Add range of IP addresses for socks relays (exit nodes)

Cimbali · Cimbali · commit 8d8d07be8418 · 2024-11-11T15:30:43.000+01:00
Use 10.124.0.0/20 as documented in the code
diff --git a/linux/netfilter/netfilter.go b/linux/netfilter/netfilter.go
@@ -408,7 +408,10 @@ func (ctx *nftCtx) nftRestrictTraffic(ifname string) {
 	})
 
 	element := []nftables.SetElement{
+		{ Key: net.ParseIP("10.124.0.0").To4() },
+		{ Key: net.ParseIP("10.124.240.0").To4(), IntervalEnd: true },
 		{ Key: net.ParseIP("10.64.0.1").To4() },
+		{ Key: net.ParseIP("10.64.0.2").To4(), IntervalEnd: true },
 	}
 	mozvpn_ctx.conn.SetAddElements(mozvpn_ctx.relayset, element)
 }
@@ -693,6 +696,7 @@ func NetfilterCreateTables() int32 {
 		Table:      mozvpn_ctx.table,
 		Name:       "mozvpn-socks5-relays",
 		KeyType:    nftables.TypeIPAddr,
+		Interval:   true,
 	}
 	mozvpn_ctx.conn.AddSet(mozvpn_ctx.relayset, nil)
 

Original file line number	Diff line number	Diff line change
`@@ -408,7 +408,10 @@ func (ctx *nftCtx) nftRestrictTraffic(ifname string) {`
`408`	`408`	`})`
`409`	`409`
`410`	`410`	`element := []nftables.SetElement{`
	`411`	`+ { Key: net.ParseIP("10.124.0.0").To4() },`
	`412`	`+ { Key: net.ParseIP("10.124.240.0").To4(), IntervalEnd: true },`
`411`	`413`	`{ Key: net.ParseIP("10.64.0.1").To4() },`
	`414`	`+ { Key: net.ParseIP("10.64.0.2").To4(), IntervalEnd: true },`
`412`	`415`	`}`
`413`	`416`	`mozvpn_ctx.conn.SetAddElements(mozvpn_ctx.relayset, element)`
`414`	`417`	`}`
`@@ -693,6 +696,7 @@ func NetfilterCreateTables() int32 {`
`693`	`696`	`Table: mozvpn_ctx.table,`
`694`	`697`	`Name: "mozvpn-socks5-relays",`
`695`	`698`	`KeyType: nftables.TypeIPAddr,`
	`699`	`+ Interval: true,`
`696`	`700`	`}`
`697`	`701`	`mozvpn_ctx.conn.AddSet(mozvpn_ctx.relayset, nil)`
`698`	`702`