feat: tun add exclude-src-port,exclude-src-port-range,exclude-dst-port and exclude-dst-port-range on linux

2026-02-26 16:57:08 +00:00 · 2025-04-08 19:07:39 +08:00
parent a22efd5c91
commit 2a40eba0ca
6 changed files with 37 additions and 18 deletions
--- a/listener/config/tun.go
+++ b/listener/config/tun.go
@@ -50,8 +50,10 @@ type Tun struct {
 	IncludeUIDRange        []string       `yaml:"include-uid-range" json:"include-uid-range,omitempty"`
 	ExcludeUID             []uint32       `yaml:"exclude-uid" json:"exclude-uid,omitempty"`
 	ExcludeUIDRange        []string       `yaml:"exclude-uid-range" json:"exclude-uid-range,omitempty"`
-	ExcludePort            []uint16       `yaml:"exclude-port" json:"exclude-port,omitempty"`
-	ExcludePortRange       []string       `yaml:"exclude-port-range" json:"exclude-port-range,omitempty"`
+	ExcludeSrcPort         []uint16       `yaml:"exclude-src-port" json:"exclude-src-port,omitempty"`
+	ExcludeSrcPortRange    []string       `yaml:"exclude-src-port-range" json:"exclude-src-port-range,omitempty"`
+	ExcludeDstPort         []uint16       `yaml:"exclude-dst-port" json:"exclude-dst-port,omitempty"`
+	ExcludeDstPortRange    []string       `yaml:"exclude-dst-port-range" json:"exclude-dst-port-range,omitempty"`
 	IncludeAndroidUser     []int          `yaml:"include-android-user" json:"include-android-user,omitempty"`
 	IncludePackage         []string       `yaml:"include-package" json:"include-package,omitempty"`
 	ExcludePackage         []string       `yaml:"exclude-package" json:"exclude-package,omitempty"`
--- a/listener/inbound/tun.go
+++ b/listener/inbound/tun.go
@@ -39,8 +39,10 @@ type TunOption struct {
 	IncludeUIDRange        []string `inbound:"include-uid-range,omitempty"`
 	ExcludeUID             []uint32 `inbound:"exclude-uid,omitempty"`
 	ExcludeUIDRange        []string `inbound:"exclude-uid-range,omitempty"`
-	ExcludePort            []uint16 `yaml:"exclude-port" json:"exclude-port,omitempty"`
-	ExcludePortRange       []string `yaml:"exclude-port-range" json:"exclude-port-range,omitempty"`
+	ExcludeSrcPort         []uint16 `inbound:"exclude-src-port,omitempty"`
+	ExcludeSrcPortRange    []string `inbound:"exclude-src-port-range,omitempty"`
+	ExcludeDstPort         []uint16 `inbound:"exclude-dst-port,omitempty"`
+	ExcludeDstPortRange    []string `inbound:"exclude-dst-port-range,omitempty"`
 	IncludeAndroidUser     []int    `inbound:"include-android-user,omitempty"`
 	IncludePackage         []string `inbound:"include-package,omitempty"`
 	ExcludePackage         []string `inbound:"exclude-package,omitempty"`
@@ -139,8 +141,10 @@ func NewTun(options *TunOption) (*Tun, error) {
 			IncludeUIDRange:        options.IncludeUIDRange,
 			ExcludeUID:             options.ExcludeUID,
 			ExcludeUIDRange:        options.ExcludeUIDRange,
-			ExcludePort:            options.ExcludePort,
-			ExcludePortRange:       options.ExcludePortRange,
+			ExcludeSrcPort:         options.ExcludeSrcPort,
+			ExcludeSrcPortRange:    options.ExcludeSrcPortRange,
+			ExcludeDstPort:         options.ExcludeDstPort,
+			ExcludeDstPortRange:    options.ExcludeDstPortRange,
 			IncludeAndroidUser:     options.IncludeAndroidUser,
 			IncludePackage:         options.IncludePackage,
 			ExcludePackage:         options.ExcludePackage,
--- a/listener/sing_tun/server.go
+++ b/listener/sing_tun/server.go
@@ -212,12 +212,20 @@ func New(options LC.Tun, tunnel C.Tunnel, additions ...inbound.Addition) (l *Lis
 			return nil, E.Cause(err, "parse exclude_uid_range")
 		}
 	}
-	excludePort := uidToRange(options.ExcludePort)
-	if len(options.ExcludePortRange) > 0 {
+	excludeSrcPort := uidToRange(options.ExcludeSrcPort)
+	if len(options.ExcludeSrcPortRange) > 0 {
 		var err error
-		excludePort, err = parseRange(excludePort, options.ExcludePortRange)
+		excludeSrcPort, err = parseRange(excludeSrcPort, options.ExcludeSrcPortRange)
 		if err != nil {
-			return nil, E.Cause(err, "parse exclude_port_range")
+			return nil, E.Cause(err, "parse exclude_src_port_range")
+		}
+	}
+	excludeDstPort := uidToRange(options.ExcludeDstPort)
+	if len(options.ExcludeDstPortRange) > 0 {
+		var err error
+		excludeDstPort, err = parseRange(excludeDstPort, options.ExcludeDstPortRange)
+		if err != nil {
+			return nil, E.Cause(err, "parse exclude_dst_port_range")
 		}
 	}

@@ -348,7 +356,8 @@ func New(options LC.Tun, tunnel C.Tunnel, additions ...inbound.Addition) (l *Lis
 		ExcludeInterface:         options.ExcludeInterface,
 		IncludeUID:               includeUID,
 		ExcludeUID:               excludeUID,
-		ExcludePort:              excludePort,
+		ExcludeSrcPort:           excludeSrcPort,
+		ExcludeDstPort:           excludeDstPort,
 		IncludeAndroidUser:       options.IncludeAndroidUser,
 		IncludePackage:           options.IncludePackage,
 		ExcludePackage:           options.ExcludePackage,