diff --git a/README.md b/README.md index b025af2e..921f7525 100644 --- a/README.md +++ b/README.md @@ -88,6 +88,12 @@ socks-port: 7891 allow-lan: false +# Only applicable when setting allow-lan to true +# "*": bind all IP addresses +# 192.168.122.11: bind a single IPv4 address +# "[aaaa::a8aa:ff:fe09:57d8]": bind a single IPv6 address +bind-address: "*" + # Rule / Global/ Direct (default is Rule) mode: Rule diff --git a/config/config.go b/config/config.go index a9962164..296c9761 100644 --- a/config/config.go +++ b/config/config.go @@ -30,6 +30,7 @@ type General struct { RedirPort int `json:"redir-port"` Authentication []string `json:"authentication"` AllowLan bool `json:"allow-lan"` + BindAddress string `json:"bind-address"` Mode T.Mode `json:"mode"` LogLevel log.LogLevel `json:"log-level"` ExternalController string `json:"-"` @@ -81,6 +82,7 @@ type rawConfig struct { RedirPort int `yaml:"redir-port"` Authentication []string `yaml:"authentication"` AllowLan bool `yaml:"allow-lan"` + BindAddress string `yaml:"bind-address"` Mode T.Mode `yaml:"mode"` LogLevel log.LogLevel `yaml:"log-level"` ExternalController string `yaml:"external-controller"` @@ -129,6 +131,7 @@ func readConfig(path string) (*rawConfig, error) { // config with some default value rawConfig := &rawConfig{ AllowLan: false, + BindAddress: "*", Mode: T.Rule, Authentication: []string{}, LogLevel: log.INFO, @@ -192,6 +195,7 @@ func parseGeneral(cfg *rawConfig) (*General, error) { socksPort := cfg.SocksPort redirPort := cfg.RedirPort allowLan := cfg.AllowLan + bindAddress := cfg.BindAddress externalController := cfg.ExternalController externalUI := cfg.ExternalUI secret := cfg.Secret @@ -213,6 +217,7 @@ func parseGeneral(cfg *rawConfig) (*General, error) { SocksPort: socksPort, RedirPort: redirPort, AllowLan: allowLan, + BindAddress: bindAddress, Mode: mode, LogLevel: logLevel, ExternalController: externalController, diff --git a/hub/executor/executor.go b/hub/executor/executor.go index 361afe1e..b00ae2d4 100644 --- a/hub/executor/executor.go +++ b/hub/executor/executor.go @@ -46,6 +46,7 @@ func GetGeneral() *config.General { RedirPort: ports.RedirPort, Authentication: authenticator, AllowLan: P.AllowLan(), + BindAddress: P.BindAddress(), Mode: T.Instance().Mode(), LogLevel: log.Level(), } @@ -105,6 +106,9 @@ func updateGeneral(general *config.General) { allowLan := general.AllowLan P.SetAllowLan(allowLan) + bindAddress := general.BindAddress + P.SetBindAddress(bindAddress) + if err := P.ReCreateHTTP(general.Port); err != nil { log.Errorln("Start HTTP server error: %s", err.Error()) } diff --git a/hub/route/configs.go b/hub/route/configs.go index 3895c955..08856a43 100644 --- a/hub/route/configs.go +++ b/hub/route/configs.go @@ -22,12 +22,13 @@ func configRouter() http.Handler { } type configSchema struct { - Port *int `json:"port"` - SocksPort *int `json:"socks-port"` - RedirPort *int `json:"redir-port"` - AllowLan *bool `json:"allow-lan"` - Mode *T.Mode `json:"mode"` - LogLevel *log.LogLevel `json:"log-level"` + Port *int `json:"port"` + SocksPort *int `json:"socks-port"` + RedirPort *int `json:"redir-port"` + AllowLan *bool `json:"allow-lan"` + BindAddress *string `json:"bind-address"` + Mode *T.Mode `json:"mode"` + LogLevel *log.LogLevel `json:"log-level"` } func getConfigs(w http.ResponseWriter, r *http.Request) { @@ -55,6 +56,10 @@ func patchConfigs(w http.ResponseWriter, r *http.Request) { P.SetAllowLan(*general.AllowLan) } + if general.BindAddress != nil { + P.SetBindAddress(*general.BindAddress) + } + ports := P.GetPorts() P.ReCreateHTTP(pointerOrDefault(general.Port, ports.Port)) P.ReCreateSocks(pointerOrDefault(general.SocksPort, ports.SocksPort)) diff --git a/proxy/listener.go b/proxy/listener.go index 98ef4ec8..1966b0bf 100644 --- a/proxy/listener.go +++ b/proxy/listener.go @@ -11,7 +11,8 @@ import ( ) var ( - allowLan = false + allowLan = false + bindAddress = "*" socksListener *socks.SockListener socksUDPListener *socks.SockUDPListener @@ -34,12 +35,20 @@ func AllowLan() bool { return allowLan } +func BindAddress() string { + return bindAddress +} + func SetAllowLan(al bool) { allowLan = al } +func SetBindAddress(host string) { + bindAddress = host +} + func ReCreateHTTP(port int) error { - addr := genAddr(port, allowLan) + addr := genAddr(bindAddress, port, allowLan) if httpListener != nil { if httpListener.Address() == addr { @@ -63,7 +72,7 @@ func ReCreateHTTP(port int) error { } func ReCreateSocks(port int) error { - addr := genAddr(port, allowLan) + addr := genAddr(bindAddress, port, allowLan) if socksListener != nil { if socksListener.Address() == addr { @@ -83,12 +92,10 @@ func ReCreateSocks(port int) error { return err } - return reCreateSocksUDP(port) + return reCreateSocksUDP(addr) } -func reCreateSocksUDP(port int) error { - addr := genAddr(port, allowLan) - +func reCreateSocksUDP(addr string) error { if socksUDPListener != nil { if socksUDPListener.Address() == addr { return nil @@ -97,10 +104,6 @@ func reCreateSocksUDP(port int) error { socksUDPListener = nil } - if portIsZero(addr) { - return nil - } - var err error socksUDPListener, err = socks.NewSocksUDPProxy(addr) if err != nil { @@ -111,7 +114,7 @@ func reCreateSocksUDP(port int) error { } func ReCreateRedir(port int) error { - addr := genAddr(port, allowLan) + addr := genAddr(bindAddress, port, allowLan) if redirListener != nil { if redirListener.Address() == addr { @@ -167,9 +170,14 @@ func portIsZero(addr string) bool { return false } -func genAddr(port int, allowLan bool) string { +func genAddr(host string, port int, allowLan bool) string { if allowLan { - return fmt.Sprintf(":%d", port) + if host == "*" { + return fmt.Sprintf(":%d", port) + } else { + return fmt.Sprintf("%s:%d", host, port) + } } + return fmt.Sprintf("127.0.0.1:%d", port) }