source/shadowsocks-rust
1
0
Fork 0
mirror of https://github.com/shadowsocks/shadowsocks-rust.git synced 2026-02-09 01:59:16 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix(shadowsocks-service): ACL host rule resolved IP check return if matched

Browse Source
This commit is contained in:
ty
2025-06-12 10:10:09 +08:00
parent ea5e3a514f
commit c0361e6522
1 changed files with 14 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
crates/shadowsocks-service/src/acl/mod.rs
View File

@@ -565,7 +565,13 @@ impl AccessControl {
}
if let Ok(vaddr) = context.dns_resolve(host, port).await {
for addr in vaddr {
if !self.check_ip_in_proxy_list(&addr.ip()) {
let ip = addr.ip();
if self.black_list.check_ip_matched(&ip) {
// If IP is in black_list, it should be bypassed
return false;
}
if self.white_list.check_ip_matched(&ip) {
// If IP is in white_list, it should be proxied
return true;
}
}
@@ -614,9 +620,15 @@ impl AccessControl {
if let Ok(vaddr) = context.dns_resolve(host, *port).await {
for addr in vaddr {
if self.check_outbound_ip_blocked(&addr.ip()) {
let ip = addr.ip();
if self.outbound_block.check_ip_matched(&ip) {
// If IP is in outbound_block, it should be blocked
return true;
}
if self.outbound_allow.check_ip_matched(&ip) {
// If IP is in outbound_allow, it should be allowed
return false;
}
}
}