From d7ff5a7ac37a7333ea03a74a0d34258fbeb5dec6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E4=B8=96=E7=95=8C?= Date: Thu, 26 Dec 2024 14:39:57 +0800 Subject: [PATCH 1/3] Revert "platform: Implement set underlying networks for android" This reverts commit eb4a184b7ed7becfcf82e108639d8d19cbeed6bd. --- adapter/network.go | 1 - experimental/libbox/config.go | 4 ---- experimental/libbox/platform.go | 8 -------- experimental/libbox/platform/interface.go | 1 - experimental/libbox/raw_network_android.go | 3 --- experimental/libbox/raw_network_stub.go | 7 ------- experimental/libbox/service.go | 7 ------- route/network.go | 12 ------------ 8 files changed, 43 deletions(-) delete mode 100644 experimental/libbox/raw_network_android.go delete mode 100644 experimental/libbox/raw_network_stub.go diff --git a/adapter/network.go b/adapter/network.go index 22816f07..00ef54b8 100644 --- a/adapter/network.go +++ b/adapter/network.go @@ -51,5 +51,4 @@ type NetworkInterface struct { DNSServers []string Expensive bool Constrained bool - RawNetwork any } diff --git a/experimental/libbox/config.go b/experimental/libbox/config.go index 7d0627fe..6a85c963 100644 --- a/experimental/libbox/config.go +++ b/experimental/libbox/config.go @@ -82,10 +82,6 @@ func (s *platformInterfaceStub) Interfaces() ([]adapter.NetworkInterface, error) return nil, os.ErrInvalid } -func (s *platformInterfaceStub) SetUnderlyingNetworks(networks []adapter.NetworkInterface) error { - return os.ErrInvalid -} - func (s *platformInterfaceStub) UnderNetworkExtension() bool { return false } diff --git a/experimental/libbox/platform.go b/experimental/libbox/platform.go index f4bc7ea6..2503ea44 100644 --- a/experimental/libbox/platform.go +++ b/experimental/libbox/platform.go @@ -18,7 +18,6 @@ type PlatformInterface interface { StartDefaultInterfaceMonitor(listener InterfaceUpdateListener) error CloseDefaultInterfaceMonitor(listener InterfaceUpdateListener) error GetInterfaces() (NetworkInterfaceIterator, error) - SetUnderlyingNetworks(networks RawNetworkIterator) error UnderNetworkExtension() bool IncludeAllNetworks() bool ReadWIFIState() *WIFIState @@ -52,8 +51,6 @@ type NetworkInterface struct { Type int32 DNSServer StringIterator Metered bool - - RawNetwork RawNetwork } type WIFIState struct { @@ -70,11 +67,6 @@ type NetworkInterfaceIterator interface { HasNext() bool } -type RawNetworkIterator interface { - Next() RawNetwork - HasNext() bool -} - type Notification struct { Identifier string TypeName string diff --git a/experimental/libbox/platform/interface.go b/experimental/libbox/platform/interface.go index 1684d88c..eda51b48 100644 --- a/experimental/libbox/platform/interface.go +++ b/experimental/libbox/platform/interface.go @@ -16,7 +16,6 @@ type Interface interface { UpdateRouteOptions(options *tun.Options, platformOptions option.TunPlatformOptions) error CreateDefaultInterfaceMonitor(logger logger.Logger) tun.DefaultInterfaceMonitor Interfaces() ([]adapter.NetworkInterface, error) - SetUnderlyingNetworks(networks []adapter.NetworkInterface) error UnderNetworkExtension() bool IncludeAllNetworks() bool ClearDNSCache() diff --git a/experimental/libbox/raw_network_android.go b/experimental/libbox/raw_network_android.go deleted file mode 100644 index b8d38aaa..00000000 --- a/experimental/libbox/raw_network_android.go +++ /dev/null @@ -1,3 +0,0 @@ -package libbox - -type RawNetwork interface{} diff --git a/experimental/libbox/raw_network_stub.go b/experimental/libbox/raw_network_stub.go deleted file mode 100644 index 6e23135c..00000000 --- a/experimental/libbox/raw_network_stub.go +++ /dev/null @@ -1,7 +0,0 @@ -//go:build !android - -package libbox - -type RawNetwork interface { - stub() -} diff --git a/experimental/libbox/service.go b/experimental/libbox/service.go index e04c040d..c903d2da 100644 --- a/experimental/libbox/service.go +++ b/experimental/libbox/service.go @@ -220,18 +220,11 @@ func (w *platformInterfaceWrapper) Interfaces() ([]adapter.NetworkInterface, err DNSServers: iteratorToArray[string](netInterface.DNSServer), Expensive: netInterface.Metered || isDefault && w.isExpensive, Constrained: isDefault && w.isConstrained, - RawNetwork: netInterface.RawNetwork, }) } return interfaces, nil } -func (w *platformInterfaceWrapper) SetUnderlyingNetworks(networks []adapter.NetworkInterface) error { - return w.iif.SetUnderlyingNetworks(newIterator(common.Map(networks, func(it adapter.NetworkInterface) RawNetwork { - return it.RawNetwork.(RawNetwork) - }))) -} - func (w *platformInterfaceWrapper) UnderNetworkExtension() bool { return w.iif.UnderNetworkExtension() } diff --git a/route/network.go b/route/network.go index 875b6e93..d82701fe 100644 --- a/route/network.go +++ b/route/network.go @@ -240,9 +240,6 @@ func (r *NetworkManager) UpdateInterfaces() error { newInterfaces := common.Filter(interfaces, func(it adapter.NetworkInterface) bool { return it.Flags&net.FlagUp != 0 }) - for _, networkInterface := range newInterfaces { - networkInterface.RawNetwork = nil - } r.networkInterfaces.Store(newInterfaces) if len(newInterfaces) > 0 && !slices.EqualFunc(oldInterfaces, newInterfaces, func(oldInterface adapter.NetworkInterface, newInterface adapter.NetworkInterface) bool { return oldInterface.Interface.Index == newInterface.Interface.Index && @@ -263,15 +260,6 @@ func (r *NetworkManager) UpdateInterfaces() error { } return F.ToString(it.Name, " (", strings.Join(options, ", "), ")") }), ", ")) - if C.IsAndroid { - err = r.platformInterface.SetUnderlyingNetworks(newInterfaces) - if err != nil { - r.logger.Error("set underlying networks: ", err) - } - } - } - for _, networkInterface := range interfaces { - networkInterface.RawNetwork = nil } return nil } From b4ae92dc95d7b953da14d8f305f91a7e71674dea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E4=B8=96=E7=95=8C?= Date: Thu, 26 Dec 2024 11:12:48 +0800 Subject: [PATCH 2/3] Enable fix stack for Android 7 and 9 --- constant/cgo_android_fix.go | 8 ---- constant/cgo_android_fix_stub.go | 5 --- experimental/libbox/command_client.go | 3 +- experimental/libbox/monitor.go | 3 +- experimental/libbox/service.go | 2 +- experimental/libbox/setup.go | 64 ++++++++++++++++----------- 6 files changed, 41 insertions(+), 44 deletions(-) delete mode 100644 constant/cgo_android_fix.go delete mode 100644 constant/cgo_android_fix_stub.go diff --git a/constant/cgo_android_fix.go b/constant/cgo_android_fix.go deleted file mode 100644 index cb4023c4..00000000 --- a/constant/cgo_android_fix.go +++ /dev/null @@ -1,8 +0,0 @@ -//go:build android && debug - -package constant - -// TODO: remove after fixed -// https://github.com/golang/go/issues/68760 - -const FixAndroidStack = true diff --git a/constant/cgo_android_fix_stub.go b/constant/cgo_android_fix_stub.go deleted file mode 100644 index 6145f9f5..00000000 --- a/constant/cgo_android_fix_stub.go +++ /dev/null @@ -1,5 +0,0 @@ -//go:build !(android && debug) - -package constant - -const FixAndroidStack = false diff --git a/experimental/libbox/command_client.go b/experimental/libbox/command_client.go index a9b1c131..fff2dbe2 100644 --- a/experimental/libbox/command_client.go +++ b/experimental/libbox/command_client.go @@ -7,7 +7,6 @@ import ( "path/filepath" "time" - C "github.com/sagernet/sing-box/constant" "github.com/sagernet/sing/common" E "github.com/sagernet/sing/common/exceptions" ) @@ -114,7 +113,7 @@ func (c *CommandClient) Connect() error { if err != nil { return err } - if C.FixAndroidStack { + if sFixAndroidStack { go func() { c.handler.Connected() c.handler.InitializeClashMode(newIterator(modeList), currentMode) diff --git a/experimental/libbox/monitor.go b/experimental/libbox/monitor.go index f218d8b2..eac0026d 100644 --- a/experimental/libbox/monitor.go +++ b/experimental/libbox/monitor.go @@ -1,7 +1,6 @@ package libbox import ( - C "github.com/sagernet/sing-box/constant" "github.com/sagernet/sing-tun" "github.com/sagernet/sing/common/control" E "github.com/sagernet/sing/common/exceptions" @@ -56,7 +55,7 @@ func (m *platformDefaultInterfaceMonitor) UnregisterCallback(element *list.Eleme } func (m *platformDefaultInterfaceMonitor) UpdateDefaultInterface(interfaceName string, interfaceIndex32 int32, isExpensive bool, isConstrained bool) { - if C.FixAndroidStack { + if sFixAndroidStack { go m.updateDefaultInterface(interfaceName, interfaceIndex32, isExpensive, isConstrained) } else { m.updateDefaultInterface(interfaceName, interfaceIndex32, isExpensive, isConstrained) diff --git a/experimental/libbox/service.go b/experimental/libbox/service.go index c903d2da..4906c571 100644 --- a/experimental/libbox/service.go +++ b/experimental/libbox/service.go @@ -81,7 +81,7 @@ func NewService(configContent string, platformInterface PlatformInterface) (*Box } func (s *BoxService) Start() error { - if C.FixAndroidStack { + if sFixAndroidStack { var err error done := make(chan struct{}) go func() { diff --git a/experimental/libbox/setup.go b/experimental/libbox/setup.go index 3ea2f404..184d5250 100644 --- a/experimental/libbox/setup.go +++ b/experimental/libbox/setup.go @@ -14,43 +14,55 @@ import ( ) var ( - sBasePath string - sWorkingPath string - sTempPath string - sUserID int - sGroupID int - sTVOS bool + sBasePath string + sWorkingPath string + sTempPath string + sUserID int + sGroupID int + sTVOS bool + sFixAndroidStack bool ) func init() { debug.SetPanicOnFault(true) } -func Setup(basePath string, workingPath string, tempPath string, isTVOS bool) { - sBasePath = basePath - sWorkingPath = workingPath - sTempPath = tempPath - sUserID = os.Getuid() - sGroupID = os.Getgid() - sTVOS = isTVOS - os.MkdirAll(sWorkingPath, 0o777) - os.MkdirAll(sTempPath, 0o777) +type SetupOptions struct { + BasePath string + WorkingPath string + TempPath string + Username string + IsTVOS bool + FixAndroidStack bool } -func SetupWithUsername(basePath string, workingPath string, tempPath string, username string) error { - sBasePath = basePath - sWorkingPath = workingPath - sTempPath = tempPath - sUser, err := user.Lookup(username) - if err != nil { - return err +func Setup(options *SetupOptions) error { + sBasePath = options.BasePath + sWorkingPath = options.WorkingPath + sTempPath = options.TempPath + if options.Username != "" { + sUser, err := user.Lookup(options.Username) + if err != nil { + return err + } + sUserID, _ = strconv.Atoi(sUser.Uid) + sGroupID, _ = strconv.Atoi(sUser.Gid) + } else { + sUserID = os.Getuid() + sGroupID = os.Getgid() } - sUserID, _ = strconv.Atoi(sUser.Uid) - sGroupID, _ = strconv.Atoi(sUser.Gid) + sTVOS = options.IsTVOS + + // TODO: remove after fixed + // https://github.com/golang/go/issues/68760 + sFixAndroidStack = options.FixAndroidStack + os.MkdirAll(sWorkingPath, 0o777) os.MkdirAll(sTempPath, 0o777) - os.Chown(sWorkingPath, sUserID, sGroupID) - os.Chown(sTempPath, sUserID, sGroupID) + if options.Username != "" { + os.Chown(sWorkingPath, sUserID, sGroupID) + os.Chown(sTempPath, sUserID, sGroupID) + } return nil } From e5fc7178196898c2b91019b3d7dd50fcdd93d8ea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E4=B8=96=E7=95=8C?= Date: Mon, 18 Nov 2024 19:00:56 +0800 Subject: [PATCH 3/3] documentation: Bump version --- docs/changelog.md | 204 +++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 203 insertions(+), 1 deletion(-) diff --git a/docs/changelog.md b/docs/changelog.md index 39bc6c8f..0d2097ec 100644 --- a/docs/changelog.md +++ b/docs/changelog.md @@ -2,16 +2,218 @@ icon: material/alert-decagram --- +#### 1.11.0-beta.14 + +* Allow adding route (exclude) address sets to routes **1** +* Fixes and improvements + +**1**: + +When `auto_redirect` is not enabled, directly add `route[_exclude]_address_set` +to tun routes (equivalent to `route[_exclude]_address`). + +Note that it **doesn't work on the Android graphical client** due to +the Android VpnService not being able to handle a large number of routes (DeadSystemException), +but otherwise it works fine on all command line clients and Apple platforms. + +See [route_address_set](/configuration/inbound/tun/#route_address_set) and +[route_exclude_address_set](/configuration/inbound/tun/#route_exclude_address_set). + +#### 1.11.0-beta.12 + +* Add `rule-set merge` command +* Fixes and improvements + ### 1.10.5 * Fixes and improvements +#### 1.11.0-beta.3 + +* Add more masquerade options for hysteria2 **1** +* Fixes and improvements + +**1**: + +See [Hysteria2](/configuration/inbound/hysteria2/#masquerade). + +#### 1.11.0-alpha.25 + +* Update quic-go to v0.48.2 +* Fixes and improvements + +#### 1.11.0-alpha.22 + +* Add UDP timeout route option **1** +* Fixes and improvements + +**1**: + +See [Rule Action](/configuration/route/rule_action/#udp_timeout). + +#### 1.11.0-alpha.20 + +* Add UDP GSO support for WireGuard +* Make GSO adaptive **1** + +**1**: + +For WireGuard outbound and endpoint, GSO will be automatically enabled when available, +see [WireGuard Outbound](/configuration/outbound/wireguard/#gso). + +For TUN, GSO has been removed, +see [Deprecated](/deprecated/#gso-option-in-tun). + +#### 1.11.0-alpha.19 + +* Upgrade WireGuard outbound to endpoint **1** +* Fixes and improvements + +**1**: + +The new WireGuard endpoint combines inbound and outbound capabilities, +and the old outbound will be removed in sing-box 1.13.0. + +See [Endpoint](/configuration/endpoint/), [WireGuard Endpoint](/configuration/endpoint/wireguard/) +and [Migrate WireGuard outbound fields to route options](/migration/#migrate-wireguard-outbound-to-endpoint). + ### 1.10.2 * Add deprecated warnings * Fix proxying websocket connections in HTTP/mixed inbounds * Fixes and improvements +#### 1.11.0-alpha.18 + +* Fixes and improvements + +#### 1.11.0-alpha.16 + +* Add `cache_capacity` DNS option **1** +* Add `override_address` and `override_port` route options **2** +* Fixes and improvements + +**1**: + +See [DNS](/configuration/dns/#cache_capacity). + +**2**: + +See [Rule Action](/configuration/route/#override_address) and +[Migrate destination override fields to route options](/migration/#migrate-destination-override-fields-to-route-options). + +#### 1.11.0-alpha.15 + +* Improve multi network dialing **1** +* Fixes and improvements + +**1**: + +New options allow you to configure the network strategy flexibly. + +See [Dial Fields](/configuration/shared/dial/#network_strategy), +[Rule Action](/configuration/route/rule_action/#network_strategy) +and [Route](/configuration/route/#default_network_strategy). + +#### 1.11.0-alpha.14 + +* Add multi network dialing **1** +* Fixes and improvements + +**1**: + +Similar to Surge's strategy. + +New options allow you to connect using multiple network interfaces, +prefer or only use one type of interface, +and configure a timeout to fallback to other interfaces. + +See [Dial Fields](/configuration/shared/dial/#network_strategy), +[Rule Action](/configuration/route/rule_action/#network_strategy) +and [Route](/configuration/route/#default_network_strategy). + +#### 1.11.0-alpha.13 + +* Fixes and improvements + +#### 1.11.0-alpha.12 + +* Merge route options to route actions **1** +* Add `network_type`, `network_is_expensive` and `network_is_constrainted` rule items **2** +* Fixes and improvements + +**1**: + +Route options in DNS route actions will no longer be considered deprecated, +see [DNS Route Action](/configuration/dns/rule_action/). + +Also, now `udp_disable_domain_unmapping` and `udp_connect` can also be configured in route action, +see [Route Action](/configuration/route/rule_action/). + +**2**: + +When using in graphical clients, new routing rule items allow you to match on +network type (WIFI, cellular, etc.), whether the network is expensive, and whether Low Data Mode is enabled. + +See [Route Rule](/configuration/route/rule/), [DNS Route Rule](/configuration/dns/rule/) +and [Headless Rule](/configuration/rule-set/headless-rule/). + +#### 1.11.0-alpha.9 + +* Improve tun compatibility **1** +* Fixes and improvements + +**1**: + +When `gvisor` tun stack is enabled, even if the request passes routing, +if the outbound connection establishment fails, +the connection still does not need to be established and a TCP RST is replied. + +#### 1.11.0-alpha.7 + +* Introducing rule actions **1** + +**1**: + +New rule actions replace legacy inbound fields and special outbound fields, +and can be used for pre-matching **2**. + +See [Rule](/configuration/route/rule/), +[Rule Action](/configuration/route/rule_action/), +[DNS Rule](/configuration/dns/rule/) and +[DNS Rule Action](/configuration/dns/rule_action/). + +For migration, see +[Migrate legacy special outbounds to rule actions](/migration/#migrate-legacy-special-outbounds-to-rule-actions), +[Migrate legacy inbound fields to rule actions](/migration/#migrate-legacy-inbound-fields-to-rule-actions) +and [Migrate legacy DNS route options to rule actions](/migration/#migrate-legacy-dns-route-options-to-rule-actions). + +**2**: + +Similar to Surge's pre-matching. + +Specifically, new rule actions allow you to reject connections with +TCP RST (for TCP connections) and ICMP port unreachable (for UDP packets) +before connection established to improve tun's compatibility. + +See [Rule Action](/configuration/route/rule_action/). + +#### 1.11.0-alpha.6 + +* Update quic-go to v0.48.1 +* Set gateway for tun correctly +* Fixes and improvements + +#### 1.11.0-alpha.2 + +* Add warnings for usage of deprecated features +* Fixes and improvements + +#### 1.11.0-alpha.1 + +* Update quic-go to v0.48.0 +* Fixes and improvements + ### 1.10.1 * Fixes and improvements @@ -87,7 +289,7 @@ allows you to write headless rules directly without creating a rule-set file. **8**: -With the new access control options, not only can you allow Clash dashboards +With new access control options, not only can you allow Clash dashboards to access the Clash API on your local network, you can also manually limit the websites that can access the API instead of allowing everyone.