From 8a0cc23737fa79fe282d150ec5ec53a75a8558f7 Mon Sep 17 00:00:00 2001 From: pengzhile Date: Mon, 29 Nov 2021 14:04:17 +0800 Subject: [PATCH] add rulers Signed-off-by: pengzhile --- .../zhile/research/ja/netfilter/Launcher.java | 1 + .../research/ja/netfilter/enums/RuleType.java | 22 +++++++++++---- .../ja/netfilter/filters/DNSFilter.java | 28 ++++++++----------- .../ja/netfilter/filters/URLFilter.java | 13 ++++----- .../ja/netfilter/models/FilterRule.java | 26 ++++++++++++----- .../ja/netfilter/rulers/EqualRuler.java | 8 ++++++ .../ja/netfilter/rulers/KeywordRuler.java | 8 ++++++ .../ja/netfilter/rulers/PrefixRuler.java | 8 ++++++ .../ja/netfilter/rulers/RegExpRuler.java | 10 +++++++ .../research/ja/netfilter/rulers/Ruler.java | 7 +++++ .../ja/netfilter/rulers/SuffixRuler.java | 8 ++++++ 11 files changed, 102 insertions(+), 37 deletions(-) create mode 100644 src/main/java/io/zhile/research/ja/netfilter/rulers/EqualRuler.java create mode 100644 src/main/java/io/zhile/research/ja/netfilter/rulers/KeywordRuler.java create mode 100644 src/main/java/io/zhile/research/ja/netfilter/rulers/PrefixRuler.java create mode 100644 src/main/java/io/zhile/research/ja/netfilter/rulers/RegExpRuler.java create mode 100644 src/main/java/io/zhile/research/ja/netfilter/rulers/Ruler.java create mode 100644 src/main/java/io/zhile/research/ja/netfilter/rulers/SuffixRuler.java diff --git a/src/main/java/io/zhile/research/ja/netfilter/Launcher.java b/src/main/java/io/zhile/research/ja/netfilter/Launcher.java index 89cfdf3..6a02704 100644 --- a/src/main/java/io/zhile/research/ja/netfilter/Launcher.java +++ b/src/main/java/io/zhile/research/ja/netfilter/Launcher.java @@ -20,6 +20,7 @@ public class Launcher { } try { + jarURL = new URL("file:/Users/neo/Downloads/ja-netfilter/target/ja-netfilter-jar-with-dependencies.jar"); inst.appendToBootstrapClassLoaderSearch(new JarFile(jarURL.getPath())); } catch (Throwable e) { throw new RuntimeException("Can not access ja-netfilter jar file.", e); diff --git a/src/main/java/io/zhile/research/ja/netfilter/enums/RuleType.java b/src/main/java/io/zhile/research/ja/netfilter/enums/RuleType.java index 5ecc055..4e9d325 100644 --- a/src/main/java/io/zhile/research/ja/netfilter/enums/RuleType.java +++ b/src/main/java/io/zhile/research/ja/netfilter/enums/RuleType.java @@ -1,9 +1,21 @@ package io.zhile.research.ja.netfilter.enums; +import io.zhile.research.ja.netfilter.rulers.*; + public enum RuleType { - PREFIX, - SUFFIX, - KEYWORD, - REGEXP, - EQUAL + PREFIX(new PrefixRuler()), + SUFFIX(new SuffixRuler()), + KEYWORD(new KeywordRuler()), + REGEXP(new RegExpRuler()), + EQUAL(new EqualRuler()); + + private final Ruler ruler; + + RuleType(Ruler ruler) { // Lazy here. No lazy loading + this.ruler = ruler; + } + + public Ruler getRuler() { + return ruler; + } } diff --git a/src/main/java/io/zhile/research/ja/netfilter/filters/DNSFilter.java b/src/main/java/io/zhile/research/ja/netfilter/filters/DNSFilter.java index 88f711c..24c7c52 100644 --- a/src/main/java/io/zhile/research/ja/netfilter/filters/DNSFilter.java +++ b/src/main/java/io/zhile/research/ja/netfilter/filters/DNSFilter.java @@ -13,7 +13,7 @@ public class DNSFilter { static { RULES = new ArrayList<>(); // TODO read from config file - RULES.add(new FilterRule(RuleType.EQUAL, "zhile.io")); + RULES.add(new FilterRule(RuleType.REGEXP, ".*?zhile.io")); } public static String testQuery(String host) throws IOException { @@ -22,15 +22,12 @@ public class DNSFilter { } for (FilterRule rule : RULES) { - switch (rule.getType()) { // TODO rewrite - case EQUAL: - if (host.equals(rule.getContent())) { - System.out.println("=== reject dns query: " + host); - throw new java.net.UnknownHostException(); - } - default: // TODO support more rule types - return host; + if (!rule.test(host)) { + continue; } + + System.out.println("=== reject dns query: " + host + ", rule: " + rule); + throw new java.net.UnknownHostException(); } return host; @@ -42,15 +39,12 @@ public class DNSFilter { } for (FilterRule rule : RULES) { - switch (rule.getType()) { // TODO rewrite - case EQUAL: - if (n.getHostName().equals(rule.getContent())) { - System.out.println("=== reject dns reachable test: " + n.getHostName()); - return false; - } - default: // TODO support more rule types - return null; + if (!rule.test(n.getHostName())) { + continue; } + + System.out.println("=== reject dns reachable test: " + n.getHostName() + ", rule: " + rule); + return false; } return null; diff --git a/src/main/java/io/zhile/research/ja/netfilter/filters/URLFilter.java b/src/main/java/io/zhile/research/ja/netfilter/filters/URLFilter.java index e7d1c0a..50dd8db 100644 --- a/src/main/java/io/zhile/research/ja/netfilter/filters/URLFilter.java +++ b/src/main/java/io/zhile/research/ja/netfilter/filters/URLFilter.java @@ -23,15 +23,12 @@ public class URLFilter { } for (FilterRule rule : RULES) { - switch (rule.getType()) { // TODO rewrite - case PREFIX: - if (url.toString().startsWith(rule.getContent())) { - System.out.println("=== reject url: " + url.toString()); - throw new SocketTimeoutException("connect timed out"); - } - default: // TODO support more rule types - return url; + if (!rule.test(url.toString())) { + continue; } + + System.out.println("=== reject url: " + url + ", rule: " + rule); + throw new SocketTimeoutException("connect timed out"); } return url; diff --git a/src/main/java/io/zhile/research/ja/netfilter/models/FilterRule.java b/src/main/java/io/zhile/research/ja/netfilter/models/FilterRule.java index 3c61958..659b3ec 100644 --- a/src/main/java/io/zhile/research/ja/netfilter/models/FilterRule.java +++ b/src/main/java/io/zhile/research/ja/netfilter/models/FilterRule.java @@ -5,11 +5,11 @@ import io.zhile.research.ja.netfilter.enums.RuleType; public class FilterRule { private RuleType type; - private String content; + private String rule; - public FilterRule(RuleType type, String content) { + public FilterRule(RuleType type, String rule) { this.type = type; - this.content = content; + this.rule = rule; } public RuleType getType() { @@ -20,11 +20,23 @@ public class FilterRule { this.type = type; } - public String getContent() { - return content; + public String getRule() { + return rule; } - public void setContent(String content) { - this.content = content; + public void setRule(String rule) { + this.rule = rule; + } + + public boolean test(String content) { + return type.getRuler().test(this.rule, content); + } + + @Override + public String toString() { + return "{" + + "type=" + type + + ", rule='" + rule + '\'' + + '}'; } } diff --git a/src/main/java/io/zhile/research/ja/netfilter/rulers/EqualRuler.java b/src/main/java/io/zhile/research/ja/netfilter/rulers/EqualRuler.java new file mode 100644 index 0000000..24c9660 --- /dev/null +++ b/src/main/java/io/zhile/research/ja/netfilter/rulers/EqualRuler.java @@ -0,0 +1,8 @@ +package io.zhile.research.ja.netfilter.rulers; + +public class EqualRuler implements Ruler { + @Override + public boolean test(String rule, String content) { + return content.equals(rule); + } +} diff --git a/src/main/java/io/zhile/research/ja/netfilter/rulers/KeywordRuler.java b/src/main/java/io/zhile/research/ja/netfilter/rulers/KeywordRuler.java new file mode 100644 index 0000000..2268fad --- /dev/null +++ b/src/main/java/io/zhile/research/ja/netfilter/rulers/KeywordRuler.java @@ -0,0 +1,8 @@ +package io.zhile.research.ja.netfilter.rulers; + +public class KeywordRuler implements Ruler { + @Override + public boolean test(String rule, String content) { + return content.contains(rule); + } +} diff --git a/src/main/java/io/zhile/research/ja/netfilter/rulers/PrefixRuler.java b/src/main/java/io/zhile/research/ja/netfilter/rulers/PrefixRuler.java new file mode 100644 index 0000000..5bd5a01 --- /dev/null +++ b/src/main/java/io/zhile/research/ja/netfilter/rulers/PrefixRuler.java @@ -0,0 +1,8 @@ +package io.zhile.research.ja.netfilter.rulers; + +public class PrefixRuler implements Ruler { + @Override + public boolean test(String rule, String content) { + return content.startsWith(rule); + } +} diff --git a/src/main/java/io/zhile/research/ja/netfilter/rulers/RegExpRuler.java b/src/main/java/io/zhile/research/ja/netfilter/rulers/RegExpRuler.java new file mode 100644 index 0000000..097d104 --- /dev/null +++ b/src/main/java/io/zhile/research/ja/netfilter/rulers/RegExpRuler.java @@ -0,0 +1,10 @@ +package io.zhile.research.ja.netfilter.rulers; + +import java.util.regex.Pattern; + +public class RegExpRuler implements Ruler { + @Override + public boolean test(String rule, String content) { + return Pattern.matches(rule, content); + } +} diff --git a/src/main/java/io/zhile/research/ja/netfilter/rulers/Ruler.java b/src/main/java/io/zhile/research/ja/netfilter/rulers/Ruler.java new file mode 100644 index 0000000..ad05d2c --- /dev/null +++ b/src/main/java/io/zhile/research/ja/netfilter/rulers/Ruler.java @@ -0,0 +1,7 @@ +package io.zhile.research.ja.netfilter.rulers; + +public interface Ruler { + default boolean test(String rule, String content) { + return false; + } +} diff --git a/src/main/java/io/zhile/research/ja/netfilter/rulers/SuffixRuler.java b/src/main/java/io/zhile/research/ja/netfilter/rulers/SuffixRuler.java new file mode 100644 index 0000000..7508a9e --- /dev/null +++ b/src/main/java/io/zhile/research/ja/netfilter/rulers/SuffixRuler.java @@ -0,0 +1,8 @@ +package io.zhile.research.ja.netfilter.rulers; + +public class SuffixRuler implements Ruler { + @Override + public boolean test(String rule, String content) { + return content.endsWith(rule); + } +}