feat: new SRC-IP-CIDR rule

XOR-op · Jul 3, 2024 · 91315a4 · 91315a4
1 parent 0bd8e8a
commit 91315a4
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 0 deletions.
diff --git a/boltconn/src/dispatch/rule.rs b/boltconn/src/dispatch/rule.rs
@@ -60,6 +60,7 @@ pub enum RuleImpl {
     DomainSuffix(String),
     DomainKeyword(String),
     LocalIpCidr(IpNet),
+    SrcIpCidr(IpNet),
     IpCidr(IpNet),
     SrcPort(PortRule),
     DstPort(PortRule),
@@ -102,6 +103,7 @@ impl RuleImpl {
                 }
             }
             RuleImpl::LocalIpCidr(net) => info.local_ip.as_ref().map_or(false, |s| net.contains(s)),
+            RuleImpl::SrcIpCidr(net) => net.contains(&info.src.ip()),
             RuleImpl::IpCidr(net) => info.socketaddr().is_some_and(|s| net.contains(&s.ip())),
             RuleImpl::GeoIP(mmdb, country) => info
                 .socketaddr()
@@ -386,6 +388,9 @@ impl RuleBuilder<'_> {
             "LOCAL-IP-CIDR" => IpNet::from_str(content.as_str())
                 .ok()
                 .map(RuleImpl::LocalIpCidr),
+            "SRC-IP-CIDR" => IpNet::from_str(content.as_str())
+                .ok()
+                .map(RuleImpl::SrcIpCidr),
             "IP-CIDR" | "IP-CIDR6" => IpNet::from_str(content.as_str()).ok().map(RuleImpl::IpCidr),
             "GEOIP" => mmdb.map(|x| RuleImpl::GeoIP(x.clone(), content)),
             "ASN" => {

diff --git a/boltconn/src/dispatch/ruleset.rs b/boltconn/src/dispatch/ruleset.rs
@@ -104,6 +104,7 @@ pub struct RuleSetBuilder {
     domain: HostMatcherBuilder,
     domain_keyword: Vec<String>,
     ip_cidr: IpNetworkTable<()>,
+    src_ip_cidr: IpNetworkTable<()>,
     local_ip_cidr: IpNetworkTable<()>,
     process_name: HashSet<String>,
     process_keyword: Vec<String>,
@@ -127,6 +128,7 @@ impl RuleSetBuilder {
             domain: HostMatcher::builder(),
             domain_keyword: vec![],
             ip_cidr: Default::default(),
+            src_ip_cidr: Default::default(),
             local_ip_cidr: Default::default(),
             process_name: Default::default(),
             process_keyword: vec![],
@@ -188,6 +190,12 @@ impl RuleSetBuilder {
                                     .unwrap();
                             retval.local_ip_cidr.insert(ip, ());
                         }
+                        RuleImpl::SrcIpCidr(ip) => {
+                            let ip =
+                                ip_network::IpNetwork::new_truncate(ip.addr(), ip.prefix_len())
+                                    .unwrap();
+                            retval.src_ip_cidr.insert(ip, ());
+                        }
                         RuleImpl::IpCidr(ip) => {
                             let ip =
                                 ip_network::IpNetwork::new_truncate(ip.addr(), ip.prefix_len())
@@ -292,6 +300,7 @@ impl RuleSetBuilder {
             domain: HostMatcher::builder(),
             domain_keyword: vec![],
             ip_cidr: table,
+            src_ip_cidr: Default::default(),
             local_ip_cidr: Default::default(),
             process_name: Default::default(),
             process_keyword: vec![],