vpn settings

MatsuriDayo · Aug 8, 2022 · efdac7f · efdac7f
1 parent 77d3548
commit efdac7f
Show file tree

Hide file tree

Showing 11 changed files with 300 additions and 119 deletions.
diff --git a/examples/sing-box-vpn.json b/examples/sing-box-vpn.json
@@ -1,14 +1,11 @@
 {
-    "dns": {
-        "servers": [],
-        "rules": [],
-        "strategy": "ipv4_only"
-    },
     "inbounds": [
         {
             "type": "tun",
             "interface_name": "nekoray-tun",
             "inet4_address": "172.19.0.1/30",
+            %IPV6_ADDRESS%
+            "mtu": %MTU%,
             "auto_route": true,
             "sniff": false
         }

diff --git a/examples/vpn-run-root.sh b/examples/vpn-run-root.sh
@@ -11,6 +11,7 @@ fi
 [ -z $TABLE_FWMARK ] && echo "Please set env TABLE_FWMARK" && exit
 [ -z $TUN_NAME ] && echo "Please set env TUN_NAME" && exit
 [ -z $USER_ID ] && echo "Please set env USER_ID" && exit
+[ -z $MTU ] && MTU=1500
 command -v pkill >/dev/null 2>&1 || exit
 
 BASEDIR=$(dirname "$0")
@@ -19,16 +20,22 @@ cd $BASEDIR
 start() {
   # add tun (TODO the ip must be the same as matsuri)
   ip tuntap add $TUN_NAME mode tun user $USER_ID || return
-  ip addr add 172.19.0.1/30 dev $TUN_NAME || return
+  ip link set dev nekoray-tun mtu $MTU || return
   ip link set dev $TUN_NAME up || return
 
   # set ipv4 rule
+  ip addr add 172.19.0.1/30 dev $TUN_NAME || return
   ip rule add table $TABLE_FWMARK || return
   ip route add table $TABLE_FWMARK default dev $TUN_NAME || return
 
-  # set ipv6 unreachable
+  # set ipv6 rule
   ip -6 rule add table $TABLE_FWMARK || return
-  ip -6 route add table $TABLE_FWMARK unreachable default || return
+  if [ -z $ENABLE_IPV6 ]; then
+    ip -6 route add table $TABLE_FWMARK unreachable default || return
+  else
+    ip -6 addr add fdfe:dcba:9876::1/126 dev $TUN_NAME || return
+    ip -6 route add table $TABLE_FWMARK default dev $TUN_NAME || return
+  fi
 
   # set bypass: fwmark
   ip rule add fwmark $TABLE_FWMARK table main || return
@@ -39,6 +46,10 @@ start() {
     ip rule add to $local table main
   done
 
+  # for Tun2Socket
+  iptables -I INPUT -s 172.19.0.2 -d 172.19.0.1 -p tcp -j ACCEPT
+  ip6tables -I INPUT -s fdfe:dcba:9876::2 -d fdfe:dcba:9876::1 -p tcp -j ACCEPT
+
   if [ ! -z $USE_NEKORAY ]; then
     "./nekoray_core" tool protect --protect-listen-path "$PROTECT_LISTEN_PATH" --protect-fwmark $TABLE_FWMARK
   else
@@ -55,6 +66,8 @@ stop() {
   for local in $BYPASS_IPS; do
     ip rule del to $local table main
   done
+  iptables -D INPUT -s 172.19.0.2 -d 172.19.0.1 -p tcp -j ACCEPT
+  ip6tables -D INPUT -s fdfe:dcba:9876::2 -d fdfe:dcba:9876::1 -p tcp -j ACCEPT
   ip rule del table $TABLE_FWMARK
   ip rule del fwmark $TABLE_FWMARK
   ip route del table $TABLE_FWMARK default

diff --git a/go/tun_linux.go b/go/tun_linux.go
@@ -3,6 +3,7 @@ package main
 import (
 	"errors"
 	"libcore"
+	"libcore/comm"
 	"nekoray_core/gen"
 	"sync"
 	"syscall"
@@ -33,6 +34,7 @@ func TunStart(config *gen.SetTunReq) (err error) {
 		V2Ray:          instance, // use current if started
 		Implementation: config.Implementation,
 		Sniffing:       true,
+		IPv6Mode:       comm.IPv6Prefer,
 		FakeDNS:        config.Fakedns,
 	})
 	return

diff --git a/main/NekoRay.cpp b/main/NekoRay.cpp
@@ -50,6 +50,9 @@ namespace NekoRay {
         _add(new configItem("active_routing", &active_routing, itemType::string));
         _add(new configItem("mw_size", &mw_size, itemType::string));
         _add(new configItem("conn_stat", &connection_statistics, itemType::boolean));
+        _add(new configItem("vpn_impl", &vpn_implementation, itemType::integer));
+        _add(new configItem("vpn_mtu", &vpn_mtu, itemType::integer));
+        _add(new configItem("vpn_ipv6", &vpn_ipv6, itemType::boolean));
     }
 
     void DataStore::UpdateStartedId(int id) {

diff --git a/main/NekoRay_DataStore.hpp b/main/NekoRay_DataStore.hpp
@@ -42,6 +42,14 @@ namespace NekoRay {
         int core_port = 19810;
         int started_id = -1919;
 
+        Routing *routing = new Routing;
+        int imported_count = 0;
+        bool refreshing_group_list = false;
+
+        // Flags
+        bool flag_use_appdata = false;
+        bool flag_many = false;
+
         // Saved
 
         // Misc
@@ -91,6 +99,11 @@ namespace NekoRay {
         QString custom_route_global = "{\"rules\": []}";
         QString active_routing = "Default";
 
+        // VPN
+        int vpn_implementation = 0;
+        int vpn_mtu = 9000;
+        bool vpn_ipv6 = false;
+
         // Hotkey
         QString hotkey_mainwindow = "";
         QString hotkey_group = "";
@@ -99,19 +112,6 @@ namespace NekoRay {
         // Other Core
         ExtraCore *extraCore = new ExtraCore;
 
-        // Running Cache
-
-        Routing *routing = new Routing;
-        int imported_count = 0;
-        bool refreshing_group_list = false;
-
-        // Running Flags
-
-        bool flag_use_appdata = false;
-        bool flag_many = false;
-
-        //
-
         DataStore();
 
         void UpdateStartedId(int id);

diff --git a/translations/zh_CN.ts b/translations/zh_CN.ts
@@ -450,6 +450,14 @@
         <source>Custom (global)</source>
         <translation>自定义 (全局)</translation>
     </message>
+    <message>
+        <source>VPN Implementation</source>
+        <translation>VPN 实现</translation>
+    </message>
+    <message>
+        <source>VPN Enable IPv6</source>
+        <translation>启用 VPN IPv6</translation>
+    </message>
 </context>
 <context>
     <name>EditChain</name>
@@ -1026,6 +1034,14 @@ End: %2</source>
         <source>Enable VPN</source>
         <translation>启用 VPN</translation>
     </message>
+    <message>
+        <source>VPN settings changed</source>
+        <translation>VPN 设置改变</translation>
+    </message>
+    <message>
+        <source>Restart VPN to take effect.</source>
+        <translation>重启 VPN 生效。</translation>
+    </message>
 </context>
 <context>
     <name>ProxyItem</name>

diff --git a/ui/dialog_manage_routes.cpp b/ui/dialog_manage_routes.cpp
@@ -38,14 +38,22 @@ DialogManageRoutes::DialogManageRoutes(QWidget *parent) :
     ui->dns_direct->setText(NekoRay::dataStore->direct_dns);
     ui->enhance_resolve_server_domain->setChecked(NekoRay::dataStore->enhance_resolve_server_domain);
     D_C_LOAD_STRING(custom_route_global)
-
+    //
+    ui->vpn_implementation->setCurrentIndex(NekoRay::dataStore->vpn_implementation);
+    ui->vpn_mtu->setCurrentText(Int2String(NekoRay::dataStore->vpn_mtu));
+    ui->vpn_ipv6->setChecked(NekoRay::dataStore->vpn_ipv6);
+#ifdef Q_OS_WIN
+    ui->vpn_implementation->setEditable(true);
+    ui->vpn_implementation->setCurrentText("Windows: sing-box gVisor");
+    ui->vpn_implementation->setDisabled(true);
+#endif
+    //
     connect(ui->custom_route_edit, &QPushButton::clicked, this, [=] {
         C_EDIT_JSON_ALLOW_EMPTY(custom_route)
     });
     connect(ui->custom_route_global_edit, &QPushButton::clicked, this, [=] {
         C_EDIT_JSON_ALLOW_EMPTY(custom_route_global)
     });
-
     //
     builtInSchemesMenu = new QMenu(this);
     builtInSchemesMenu->addActions(this->getBuiltInSchemes());
@@ -81,19 +89,39 @@ void DialogManageRoutes::accept() {
     NekoRay::dataStore->domain_strategy = ui->domainStrategyCombo->currentText();
     NekoRay::dataStore->outbound_domain_strategy = ui->outbound_domain_strategy->currentText();
     NekoRay::dataStore->dns_routing = ui->dns_routing->isChecked();
-    NekoRay::dataStore->fake_dns = ui->fake_dns->isChecked();
     NekoRay::dataStore->remote_dns = ui->dns_remote->text();
     NekoRay::dataStore->direct_dns = ui->dns_direct->text();
     NekoRay::dataStore->enhance_resolve_server_domain = ui->enhance_resolve_server_domain->isChecked();
     D_C_SAVE_STRING(custom_route_global)
-
     //
+    bool vpnChanged = false;
+    auto fakedns = ui->fake_dns->isChecked();
+    auto mtu = ui->vpn_mtu->currentText().toInt();
+    if (mtu > 10000 || mtu < 1000) mtu = 9000;
+    auto ipv6 = ui->vpn_ipv6->isChecked();
+#ifndef Q_OS_WIN
+    auto impl = ui->vpn_implementation->currentIndex();
+    vpnChanged |= NekoRay::dataStore->vpn_implementation != impl;
+    NekoRay::dataStore->vpn_implementation = impl;
+#endif
+    vpnChanged |= NekoRay::dataStore->fake_dns != fakedns;
+    vpnChanged |= NekoRay::dataStore->vpn_mtu != mtu;
+    vpnChanged |= NekoRay::dataStore->vpn_ipv6 != ipv6;
+    NekoRay::dataStore->fake_dns = fakedns;
+    NekoRay::dataStore->vpn_mtu = mtu;
+    NekoRay::dataStore->vpn_ipv6 = ipv6;
+    //
+    bool routeChanged = false;
+    if (NekoRay::dataStore->active_routing != active_routing) routeChanged = true;
     SAVE_TO_ROUTING(NekoRay::dataStore->routing)
     NekoRay::dataStore->active_routing = active_routing;
     NekoRay::dataStore->routing->fn = "routes/" + NekoRay::dataStore->active_routing;
-    NekoRay::dataStore->routing->Save();
-
-    dialog_message(Dialog_DialogManageRoutes, "UpdateDataStore");
+    if (NekoRay::dataStore->routing->Save()) routeChanged = true;
+    //
+    QString info = "UpdateDataStore";
+    if (routeChanged) info += "RouteChanged";
+    if (vpnChanged) info += "VPNChanged";
+    dialog_message(Dialog_DialogManageRoutes, info);
     QDialog::accept();
 }