GithubFollow/Surge_by_SukkaW
1
0
Fork 0
mirror of https://github.com/SukkaW/Surge.git synced 2025-12-14 02:00:37 +08:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Validate Reject IP size
Some checks failed
Build / Build (push) Has been cancelled
Details
Build / Diff output (push) Has been cancelled
Details
Build / Deploy to Cloudflare Pages (3.114.9) (push) Has been cancelled
Details
Build / Deploy to GitHub and GitLab (push) Has been cancelled
Details

Browse Source
This commit is contained in:
SukkaW 2025-06-22 18:27:17 +08:00
parent f190da5c0e
commit 72d7831532
2 changed files with 32 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
Build/build-reject-domainset.ts
View File

@ -189,7 +189,13 @@ export const buildRejectDomainSet = task(require.main === module, __filename)(as
span.traceChildAsync( span.traceChildAsync(
'get botnet ips', 'get botnet ips',
() => fetchAssets(...BOTNET_FILTER, true, true) () => fetchAssets(...BOTNET_FILTER, true, true)
).then(arr => rejectIPOutput.bulkAddAnyCIDR(arr, false)), ).then(arr => {
if (arr.length > 2000) {
throw new Error('Too many botnet ips, please check the source of BOTNET_FILTER');
}
return rejectIPOutput.bulkAddAnyCIDR(arr, false);
}),
span.traceChildAsync( span.traceChildAsync(
'get bogus nxdomain ips', 'get bogus nxdomain ips',
() => fetchAssets(...BOGUS_NXDOMAIN_DNSMASQ, true, false) () => fetchAssets(...BOGUS_NXDOMAIN_DNSMASQ, true, false)
@ -197,14 +203,17 @@ export const buildRejectDomainSet = task(require.main === module, __filename)(as
for (let i = 0, len = arr.length; i < len; i++) { for (let i = 0, len = arr.length; i < len; i++) {
const line = arr[i]; const line = arr[i];
if (line.startsWith('bogus-nxdomain=')) { if (line.startsWith('bogus-nxdomain=')) {
arr[i] = line.slice(15).trim(); // bogus nxdomain needs to be blocked even after resolved
rejectIPOutput.addAnyCIDR(
line.slice(15).trim(),
false
);
} }
} }
return arr; return arr;
}) })
// bogus nxdomain needs to be blocked even after resolved )
).then(arr => rejectIPOutput.bulkAddAnyCIDR(arr, false))
].flat())); ].flat()));
if (foundDebugDomain.value) { if (foundDebugDomain.value) {

15
Build/lib/rules/base.ts
View File

@ -250,6 +250,21 @@ export class FileOutput {
return ip + '/128'; return ip + '/128';
}; };
addAnyCIDR(cidr: string, noResolve = false) {
const version = fastIpVersion(cidr);
if (version === 0) return this;
let list: Set<string>;
if (version === 4) {
list = noResolve ? this.ipcidrNoResolve : this.ipcidr;
} else /* if (version === 6) */ {
list = noResolve ? this.ipcidr6NoResolve : this.ipcidr6;
}
list.add(FileOutput.ipToCidr(cidr, version));
return this;
}
bulkAddAnyCIDR(cidrs: string[], noResolve = false) { bulkAddAnyCIDR(cidrs: string[], noResolve = false) {
const list4 = noResolve ? this.ipcidrNoResolve : this.ipcidr; const list4 = noResolve ? this.ipcidrNoResolve : this.ipcidr;
const list6 = noResolve ? this.ipcidr6NoResolve : this.ipcidr6; const list6 = noResolve ? this.ipcidr6NoResolve : this.ipcidr6;