Merge remote-tracking branch 'pro-plus/plus-pro' into Feature

# Conflicts:
#	.github/workflows/Alpha.yml
#	.github/workflows/codeql-analysis.yml
#	.github/workflows/docker.yml
#	.github/workflows/linter.yml
#	.github/workflows/stale.yml
#	Makefile
#	README.md
#	adapter/outbound/vless.go
#	component/dialer/dialer.go
#	component/geodata/geodata.go
#	component/geodata/router/condition.go
#	config/config.go
#	config/initial.go
#	constant/metadata.go
#	constant/path.go
#	constant/rule.go
#	constant/rule_extra.go
#	dns/filters.go
#	go.mod
#	go.sum
#	hub/executor/executor.go
#	hub/route/configs.go
#	listener/listener.go
#	listener/tun/dev/dev.go
#	listener/tun/dev/dev_darwin.go
#	listener/tun/dev/dev_linux.go
#	listener/tun/dev/dev_windows.go
#	listener/tun/dev/dev_windows_extra.go
#	listener/tun/dev/wintun/dll_windows.go
#	listener/tun/dev/wintun/session_windows.go
#	listener/tun/ipstack/gvisor/tun.go
#	listener/tun/ipstack/gvisor/tundns.go
#	listener/tun/ipstack/stack_adapter.go
#	listener/tun/ipstack/system/tun.go
#	listener/tun/tun_adapter.go
#	main.go
#	rule/base.go
#	rule/common/process.go
#	rule/geoip.go
#	rule/parser.go
#	rule/port.go
#	test/go.mod
#	test/go.sum
#	test/vless_test.go
#	transport/vless/xtls.go
#	tunnel/tunnel.go

rule/common/process.go

@@ -30,7 +30,7 @@ func (ps *Process) Match(metadata *C.Metadata) bool {
 	// ignore match in proxy type "tproxy"
 	//if metadata.Type == C.TPROXY || !C.AutoIptables {
 
-	if C.AutoIptables == "Enable" {
+	if metadata.Type == C.TPROXY || C.AutoIptables == "Enable" {
 		return false
 	}
 

rule/geosite.go

@@ -0,0 +1,70 @@
+package rules
+
+import (
+	"fmt"
+
+	"github.com/Dreamacro/clash/component/geodata"
+	"github.com/Dreamacro/clash/component/geodata/router"
+	C "github.com/Dreamacro/clash/constant"
+	"github.com/Dreamacro/clash/log"
+
+	_ "github.com/Dreamacro/clash/component/geodata/standard"
+)
+
+type GEOSITE struct {
+	country   string
+	adapter   string
+	ruleExtra *C.RuleExtra
+	matcher   *router.DomainMatcher
+}
+
+func (gs *GEOSITE) RuleType() C.RuleType {
+	return C.GEOSITE
+}
+
+func (gs *GEOSITE) Match(metadata *C.Metadata) bool {
+	if metadata.AddrType != C.AtypDomainName {
+		return false
+	}
+
+	domain := metadata.Host
+	return gs.matcher.ApplyDomain(domain)
+}
+
+func (gs *GEOSITE) Adapter() string {
+	return gs.adapter
+}
+
+func (gs *GEOSITE) Payload() string {
+	return gs.country
+}
+
+func (gs *GEOSITE) ShouldResolveIP() bool {
+	return false
+}
+
+func (gs *GEOSITE) RuleExtra() *C.RuleExtra {
+	return gs.ruleExtra
+}
+
+func (gs *GEOSITE) GetDomainMatcher() *router.DomainMatcher {
+	return gs.matcher
+}
+
+func NewGEOSITE(country string, adapter string, ruleExtra *C.RuleExtra) (*GEOSITE, error) {
+	matcher, recordsCount, err := geodata.LoadGeoSiteMatcher(country)
+	if err != nil {
+		return nil, fmt.Errorf("load GeoSite data error, %s", err.Error())
+	}
+
+	log.Infoln("Start initial GeoSite rule %s => %s, records: %d", country, adapter, recordsCount)
+
+	geoSite := &GEOSITE{
+		country:   country,
+		adapter:   adapter,
+		ruleExtra: ruleExtra,
+		matcher:   matcher,
+	}
+
+	return geoSite, nil
+}

rule/parser.go

@@ -17,6 +17,7 @@ func ParseRule(tp, payload, target string, params []string) (C.Rule, error) {
 	ruleExtra := &C.RuleExtra{
 		Network:   RC.FindNetwork(params),
 		SourceIPs: RC.FindSourceIPs(params),
+		ProcessNames: RC.FindProcessName(params),
 	}
 
 	switch tp {

rule/port.go

@@ -0,0 +1,125 @@
+package rules
+
+import (
+	"fmt"
+	"strconv"
+	"strings"
+
+	C "github.com/Dreamacro/clash/constant"
+)
+
+type portReal struct {
+	portStart int
+	portEnd   int
+}
+
+type Port struct {
+	adapter   string
+	port      string
+	isSource  bool
+	portList  []portReal
+	ruleExtra *C.RuleExtra
+}
+
+func (p *Port) RuleType() C.RuleType {
+	if p.isSource {
+		return C.SrcPort
+	}
+	return C.DstPort
+}
+
+func (p *Port) Match(metadata *C.Metadata) bool {
+	if p.isSource {
+		return p.matchPortReal(metadata.SrcPort)
+	}
+	return p.matchPortReal(metadata.DstPort)
+}
+
+func (p *Port) Adapter() string {
+	return p.adapter
+}
+
+func (p *Port) Payload() string {
+	return p.port
+}
+
+func (p *Port) ShouldResolveIP() bool {
+	return false
+}
+
+func (p *Port) RuleExtra() *C.RuleExtra {
+	return p.ruleExtra
+}
+
+func (p *Port) matchPortReal(portRef string) bool {
+	port, err := strconv.Atoi(portRef)
+	if err != nil {
+		return false
+	}
+
+	var rs bool
+	for _, pr := range p.portList {
+		if pr.portEnd == -1 {
+			rs = port == pr.portStart
+		} else {
+			rs = port >= pr.portStart && port <= pr.portEnd
+		}
+		if rs {
+			return true
+		}
+	}
+	return false
+}
+
+func NewPort(port string, adapter string, isSource bool, ruleExtra *C.RuleExtra) (*Port, error) {
+	ports := strings.Split(port, "/")
+	if len(ports) > 28 {
+		return nil, fmt.Errorf("%s, too many ports to use, maximum support 28 ports", errPayload.Error())
+	}
+
+	var portList []portReal
+	for _, p := range ports {
+		if p == "" {
+			continue
+		}
+
+		subPorts := strings.Split(p, "-")
+		subPortsLen := len(subPorts)
+		if subPortsLen > 2 {
+			return nil, errPayload
+		}
+
+		portStart, err := strconv.Atoi(strings.Trim(subPorts[0], "[ ]"))
+		if err != nil || portStart < 0 || portStart > 65535 {
+			return nil, errPayload
+		}
+
+		if subPortsLen == 1 {
+			portList = append(portList, portReal{portStart, -1})
+		} else if subPortsLen == 2 {
+			portEnd, err1 := strconv.Atoi(strings.Trim(subPorts[1], "[ ]"))
+			if err1 != nil || portEnd < 0 || portEnd > 65535 {
+				return nil, errPayload
+			}
+
+			shouldReverse := portStart > portEnd
+			if shouldReverse {
+				portList = append(portList, portReal{portEnd, portStart})
+			} else {
+				portList = append(portList, portReal{portStart, portEnd})
+			}
+		}
+	}
+
+	if len(portList) == 0 {
+		return nil, errPayload
+	}
+
+	return &Port{
+		adapter:   adapter,
+		port:      port,
+		isSource:  isSource,
+		portList:  portList,
+		ruleExtra: ruleExtra,
+	}, nil
+}

rule/script.go

@@ -0,0 +1,73 @@
+package rules
+
+import (
+	"fmt"
+	"runtime"
+	"strings"
+
+	S "github.com/Dreamacro/clash/component/script"
+	C "github.com/Dreamacro/clash/constant"
+	"github.com/Dreamacro/clash/log"
+)
+
+type Script struct {
+	shortcut         string
+	adapter          string
+	shortcutFunction *S.PyObject
+}
+
+func (s *Script) RuleType() C.RuleType {
+	return C.Script
+}
+
+func (s *Script) Match(metadata *C.Metadata) bool {
+	rs, err := S.CallPyShortcut(s.shortcutFunction, metadata)
+	if err != nil {
+		log.Errorln("[Script] match rule error: %s", err.Error())
+		return false
+	}
+
+	return rs
+}
+
+func (s *Script) Adapter() string {
+	return s.adapter
+}
+
+func (s *Script) Payload() string {
+	return s.shortcut
+}
+
+func (s *Script) ShouldResolveIP() bool {
+	return false
+}
+
+func (s *Script) RuleExtra() *C.RuleExtra {
+	return nil
+}
+
+func NewScript(shortcut string, adapter string) (*Script, error) {
+	shortcut = strings.ToLower(shortcut)
+	if !S.Py_IsInitialized() {
+		return nil, fmt.Errorf("load script shortcut [%s] failure, can't find any shortcuts in the config file", shortcut)
+	}
+
+	shortcutFunction, err := S.LoadShortcutFunction(shortcut)
+	if err != nil {
+		return nil, fmt.Errorf("can't find script shortcut [%s] in the config file", shortcut)
+	}
+
+	obj := &Script{
+		shortcut:         shortcut,
+		adapter:          adapter,
+		shortcutFunction: shortcutFunction,
+	}
+
+	runtime.SetFinalizer(obj, func(s *Script) {
+		s.shortcutFunction.Clear()
+	})
+
+	log.Infoln("Start initial script shortcut rule %s => %s", shortcut, adapter)
+
+	return obj, nil
+}