summaryrefslogtreecommitdiff
path: root/internal/config/policy.go
diff options
context:
space:
mode:
Diffstat (limited to 'internal/config/policy.go')
-rw-r--r--internal/config/policy.go102
1 files changed, 102 insertions, 0 deletions
diff --git a/internal/config/policy.go b/internal/config/policy.go
new file mode 100644
index 0000000..bcf8f71
--- /dev/null
+++ b/internal/config/policy.go
@@ -0,0 +1,102 @@
+package config
+
+import "vpnem/internal/models"
+
+var defaultBlockedDomains = []string{
+ "telegram.org", "t.me", "telegram.me", "telegra.ph", "telegram.dog",
+ "web.telegram.org",
+ "discord.com", "discord.gg", "discordapp.com", "discordapp.net",
+ "instagram.com", "cdninstagram.com", "ig.me", "igcdn.com",
+ "facebook.com", "fb.com", "fbcdn.net", "fbsbx.com", "fb.me",
+ "whatsapp.com", "whatsapp.net",
+ "twitter.com", "x.com", "twimg.com", "t.co",
+ "openai.com", "chatgpt.com", "oaistatic.com", "oaiusercontent.com",
+ "claude.ai", "anthropic.com",
+ "youtube.com", "googlevideo.com", "youtu.be", "ggpht.com", "ytimg.com",
+ "gstatic.com", "doubleclick.net", "googleadservices.com",
+ "stripchat.com", "stripchat.global", "ststandard.com", "strpssts-ana.com",
+ "strpst.com", "striiiipst.com",
+ "chaturbate.com", "highwebmedia.com", "cb.dev",
+ "camsoda.com", "cam4.com", "cam101.com",
+ "bongamodels.com", "flirt4free.com", "privatecams.com",
+ "streamray.com", "cams.com", "homelivesex.com",
+ "skyprivate.com", "mywebcamroom.com", "livemediahost.com",
+ "xcdnpro.com", "mmcdn.com", "vscdns.com", "bgicdn.com", "bgmicdn.com",
+ "doppiocdn.com", "doppiocdn.net", "doppiostreams.com",
+ "fanclubs.tech", "my.club", "chapturist.com",
+ "moengage.com", "amplitude.com", "dwin1.com",
+ "eizzih.com", "loo3laej.com", "iesnare.com",
+ "hytto.com", "zendesk.com",
+ "lovense.com", "lovense-api.com", "lovense.club",
+ "bitrix24.ru", "bitrix24.com",
+ "cloudflare.com",
+ "viber.com", "linkedin.com", "spotify.com",
+ "ntc.party", "ipify.org",
+ "rutracker.org", "rutracker.net", "rutracker.me",
+ "4pda.to", "kinozal.tv", "nnmclub.to",
+ "protonmail.com", "proton.me", "tutanota.com",
+ "medium.com", "archive.org", "soundcloud.com", "twitch.tv",
+ "ifconfig.me", "ifconfig.co", "icanhazip.com", "ipinfo.io",
+ "em-mail.ru",
+}
+
+func DefaultRoutingPolicy() *models.RoutingPolicy {
+ return &models.RoutingPolicy{
+ Version: "2026-04-04",
+ AlwaysDirectProcesses: append([]string{}, BypassProcesses...),
+ PreferDirectProcesses: append([]string{}, PreferDirectProcesses...),
+ ProxyableBrowserProcesses: append([]string{}, ProxyableBrowserProcesses...),
+ LovenseProcessRegex: append([]string{}, LovenseProcessRegex...),
+ StaticBypassIPs: append([]string{}, StaticBypassIPs...),
+ ReservedCIDRs: append([]string{}, ReservedCIDRs...),
+ LocalDomainSuffixes: append([]string{}, LocalDomainSuffixes...),
+ WindowsNCSIDomains: append([]string{}, WindowsNCSIDomains...),
+ InfraBypassDomains: []string{"em-sysadmin.xyz"},
+ ForcedProxyIPs: append([]string{}, ForcedProxyIPs...),
+ TelegramProcesses: append([]string{}, TelegramProcesses...),
+ TelegramProcessRegex: append([]string{}, TelegramProcessRegex...),
+ TelegramDomains: append([]string{}, TelegramDomains...),
+ TelegramDomainRegex: append([]string{}, TelegramDomainRegex...),
+ TelegramIPs: append([]string{}, TelegramIPs...),
+ BlockedDomains: append([]string{}, defaultBlockedDomains...),
+ ProxyDNSDomains: append([]string{}, ProxyDNSDomains...),
+ IPCheckDomains: append([]string{}, IPCheckDomains...),
+ }
+}
+
+func EffectiveRoutingPolicy(policy *models.RoutingPolicy) *models.RoutingPolicy {
+ if policy == nil {
+ return DefaultRoutingPolicy()
+ }
+
+ effective := *DefaultRoutingPolicy()
+ if policy.Version != "" {
+ effective.Version = policy.Version
+ }
+ overrideStringSlice(&effective.AlwaysDirectProcesses, policy.AlwaysDirectProcesses)
+ overrideStringSlice(&effective.PreferDirectProcesses, policy.PreferDirectProcesses)
+ overrideStringSlice(&effective.ProxyableBrowserProcesses, policy.ProxyableBrowserProcesses)
+ overrideStringSlice(&effective.LovenseProcessRegex, policy.LovenseProcessRegex)
+ overrideStringSlice(&effective.StaticBypassIPs, policy.StaticBypassIPs)
+ overrideStringSlice(&effective.ReservedCIDRs, policy.ReservedCIDRs)
+ overrideStringSlice(&effective.LocalDomainSuffixes, policy.LocalDomainSuffixes)
+ overrideStringSlice(&effective.WindowsNCSIDomains, policy.WindowsNCSIDomains)
+ overrideStringSlice(&effective.InfraBypassDomains, policy.InfraBypassDomains)
+ overrideStringSlice(&effective.ForcedProxyIPs, policy.ForcedProxyIPs)
+ overrideStringSlice(&effective.TelegramProcesses, policy.TelegramProcesses)
+ overrideStringSlice(&effective.TelegramProcessRegex, policy.TelegramProcessRegex)
+ overrideStringSlice(&effective.TelegramDomains, policy.TelegramDomains)
+ overrideStringSlice(&effective.TelegramDomainRegex, policy.TelegramDomainRegex)
+ overrideStringSlice(&effective.TelegramIPs, policy.TelegramIPs)
+ overrideStringSlice(&effective.BlockedDomains, policy.BlockedDomains)
+ overrideStringSlice(&effective.ProxyDNSDomains, policy.ProxyDNSDomains)
+ overrideStringSlice(&effective.IPCheckDomains, policy.IPCheckDomains)
+ return &effective
+}
+
+func overrideStringSlice(dst *[]string, src []string) {
+ if src == nil {
+ return
+ }
+ *dst = append([]string{}, src...)
+}
generated by cgit v1.2.3 (git 2.39.1) at 2026-05-31 22:13:36 +0000