Merge pull request #305 from projectdiscovery/update-networkpolicy-si…

…ngleton feat: updated networkpolicy + use singleton optionally
projectdiscovery · Jun 17, 2024 · bc5386c · bc5386c
2 parents 4255946 + 000c235
commit bc5386c
Show file tree

Hide file tree

Showing 4 changed files with 41 additions and 24 deletions.
diff --git a/fastdialer/dialer.go b/fastdialer/dialer.go
@@ -11,6 +11,7 @@ import (
 
 	"github.com/Mzack9999/gcache"
 	gounit "github.com/docker/go-units"
+	"github.com/pkg/errors"
 	"github.com/projectdiscovery/fastdialer/fastdialer/ja3/impersonate"
 	"github.com/projectdiscovery/fastdialer/fastdialer/metafiles"
 	"github.com/projectdiscovery/fastdialer/fastdialer/utils"
@@ -140,26 +141,16 @@ func NewDialer(options Options) (*Dialer, error) {
 		return nil, err
 	}
 
-	var npOptions networkpolicy.Options
-	if options.WithNetworkPolicyOptions != nil {
-		npOptions = *options.WithNetworkPolicyOptions
+	var np *networkpolicy.NetworkPolicy
+	if options.NetworkPolicy != nil {
+		np = options.NetworkPolicy
+	} else {
+		np, err = createNetworkPolicy(options)
+		if err != nil {
+			return nil, errors.Wrap(err, "could not create network policy")
+		}
 	}
 
-	// Populate deny list if necessary
-	npOptions.DenyList = append(npOptions.DenyList, options.Deny...)
-	// Populate allow list if necessary
-	npOptions.AllowList = append(npOptions.AllowList, options.Allow...)
-
-	npOptions.AllowPortList = append(npOptions.AllowPortList, options.AllowPortList...)
-	npOptions.DenyPortList = append(npOptions.DenyPortList, options.DenyPortList...)
-
-	npOptions.AllowSchemeList = append(npOptions.AllowSchemeList, options.AllowSchemeList...)
-	npOptions.DenySchemeList = append(npOptions.DenySchemeList, options.DenySchemeList...)
-
-	np, err := networkpolicy.New(npOptions)
-	if err != nil {
-		return nil, err
-	}
 	d := &Dialer{
 		dnsclient:     dnsclient,
 		mDnsCache:     dnsCache,
@@ -181,6 +172,27 @@ func NewDialer(options Options) (*Dialer, error) {
 	return d, nil
 }
 
+func createNetworkPolicy(options Options) (*networkpolicy.NetworkPolicy, error) {
+	var npOptions networkpolicy.Options
+	if options.WithNetworkPolicyOptions != nil {
+		npOptions = *options.WithNetworkPolicyOptions
+	}
+
+	// Populate deny list if necessary
+	npOptions.DenyList = append(npOptions.DenyList, options.Deny...)
+	// Populate allow list if necessary
+	npOptions.AllowList = append(npOptions.AllowList, options.Allow...)
+
+	npOptions.AllowPortList = append(npOptions.AllowPortList, options.AllowPortList...)
+	npOptions.DenyPortList = append(npOptions.DenyPortList, options.DenyPortList...)
+
+	npOptions.AllowSchemeList = append(npOptions.AllowSchemeList, options.AllowSchemeList...)
+	npOptions.DenySchemeList = append(npOptions.DenySchemeList, options.DenySchemeList...)
+
+	np, err := networkpolicy.New(npOptions)
+	return np, err
+}
+
 // Dial function compatible with net/http
 func (d *Dialer) Dial(ctx context.Context, network, address string) (conn net.Conn, err error) {
 	return d.dial(ctx, &dialOptions{

diff --git a/fastdialer/options.go b/fastdialer/options.go
@@ -61,6 +61,8 @@ type Options struct {
 	OnDialCallback           func(hostname, IP string)
 	DisableZtlsFallback      bool
 	WithNetworkPolicyOptions *networkpolicy.Options
+	// optional network policy override for sharing
+	NetworkPolicy *networkpolicy.NetworkPolicy
 	// optional logger to log errors(like hostfile init error)
 	Logger *log.Logger
 	// optional max temporary errors to mark as permanent

diff --git a/go.mod b/go.mod
@@ -7,7 +7,7 @@ require (
 	github.com/dimchansky/utfbom v1.1.1
 	github.com/docker/go-units v0.5.0
 	github.com/projectdiscovery/hmap v0.0.47
-	github.com/projectdiscovery/networkpolicy v0.0.8
+	github.com/projectdiscovery/networkpolicy v0.0.9
 	github.com/projectdiscovery/retryabledns v1.0.64
 	github.com/projectdiscovery/utils v0.1.4
 	github.com/refraction-networking/utls v1.5.4
@@ -23,9 +23,11 @@ require (
 	github.com/andybalholm/brotli v1.0.6 // indirect
 	github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
 	github.com/aymerick/douceur v0.2.0 // indirect
+	github.com/bits-and-blooms/bitset v1.13.0 // indirect
 	github.com/cloudflare/circl v1.3.7 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/fsnotify/fsnotify v1.6.0 // indirect
+	github.com/gaissmai/bart v0.9.5 // indirect
 	github.com/gaukas/godicttls v0.0.4 // indirect
 	github.com/golang/snappy v0.0.4 // indirect
 	github.com/gorilla/css v1.0.0 // indirect
@@ -49,7 +51,6 @@ require (
 	github.com/tidwall/rtred v0.1.2 // indirect
 	github.com/tidwall/tinyqueue v0.1.1 // indirect
 	github.com/weppos/publicsuffix-go v0.30.1-0.20230422193905-8fecedd899db // indirect
-	github.com/yl2chen/cidranger v1.0.2 // indirect
 	github.com/zmap/rc2 v0.0.0-20190804163417-abaa70531248 // indirect
 	go.etcd.io/bbolt v1.3.7 // indirect
 	go.uber.org/multierr v1.11.0 // indirect

diff --git a/go.sum b/go.sum
@@ -9,8 +9,8 @@ github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3d
 github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw=
 github.com/aymerick/douceur v0.2.0 h1:Mv+mAeH1Q+n9Fr+oyamOlAkUNPWPlA8PPGR0QAaYuPk=
 github.com/aymerick/douceur v0.2.0/go.mod h1:wlT5vV2O3h55X9m7iVYN0TBM0NH/MmbLnd30/FjWUq4=
-github.com/bits-and-blooms/bitset v1.8.0 h1:FD+XqgOZDUxxZ8hzoBFuV9+cGWY9CslN6d5MS5JVb4c=
-github.com/bits-and-blooms/bitset v1.8.0/go.mod h1:7hO7Gc7Pp1vODcmWvKMRA9BNmbv6a/7QIWpPxHddWR8=
+github.com/bits-and-blooms/bitset v1.13.0 h1:bAQ9OPNFYbGHV6Nez0tmNI0RiEu7/hxlYJRUA0wFAVE=
+github.com/bits-and-blooms/bitset v1.13.0/go.mod h1:7hO7Gc7Pp1vODcmWvKMRA9BNmbv6a/7QIWpPxHddWR8=
 github.com/bits-and-blooms/bloom/v3 v3.5.0 h1:AKDvi1V3xJCmSR6QhcBfHbCN4Vf8FfxeWkMNQfmAGhY=
 github.com/bits-and-blooms/bloom/v3 v3.5.0/go.mod h1:Y8vrn7nk1tPIlmLtW2ZPV+W7StdVMor6bC1xgpjMZFs=
 github.com/cloudflare/circl v1.3.7 h1:qlCDlTPz2n9fu58M0Nh1J/JzcFpfgkFHHX3O35r5vcU=
@@ -25,6 +25,8 @@ github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDD
 github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
 github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY=
 github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw=
+github.com/gaissmai/bart v0.9.5 h1:vy+r4Px6bjZ+v2QYXAsg63vpz9IfzdW146A8Cn4GPIo=
+github.com/gaissmai/bart v0.9.5/go.mod h1:KHeYECXQiBjTzQz/om2tqn3sZF1J7hw9m6z41ftj3fg=
 github.com/gaukas/godicttls v0.0.4 h1:NlRaXb3J6hAnTmWdsEKb9bcSBD6BvcIjdGdeb0zfXbk=
 github.com/gaukas/godicttls v0.0.4/go.mod h1:l6EenT4TLWgTdwslVb4sEMOCf7Bv0JAK67deKr9/NCI=
 github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ=
@@ -94,8 +96,8 @@ github.com/projectdiscovery/blackrock v0.0.1 h1:lHQqhaaEFjgf5WkuItbpeCZv2DUIE45k
 github.com/projectdiscovery/blackrock v0.0.1/go.mod h1:ANUtjDfaVrqB453bzToU+YB4cUbvBRpLvEwoWIwlTss=
 github.com/projectdiscovery/hmap v0.0.47 h1:NdakfvlFruevnOvehdllofg/hc0CQn2WQaLHaRcsGAk=
 github.com/projectdiscovery/hmap v0.0.47/go.mod h1:/9V6EnyTY33hAy71Quox6Ggu9ZkKp36tgepBh/NzNSg=
-github.com/projectdiscovery/networkpolicy v0.0.8 h1:XvfBaBwSDNTesSfNQP9VLk3HX9I7x7gHm028TJ5XwI8=
-github.com/projectdiscovery/networkpolicy v0.0.8/go.mod h1:xnjNqhemxUPxU+UD5Jgsc3+K8IVmcqT1SJeo6UzMtkI=
+github.com/projectdiscovery/networkpolicy v0.0.9 h1:IrlDoYZagNNO8y+7iZeHT8k5izE+nek7TdtvEBwCxqk=
+github.com/projectdiscovery/networkpolicy v0.0.9/go.mod h1:XFJ2Lnv8BE/ziQCFjBHMsH1w6VmkPiQtk+NlBpdMU7M=
 github.com/projectdiscovery/retryabledns v1.0.64 h1:bhaKarpUnPjTXN9A0ApA/IA4SWfugdCke1yT0YxIj0k=
 github.com/projectdiscovery/retryabledns v1.0.64/go.mod h1:n1N7LMgxMNQT/bUoE5/OQZBTxVApkfeAvDtYQ1OnuAg=
 github.com/projectdiscovery/utils v0.1.4 h1:VSULN/RBEXbkgWuhrDey84ZDnSXtYMSev9p+QHXXDeI=