Documentation ¶
Index ¶
- Variables
- func ExportOutlineJson(version string) string
- func FunctionListOrStringToFunctionList(fs FunctionListOrString) (f []*config_parser.Function)
- func FunctionOrStringToFunction(fs FunctionOrString) (f *config_parser.Function)
- func ParamParser(to reflect.Value, section *config_parser.Section, ignoreType []reflect.Type) error
- func SectionParser(to reflect.Value, section *config_parser.Section) error
- func StringListParser(to reflect.Value, section *config_parser.Section) error
- type Config
- type Desc
- type Dns
- type DnsRequestRouting
- type DnsResponseRouting
- type DnsRouting
- type FunctionListOrString
- type FunctionOrString
- type Global
- type Group
- type KeyableString
- type Marshaller
- type Merger
- type Outline
- type OutlineElem
- type Routing
- type Utls
Constants ¶
This section is empty.
Variables ¶
View Source
var DnsDesc = Desc{
"ipversion_prefer": "For example, if ipversion_prefer is 4 and the domain name has both type A and type AAAA records, the dae will only respond to type A queries and response empty answer to type AAAA queries.",
"fixed_domain_ttl": "Give a fixed ttl for domains. Zero means that dae will request to upstream every time and not cache DNS results for these domains.",
"upstream": "Value can be scheme://host:port, where the scheme can be tcp/udp/tcp+udp.\nIf host is a domain and has both IPv4 and IPv6 record, dae will automatically choose IPv4 or IPv6 to use according to group policy (such as min latency policy).\nPlease make sure DNS traffic will go through and be forwarded by dae, which is REQUIRED for domain routing.\nIf dial_mode is \"ip\", the upstream DNS answer SHOULD NOT be polluted, so domestic public DNS is not recommended.",
"request": `DNS requests will follow this routing.
Built-in outbound: asis.
Available functions: qname, qtype`,
"response": `DNS responses will follow this routing.
Built-in outbound: accept, reject.
Available functions: qname, qtype, ip, upstream`,
}
View Source
var (
ErrCircularInclude = fmt.Errorf("circular include is not allowed")
)
View Source
var GlobalDesc = Desc{
"tproxy_port": "tproxy port to listen on. It is NOT a HTTP/SOCKS port, and is just used by eBPF program.\nIn normal case, you do not need to use it.",
"tproxy_port_protect": "Set it true to protect tproxy port from unsolicited traffic. Set it false to allow users to use self-managed iptables tproxy rules.",
"so_mark_from_dae": "If not zero, traffic sent from dae will be set SO_MARK. It is useful to avoid traffic loop with iptables tproxy rules.",
"log_level": "Log level: error, warn, info, debug, trace.",
"tcp_check_url": "Node connectivity check.\nHost of URL should have both IPv4 and IPv6 if you have double stack in local.\nConsidering traffic consumption, it is recommended to choose a site with anycast IP and less response.",
"tcp_check_http_method": "The HTTP request method to `tcp_check_url`. Use 'HEAD' by default because some server implementations bypass accounting for this kind of traffic.",
"udp_check_dns": "This DNS will be used to check UDP connectivity of nodes. And if dns_upstream below contains tcp, it also be used to check TCP DNS connectivity of nodes.\nThis DNS should have both IPv4 and IPv6 if you have double stack in local.",
"check_interval": "Interval of connectivity check for TCP and UDP",
"check_tolerance": "Group will switch node only when new_latency <= old_latency - tolerance.",
"lan_interface": "The LAN interface to bind. Use it if you want to proxy LAN.",
"wan_interface": "The WAN interface to bind. Use it if you want to proxy localhost. Use \"auto\" to auto detect.",
"allow_insecure": "Allow insecure TLS certificates. It is not recommended to turn it on unless you have to.",
"dial_mode": `Optional values of dial_mode are:
1. "ip". Dial proxy using the IP from DNS directly. This allows your ipv4, ipv6 to choose the optimal path respectively, and makes the IP version requested by the application meet expectations. For example, if you use curl -4 ip.sb, you will request IPv4 via proxy and get a IPv4 echo. And curl -6 ip.sb will request IPv6. This may solve some weird full-cone problem if your are be your node support that.Sniffing will be disabled in this mode.
2. "domain". Dial proxy using the domain from sniffing. This will relieve DNS pollution problem to a great extent if have impure DNS environment. Generally, this mode brings faster proxy response time because proxy will re-resolve the domain in remote, thus get better IP result to connect. This policy does not impact routing. That is to say, domain rewrite will be after traffic split of routing and dae will not re-route it.
3. "domain+". Based on domain mode but do not check the reality of sniffed domain. It is useful for users whose DNS requests do not go through dae but want faster proxy response time. Notice that, if DNS requests do not go through dae, dae cannot split traffic by domain.
4. "domain++". Based on domain+ mode but force to re-route traffic using sniffed domain to partially recover domain based traffic split ability. It doesn't work for direct traffic and consumes more CPU resources.`,
"disable_waiting_network": "Disable waiting for network before pulling subscriptions.",
"auto_config_kernel_parameter": "Automatically configure Linux kernel parameters like ip_forward and send_redirects. Check out https://github.com/daeuniverse/dae/blob/main/docs/en/user-guide/kernel-parameters.md to see what will dae do.",
"sniffing_timeout": "Timeout to waiting for first data sending for sniffing. It is always 0 if dial_mode is ip. Set it higher is useful in high latency LAN network.",
"tls_implementation": "TLS implementation. \"tls\" is to use Go's crypto/tls. \"utls\" is to use uTLS, which can imitate browser's Client Hello.",
"utls_imitate": "The Client Hello ID for uTLS to imitate. This takes effect only if tls_implementation is utls. See more: https://github.com/daeuniverse/dae/blob/331fa23c16/component/outbound/transport/tls/utls.go#L17",
"mptcp": "Enable Multipath TCP. If is true, dae will try to use MPTCP to connect all nodes, but it will only take effects when the node supports MPTCP. It can use for load balance and failover to multiple interfaces and IPs.",
}
View Source
var GroupDesc = Desc{
"filter": `Filter nodes from the global node pool defined by the "subscription" and "node" sections.
Available functions: name, subtag. Not operator is supported.
Available keys in name function: keyword, regex. No key indicates full match.
Available keys in subtag function: regex. No key indicates full match.`,
"policy": `Dialer selection policy. For each new connection, select a node as dialer from group by this policy.
Available values: random, fixed, min, min_avg10, min_moving_avg.
random: Select randomly.
fixed: Select the fixed node. Connectivity check will be disabled.
min: Select node by the latency of last check.
min_avg10: Select node by the average of latencies of last 10 checks.
min_moving_avg: Select node by the moving average of latencies of checks, which means more recent latencies have higher weight.
`,
"tcp_check_url": "Override global config.",
"tcp_check_http_method": "Override global config.",
"udp_check_dns": "Override global config.",
"check_interval": "Override global config.",
"check_tolerance": "Override global config.",
}
View Source
var SectionDescription = map[string]Desc{ "GlobalDesc": GlobalDesc, "DnsDesc": DnsDesc, "GroupDesc": GroupDesc, }
View Source
var SectionSummaryDesc = Desc{
"subscription": "Subscriptions defined here will be resolved as nodes and merged as a part of the global node pool.\nSupport to give the subscription a tag, and filter nodes from a given subscription in the group section.",
"node": "Nodes defined here will be merged as a part of the global node pool.",
"dns": "See more at https://github.com/daeuniverse/dae/blob/main/docs/en/configuration/dns.md.",
"group": "Node group. Groups defined here can be used as outbounds in section \"routing\".",
"routing": `Traffic follows this routing. See https://github.com/daeuniverse/dae/blob/main/docs/en/configuration/routing.md for full examples.
Notice: domain traffic split will fail if DNS traffic is not taken over by dae.
Built-in outbound: direct, must_direct, block.
Available functions: domain, sip, dip, sport, dport, ipversion, l4proto, pname, mac.
Available keys in domain function: suffix, keyword, regex, full. No key indicates suffix.
domain: Match domain.
sip: Match source IP. CIDR format is also supported.
dip: Match dest IP. CIDR format is also supported.
sport: Match source port. Range like 8000-9000 is also supported.
dport: Match dest port. Range like 8000-9000 is also supported.
ipversion: Match IP version. Available values: 4, 6.
l4proto: Match level 4 protocol. Available values: tcp, udp.
pname: Match process name. It only works on WAN mode and for localhost programs.
mac: Match source MAC address. It works on LAN mode.`,
}
View Source
var (
Version string
)
Functions ¶
func ExportOutlineJson ¶
func FunctionListOrStringToFunctionList ¶
func FunctionListOrStringToFunctionList(fs FunctionListOrString) (f []*config_parser.Function)
func FunctionOrStringToFunction ¶
func FunctionOrStringToFunction(fs FunctionOrString) (f *config_parser.Function)
func ParamParser ¶
func SectionParser ¶
func SectionParser(to reflect.Value, section *config_parser.Section) error
func StringListParser ¶
func StringListParser(to reflect.Value, section *config_parser.Section) error
Types ¶
type Config ¶
type Config struct { Global Global `mapstructure:"global" required:"" desc:"GlobalDesc"` Subscription []KeyableString `mapstructure:"subscription"` Node []KeyableString `mapstructure:"node"` Group []Group `mapstructure:"group" desc:"GroupDesc"` Routing Routing `mapstructure:"routing" required:""` Dns Dns `mapstructure:"dns" desc:"DnsDesc"` }
type Dns ¶
type Dns struct { IpVersionPrefer int `mapstructure:"ipversion_prefer"` FixedDomainTtl []KeyableString `mapstructure:"fixed_domain_ttl"` Upstream []KeyableString `mapstructure:"upstream"` Routing DnsRouting `mapstructure:"routing"` }
type DnsRequestRouting ¶
type DnsRequestRouting struct { Rules []*config_parser.RoutingRule `mapstructure:"_"` Fallback FunctionOrString `mapstructure:"fallback" required:""` }
type DnsResponseRouting ¶
type DnsResponseRouting struct { Rules []*config_parser.RoutingRule `mapstructure:"_"` Fallback FunctionOrString `mapstructure:"fallback" required:""` }
type DnsRouting ¶
type DnsRouting struct { Request DnsRequestRouting `mapstructure:"request"` Response DnsResponseRouting `mapstructure:"response"` }
type FunctionListOrString ¶
type FunctionListOrString interface{}
type FunctionOrString ¶
type FunctionOrString interface{}
type Global ¶
type Global struct { TproxyPort uint16 `mapstructure:"tproxy_port" default:"12345"` TproxyPortProtect bool `mapstructure:"tproxy_port_protect" default:"true"` SoMarkFromDae uint32 `mapstructure:"so_mark_from_dae"` LogLevel string `mapstructure:"log_level" default:"info"` // We use DirectTcpCheckUrl to check (tcp)*(ipv4/ipv6) connectivity for direct. //DirectTcpCheckUrl string `mapstructure:"direct_tcp_check_url" default:"http://www.qualcomm.cn/generate_204"` TcpCheckUrl []string `mapstructure:"tcp_check_url" default:"http://cp.cloudflare.com,1.1.1.1,2606:4700:4700::1111"` TcpCheckHttpMethod string `mapstructure:"tcp_check_http_method" default:"HEAD"` // Use 'HEAD' because some server implementations bypass accounting for this kind of traffic. UdpCheckDns []string `mapstructure:"udp_check_dns" default:"dns.google:53,8.8.8.8,2001:4860:4860::8888"` CheckInterval time.Duration `mapstructure:"check_interval" default:"30s"` CheckTolerance time.Duration `mapstructure:"check_tolerance" default:"0"` LanInterface []string `mapstructure:"lan_interface"` WanInterface []string `mapstructure:"wan_interface"` AllowInsecure bool `mapstructure:"allow_insecure" default:"false"` DialMode string `mapstructure:"dial_mode" default:"domain"` DisableWaitingNetwork bool `mapstructure:"disable_waiting_network" default:"false"` EnableLocalTcpFastRedirect bool `mapstructure:"enable_local_tcp_fast_redirect" default:"false"` AutoConfigKernelParameter bool `mapstructure:"auto_config_kernel_parameter" default:"false"` // DEPRECATED: not used as of https://github.com/daeuniverse/dae/pull/458 AutoConfigFirewallRule bool `mapstructure:"auto_config_firewall_rule" default:"false"` SniffingTimeout time.Duration `mapstructure:"sniffing_timeout" default:"100ms"` TlsImplementation string `mapstructure:"tls_implementation" default:"tls"` UtlsImitate string `mapstructure:"utls_imitate" default:"chrome_auto"` PprofPort uint16 `mapstructure:"pprof_port" default:"0"` Mptcp bool `mapstructure:"mptcp" default:"false"` BandwidthMaxTx string `mapstructure:"bandwidth_max_tx" default:"0"` BandwidthMaxRx string `mapstructure:"bandwidth_max_rx" default:"0"` }
type Group ¶
type Group struct { Name string `mapstructure:"_"` Filter [][]*config_parser.Function `mapstructure:"filter" repeatable:""` FilterAnnotation [][]*config_parser.Param `mapstructure:"_"` Policy FunctionListOrString `mapstructure:"policy" required:""` TcpCheckUrl []string `mapstructure:"tcp_check_url"` TcpCheckHttpMethod string `mapstructure:"tcp_check_http_method"` UdpCheckDns []string `mapstructure:"udp_check_dns"` CheckInterval time.Duration `mapstructure:"check_interval"` CheckTolerance time.Duration `mapstructure:"check_tolerance"` }
type KeyableString ¶
type KeyableString string
type Marshaller ¶
type Marshaller struct { IndentSpace int IgnoreZero bool // contains filtered or unexported fields }
func (*Marshaller) Bytes ¶
func (m *Marshaller) Bytes() []byte
func (*Marshaller) MarshalSection ¶
type Outline ¶
type Outline struct { Version string `json:"version"` Leaves []string `json:"leaves"` Structure []*OutlineElem `json:"structure"` }
func ExportOutline ¶
type OutlineElem ¶
type OutlineElem struct { Name string `json:"name,omitempty"` Mapping string `json:"mapping,omitempty"` IsArray bool `json:"isArray,omitempty"` DefaultValue string `json:"defaultValue,omitempty"` Required bool `json:"required,omitempty"` Type string `json:"type,omitempty"` Desc string `json:"desc,omitempty"` Structure []*OutlineElem `json:"structure,omitempty"` }
type Routing ¶
type Routing struct { Rules []*config_parser.RoutingRule `mapstructure:"_"` Fallback FunctionOrString `mapstructure:"fallback" default:"direct"` }
Click to show internal directories.
Click to hide internal directories.