Sniffing: domainsExcluded supports "geosite:" (#5927)

https://github.com/XTLS/Xray-core/pull/5927#issuecomment-4238238050 https://github.com/XTLS/Xray-core/pull/5927#issuecomment-4238119874
2026-05-08 14:13:22 +00:00 · 2026-04-14 01:39:53 +08:00
parent 05a11910d4
commit f17fabfff5
11 changed files with 157 additions and 130 deletions
--- a/infra/conf/fakedns.go
+++ b/infra/conf/fakedns.go
@@ -118,26 +118,17 @@ func (FakeDNSPostProcessingStage) Process(config *Config) error {
 			}
 		}

-		found := false
-		// Check if there is a Outbound with necessary sniffer on
-		var inbounds []InboundDetourConfig
-
-		if len(config.InboundConfigs) > 0 {
-			inbounds = append(inbounds, config.InboundConfigs...)
-		}
-		for _, v := range inbounds {
-			if v.SniffingConfig != nil && v.SniffingConfig.Enabled && v.SniffingConfig.DestOverride != nil {
-				for _, dov := range *v.SniffingConfig.DestOverride {
-					if strings.EqualFold(dov, "fakedns") || strings.EqualFold(dov, "fakedns+others") {
-						found = true
-						break
+		// Check if there is a Inbound with necessary sniffer on
+		for _, v := range config.InboundConfigs {
+			if v.SniffingConfig != nil && v.SniffingConfig.Enabled {
+				for _, d := range v.SniffingConfig.DestOverride {
+					if strings.EqualFold(d, "fakedns") || strings.EqualFold(d, "fakedns+others") {
+						return nil
 					}
 				}
 			}
 		}
-		if !found {
-			errors.LogWarning(context.Background(), "Defined FakeDNS but haven't enabled FakeDNS destOverride at any inbound.")
-		}
+		errors.LogWarning(context.Background(), "Defined FakeDNS but haven't enabled FakeDNS destOverride at any inbound.")
 	}

 	return nil
--- a/infra/conf/xray.go
+++ b/infra/conf/xray.go
@@ -10,6 +10,7 @@ import (
 	"github.com/xtls/xray-core/app/proxyman"
 	"github.com/xtls/xray-core/app/stats"
 	"github.com/xtls/xray-core/common/errors"
+	"github.com/xtls/xray-core/common/geodata"
 	"github.com/xtls/xray-core/common/net"
 	"github.com/xtls/xray-core/common/serial"
 	core "github.com/xtls/xray-core/core"
@@ -51,38 +52,34 @@ var (
 )

 type SniffingConfig struct {
-	Enabled         bool        `json:"enabled"`
-	DestOverride    *StringList `json:"destOverride"`
-	DomainsExcluded *StringList `json:"domainsExcluded"`
-	MetadataOnly    bool        `json:"metadataOnly"`
-	RouteOnly       bool        `json:"routeOnly"`
+	Enabled         bool       `json:"enabled"`
+	DestOverride    StringList `json:"destOverride"`
+	DomainsExcluded StringList `json:"domainsExcluded"`
+	MetadataOnly    bool       `json:"metadataOnly"`
+	RouteOnly       bool       `json:"routeOnly"`
 }

 // Build implements Buildable.
 func (c *SniffingConfig) Build() (*proxyman.SniffingConfig, error) {
 	var p []string
-	if c.DestOverride != nil {
-		for _, protocol := range *c.DestOverride {
-			switch strings.ToLower(protocol) {
-			case "http":
-				p = append(p, "http")
-			case "tls", "https", "ssl":
-				p = append(p, "tls")
-			case "quic":
-				p = append(p, "quic")
-			case "fakedns", "fakedns+others":
-				p = append(p, "fakedns")
-			default:
-				return nil, errors.New("unknown protocol: ", protocol)
-			}
+	for _, protocol := range c.DestOverride {
+		switch strings.ToLower(protocol) {
+		case "http":
+			p = append(p, "http")
+		case "tls", "https", "ssl":
+			p = append(p, "tls")
+		case "quic":
+			p = append(p, "quic")
+		case "fakedns", "fakedns+others":
+			p = append(p, "fakedns")
+		default:
+			return nil, errors.New("unknown protocol: ", protocol)
 		}
 	}

-	var d []string
-	if c.DomainsExcluded != nil {
-		for _, domain := range *c.DomainsExcluded {
-			d = append(d, strings.ToLower(domain))
-		}
+	d, err := geodata.ParseDomainRules(c.DomainsExcluded, geodata.Domain_Substr)
+	if err != nil {
+		return nil, err
 	}

 	return &proxyman.SniffingConfig{
--- a/infra/conf/xray_test.go
+++ b/infra/conf/xray_test.go
@@ -158,6 +158,49 @@ func TestXrayConfig(t *testing.T) {
 	})
 }

+func TestSniffingConfig_Build(t *testing.T) {
+	config := &SniffingConfig{
+		Enabled:         true,
+		DestOverride:    StringList{"http", "tls"},
+		DomainsExcluded: StringList{"full:api.example.com", "domain:blocked.example", "regexp:^test[0-9]+\\.internal$"},
+		MetadataOnly:    true,
+		RouteOnly:       true,
+	}
+
+	built, err := config.Build()
+	if err != nil {
+		t.Fatalf("SniffingConfig.Build() failed: %v", err)
+	}
+
+	if !built.Enabled || !built.MetadataOnly || !built.RouteOnly {
+		t.Fatalf("SniffingConfig.Build() lost sniffing flags: %+v", built)
+	}
+	if len(built.DestinationOverride) != 2 {
+		t.Fatalf("SniffingConfig.Build() lost destination overrides: %+v", built.DestinationOverride)
+	}
+	if len(built.DomainsExcluded) != 3 {
+		t.Fatalf("SniffingConfig.Build() produced %d domain rules", len(built.DomainsExcluded))
+	}
+
+	want := []struct {
+		ruleType geodata.Domain_Type
+		value    string
+	}{
+		{ruleType: geodata.Domain_Full, value: "api.example.com"},
+		{ruleType: geodata.Domain_Domain, value: "blocked.example"},
+		{ruleType: geodata.Domain_Regex, value: "^test[0-9]+\\.internal$"},
+	}
+	for i, tc := range want {
+		rule := built.DomainsExcluded[i].GetCustom()
+		if rule == nil {
+			t.Fatalf("SniffingConfig.Build() produced a non-custom rule at index %d", i)
+		}
+		if rule.Type != tc.ruleType || rule.Value != tc.value {
+			t.Fatalf("SniffingConfig.Build() produced wrong rule at index %d: got (%v, %q), want (%v, %q)", i, rule.Type, rule.Value, tc.ruleType, tc.value)
+		}
+	}
+}
+
 func TestMuxConfig_Build(t *testing.T) {
 	tests := []struct {
 		name   string