From dee0e8772864f68f604abe8d2332fd9ef02bad4b Mon Sep 17 00:00:00 2001
From: riglen <riglen@163.com>
Date: Tue, 31 Mar 2026 18:28:40 +0800
Subject: [PATCH] rule opt

---
 app/services/rules.py | 19 +++++++++++++------
 1 file changed, 13 insertions(+), 6 deletions(-)

diff --git a/app/services/rules.py b/app/services/rules.py
index 2bb514b..49ffe74 100644
--- a/app/services/rules.py
+++ b/app/services/rules.py
@@ -1,6 +1,7 @@
 from __future__ import annotations
 
 from pathlib import Path
+import re
 
 import yaml
 
@@ -17,6 +18,9 @@ def resolve_policy(policy: str, client: ClientConfig) -> str:
     )
 
 
+_CIDR_PATTERN = re.compile(r"^[0-9a-fA-F:.]+/\d+$")
+
+
 def load_rule_text(path: Path) -> str:
     return path.read_text(encoding="utf-8")
 
@@ -39,8 +43,13 @@ def load_rule_payload(path: Path) -> list[str]:
 
 
 def _render_payload_line(payload_line: str, behavior: str) -> str:
-    if "," in payload_line or behavior == "classical":
+    if "," in payload_line:
         return payload_line
+    if behavior == "classical":
+        if _CIDR_PATTERN.fullmatch(payload_line):
+            prefix = "IP-CIDR6" if ":" in payload_line else "IP-CIDR"
+            return f"{prefix},{payload_line}"
+        return f"DOMAIN-SUFFIX,{payload_line}"
     if behavior == "ipcidr":
         return f"IP-CIDR,{payload_line}"
     if behavior == "domain":
@@ -105,17 +114,15 @@ def build_inline_rules(app_config: AppConfig, client: ClientConfig) -> list[str]
     settings = get_settings()
     lines: list[str] = []
     for name, rule in app_config.rules.items():
+        target = resolve_policy(rule.policy, client)
         for payload_line in rule.payload:
-            line = f"{payload_line},{resolve_policy(rule.policy, client)}"
-            if rule.no_resolve:
-                line += ",no-resolve"
-            lines.append(line)
+            rendered = _render_payload_line(payload_line, rule.behavior)
+            lines.append(_attach_policy(rendered, target, rule.no_resolve))
         if not rule.file:
             continue
         path = (settings.rules_dir / rule.file).resolve()
         if not path.is_file() or settings.rules_dir.resolve() not in path.parents:
             raise FileNotFoundError(f"Rule file missing: {rule.file}")
-        target = resolve_policy(rule.policy, client)
         for payload_line in load_rule_payload(path):
             rendered = _render_payload_line(payload_line, rule.behavior)
             lines.append(_attach_policy(rendered, target, rule.no_resolve))