7x31/anylink
1
0
Fork 0
mirror of https://github.com/bjdgyc/anylink.git synced 2025-08-06 19:43:25 +08:00
Code Issues Packages Projects Releases Wiki Activity

默认加白出口ip

Browse Source
This commit is contained in:
bjdgyc
2024-02-19 17:11:25 +08:00
parent d73816a811
commit 29a3e4bfb3
5 changed files with 26 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
server/handler/link_tunnel.go
View File

@@ -66,6 +66,8 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
cstpBaseMtu := r.Header.Get("X-CSTP-Base-MTU")
masterSecret := r.Header.Get("X-DTLS-Master-Secret")
localIp := r.Header.Get("X-Cstp-Local-Address-Ip4")
// 出口ip
exportIp4 := r.Header.Get("X-Cstp-Remote-Address-Ip4")
mobile := r.Header.Get("X-Cstp-License")
cSess.SetMtu(cstpMtu)
@@ -96,14 +98,6 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
dtlsCiphersuite := checkDtls12Ciphersuite(r.Header.Get("X-Dtls12-Ciphersuite"))
base.Trace("dtlsCiphersuite", dtlsCiphersuite)
// 压缩
if cmpName, ok := cSess.SetPickCmp("cstp", r.Header.Get("X-Cstp-Accept-Encoding")); ok {
HttpSetHeader(w, "X-CSTP-Content-Encoding", cmpName)
}
if cmpName, ok := cSess.SetPickCmp("dtls", r.Header.Get("X-Dtls-Accept-Encoding")); ok {
HttpSetHeader(w, "X-DTLS-Content-Encoding", cmpName)
}
// 返回客户端数据
HttpSetHeader(w, "Server", fmt.Sprintf("%s %s", base.APP_NAME, base.APP_VER))
HttpSetHeader(w, "X-CSTP-Version", "1")
@@ -113,11 +107,19 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
HttpSetHeader(w, "X-CSTP-Netmask", sessdata.IpPool.Ipv4Mask.String()) // 子网掩码
HttpSetHeader(w, "X-CSTP-Hostname", hn) // 机器名称
HttpSetHeader(w, "X-CSTP-Base-MTU", cstpBaseMtu)
// 要发布的默认域
// 客户端dns的默认搜索
if base.Cfg.DefaultDomain != "" {
HttpSetHeader(w, "X-CSTP-Default-Domain", base.Cfg.DefaultDomain)
}
// 压缩
if cmpName, ok := cSess.SetPickCmp("cstp", r.Header.Get("X-Cstp-Accept-Encoding")); ok {
HttpSetHeader(w, "X-CSTP-Content-Encoding", cmpName)
}
if cmpName, ok := cSess.SetPickCmp("dtls", r.Header.Get("X-Dtls-Accept-Encoding")); ok {
HttpSetHeader(w, "X-DTLS-Content-Encoding", cmpName)
}
// 设置用户策略
SetUserPolicy(cSess.Username, cSess.Group)
@@ -136,10 +138,14 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
}
HttpAddHeader(w, "X-CSTP-Split-Include", v.IpMask)
}
// 不允许的路由 X-Cstp-Remote-Address-Ip4:
// 不允许的路由
for _, v := range cSess.Group.RouteExclude {
HttpAddHeader(w, "X-CSTP-Split-Exclude", v.IpMask)
}
// 排除出口ip路由(出口ip不加密传输)
if base.Cfg.ExcludeExportIp && exportIp4 != "" {
HttpAddHeader(w, "X-CSTP-Split-Exclude", exportIp4+"/255.255.255.255")
}
HttpSetHeader(w, "X-CSTP-Lease-Duration", "1209600") // ip地址租期
HttpSetHeader(w, "X-CSTP-Session-Timeout", "none")