.0.0.1"
+				"clientIp": "10.0.0.1",
+				"queryStrategy": "UseIPv4",
+				"disableCache": true,
+				"disableFallback": true
 			}`,
 			Parser: parserCreator(),
 			Output: &dns.Config{
@ -93,6 +97,7 @@ func TestDNSConfigParsing(t *testing.T) {
 							Network: net.Network_UDP,
 							Port:    5353,
 						},
+						SkipFallback: true,
 						PrioritizedDomain: []*dns.NameServer_PriorityDomain{
 							{
 								Type:   dns.DomainMatchingType_Subdomain,
@ -118,23 +123,26 @@ func TestDNSConfigParsing(t *testing.T) {
 						Domain: "example.com",
 						Ip:     [][]byte{{127, 0, 0, 1}},
 					},
-					{
-						Type:   dns.DomainMatchingType_Full,
-						Domain: "example.com",
-						Ip:     [][]byte{{10, 0, 0, 1}},
-					},
 					{
 						Type:   dns.DomainMatchingType_Keyword,
 						Domain: "google",
-						Ip:     [][]byte{{8, 8, 8, 8}},
+						Ip:     [][]byte{{8, 8, 8, 8}, {8, 8, 4, 4}},
 					},
 					{
 						Type:   dns.DomainMatchingType_Regex,
 						Domain: ".*\\.com",
 						Ip:     [][]byte{{8, 8, 4, 4}},
 					},
+					{
+						Type:   dns.DomainMatchingType_Full,
+						Domain: "www.example.org",
+						Ip:     [][]byte{{127, 0, 0, 1}, {127, 0, 0, 2}},
+					},
 				},
-				ClientIp: []byte{10, 0, 0, 1},
+				ClientIp:        []byte{10, 0, 0, 1},
+				QueryStrategy:   dns.QueryStrategy_USE_IP4,
+				DisableCache:    true,
+				DisableFallback: true,
 			},
 		},
 	})
--- a/infra/conf/freedom.go
+++ b/infra/conf/freedom.go
@ -23,11 +23,11 @@ func (c *FreedomConfig) Build() (proto.Message, error) {
 	config := new(freedom.Config)
 	config.DomainStrategy = freedom.Config_AS_IS
 	switch strings.ToLower(c.DomainStrategy) {
-	case "useip", "use_ip":
+	case "useip", "use_ip", "use-ip":
 		config.DomainStrategy = freedom.Config_USE_IP
-	case "useip4", "useipv4", "use_ipv4", "use_ip_v4", "use_ip4":
+	case "useip4", "useipv4", "use_ip4", "use_ipv4", "use_ip_v4", "use-ip4", "use-ipv4", "use-ip-v4":
 		config.DomainStrategy = freedom.Config_USE_IP4
-	case "useip6", "useipv6", "use_ipv6", "use_ip_v6", "use_ip6":
+	case "useip6", "useipv6", "use_ip6", "use_ipv6", "use_ip_v6", "use-ip6", "use-ipv6", "use-ip-v6":
 		config.DomainStrategy = freedom.Config_USE_IP6
 	}