Add range of IP addresses for socks relays (exit nodes)

Cimbali · Cimbali · commit a0584604eb27 · 2024-07-16T14:50:43.000+02:00
Use 10.124.0.0/20 as documented in the code
diff --git a/linux/netfilter/netfilter.go b/linux/netfilter/netfilter.go
@@ -403,7 +403,10 @@ func (ctx *nftCtx) nftRestrictTraffic(ifname string) {
 	})
 
 	element := []nftables.SetElement{
+		{ Key: net.ParseIP("10.124.0.0").To4() },
+		{ Key: net.ParseIP("10.124.240.0").To4(), IntervalEnd: true },
 		{ Key: net.ParseIP("10.64.0.1").To4() },
+		{ Key: net.ParseIP("10.64.0.2").To4(), IntervalEnd: true },
 	}
 	mozvpn_ctx.conn.SetAddElements(mozvpn_ctx.relayset, element)
 }
@@ -700,6 +703,7 @@ func NetfilterCreateTables() int32 {
 		Table:      mozvpn_ctx.table_inet,
 		Name:       "mozvpn-socks5-relays",
 		KeyType:    nftables.TypeIPAddr,
+		Interval:   true,
 	}
 	mozvpn_ctx.conn.AddSet(mozvpn_ctx.relayset, nil)
 

Original file line number	Diff line number	Diff line change
`@@ -403,7 +403,10 @@ func (ctx *nftCtx) nftRestrictTraffic(ifname string) {`
`403`	`403`	`})`
`404`	`404`
`405`	`405`	`element := []nftables.SetElement{`
	`406`	`+ { Key: net.ParseIP("10.124.0.0").To4() },`
	`407`	`+ { Key: net.ParseIP("10.124.240.0").To4(), IntervalEnd: true },`
`406`	`408`	`{ Key: net.ParseIP("10.64.0.1").To4() },`
	`409`	`+ { Key: net.ParseIP("10.64.0.2").To4(), IntervalEnd: true },`
`407`	`410`	`}`
`408`	`411`	`mozvpn_ctx.conn.SetAddElements(mozvpn_ctx.relayset, element)`
`409`	`412`	`}`
`@@ -700,6 +703,7 @@ func NetfilterCreateTables() int32 {`
`700`	`703`	`Table: mozvpn_ctx.table_inet,`
`701`	`704`	`Name: "mozvpn-socks5-relays",`
`702`	`705`	`KeyType: nftables.TypeIPAddr,`
	`706`	`+ Interval: true,`
`703`	`707`	`}`
`704`	`708`	`mozvpn_ctx.conn.AddSet(mozvpn_ctx.relayset, nil)`
`705`	`709`