gitea_riglen/sub-provider
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

rule opt

Browse Source
This commit is contained in:
riglen
2026-03-31 18:28:40 +08:00
parent 1789c65121
commit dee0e87728
1 changed files with 13 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
app/services/rules.py
View File

@@ -1,6 +1,7 @@
from __future__ import annotations from __future__ import annotations
from pathlib import Path from pathlib import Path
import re
import yaml import yaml
@@ -17,6 +18,9 @@ def resolve_policy(policy: str, client: ClientConfig) -> str:
) )
_CIDR_PATTERN = re.compile(r"^[0-9a-fA-F:.]+/\d+$")
def load_rule_text(path: Path) -> str: def load_rule_text(path: Path) -> str:
return path.read_text(encoding="utf-8") return path.read_text(encoding="utf-8")
@@ -39,8 +43,13 @@ def load_rule_payload(path: Path) -> list[str]:
def _render_payload_line(payload_line: str, behavior: str) -> str: def _render_payload_line(payload_line: str, behavior: str) -> str:
if "," in payload_line or behavior == "classical": if "," in payload_line:
return payload_line return payload_line
if behavior == "classical":
if _CIDR_PATTERN.fullmatch(payload_line):
prefix = "IP-CIDR6" if ":" in payload_line else "IP-CIDR"
return f"{prefix},{payload_line}"
return f"DOMAIN-SUFFIX,{payload_line}"
if behavior == "ipcidr": if behavior == "ipcidr":
return f"IP-CIDR,{payload_line}" return f"IP-CIDR,{payload_line}"
if behavior == "domain": if behavior == "domain":
@@ -105,17 +114,15 @@ def build_inline_rules(app_config: AppConfig, client: ClientConfig) -> list[str]
settings = get_settings() settings = get_settings()
lines: list[str] = [] lines: list[str] = []
for name, rule in app_config.rules.items(): for name, rule in app_config.rules.items():
target = resolve_policy(rule.policy, client)
for payload_line in rule.payload: for payload_line in rule.payload:
line = f"{payload_line},{resolve_policy(rule.policy, client)}" rendered = _render_payload_line(payload_line, rule.behavior)
if rule.no_resolve: lines.append(_attach_policy(rendered, target, rule.no_resolve))
line += ",no-resolve"
lines.append(line)
if not rule.file: if not rule.file:
continue continue
path = (settings.rules_dir / rule.file).resolve() path = (settings.rules_dir / rule.file).resolve()
if not path.is_file() or settings.rules_dir.resolve() not in path.parents: if not path.is_file() or settings.rules_dir.resolve() not in path.parents:
raise FileNotFoundError(f"Rule file missing: {rule.file}") raise FileNotFoundError(f"Rule file missing: {rule.file}")
target = resolve_policy(rule.policy, client)
for payload_line in load_rule_payload(path): for payload_line in load_rule_payload(path):
rendered = _render_payload_line(payload_line, rule.behavior) rendered = _render_payload_line(payload_line, rule.behavior)
lines.append(_attach_policy(rendered, target, rule.no_resolve)) lines.append(_attach_policy(rendered, target, rule.no_resolve))