From f37c14ef0a4dd20ab2ff9b2f8ce22df194d4b7d8 Mon Sep 17 00:00:00 2001 From: sqlerrorthing <148702857+sqlerrorthing@users.noreply.github.com> Date: Fri, 31 Oct 2025 12:47:47 +0800 Subject: [PATCH 1/6] install android ndk --- rust/justfile | 49 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 rust/justfile diff --git a/rust/justfile b/rust/justfile new file mode 100644 index 0000000..7148f4d --- /dev/null +++ b/rust/justfile @@ -0,0 +1,49 @@ +ANDROID_NDK_VERSION := "r27d-linux" +TARGET := `pwd` + "/target" +export NDK_HOME := TARGET + "/android-ndk-" + ANDROID_NDK_VERSION + +_download_android_ndk: + #!/usr/bin/env sh + if [ ! -d "{{NDK_HOME}}" ]; then + echo "Downloading ndk {{ANDROID_NDK_VERSION}} to {{NDK_HOME}}" + TMPFILE="{{NDK_HOME}}.tmp" + TMPDIR="{{NDK_HOME}}.extracted.tmp" + + curl -L -C - -o "$TMPFILE" "https://dl.google.com/android/repository/android-ndk-{{ANDROID_NDK_VERSION}}.zip" + + unzip "$TMPFILE" -d "$TMPDIR" + + inner_folder=$(find "$TMPDIR" -mindepth 1 -maxdepth 1 -type d | head -n 1) + mv -T "$inner_folder" "$NDK_HOME" + + rm -rf "$TMPFILE" "$TMPDIR" + + echo "Android ndk {{ANDROID_NDK_VERSION}} successfully installed in {{NDK_HOME}}" + else + echo "Android ndk {{ANDROID_NDK_VERSION}} already installed in {{NDK_HOME}}" + fi + +_clone_repo_or_update url dir: + #!/usr/bin/env sh + if [ -d "{{dir}}" ]; then + echo "Repository {{url}} already exists - updating..." + cd "{{dir}}" && git pull + else + git clone "{{url}}" "{{dir}}" + fi + +_prepare_android_ndk: _download_android_ndk + +prepare-android: _prepare_android_ndk + #!/usr/bin/env sh + cargo install cargo-ndk + + targets=("armv7-linux-androideabi" "aarch64-linux-android" "i686-linux-android" "x86_64-linux-android") + for t in "${targets[@]}"; do + if ! rustup target list --installed | grep -q "$t"; then + echo "Installing missing target: $t" + rustup target add "$t" + else + echo "Target already installed: $t" + fi + done From 12ceb7a7d125d103348c3918a289d46a9b04a397 Mon Sep 17 00:00:00 2001 From: sqlerrorthing <148702857+sqlerrorthing@users.noreply.github.com> Date: Fri, 31 Oct 2025 14:41:13 +0800 Subject: [PATCH 2/6] build required libraries --- rust/justfile | 52 ++++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 49 insertions(+), 3 deletions(-) diff --git a/rust/justfile b/rust/justfile index 7148f4d..da91ffc 100644 --- a/rust/justfile +++ b/rust/justfile @@ -1,5 +1,10 @@ -ANDROID_NDK_VERSION := "r27d-linux" +set shell := ["sh", "-eu", "-c"] + +export ANDROID_API := "21" +export ANDROID_NDK_VERSION := "r27d-linux" + TARGET := `pwd` + "/target" + export NDK_HOME := TARGET + "/android-ndk-" + ANDROID_NDK_VERSION _download_android_ndk: @@ -32,9 +37,50 @@ _clone_repo_or_update url dir: git clone "{{url}}" "{{dir}}" fi -_prepare_android_ndk: _download_android_ndk +_build_lib REPO DEST BUILD_DIR CFLAGS="" LDFLAGS="": + #!/usr/bin/env sh + export API={{ANDROID_API}} + export ARCH=arm + export TARGET=armv7a-linux-androideabi + export TOOLCHAIN={{NDK_HOME}}/toolchains/llvm/prebuilt/linux-x86_64 -prepare-android: _prepare_android_ndk + export AR=$TOOLCHAIN/bin/llvm-ar + export AS=$TOOLCHAIN/bin/llvm-as + export CC=$TOOLCHAIN/bin/$TARGET$API-clang + export CXX=$TOOLCHAIN/bin/$TARGET$API-clang++ + export LD=$TOOLCHAIN/bin/ld + export STRIP=$TOOLCHAIN/bin/llvm-strip + + just _clone_repo_or_update {{REPO}} "{{DEST}}" + cd "{{DEST}}" + autoreconf -fi + CFLAGS="{{CFLAGS}}" LDFLAGS="{{LDFLAGS}}" \ + ./configure --host=arm-linux-androideabi --prefix="{{BUILD_DIR}}" + make -j"$(nproc)" + make install + +_build_libmnl: + #!/usr/bin/env sh + export LIBMNL_BUILD="{{TARGET}}/libmnl/build" + just _build_lib \ + https://git.netfilter.org/libmnl \ + "{{TARGET}}/libmnl" \ + "$LIBMNL_BUILD" + +_build_libnetfilter_queue: + #!/usr/bin/env sh + export LIBMNL_BUILD="{{TARGET}}/libmnl/build" + export LIBNETFILTER_QUEUE_BUILD="{{TARGET}}/libnetfilter_queue/build" + just _build_lib \ + https://git.netfilter.org/libnetfilter_queue \ + "{{TARGET}}/libnetfilter_queue" \ + "$LIBNETFILTER_QUEUE_BUILD" \ + "-I$LIBMNL_BUILD/include" \ + "-L$LIBMNL_BUILD/lib" + +_build_zapret_libraries: _download_android_ndk _build_libmnl _build_libnetfilter_queue + +prepare-android: _build_zapret_libraries #!/usr/bin/env sh cargo install cargo-ndk From 57382991ad5db33fde19c9a1db066647e93d6b15 Mon Sep 17 00:00:00 2001 From: sqlerrorthing <148702857+sqlerrorthing@users.noreply.github.com> Date: Fri, 31 Oct 2025 15:25:14 +0800 Subject: [PATCH 3/6] wtf --- rust/justfile | 43 ++++++++++++++++++++++++++++++++----------- 1 file changed, 32 insertions(+), 11 deletions(-) diff --git a/rust/justfile b/rust/justfile index da91ffc..a016392 100644 --- a/rust/justfile +++ b/rust/justfile @@ -28,7 +28,7 @@ _download_android_ndk: echo "Android ndk {{ANDROID_NDK_VERSION}} already installed in {{NDK_HOME}}" fi -_clone_repo_or_update url dir: +_clone_repo_or_update url dir PATH_URL="": #!/usr/bin/env sh if [ -d "{{dir}}" ]; then echo "Repository {{url}} already exists - updating..." @@ -37,7 +37,20 @@ _clone_repo_or_update url dir: git clone "{{url}}" "{{dir}}" fi -_build_lib REPO DEST BUILD_DIR CFLAGS="" LDFLAGS="": + if [ -n "{{PATH_URL}}" ]; then + echo "Downloading and applying patch from {{PATH_URL}}..." + cd "{{dir}}" + + PATCH_FILE="$(mktemp /tmp/patch.XXXXXX.patch)" + curl -L -o "$PATCH_FILE" "{{PATH_URL}}" + + git apply --reject --whitespace=fix "$PATCH_FILE" + rm "$PATCH_FILE" + + echo "Patch applied successfully." + fi + +_build_lib REPO DEST BUILD_DIR CFLAGS="" LDFLAGS="" PATH_URL="": #!/usr/bin/env sh export API={{ANDROID_API}} export ARCH=arm @@ -51,7 +64,7 @@ _build_lib REPO DEST BUILD_DIR CFLAGS="" LDFLAGS="": export LD=$TOOLCHAIN/bin/ld export STRIP=$TOOLCHAIN/bin/llvm-strip - just _clone_repo_or_update {{REPO}} "{{DEST}}" + just _clone_repo_or_update {{REPO}} "{{DEST}}" "{{PATH_URL}}" cd "{{DEST}}" autoreconf -fi CFLAGS="{{CFLAGS}}" LDFLAGS="{{LDFLAGS}}" \ @@ -59,26 +72,34 @@ _build_lib REPO DEST BUILD_DIR CFLAGS="" LDFLAGS="": make -j"$(nproc)" make install + +_build_libnfnetlink: + #!/usr/bin/env sh + just _build_lib \ + https://git.netfilter.org/libnfnetlink \ + "{{TARGET}}/libnfnetlink" \ + "{{TARGET}}/libnfnetlink/build" + _build_libmnl: #!/usr/bin/env sh - export LIBMNL_BUILD="{{TARGET}}/libmnl/build" just _build_lib \ https://git.netfilter.org/libmnl \ "{{TARGET}}/libmnl" \ - "$LIBMNL_BUILD" + "{{TARGET}}/libmnl/build" -_build_libnetfilter_queue: +_build_libnetfilter_queue: _build_libmnl _build_libnfnetlink #!/usr/bin/env sh export LIBMNL_BUILD="{{TARGET}}/libmnl/build" - export LIBNETFILTER_QUEUE_BUILD="{{TARGET}}/libnetfilter_queue/build" + export LIBNFNETLINK_BUILD="{{TARGET}}/libnfnetlink/build" just _build_lib \ https://git.netfilter.org/libnetfilter_queue \ "{{TARGET}}/libnetfilter_queue" \ - "$LIBNETFILTER_QUEUE_BUILD" \ - "-I$LIBMNL_BUILD/include" \ - "-L$LIBMNL_BUILD/lib" + "{{TARGET}}/libnetfilter_queue/build" \ + "-I$LIBMNL_BUILD/include -I$LIBNFNETLINK_BUILD/include" \ + "-L$LIBMNL_BUILD/lib -L$LIBNFNETLINK_BUILD/lib" \ + "https://raw.githubusercontent.com/bol-van/zapret/refs/heads/master/.github/workflows/libnetfilter_queue-android.patch" -_build_zapret_libraries: _download_android_ndk _build_libmnl _build_libnetfilter_queue +_build_zapret_libraries: _download_android_ndk _build_libnetfilter_queue prepare-android: _build_zapret_libraries #!/usr/bin/env sh From d5267997a3eee88714b5b265764ae44ca585c479 Mon Sep 17 00:00:00 2001 From: sqlerrorthing <148702857+sqlerrorthing@users.noreply.github.com> Date: Fri, 31 Oct 2025 16:13:01 +0800 Subject: [PATCH 4/6] code stolen from zapret --- rust/justfile | 91 ++++++++++++++------------------------------------- 1 file changed, 25 insertions(+), 66 deletions(-) diff --git a/rust/justfile b/rust/justfile index a016392..bfe6322 100644 --- a/rust/justfile +++ b/rust/justfile @@ -28,80 +28,39 @@ _download_android_ndk: echo "Android ndk {{ANDROID_NDK_VERSION}} already installed in {{NDK_HOME}}" fi -_clone_repo_or_update url dir PATH_URL="": +_build_netfilter_libs: #!/usr/bin/env sh - if [ -d "{{dir}}" ]; then - echo "Repository {{url}} already exists - updating..." - cd "{{dir}}" && git pull - else - git clone "{{url}}" "{{dir}}" - fi - - if [ -n "{{PATH_URL}}" ]; then - echo "Downloading and applying patch from {{PATH_URL}}..." - cd "{{dir}}" - - PATCH_FILE="$(mktemp /tmp/patch.XXXXXX.patch)" - curl -L -o "$PATCH_FILE" "{{PATH_URL}}" - - git apply --reject --whitespace=fix "$PATCH_FILE" - rm "$PATCH_FILE" - - echo "Patch applied successfully." - fi - -_build_lib REPO DEST BUILD_DIR CFLAGS="" LDFLAGS="" PATH_URL="": - #!/usr/bin/env sh - export API={{ANDROID_API}} - export ARCH=arm - export TARGET=armv7a-linux-androideabi - export TOOLCHAIN={{NDK_HOME}}/toolchains/llvm/prebuilt/linux-x86_64 + export DEPS_DIR="{{TARGET}}/netfilter" + cd "{{TARGET}}" + export TARGET=arm-linux-androideabi + export TOOLCHAIN=$NDK_HOME/toolchains/llvm/prebuilt/linux-x86_64 + export CC="$TOOLCHAIN/bin/clang --target=$TARGET$ANDROID_API" export AR=$TOOLCHAIN/bin/llvm-ar - export AS=$TOOLCHAIN/bin/llvm-as - export CC=$TOOLCHAIN/bin/$TARGET$API-clang - export CXX=$TOOLCHAIN/bin/$TARGET$API-clang++ + export AS=$CC export LD=$TOOLCHAIN/bin/ld + export RANLIB=$TOOLCHAIN/bin/llvm-ranlib export STRIP=$TOOLCHAIN/bin/llvm-strip + export PKG_CONFIG_PATH=$DEPS_DIR/lib/pkgconfig - just _clone_repo_or_update {{REPO}} "{{DEST}}" "{{PATH_URL}}" - cd "{{DEST}}" - autoreconf -fi - CFLAGS="{{CFLAGS}}" LDFLAGS="{{LDFLAGS}}" \ - ./configure --host=arm-linux-androideabi --prefix="{{BUILD_DIR}}" - make -j"$(nproc)" - make install + wget -O- https://www.netfilter.org/pub/libnfnetlink/libnfnetlink-1.0.2.tar.bz2 | tar -xj + wget -O- https://www.netfilter.org/pub/libmnl/libmnl-1.0.5.tar.bz2 | tar -xj + wget -O- https://www.netfilter.org/pub/libnetfilter_queue/libnetfilter_queue-1.0.5.tar.bz2 | tar -xj + patch -p1 -d libnetfilter_queue-* -i ../libnetfilter_queue-android.patch + for i in libmnl libnfnetlink libnetfilter_queue ; do + ( + cd $i-* + autoreconf "-fi" + CFLAGS="-Os -flto=auto -Wno-implicit-function-declaration" \ + ./configure --prefix= --host=$TARGET --enable-static --disable-shared --disable-dependency-tracking + make -j$(nproc) + make install DESTDIR=$DEPS_DIR + ) + sed -i "s|^prefix=.*|prefix=$DEPS_DIR|g" $DEPS_DIR/lib/pkgconfig/$i.pc + done -_build_libnfnetlink: - #!/usr/bin/env sh - just _build_lib \ - https://git.netfilter.org/libnfnetlink \ - "{{TARGET}}/libnfnetlink" \ - "{{TARGET}}/libnfnetlink/build" - -_build_libmnl: - #!/usr/bin/env sh - just _build_lib \ - https://git.netfilter.org/libmnl \ - "{{TARGET}}/libmnl" \ - "{{TARGET}}/libmnl/build" - -_build_libnetfilter_queue: _build_libmnl _build_libnfnetlink - #!/usr/bin/env sh - export LIBMNL_BUILD="{{TARGET}}/libmnl/build" - export LIBNFNETLINK_BUILD="{{TARGET}}/libnfnetlink/build" - just _build_lib \ - https://git.netfilter.org/libnetfilter_queue \ - "{{TARGET}}/libnetfilter_queue" \ - "{{TARGET}}/libnetfilter_queue/build" \ - "-I$LIBMNL_BUILD/include -I$LIBNFNETLINK_BUILD/include" \ - "-L$LIBMNL_BUILD/lib -L$LIBNFNETLINK_BUILD/lib" \ - "https://raw.githubusercontent.com/bol-van/zapret/refs/heads/master/.github/workflows/libnetfilter_queue-android.patch" - -_build_zapret_libraries: _download_android_ndk _build_libnetfilter_queue - -prepare-android: _build_zapret_libraries +prepare-android: _download_android_ndk _build_netfilter_libs #!/usr/bin/env sh cargo install cargo-ndk From aecde98d0dc11144a609442e0d8850b1783a46d8 Mon Sep 17 00:00:00 2001 From: sqlerrorthing <148702857+sqlerrorthing@users.noreply.github.com> Date: Fri, 31 Oct 2025 17:04:32 +0800 Subject: [PATCH 5/6] first working --- rust/Cargo.lock | 303 -------------------------- rust/Cargo.toml | 2 - rust/crates/libnfqws/build.rs | 4 + rust/crates/libnfqws/zapret | 2 +- rust/crates/zaprett/Cargo.toml | 2 - rust/crates/zaprett/src/main.rs | 102 ++++----- rust/justfile | 65 +++--- rust/libnetfilter_queue-android.patch | 41 ++++ 8 files changed, 137 insertions(+), 384 deletions(-) create mode 100644 rust/libnetfilter_queue-android.patch diff --git a/rust/Cargo.lock b/rust/Cargo.lock index 4fac1a6..1ee230c 100644 --- a/rust/Cargo.lock +++ b/rust/Cargo.lock @@ -2,12 +2,6 @@ # It is not intended for manual editing. version = 4 -[[package]] -name = "adler2" -version = "2.0.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "320119579fcad9c21884f5c4861d16174d0e06250625266f50fe6898340abefa" - [[package]] name = "aho-corasick" version = "1.1.4" @@ -17,15 +11,6 @@ dependencies = [ "memchr", ] -[[package]] -name = "android_system_properties" -version = "0.1.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "819e7219dbd41043ac279b19830f2efc897156490d7fd6ea916720117ee66311" -dependencies = [ - "libc", -] - [[package]] name = "anstream" version = "0.6.21" @@ -82,12 +67,6 @@ version = "1.0.100" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a23eb6b1614318a8071c9b2521f36b424b2c83db5eb3a0fead4a6c0809af6e61" -[[package]] -name = "autocfg" -version = "1.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c08606f8c3cbf4ce6ec8e28fb0014a2c086708fe954eaa885384a6165172e7e8" - [[package]] name = "bindgen" version = "0.72.1" @@ -114,12 +93,6 @@ version = "2.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "812e12b5285cc515a9c72a5c1d3b6d46a19dac5acfef5265968c166106e31dd3" -[[package]] -name = "bumpalo" -version = "3.19.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "46c5e41b57b8bba42a04676d81cb89e9ee8e859a1a66f80a5a72e1cb76b34d43" - [[package]] name = "byteorder" version = "1.5.0" @@ -163,17 +136,6 @@ version = "0.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "613afe47fcd5fac7ccf1db93babcb082c5994d996f20b8b159f2ad1658eb5724" -[[package]] -name = "chrono" -version = "0.4.42" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "145052bdd345b87320e369255277e3fb5152762ad123a901ef5c262dd38fe8d2" -dependencies = [ - "iana-time-zone", - "num-traits", - "windows-link", -] - [[package]] name = "clang-sys" version = "1.8.1" @@ -251,21 +213,6 @@ dependencies = [ "tiny-keccak", ] -[[package]] -name = "core-foundation-sys" -version = "0.8.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "773648b94d0e5d620f64f280777445740e61fe701025087ec8b57f45c791888b" - -[[package]] -name = "crc32fast" -version = "1.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9481c1c90cbf2ac953f07c8d4a58aa3945c425b7185c9154d67a65e4230da511" -dependencies = [ - "cfg-if", -] - [[package]] name = "crunchy" version = "0.2.4" @@ -321,32 +268,12 @@ dependencies = [ "termcolor", ] -[[package]] -name = "errno" -version = "0.3.14" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "39cab71617ae0d63f51a36d69f866391735b51691dbda63cf6f96d042b63efeb" -dependencies = [ - "libc", - "windows-sys 0.61.2", -] - [[package]] name = "find-msvc-tools" version = "0.1.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "52051878f80a721bb68ebfbc930e07b65ba72f2da88968ea5c06fd6ca3d3a127" -[[package]] -name = "flate2" -version = "1.1.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bfe33edd8e85a12a67454e37f8c75e730830d83e313556ab9ebf9ee7fbeb3bfb" -dependencies = [ - "crc32fast", - "miniz_oxide", -] - [[package]] name = "getrandom" version = "0.2.16" @@ -382,52 +309,12 @@ version = "0.5.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "fc0fef456e4baa96da950455cd02c081ca953b141298e41db3fc7e36b1da849c" -[[package]] -name = "hex" -version = "0.4.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70" - [[package]] name = "humantime" version = "2.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "135b12329e5e3ce057a9f972339ea52bc954fe1e9358ef27f95e89716fbc5424" -[[package]] -name = "iana-time-zone" -version = "0.1.64" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "33e57f83510bb73707521ebaffa789ec8caf86f9657cad665b092b581d40e9fb" -dependencies = [ - "android_system_properties", - "core-foundation-sys", - "iana-time-zone-haiku", - "js-sys", - "log", - "wasm-bindgen", - "windows-core", -] - -[[package]] -name = "iana-time-zone-haiku" -version = "0.1.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f31827a206f56af32e590ba56d5d2d085f558508192593743f16b2306495269f" -dependencies = [ - "cc", -] - -[[package]] -name = "iptables" -version = "0.6.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f30c9a636a0a728c67d1d420471c99b215708a17c222bb9afb16d0821e2d80d8" -dependencies = [ - "lazy_static", - "regex", -] - [[package]] name = "is-terminal" version = "0.4.17" @@ -460,22 +347,6 @@ version = "1.0.15" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4a5f13b858c8d314ee3e8f639011f7ccefe71f97f96e50151fb991f267928e2c" -[[package]] -name = "js-sys" -version = "0.3.82" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b011eec8cc36da2aab2d5cff675ec18454fad408585853910a202391cf9f8e65" -dependencies = [ - "once_cell", - "wasm-bindgen", -] - -[[package]] -name = "lazy_static" -version = "1.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bbd2bcb4c963f2ddae06a2efc7e9f3591312473c50c6685e1f298068316e66fe" - [[package]] name = "libc" version = "0.2.177" @@ -502,12 +373,6 @@ dependencies = [ "once_cell", ] -[[package]] -name = "linux-raw-sys" -version = "0.11.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "df1d3c3b53da64cf5760482273a98e575c651a67eec7f77df96b5b642de8f039" - [[package]] name = "lock_api" version = "0.4.14" @@ -535,16 +400,6 @@ version = "0.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "68354c5c6bd36d73ff3feceb05efa59b6acb7626617f4962be322a825e61f79a" -[[package]] -name = "miniz_oxide" -version = "0.8.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1fa76a2c86f704bdb222d66965fb3d63269ce38518b83cb0575fca855ebb6316" -dependencies = [ - "adler2", - "simd-adler32", -] - [[package]] name = "mio" version = "1.1.0" @@ -578,15 +433,6 @@ dependencies = [ "minimal-lexical", ] -[[package]] -name = "num-traits" -version = "0.2.19" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "071dfc062690e90b734c0b2273ce72ad0ffa95f0c74596bc250dcfd960262841" -dependencies = [ - "autocfg", -] - [[package]] name = "once_cell" version = "1.21.3" @@ -667,30 +513,6 @@ dependencies = [ "unicode-ident", ] -[[package]] -name = "procfs" -version = "0.18.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "25485360a54d6861439d60facef26de713b1e126bf015ec8f98239467a2b82f7" -dependencies = [ - "bitflags", - "chrono", - "flate2", - "procfs-core", - "rustix", -] - -[[package]] -name = "procfs-core" -version = "0.18.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e6401bf7b6af22f78b563665d15a22e9aef27775b79b149a66ca022468a4e405" -dependencies = [ - "bitflags", - "chrono", - "hex", -] - [[package]] name = "quote" version = "1.0.41" @@ -754,25 +576,6 @@ version = "2.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "357703d41365b4b27c590e3ed91eabb1b663f07c4c084095e60cbed4362dff0d" -[[package]] -name = "rustix" -version = "1.1.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cd15f8a2c5551a84d56efdc1cd049089e409ac19a3072d5037a17fd70719ff3e" -dependencies = [ - "bitflags", - "errno", - "libc", - "linux-raw-sys", - "windows-sys 0.61.2", -] - -[[package]] -name = "rustversion" -version = "1.0.22" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b39cdef0fa800fc44525c84ccb54a029961a8215f9619753635a9c0d2538d46d" - [[package]] name = "ryu" version = "1.0.20" @@ -852,12 +655,6 @@ dependencies = [ "libc", ] -[[package]] -name = "simd-adler32" -version = "0.3.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d66dc143e6b11c1eddc06d5c423cfc97062865baf299914ab64caa38182078fe" - [[package]] name = "smallvec" version = "1.15.1" @@ -999,51 +796,6 @@ version = "0.11.1+wasi-snapshot-preview1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ccf3ec651a847eb01de73ccad15eb7d99f80485de043efb2f370cd654f4ea44b" -[[package]] -name = "wasm-bindgen" -version = "0.2.105" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "da95793dfc411fbbd93f5be7715b0578ec61fe87cb1a42b12eb625caa5c5ea60" -dependencies = [ - "cfg-if", - "once_cell", - "rustversion", - "wasm-bindgen-macro", - "wasm-bindgen-shared", -] - -[[package]] -name = "wasm-bindgen-macro" -version = "0.2.105" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "04264334509e04a7bf8690f2384ef5265f05143a4bff3889ab7a3269adab59c2" -dependencies = [ - "quote", - "wasm-bindgen-macro-support", -] - -[[package]] -name = "wasm-bindgen-macro-support" -version = "0.2.105" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "420bc339d9f322e562942d52e115d57e950d12d88983a14c79b86859ee6c7ebc" -dependencies = [ - "bumpalo", - "proc-macro2", - "quote", - "syn", - "wasm-bindgen-shared", -] - -[[package]] -name = "wasm-bindgen-shared" -version = "0.2.105" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "76f218a38c84bcb33c25ec7059b07847d465ce0e0a76b995e134a45adcb6af76" -dependencies = [ - "unicode-ident", -] - [[package]] name = "winapi-util" version = "0.1.11" @@ -1053,65 +805,12 @@ dependencies = [ "windows-sys 0.61.2", ] -[[package]] -name = "windows-core" -version = "0.62.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b8e83a14d34d0623b51dce9581199302a221863196a1dde71a7663a4c2be9deb" -dependencies = [ - "windows-implement", - "windows-interface", - "windows-link", - "windows-result", - "windows-strings", -] - -[[package]] -name = "windows-implement" -version = "0.60.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "053e2e040ab57b9dc951b72c264860db7eb3b0200ba345b4e4c3b14f67855ddf" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - -[[package]] -name = "windows-interface" -version = "0.59.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3f316c4a2570ba26bbec722032c4099d8c8bc095efccdc15688708623367e358" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - [[package]] name = "windows-link" version = "0.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f0805222e57f7521d6a62e36fa9163bc891acd422f971defe97d64e70d0a4fe5" -[[package]] -name = "windows-result" -version = "0.4.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7781fa89eaf60850ac3d2da7af8e5242a5ea78d1a11c49bf2910bb5a73853eb5" -dependencies = [ - "windows-link", -] - -[[package]] -name = "windows-strings" -version = "0.5.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7837d08f69c77cf6b07689544538e017c1bfcf57e34b4c0ff58e6c2cd3b37091" -dependencies = [ - "windows-link", -] - [[package]] name = "windows-sys" version = "0.60.2" @@ -1202,14 +901,12 @@ dependencies = [ "anyhow", "clap", "daemonize", - "iptables", "libc", "libnfqws", "log", "nix", "once_cell", "pretty_env_logger", - "procfs", "regex", "rust-ini", "serde", diff --git a/rust/Cargo.toml b/rust/Cargo.toml index 8073db2..27c2891 100644 --- a/rust/Cargo.toml +++ b/rust/Cargo.toml @@ -10,9 +10,7 @@ resolver = "3" [workspace.dependencies] anyhow = "1.0.100" clap = { version = "4.5.50", features = ["derive"] } -iptables = "0.6.0" libc = "0.2.177" -procfs = "0.18.0" regex = "1.12.2" rust-ini = "0.21.3" serde = { version = "1.0.228", features = ["derive"] } diff --git a/rust/crates/libnfqws/build.rs b/rust/crates/libnfqws/build.rs index ba71938..52440c2 100644 --- a/rust/crates/libnfqws/build.rs +++ b/rust/crates/libnfqws/build.rs @@ -33,6 +33,10 @@ fn main() { println!("cargo:rustc-link-lib=nfnetlink"); println!("cargo:rustc-link-lib=mnl"); + if let Ok(link_libs) = env::var("NETFILTER_LIBS") { + println!("cargo:rustc-link-search=native={link_libs}/lib"); + } + println!("cargo:rustc-link-lib=static=nfqws"); println!("cargo:rerun-if-changed={}", NFQ.display()); println!("cargo:rerun-if-changed={}", NFQ_CRYPTO.display()); diff --git a/rust/crates/libnfqws/zapret b/rust/crates/libnfqws/zapret index 1408c38..0b8e0dc 160000 --- a/rust/crates/libnfqws/zapret +++ b/rust/crates/libnfqws/zapret @@ -1 +1 @@ -Subproject commit 1408c38522193e6debdf7491a6cd7ee44a8fce05 +Subproject commit 0b8e0dc97df8c553dda2f3faf2df5eb664739c34 diff --git a/rust/crates/zaprett/Cargo.toml b/rust/crates/zaprett/Cargo.toml index dd3d4d2..e91f660 100644 --- a/rust/crates/zaprett/Cargo.toml +++ b/rust/crates/zaprett/Cargo.toml @@ -7,9 +7,7 @@ repository.workspace = true [dependencies] anyhow = { workspace = true } clap = { workspace = true } -iptables = { workspace = true } libc = { workspace = true } -procfs = { workspace = true } regex = { workspace = true } rust-ini = { workspace = true } serde = { workspace = true } diff --git a/rust/crates/zaprett/src/main.rs b/rust/crates/zaprett/src/main.rs index 4b994e7..dbafbe3 100644 --- a/rust/crates/zaprett/src/main.rs +++ b/rust/crates/zaprett/src/main.rs @@ -6,7 +6,6 @@ use libnfqws::nfqws_main; use log::{error, info}; use nix::sys::signal::{Signal, kill}; use nix::unistd::{Pid, Uid}; -use procfs::process::all_processes; use regex::Regex; use serde::{Deserialize, Serialize}; use std::ffi::CString; @@ -303,13 +302,14 @@ fn get_autostart() { } fn service_status() -> bool { - match all_processes() { - Ok(iter) => iter - .filter_map(|rp| rp.ok()) - .filter_map(|p| p.stat().ok()) - .any(|st| st.comm == "zaprett"), - Err(_) => false, - } + unimplemented!(); + // match all_processes() { + // Ok(iter) => iter + // .filter_map(|rp| rp.ok()) + // .filter_map(|p| p.stat().ok()) + // .any(|st| st.comm == "zaprett"), + // Err(_) => false, + // } } fn module_version() { @@ -346,51 +346,53 @@ fn merge_files( } fn setup_iptables_rules() { - let ipt = iptables::new(false).unwrap(); - - ipt.insert( - "mangle", - "POSTROUTING", - "-j NFQUEUE --queue-num 200 --queue-bypass", - 1, - ) - .unwrap(); - ipt.insert( - "mangle", - "PREROUTING", - "-j NFQUEUE --queue-num 200 --queue-bypass", - 1, - ) - .unwrap(); - ipt.append( - "filter", - "FORWARD", - "-j NFQUEUE --queue-num 200 --queue-bypass", - ) - .unwrap(); + todo!(); + // let ipt = iptables::new(false).unwrap(); + // + // ipt.insert( + // "mangle", + // "POSTROUTING", + // "-j NFQUEUE --queue-num 200 --queue-bypass", + // 1, + // ) + // .unwrap(); + // ipt.insert( + // "mangle", + // "PREROUTING", + // "-j NFQUEUE --queue-num 200 --queue-bypass", + // 1, + // ) + // .unwrap(); + // ipt.append( + // "filter", + // "FORWARD", + // "-j NFQUEUE --queue-num 200 --queue-bypass", + // ) + // .unwrap(); } fn clear_iptables_rules() { - let ipt = iptables::new(false).unwrap(); - - ipt.delete( - "mangle", - "POSTROUTING", - "-j NFQUEUE --queue-num 200 --queue-bypass", - ) - .unwrap(); - ipt.delete( - "mangle", - "PREROUTING", - "-j NFQUEUE --queue-num 200 --queue-bypass", - ) - .unwrap(); - ipt.delete( - "filter", - "FORWARD", - "-j NFQUEUE --queue-num 200 --queue-bypass", - ) - .unwrap(); + todo!(); + // let ipt = iptables::new(false).unwrap(); + // + // ipt.delete( + // "mangle", + // "POSTROUTING", + // "-j NFQUEUE --queue-num 200 --queue-bypass", + // ) + // .unwrap(); + // ipt.delete( + // "mangle", + // "PREROUTING", + // "-j NFQUEUE --queue-num 200 --queue-bypass", + // ) + // .unwrap(); + // ipt.delete( + // "filter", + // "FORWARD", + // "-j NFQUEUE --queue-num 200 --queue-bypass", + // ) + // .unwrap(); } async fn run_nfqws(args_str: &String) -> anyhow::Result<()> { diff --git a/rust/justfile b/rust/justfile index bfe6322..9f3296e 100644 --- a/rust/justfile +++ b/rust/justfile @@ -5,6 +5,8 @@ export ANDROID_NDK_VERSION := "r27d-linux" TARGET := `pwd` + "/target" +export NETFILTER_LIBS := TARGET + "/netfilter_libs" + export NDK_HOME := TARGET + "/android-ndk-" + ANDROID_NDK_VERSION _download_android_ndk: @@ -30,35 +32,39 @@ _download_android_ndk: _build_netfilter_libs: #!/usr/bin/env sh - export DEPS_DIR="{{TARGET}}/netfilter" - cd "{{TARGET}}" - export TARGET=arm-linux-androideabi - export TOOLCHAIN=$NDK_HOME/toolchains/llvm/prebuilt/linux-x86_64 - export CC="$TOOLCHAIN/bin/clang --target=$TARGET$ANDROID_API" - export AR=$TOOLCHAIN/bin/llvm-ar - export AS=$CC - export LD=$TOOLCHAIN/bin/ld - export RANLIB=$TOOLCHAIN/bin/llvm-ranlib - export STRIP=$TOOLCHAIN/bin/llvm-strip - export PKG_CONFIG_PATH=$DEPS_DIR/lib/pkgconfig + if [ ! -d "{{NETFILTER_LIBS}}" ]; then + export PATCH="$(pwd)/libnetfilter_queue-android.patch" + cd "{{TARGET}}" - wget -O- https://www.netfilter.org/pub/libnfnetlink/libnfnetlink-1.0.2.tar.bz2 | tar -xj - wget -O- https://www.netfilter.org/pub/libmnl/libmnl-1.0.5.tar.bz2 | tar -xj - wget -O- https://www.netfilter.org/pub/libnetfilter_queue/libnetfilter_queue-1.0.5.tar.bz2 | tar -xj - patch -p1 -d libnetfilter_queue-* -i ../libnetfilter_queue-android.patch + export TARGET=arm-linux-androideabi + export TOOLCHAIN=$NDK_HOME/toolchains/llvm/prebuilt/linux-x86_64 + export CC="$TOOLCHAIN/bin/clang --target=$TARGET$ANDROID_API" + export AR=$TOOLCHAIN/bin/llvm-ar + export AS=$CC + export LD=$TOOLCHAIN/bin/ld + export RANLIB=$TOOLCHAIN/bin/llvm-ranlib + export STRIP=$TOOLCHAIN/bin/llvm-strip + export PKG_CONFIG_PATH=$NETFILTER_LIBS/lib/pkgconfig - for i in libmnl libnfnetlink libnetfilter_queue ; do - ( - cd $i-* - autoreconf "-fi" - CFLAGS="-Os -flto=auto -Wno-implicit-function-declaration" \ - ./configure --prefix= --host=$TARGET --enable-static --disable-shared --disable-dependency-tracking - make -j$(nproc) - make install DESTDIR=$DEPS_DIR - ) - sed -i "s|^prefix=.*|prefix=$DEPS_DIR|g" $DEPS_DIR/lib/pkgconfig/$i.pc - done + wget -O- https://www.netfilter.org/pub/libnfnetlink/libnfnetlink-1.0.2.tar.bz2 | tar -xj + wget -O- https://www.netfilter.org/pub/libmnl/libmnl-1.0.5.tar.bz2 | tar -xj + wget -O- https://www.netfilter.org/pub/libnetfilter_queue/libnetfilter_queue-1.0.5.tar.bz2 | tar -xj + patch -p1 -d libnetfilter_queue-* -i $PATCH + + for i in libmnl libnfnetlink libnetfilter_queue ; do + ( + cd $i-* + CFLAGS="-Os -flto=auto -Wno-implicit-function-declaration" \ + ./configure --prefix= --host=$TARGET --enable-static --disable-shared --disable-dependency-tracking + make -j$(nproc) + make install DESTDIR=$NETFILTER_LIBS + ) + sed -i "s|^prefix=.*|prefix=$NETFILTER_LIBS|g" $NETFILTER_LIBS/lib/pkgconfig/$i.pc + done + else + echo "netfilter libs already built" + fi prepare-android: _download_android_ndk _build_netfilter_libs #!/usr/bin/env sh @@ -73,3 +79,10 @@ prepare-android: _download_android_ndk _build_netfilter_libs echo "Target already installed: $t" fi done + +build-android *args: prepare-android + #!/usr/bin/env sh + export CFLAGS="-I $NETFILTER_LIBS/include" + export LDFLAGS="-L $NETFILTER_LIBS/lib" + export CXXFLAGS="$CFLAGS" + cargo ndk -t armv7-linux-androideabi -t aarch64-linux-android -t x86\_64-linux-android --platform $ANDROID_API build {{args}} \ No newline at end of file diff --git a/rust/libnetfilter_queue-android.patch b/rust/libnetfilter_queue-android.patch new file mode 100644 index 0000000..a0ce64b --- /dev/null +++ b/rust/libnetfilter_queue-android.patch @@ -0,0 +1,41 @@ +--- a/src/extra/pktbuff.c ++++ b/src/extra/pktbuff.c +@@ -14,7 +14,7 @@ + #include /* for memcpy */ + #include + +-#include ++#include + #include + #include + +--- a/src/nlmsg.c ++++ b/src/nlmsg.c +@@ -21,7 +21,7 @@ + + #include + +-#include ++// #include + + #include "internal.h" + +--- a/src/extra/tcp.c ++++ b/src/extra/tcp.c +@@ -139,12 +139,16 @@ void nfq_tcp_compute_checksum_ipv6(struc + * (union is compatible to any of its members) + * This means this part of the code is -fstrict-aliasing safe now. + */ ++#ifndef __ANDROID__ + union tcp_word_hdr { + struct tcphdr hdr; + uint32_t words[5]; + }; ++#endif + ++#ifndef tcp_flag_word + #define tcp_flag_word(tp) ( ((union tcp_word_hdr *)(tp))->words[3]) ++#endif + + /** + * nfq_pkt_snprintf_tcp_hdr - print tcp header into one buffer in a humnan From 17d5e7a8f0c0f6cd1c8e6253e003a186cbbb6438 Mon Sep 17 00:00:00 2001 From: sqlerrorthing <148702857+sqlerrorthing@users.noreply.github.com> Date: Fri, 31 Oct 2025 17:38:31 +0800 Subject: [PATCH 6/6] working --- rust/justfile | 59 ++++++++++++++++++++++++++++++++++----------------- 1 file changed, 40 insertions(+), 19 deletions(-) diff --git a/rust/justfile b/rust/justfile index 9f3296e..5a85d6b 100644 --- a/rust/justfile +++ b/rust/justfile @@ -5,7 +5,7 @@ export ANDROID_NDK_VERSION := "r27d-linux" TARGET := `pwd` + "/target" -export NETFILTER_LIBS := TARGET + "/netfilter_libs" +export NETFILTER_LIBS := TARGET + "/netfilter" export NDK_HOME := TARGET + "/android-ndk-" + ANDROID_NDK_VERSION @@ -30,43 +30,51 @@ _download_android_ndk: echo "Android ndk {{ANDROID_NDK_VERSION}} already installed in {{NDK_HOME}}" fi -_build_netfilter_libs: +_build_netfilter_libs abi target_arch: #!/usr/bin/env sh - if [ ! -d "{{NETFILTER_LIBS}}" ]; then + if [ ! -d "{{NETFILTER_LIBS}}-{{target_arch}}" ]; then export PATCH="$(pwd)/libnetfilter_queue-android.patch" cd "{{TARGET}}" - export TARGET=arm-linux-androideabi export TOOLCHAIN=$NDK_HOME/toolchains/llvm/prebuilt/linux-x86_64 - export CC="$TOOLCHAIN/bin/clang --target=$TARGET$ANDROID_API" + export CC="$TOOLCHAIN/bin/clang --target={{target_arch}}$ANDROID_API" export AR=$TOOLCHAIN/bin/llvm-ar export AS=$CC + export ABI={{abi}} export LD=$TOOLCHAIN/bin/ld export RANLIB=$TOOLCHAIN/bin/llvm-ranlib export STRIP=$TOOLCHAIN/bin/llvm-strip - export PKG_CONFIG_PATH=$NETFILTER_LIBS/lib/pkgconfig + export PKG_CONFIG_PATH=$NETFILTER_LIBS-{{target_arch}}/lib/pkgconfig - wget -O- https://www.netfilter.org/pub/libnfnetlink/libnfnetlink-1.0.2.tar.bz2 | tar -xj - wget -O- https://www.netfilter.org/pub/libmnl/libmnl-1.0.5.tar.bz2 | tar -xj - wget -O- https://www.netfilter.org/pub/libnetfilter_queue/libnetfilter_queue-1.0.5.tar.bz2 | tar -xj - patch -p1 -d libnetfilter_queue-* -i $PATCH + if [ ! -d "libnfnetlink-1.0.2" ]; then + wget -O- https://www.netfilter.org/pub/libnfnetlink/libnfnetlink-1.0.2.tar.bz2 | tar -xj + fi + + if [ ! -d "libmnl-1.0.5" ]; then + wget -O- https://www.netfilter.org/pub/libmnl/libmnl-1.0.5.tar.bz2 | tar -xj + fi + + if [ ! -d "libnetfilter_queue-1.0.5" ]; then + wget -O- https://www.netfilter.org/pub/libnetfilter_queue/libnetfilter_queue-1.0.5.tar.bz2 | tar -xj + patch -p1 -d libnetfilter_queue-* -i $PATCH + fi for i in libmnl libnfnetlink libnetfilter_queue ; do ( cd $i-* CFLAGS="-Os -flto=auto -Wno-implicit-function-declaration" \ - ./configure --prefix= --host=$TARGET --enable-static --disable-shared --disable-dependency-tracking + ./configure --prefix= --host={{target_arch}} --enable-static --disable-shared --disable-dependency-tracking make -j$(nproc) - make install DESTDIR=$NETFILTER_LIBS + make install DESTDIR=$NETFILTER_LIBS-{{target_arch}} ) - sed -i "s|^prefix=.*|prefix=$NETFILTER_LIBS|g" $NETFILTER_LIBS/lib/pkgconfig/$i.pc + sed -i "s|^prefix=.*|prefix=$NETFILTER_LIBS-{{target_arch}}|g" $NETFILTER_LIBS-{{target_arch}}/lib/pkgconfig/$i.pc done else - echo "netfilter libs already built" + echo "netfilter libs for {{target_arch}} already built" fi -prepare-android: _download_android_ndk _build_netfilter_libs +prepare-android: _download_android_ndk #!/usr/bin/env sh cargo install cargo-ndk @@ -82,7 +90,20 @@ prepare-android: _download_android_ndk _build_netfilter_libs build-android *args: prepare-android #!/usr/bin/env sh - export CFLAGS="-I $NETFILTER_LIBS/include" - export LDFLAGS="-L $NETFILTER_LIBS/lib" - export CXXFLAGS="$CFLAGS" - cargo ndk -t armv7-linux-androideabi -t aarch64-linux-android -t x86\_64-linux-android --platform $ANDROID_API build {{args}} \ No newline at end of file + + targets=("armv7-linux-androideabi") + abis=("armeabi-v7a") + + for i in "${!targets[@]}"; do + t=${targets[$i]} + a=${abis[$i]} + ( + echo "Building target=$t, abi=$a" + export CFLAGS="-I$NETFILTER_LIBS-$t/include" + export LDFLAGS="-L$NETFILTER_LIBS-$t/lib" + export CXXFLAGS="$CFLAGS" + + just _build_netfilter_libs $a $t + NETFILTER_LIBS=$NETFILTER_LIBS-$t cargo ndk -t $t --platform $ANDROID_API build {{args}} + ) + done