35 lines
1.3 KiB
Go
35 lines
1.3 KiB
Go
package app
|
|
|
|
import (
|
|
trafficappmarkspkg "selective-vpn-api/app/trafficappmarks"
|
|
"sync"
|
|
)
|
|
|
|
// ---------------------------------------------------------------------
|
|
// traffic app marks (per-app routing via cgroupv2 path -> fwmark)
|
|
// ---------------------------------------------------------------------
|
|
//
|
|
// EN: This module manages runtime per-app routing marks.
|
|
// EN: We match cgroupv2 paths using nftables `socket cgroupv2` and set fwmark:
|
|
// EN: - MARK_APP (VPN) or MARK_DIRECT (direct).
|
|
// EN: TTL is kept in a JSON state file; expired entries are pruned.
|
|
// RU: Этот модуль управляет runtime per-app маршрутизацией.
|
|
// RU: Мы матчим cgroupv2 path через nftables `socket cgroupv2` и ставим fwmark:
|
|
// RU: - MARK_APP (VPN) или MARK_DIRECT (direct).
|
|
// RU: TTL хранится в JSON состоянии; просроченные записи удаляются.
|
|
|
|
const (
|
|
appMarksTable = "agvpn"
|
|
appMarksChain = "output_apps"
|
|
appMarksGuardChain = "output_guard"
|
|
appMarksLocalBypassSet = "svpn_local4"
|
|
appMarkCommentPrefix = "svpn_appmark"
|
|
appGuardCommentPrefix = "svpn_appguard"
|
|
defaultAppMarkTTLSeconds = 0 // 0 = persistent until explicit unmark/clear
|
|
)
|
|
|
|
var appMarksMu sync.Mutex
|
|
|
|
type appMarksState = trafficappmarkspkg.State
|
|
type appMarkItem = trafficappmarkspkg.Item
|