From 515c946f13532b09affe49def861d003aec15691 Mon Sep 17 00:00:00 2001 From: sqlerrorthing <148702857+sqlerrorthing@users.noreply.github.com> Date: Sat, 1 Nov 2025 03:39:22 +0800 Subject: [PATCH] fixess --- .gitmodules | 9 --- rust/Cargo.lock | 16 +++++ rust/Cargo.toml | 1 + rust/crates/iptables | 1 - rust/crates/zaprett/Cargo.toml | 1 + rust/crates/zaprett/src/main.rs | 120 ++++++++++++++++---------------- 6 files changed, 77 insertions(+), 71 deletions(-) delete mode 160000 rust/crates/iptables diff --git a/.gitmodules b/.gitmodules index 93a7107..62bc8f7 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,12 +1,3 @@ -[submodule "rust/libs/zapret"] - path = rust/libs/zapret - url = https://github.com/bol-van/zapret.git -[submodule "rust/crates/libnfqws/libs/zapret"] - path = rust/crates/libnfqws/libs/zapret - url = https://github.com/bol-van/zapret.git [submodule "rust/crates/libnfqws/zapret"] path = rust/crates/libnfqws/zapret url = https://github.com/bol-van/zapret.git -[submodule "rust/crates/iptables"] - path = rust/crates/iptables - url = https://github.com/yaa110/rust-iptables diff --git a/rust/Cargo.lock b/rust/Cargo.lock index 06b4a2a..9a61830 100644 --- a/rust/Cargo.lock +++ b/rust/Cargo.lock @@ -315,6 +315,15 @@ version = "2.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "135b12329e5e3ce057a9f972339ea52bc954fe1e9358ef27f95e89716fbc5424" +[[package]] +name = "iptables" +version = "0.6.0" +source = "git+https://github.com/sqlerrorthing/rust-iptables.git?branch=feat%2Fadd-android#c56ec40f30d61becc66024061d2461851acf5d19" +dependencies = [ + "lazy_static", + "regex", +] + [[package]] name = "is-terminal" version = "0.4.17" @@ -347,6 +356,12 @@ version = "1.0.15" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4a5f13b858c8d314ee3e8f639011f7ccefe71f97f96e50151fb991f267928e2c" +[[package]] +name = "lazy_static" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bbd2bcb4c963f2ddae06a2efc7e9f3591312473c50c6685e1f298068316e66fe" + [[package]] name = "libc" version = "0.2.177" @@ -901,6 +916,7 @@ dependencies = [ "anyhow", "clap", "daemonize", + "iptables", "libc", "libnfqws", "log", diff --git a/rust/Cargo.toml b/rust/Cargo.toml index 27c2891..9eff617 100644 --- a/rust/Cargo.toml +++ b/rust/Cargo.toml @@ -22,3 +22,4 @@ daemonize = "0.5.0" log = "0.4.28" pretty_env_logger = "0.5.0" nix = { version = "0.30.1", features = ["signal"] } +iptables = { git = "https://github.com/sqlerrorthing/rust-iptables.git", branch = "feat/add-android" } diff --git a/rust/crates/iptables b/rust/crates/iptables deleted file mode 160000 index e0e1f5d..0000000 --- a/rust/crates/iptables +++ /dev/null @@ -1 +0,0 @@ -Subproject commit e0e1f5dcc02023dbd162940af1b2f5159677dbd7 diff --git a/rust/crates/zaprett/Cargo.toml b/rust/crates/zaprett/Cargo.toml index 2cc5b63..18ee726 100644 --- a/rust/crates/zaprett/Cargo.toml +++ b/rust/crates/zaprett/Cargo.toml @@ -19,3 +19,4 @@ daemonize = { workspace = true } pretty_env_logger = { workspace = true } log = { workspace = true } nix = { workspace = true, features = ["user"] } +iptables = { workspace = true } diff --git a/rust/crates/zaprett/src/main.rs b/rust/crates/zaprett/src/main.rs index 4dbc628..6a14cf3 100644 --- a/rust/crates/zaprett/src/main.rs +++ b/rust/crates/zaprett/src/main.rs @@ -1,3 +1,4 @@ +use std::error; use anyhow::bail; use clap::{ArgAction, Parser, Subcommand, builder::BoolishValueParser}; use daemonize::Daemonize; @@ -151,8 +152,8 @@ async fn start_service() -> anyhow::Result<()> { let tmp_dir = MODULE_PATH.join("/tmp"); if tmp_dir.exists() { - fs::remove_dir_all(&tmp_dir).unwrap(); - fs::create_dir_all(&tmp_dir).unwrap(); + fs::remove_dir_all(&tmp_dir)?; + fs::create_dir_all(&tmp_dir)?; } let reader = BufReader::new( @@ -245,7 +246,8 @@ async fn start_service() -> anyhow::Result<()> { let ctl = sysctl::Ctl::new("net.netfilter.nf_conntrack_tcp_be_liberal")?; ctl.set_value(sysctl::CtlValue::String("1".into()))?; - setup_iptables_rules(); + setup_iptables_rules().expect("setup iptables rules"); + daemonize_nfqws(&strat_modified).await; info!("zaprett service started!"); Ok(()) @@ -256,7 +258,7 @@ async fn stop_service() -> anyhow::Result<()> { bail!("Running not from root, exiting"); }; - clear_iptables_rules(); + clear_iptables_rules().expect("clear iptables rules"); let pid_str = fs::read_to_string(MODULE_PATH.join("tmp/pid.lock").as_path())?; let pid = pid_str.trim().parse::()?; @@ -289,7 +291,7 @@ async fn restart_service() { fn set_autostart(autostart: &bool) { if *autostart { if let Err(e) = File::create(MODULE_PATH.join("autostart")) { - eprintln!("autostart: cannot create flag file: {e}"); + error!("Autostart: cannot create flag file: {e}"); } } else { fs::remove_file(MODULE_PATH.join("autostart")).unwrap() @@ -302,15 +304,10 @@ fn get_autostart() { } fn service_status() -> bool { - let Ok(pid_str) = fs::read_to_string(MODULE_PATH.join("tmp/pid.lock")) else { - return false; - }; - - let Ok(_) = pid_str.trim().parse::() else { - return false; - }; - - true + fs::read_to_string(MODULE_PATH.join("tmp/pid.lock")) + .ok() + .and_then(|pid_str| pid_str.trim().parse::().ok()) + .is_some() /*match all_processes() { Ok(iter) => iter .filter_map(|rp| rp.ok()) @@ -332,10 +329,11 @@ fn module_version() { fn bin_version() { println!("{}", env!("ZAPRET_VERSION")); } + fn merge_files( input_paths: Vec, output_path: &Path, -) -> Result<(), Box> { +) -> Result<(), Box> { let mut combined_content = String::new(); for path_str in input_paths { @@ -352,54 +350,54 @@ fn merge_files( Ok(()) } -fn setup_iptables_rules() { - todo!(); - // let ipt = iptables::new(false).unwrap(); - // - // ipt.insert( - // "mangle", - // "POSTROUTING", - // "-j NFQUEUE --queue-num 200 --queue-bypass", - // 1, - // ) - // .unwrap(); - // ipt.insert( - // "mangle", - // "PREROUTING", - // "-j NFQUEUE --queue-num 200 --queue-bypass", - // 1, - // ) - // .unwrap(); - // ipt.append( - // "filter", - // "FORWARD", - // "-j NFQUEUE --queue-num 200 --queue-bypass", - // ) - // .unwrap(); +fn setup_iptables_rules() -> Result<(), Box> { + let ipt = iptables::new(false)?; + + ipt.insert( + "mangle", + "POSTROUTING", + "-j NFQUEUE --queue-num 200 --queue-bypass", + 1, + )?; + + ipt.insert( + "mangle", + "PREROUTING", + "-j NFQUEUE --queue-num 200 --queue-bypass", + 1, + )?; + + ipt.append( + "filter", + "FORWARD", + "-j NFQUEUE --queue-num 200 --queue-bypass", + )?; + + Ok(()) } -fn clear_iptables_rules() { - todo!(); - // let ipt = iptables::new(false).unwrap(); - // - // ipt.delete( - // "mangle", - // "POSTROUTING", - // "-j NFQUEUE --queue-num 200 --queue-bypass", - // ) - // .unwrap(); - // ipt.delete( - // "mangle", - // "PREROUTING", - // "-j NFQUEUE --queue-num 200 --queue-bypass", - // ) - // .unwrap(); - // ipt.delete( - // "filter", - // "FORWARD", - // "-j NFQUEUE --queue-num 200 --queue-bypass", - // ) - // .unwrap(); +fn clear_iptables_rules() -> Result<(), Box> { + let ipt = iptables::new(false)?; + + ipt.delete( + "mangle", + "POSTROUTING", + "-j NFQUEUE --queue-num 200 --queue-bypass", + )?; + + ipt.delete( + "mangle", + "PREROUTING", + "-j NFQUEUE --queue-num 200 --queue-bypass", + )?; + + ipt.delete( + "filter", + "FORWARD", + "-j NFQUEUE --queue-num 200 --queue-bypass", + )?; + + Ok(()) } async fn run_nfqws(args_str: &str) -> anyhow::Result<()> {