Batyka/zaprett
1
0
Fork 0
mirror of https://github.com/egor-white/zaprett.git synced 2025-12-10 13:30:23 +05:00
Code Issues Packages Projects Releases 1 Wiki Activity

feat: build anrdoid (#1)

Browse Source
This commit is contained in:
sqlerrorthing
2025-11-01 02:55:42 +08:00
committed by GitHub
parent 8542d33af2 2e9e08fb96
commit 2790c8ed62
7 changed files with 199 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
rust/Cargo.lock generated
View File

@@ -315,14 +315,6 @@ version = "2.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "135b12329e5e3ce057a9f972339ea52bc954fe1e9358ef27f95e89716fbc5424"
[[package]]
name = "iptables"
version = "0.6.0"
dependencies = [
"lazy_static",
"regex",
]
[[package]]
name = "is-terminal"
version = "0.4.17"
@@ -355,12 +347,6 @@ version = "1.0.15"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4a5f13b858c8d314ee3e8f639011f7ccefe71f97f96e50151fb991f267928e2c"
[[package]]
name = "lazy_static"
version = "1.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bbd2bcb4c963f2ddae06a2efc7e9f3591312473c50c6685e1f298068316e66fe"
[[package]]
name = "libc"
version = "0.2.177"
@@ -915,7 +901,6 @@ dependencies = [
"anyhow",
"clap",
"daemonize",
"iptables",
"libc",
"libnfqws",
"log",

4
rust/crates/libnfqws/build.rs
View File

@@ -33,6 +33,10 @@ fn main() {
println!("cargo:rustc-link-lib=nfnetlink");
println!("cargo:rustc-link-lib=mnl");
if let Ok(link_libs) = env::var("NETFILTER_LIBS") {
println!("cargo:rustc-link-search=native={link_libs}/lib");
}
println!("cargo:rustc-link-lib=static=nfqws");
println!("cargo:rerun-if-changed={}", NFQ.display());
println!("cargo:rerun-if-changed={}", NFQ_CRYPTO.display());

2
rust/crates/libnfqws/zapret

Submodule rust/crates/libnfqws/zapret updated: 1408c38522...0b8e0dc97d

1
rust/crates/zaprett/Cargo.toml
View File

@@ -7,7 +7,6 @@ repository.workspace = true
[dependencies]
anyhow = { workspace = true }
clap = { workspace = true }
iptables = { path = "../iptables" }
libc = { workspace = true }
regex = { workspace = true }
rust-ini = { workspace = true }

86
rust/crates/zaprett/src/main.rs
View File

@@ -354,51 +354,53 @@ fn merge_files(
}
fn setup_iptables_rules() {
let ipt = iptables::new(false).unwrap();
ipt.insert(
"mangle",
"POSTROUTING",
"-j NFQUEUE --queue-num 200 --queue-bypass",
1,
)
.unwrap();
ipt.insert(
"mangle",
"PREROUTING",
"-j NFQUEUE --queue-num 200 --queue-bypass",
1,
)
.unwrap();
ipt.append(
"filter",
"FORWARD",
"-j NFQUEUE --queue-num 200 --queue-bypass",
)
.unwrap();
todo!();
// let ipt = iptables::new(false).unwrap();
//
// ipt.insert(
// "mangle",
// "POSTROUTING",
// "-j NFQUEUE --queue-num 200 --queue-bypass",
// 1,
// )
// .unwrap();
// ipt.insert(
// "mangle",
// "PREROUTING",
// "-j NFQUEUE --queue-num 200 --queue-bypass",
// 1,
// )
// .unwrap();
// ipt.append(
// "filter",
// "FORWARD",
// "-j NFQUEUE --queue-num 200 --queue-bypass",
// )
// .unwrap();
}
fn clear_iptables_rules() {
let ipt = iptables::new(false).unwrap();
ipt.delete(
"mangle",
"POSTROUTING",
"-j NFQUEUE --queue-num 200 --queue-bypass",
)
.unwrap();
ipt.delete(
"mangle",
"PREROUTING",
"-j NFQUEUE --queue-num 200 --queue-bypass",
)
.unwrap();
ipt.delete(
"filter",
"FORWARD",
"-j NFQUEUE --queue-num 200 --queue-bypass",
)
.unwrap();
todo!();
// let ipt = iptables::new(false).unwrap();
//
// ipt.delete(
// "mangle",
// "POSTROUTING",
// "-j NFQUEUE --queue-num 200 --queue-bypass",
// )
// .unwrap();
// ipt.delete(
// "mangle",
// "PREROUTING",
// "-j NFQUEUE --queue-num 200 --queue-bypass",
// )
// .unwrap();
// ipt.delete(
// "filter",
// "FORWARD",
// "-j NFQUEUE --queue-num 200 --queue-bypass",
// )
// .unwrap();
}
async fn run_nfqws(args_str: &String) -> anyhow::Result<()> {

109
rust/justfile Normal file
View File

@@ -0,0 +1,109 @@
set shell := ["sh", "-eu", "-c"]
export ANDROID_API := "21"
export ANDROID_NDK_VERSION := "r27d-linux"
TARGET := `pwd` + "/target"
export NETFILTER_LIBS := TARGET + "/netfilter"
export NDK_HOME := TARGET + "/android-ndk-" + ANDROID_NDK_VERSION
_download_android_ndk:
#!/usr/bin/env sh
if [ ! -d "{{NDK_HOME}}" ]; then
echo "Downloading ndk {{ANDROID_NDK_VERSION}} to {{NDK_HOME}}"
TMPFILE="{{NDK_HOME}}.tmp"
TMPDIR="{{NDK_HOME}}.extracted.tmp"
curl -L -C - -o "$TMPFILE" "https://dl.google.com/android/repository/android-ndk-{{ANDROID_NDK_VERSION}}.zip"
unzip "$TMPFILE" -d "$TMPDIR"
inner_folder=$(find "$TMPDIR" -mindepth 1 -maxdepth 1 -type d | head -n 1)
mv -T "$inner_folder" "$NDK_HOME"
rm -rf "$TMPFILE" "$TMPDIR"
echo "Android ndk {{ANDROID_NDK_VERSION}} successfully installed in {{NDK_HOME}}"
else
echo "Android ndk {{ANDROID_NDK_VERSION}} already installed in {{NDK_HOME}}"
fi
_build_netfilter_libs abi target_arch:
#!/usr/bin/env sh
if [ ! -d "{{NETFILTER_LIBS}}-{{target_arch}}" ]; then
export PATCH="$(pwd)/libnetfilter_queue-android.patch"
cd "{{TARGET}}"
export TOOLCHAIN=$NDK_HOME/toolchains/llvm/prebuilt/linux-x86_64
export CC="$TOOLCHAIN/bin/clang --target={{target_arch}}$ANDROID_API"
export AR=$TOOLCHAIN/bin/llvm-ar
export AS=$CC
export ABI={{abi}}
export LD=$TOOLCHAIN/bin/ld
export RANLIB=$TOOLCHAIN/bin/llvm-ranlib
export STRIP=$TOOLCHAIN/bin/llvm-strip
export PKG_CONFIG_PATH=$NETFILTER_LIBS-{{target_arch}}/lib/pkgconfig
if [ ! -d "libnfnetlink-1.0.2" ]; then
wget -O- https://www.netfilter.org/pub/libnfnetlink/libnfnetlink-1.0.2.tar.bz2 | tar -xj
fi
if [ ! -d "libmnl-1.0.5" ]; then
wget -O- https://www.netfilter.org/pub/libmnl/libmnl-1.0.5.tar.bz2 | tar -xj
fi
if [ ! -d "libnetfilter_queue-1.0.5" ]; then
wget -O- https://www.netfilter.org/pub/libnetfilter_queue/libnetfilter_queue-1.0.5.tar.bz2 | tar -xj
patch -p1 -d libnetfilter_queue-* -i $PATCH
fi
for i in libmnl libnfnetlink libnetfilter_queue ; do
(
cd $i-*
CFLAGS="-Os -flto=auto -Wno-implicit-function-declaration" \
./configure --prefix= --host={{target_arch}} --enable-static --disable-shared --disable-dependency-tracking
make -j$(nproc)
make install DESTDIR=$NETFILTER_LIBS-{{target_arch}}
)
sed -i "s|^prefix=.*|prefix=$NETFILTER_LIBS-{{target_arch}}|g" $NETFILTER_LIBS-{{target_arch}}/lib/pkgconfig/$i.pc
done
else
echo "netfilter libs for {{target_arch}} already built"
fi
prepare-android: _download_android_ndk
#!/usr/bin/env sh
cargo install cargo-ndk
targets=("armv7-linux-androideabi" "aarch64-linux-android" "i686-linux-android" "x86_64-linux-android")
for t in "${targets[@]}"; do
if ! rustup target list --installed | grep -q "$t"; then
echo "Installing missing target: $t"
rustup target add "$t"
else
echo "Target already installed: $t"
fi
done
build-android *args: prepare-android
#!/usr/bin/env sh
targets=("armv7-linux-androideabi")
abis=("armeabi-v7a")
for i in "${!targets[@]}"; do
t=${targets[$i]}
a=${abis[$i]}
(
echo "Building target=$t, abi=$a"
export CFLAGS="-I$NETFILTER_LIBS-$t/include"
export LDFLAGS="-L$NETFILTER_LIBS-$t/lib"
export CXXFLAGS="$CFLAGS"
just _build_netfilter_libs $a $t
NETFILTER_LIBS=$NETFILTER_LIBS-$t cargo ndk -t $t --platform $ANDROID_API build {{args}}
)
done

41
rust/libnetfilter_queue-android.patch Normal file
View File

@@ -0,0 +1,41 @@
--- a/src/extra/pktbuff.c
+++ b/src/extra/pktbuff.c
@@ -14,7 +14,7 @@
#include <string.h> /* for memcpy */
#include <stdbool.h>
-#include <netinet/if_ether.h>
+#include <linux/if_ether.h>
#include <netinet/ip.h>
#include <netinet/tcp.h>
--- a/src/nlmsg.c
+++ b/src/nlmsg.c
@@ -21,7 +21,7 @@
#include <linux/netfilter/nfnetlink_queue.h>
-#include <libnetfilter_queue/libnetfilter_queue.h>
+// #include <libnetfilter_queue/libnetfilter_queue.h>
#include "internal.h"
--- a/src/extra/tcp.c
+++ b/src/extra/tcp.c
@@ -139,12 +139,16 @@ void nfq_tcp_compute_checksum_ipv6(struc
* (union is compatible to any of its members)
* This means this part of the code is -fstrict-aliasing safe now.
*/
+#ifndef __ANDROID__
union tcp_word_hdr {
struct tcphdr hdr;
uint32_t words[5];
};
+#endif
+#ifndef tcp_flag_word
#define tcp_flag_word(tp) ( ((union tcp_word_hdr *)(tp))->words[3])
+#endif
/**
* nfq_pkt_snprintf_tcp_hdr - print tcp header into one buffer in a humnan