Fix: only rule mode need break conn when sni update

tunnel/statistic/sniffing.go

@@ -16,6 +16,7 @@ type sniffing struct {
 
 	metadata   *C.Metadata
 	totalWrite *atomic.Uint64
+	allowBreak bool
 }
 
 func (r *sniffing) Read(b []byte) (int, error) {
@@ -30,8 +31,12 @@ func (r *sniffing) Write(b []byte) (int, error) {
 		} else {
 			resolver.InsertHostByIP(r.metadata.DstIP, header.Domain())
 			log.Warnln("use sni update host: %s ip: %s", header.Domain(), r.metadata.DstIP.String())
-			r.Conn.Close()
+			if r.allowBreak {
-			return 0, errors.New("sni update, break current link to avoid leaks")
+				r.Conn.Close()
+				return 0, errors.New("sni update, break current link to avoid leaks")
+			} else {
+				r.metadata.Host = header.Domain()
+			}
 		}
 	}
 
@@ -45,10 +50,11 @@ func (r *sniffing) Close() error {
 	return r.Conn.Close()
 }
 
-func NewSniffing(conn C.Conn, metadata *C.Metadata) C.Conn {
+func NewSniffing(conn C.Conn, metadata *C.Metadata, rule C.Rule) C.Conn {
 	return &sniffing{
 		Conn:       conn,
 		metadata:   metadata,
 		totalWrite: atomic.NewUint64(0),
+		allowBreak: rule != nil,
 	}
 }

tunnel/statistic/tracker.go

@@ -80,7 +80,7 @@ func NewTCPTracker(conn C.Conn, manager *Manager, metadata *C.Metadata, rule C.R
 	}
 
 	manager.Join(t)
-	return NewSniffing(t, metadata)
+	return NewSniffing(t, metadata, rule)
 }
 
 type udpTracker struct {

tunnel/tunnel.go

@@ -303,7 +303,7 @@ func handleTCPConn(connCtx C.ConnContext) {
 	defer cancel()
 	if MitmOutbound != nil && metadata.Type != C.MITM {
 		if remoteConn, err1 := MitmOutbound.DialContext(ctx, metadata); err1 == nil {
-			remoteConn = statistic.NewSniffing(remoteConn, metadata)
+			remoteConn = statistic.NewSniffing(remoteConn, metadata, nil)
 			defer func(remoteConn C.Conn) {
 				_ = remoteConn.Close()
 			}(remoteConn)