fixess

2025-12-10 05:19:42 +05:00 · 2025-11-01 03:39:22 +08:00
parent bf76e162ee
commit 515c946f13
6 changed files with 77 additions and 71 deletions
--- a/.gitmodules
+++ b/.gitmodules
@@ -1,12 +1,3 @@
-[submodule "rust/libs/zapret"]
-	path = rust/libs/zapret
-	url = https://github.com/bol-van/zapret.git
-[submodule "rust/crates/libnfqws/libs/zapret"]
-	path = rust/crates/libnfqws/libs/zapret
-	url = https://github.com/bol-van/zapret.git
 [submodule "rust/crates/libnfqws/zapret"]
 	path = rust/crates/libnfqws/zapret
 	url = https://github.com/bol-van/zapret.git
-[submodule "rust/crates/iptables"]
-	path = rust/crates/iptables
-	url = https://github.com/yaa110/rust-iptables
--- a/rust/Cargo.lock
+++ b/rust/Cargo.lock
@@ -315,6 +315,15 @@ version = "2.3.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "135b12329e5e3ce057a9f972339ea52bc954fe1e9358ef27f95e89716fbc5424"

+[[package]]
+name = "iptables"
+version = "0.6.0"
+source = "git+https://github.com/sqlerrorthing/rust-iptables.git?branch=feat%2Fadd-android#c56ec40f30d61becc66024061d2461851acf5d19"
+dependencies = [
+ "lazy_static",
+ "regex",
+]
+
 [[package]]
 name = "is-terminal"
 version = "0.4.17"
@@ -347,6 +356,12 @@ version = "1.0.15"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "4a5f13b858c8d314ee3e8f639011f7ccefe71f97f96e50151fb991f267928e2c"

+[[package]]
+name = "lazy_static"
+version = "1.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "bbd2bcb4c963f2ddae06a2efc7e9f3591312473c50c6685e1f298068316e66fe"
+
 [[package]]
 name = "libc"
 version = "0.2.177"
@@ -901,6 +916,7 @@ dependencies = [
 "anyhow",
 "clap",
 "daemonize",
+ "iptables",
 "libc",
 "libnfqws",
 "log",
--- a/rust/Cargo.toml
+++ b/rust/Cargo.toml
@@ -22,3 +22,4 @@ daemonize = "0.5.0"
 log = "0.4.28"
 pretty_env_logger = "0.5.0"
 nix = { version = "0.30.1", features = ["signal"] }
+iptables = { git = "https://github.com/sqlerrorthing/rust-iptables.git", branch = "feat/add-android" }
--- a/rust/crates/iptables
+++ b/rust/crates/iptables
--- a/rust/crates/zaprett/Cargo.toml
+++ b/rust/crates/zaprett/Cargo.toml
@@ -19,3 +19,4 @@ daemonize = { workspace = true }
 pretty_env_logger = { workspace = true }
 log = { workspace = true }
 nix = { workspace = true, features = ["user"] }
+iptables = { workspace = true }
--- a/rust/crates/zaprett/src/main.rs
+++ b/rust/crates/zaprett/src/main.rs
@@ -1,3 +1,4 @@
+use std::error;
 use anyhow::bail;
 use clap::{ArgAction, Parser, Subcommand, builder::BoolishValueParser};
 use daemonize::Daemonize;
@@ -151,8 +152,8 @@ async fn start_service() -> anyhow::Result<()> {

    let tmp_dir = MODULE_PATH.join("/tmp");
    if tmp_dir.exists() {
-        fs::remove_dir_all(&tmp_dir).unwrap();
-        fs::create_dir_all(&tmp_dir).unwrap();
+        fs::remove_dir_all(&tmp_dir)?;
+        fs::create_dir_all(&tmp_dir)?;
    }

    let reader = BufReader::new(
@@ -245,7 +246,8 @@ async fn start_service() -> anyhow::Result<()> {
    let ctl = sysctl::Ctl::new("net.netfilter.nf_conntrack_tcp_be_liberal")?;
    ctl.set_value(sysctl::CtlValue::String("1".into()))?;

-    setup_iptables_rules();
+    setup_iptables_rules().expect("setup iptables rules");
+
    daemonize_nfqws(&strat_modified).await;
    info!("zaprett service started!");
    Ok(())
@@ -256,7 +258,7 @@ async fn stop_service() -> anyhow::Result<()> {
        bail!("Running not from root, exiting");
    };

-    clear_iptables_rules();
+    clear_iptables_rules().expect("clear iptables rules");

    let pid_str = fs::read_to_string(MODULE_PATH.join("tmp/pid.lock").as_path())?;
    let pid = pid_str.trim().parse::<i32>()?;
@@ -289,7 +291,7 @@ async fn restart_service() {
 fn set_autostart(autostart: &bool) {
    if *autostart {
        if let Err(e) = File::create(MODULE_PATH.join("autostart")) {
-            eprintln!("autostart: cannot create flag file: {e}");
+            error!("Autostart: cannot create flag file: {e}");
        }
    } else {
        fs::remove_file(MODULE_PATH.join("autostart")).unwrap()
@@ -302,15 +304,10 @@ fn get_autostart() {
 }

 fn service_status() -> bool {
-    let Ok(pid_str) = fs::read_to_string(MODULE_PATH.join("tmp/pid.lock")) else {
-        return false;
-    };
-
-    let Ok(_) = pid_str.trim().parse::<i32>() else {
-        return false;
-    };
-
-    true
+    fs::read_to_string(MODULE_PATH.join("tmp/pid.lock"))
+        .ok()
+        .and_then(|pid_str| pid_str.trim().parse::<i32>().ok())
+        .is_some()
    /*match all_processes() {
        Ok(iter) => iter
            .filter_map(|rp| rp.ok())
@@ -332,10 +329,11 @@ fn module_version() {
 fn bin_version() {
    println!("{}", env!("ZAPRET_VERSION"));
 }
+
 fn merge_files(
    input_paths: Vec<String>,
    output_path: &Path,
-) -> Result<(), Box<dyn std::error::Error>> {
+) -> Result<(), Box<dyn error::Error>> {
    let mut combined_content = String::new();

    for path_str in input_paths {
@@ -352,54 +350,54 @@ fn merge_files(
    Ok(())
 }

-fn setup_iptables_rules() {
-    todo!();
-    // let ipt = iptables::new(false).unwrap();
-    //
-    // ipt.insert(
-    //     "mangle",
-    //     "POSTROUTING",
-    //     "-j NFQUEUE --queue-num 200 --queue-bypass",
-    //     1,
-    // )
-    // .unwrap();
-    // ipt.insert(
-    //     "mangle",
-    //     "PREROUTING",
-    //     "-j NFQUEUE --queue-num 200 --queue-bypass",
-    //     1,
-    // )
-    // .unwrap();
-    // ipt.append(
-    //     "filter",
-    //     "FORWARD",
-    //     "-j NFQUEUE --queue-num 200 --queue-bypass",
-    // )
-    // .unwrap();
+fn setup_iptables_rules() -> Result<(), Box<dyn error::Error>> {
+    let ipt = iptables::new(false)?;
+
+    ipt.insert(
+        "mangle",
+        "POSTROUTING",
+        "-j NFQUEUE --queue-num 200 --queue-bypass",
+        1,
+    )?;
+
+    ipt.insert(
+        "mangle",
+        "PREROUTING",
+        "-j NFQUEUE --queue-num 200 --queue-bypass",
+        1,
+    )?;
+
+    ipt.append(
+        "filter",
+        "FORWARD",
+        "-j NFQUEUE --queue-num 200 --queue-bypass",
+    )?;
+
+    Ok(())
 }

-fn clear_iptables_rules() {
-    todo!();
-    // let ipt = iptables::new(false).unwrap();
-    //
-    // ipt.delete(
-    //     "mangle",
-    //     "POSTROUTING",
-    //     "-j NFQUEUE --queue-num 200 --queue-bypass",
-    // )
-    // .unwrap();
-    // ipt.delete(
-    //     "mangle",
-    //     "PREROUTING",
-    //     "-j NFQUEUE --queue-num 200 --queue-bypass",
-    // )
-    // .unwrap();
-    // ipt.delete(
-    //     "filter",
-    //     "FORWARD",
-    //     "-j NFQUEUE --queue-num 200 --queue-bypass",
-    // )
-    // .unwrap();
+fn clear_iptables_rules() -> Result<(), Box<dyn error::Error>> {
+    let ipt = iptables::new(false)?;
+
+    ipt.delete(
+        "mangle",
+        "POSTROUTING",
+        "-j NFQUEUE --queue-num 200 --queue-bypass",
+    )?;
+
+    ipt.delete(
+        "mangle",
+        "PREROUTING",
+        "-j NFQUEUE --queue-num 200 --queue-bypass",
+    )?;
+
+    ipt.delete(
+        "filter",
+        "FORWARD",
+        "-j NFQUEUE --queue-num 200 --queue-bypass",
+    )?;
+
+    Ok(())
 }

 async fn run_nfqws(args_str: &str) -> anyhow::Result<()> {