Giter VIP home page Giter VIP logo

dae's Introduction

dae

Build License version lastcommit

dae, means goose, is a high-performance transparent proxy solution.

To enhance traffic split performance as much as possible, dae employs the transparent proxy and traffic split suite within the Linux kernel using eBPF. As a result, dae can enable direct traffic to bypass the proxy application's forwarding, facilitating genuine direct traffic passage. Through this remarkable feat, there is minimal performance loss and negligible additional resource consumption for direct traffic.

As a successor of v2rayA, dae abandoned v2ray-core to meet the needs of users more freely.

Features

  • Implement Real Direct traffic split (need ipforward on) to achieve high performance.
  • Support to split traffic by process name in local host.
  • Support to split traffic by MAC address in LAN.
  • Support to split traffic with invert match rules.
  • Support to automatically switch nodes according to policy. That is to say, support to automatically test independent TCP/UDP/IPv4/IPv6 latencies, and then use the best nodes for corresponding traffic according to user-defined policy.
  • Support advanced DNS resolution process.
  • Support full-cone NAT for shadowsocks, trojan(-go) and socks5 (no test).
  • Support various trending proxy protocols, seen in proxy-protocols.md.

Getting Started

Please refer to Quick Start Guide to start using dae right away!

Notes

  1. If you setup dae and also a shadowsocks server (or any UDP servers) on the same machine in public network, such as a VPS, don't forget to add l4proto(udp) && sport(your server ports) -> must_direct rule for your UDP server port. Because states of UDP are hard to maintain, all outgoing UDP packets will potentially be proxied (depends on your routing), including traffic to your client. This behaviour is not what we want to see. must_direct makes all traffic from this port including DNS traffic direct.
  2. If users in mainland China find that the first screen time is very long when they visit some domestic websites for the first time, please check whether you use foreign DNS to handle some domestic domain in DNS routing. Sometimes this is hard to spot. For example, ocsp.digicert.cn is included in geosite:geolocation-!cn unexpectedly, which will cause some tls handshakes to take a long time. Be careful to use such domain sets in DNS routing.

How it works

See How it works.

TODO

  • Automatically check dns upstream and source loop (whether upstream is also a client of us) and remind the user to add sip rule.
  • MACv2 extension extraction.
  • Log to userspace.
  • Protocol-oriented node features detecting (or filter), such as full-cone (especially VMess and VLESS).
  • Add quick-start guide
  • ...

Contributors

Special thanks goes to all contributors. If you would like to contribute, please see the instructions. Also, it is recommended following the commit-msg-guide.

License

AGPL-3.0 (C) daeuniverse

Stargazers over time

Stargazers over time

dae's People

Contributors

akinokaede avatar akiooo45 avatar bradfordzhang avatar dae-prow[bot] avatar douglarek avatar ekkog avatar epmtyicu avatar hero-intelligent avatar hiifeng avatar integral-tech avatar jschwinger233 avatar kunish avatar kuseee avatar linglilongyi avatar luochen1990 avatar marksonhon avatar miooochi avatar mzz2017 avatar nayihz avatar shenghuang147 avatar st0nie avatar sumire88 avatar troubadour-hell avatar xishang0128 avatar zzzsyyy avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

essoojay chancat87 esonhugh dumpmemory iaklis dylhf zerolzj mzz2017 daeuniverse marksonhon oluceps cysk003 crewcutbro ydlmxl nayihz yfw123 akinokaede iq-scm 3rdrepo st0nie tsingson j4ckzh0u edwincw19 nietzschex wangzhengzh dawnadvent stricklandf zhanglei terutoki xlee nunamia neubulae shenghuang147 douglarek cookiemon18 pomhg crazypeace prxpostern limnotation samof76 glassyiris luochen1990 jamestiotio ekkog ryan4yin sysadminxxx gilbert0571 arryboom h1d3r jamesleeon fengjixuchui pterx killman122 akula expoli fdola izouxv asd2003asd sakarie9 blueveryday akiooo45 4af hanamiyuzu masakijiu specter119 yisuidenghua camberlogistics jabez1314 hades5025 nanopink hronro skmgocom royswale geennuar ksong008 netboylee vincent-bin jvmkit annihilater yoohooyoo laozi01 leodemoniac midy177 gnu-linux-libre be-engineer sectr13 cqnulgm wo2ni lei-cheung zzsoszz mirorr404 kokomee smartlittle 1an8r0wn loohawe fxcl jschwinger233 eskimokk deadship2003 epmtyicu

dae's Issues

dae and adguardhome - update

adguardhome and dae are finally working properly! I will share some experiences.

  1. If your environment is PVE, don't use the hardware passthrough feature, it may cause some weird issues
  2. Important! Set the virtual machine's NIC to Intel E1000 instead of Virtio
  3. The part of the documentation for DNS configuration is wrong, please update it to the following configuration

dns {
upstream {
adguardhome: 'udp://127.0.0.1:53'
}
routing {
request {
fallback: adguardhome
}
}
}

My system environment: NIC: Intel i226, PVE: 7.3-6/Kernel 6.1.15-1, VM: Debian 11.6

Request failover feature

What feature you would like us to integrate into the dae project

I want to treat my US node (with higher average latency) as main use, and if it is down, failover to HK node (with lower average latency).

Why is this needed

My US node has more traffic and bandwidth.

启动dae后, 被绑定的网口下的IP连不上samba

运行环境

NAME="OpenWrt"
VERSION="23.05.0-rc1"
ID="openwrt"
ID_LIKE="lede openwrt"
PRETTY_NAME="OpenWrt 23.05.0-rc1"
VERSION_ID="23.05.0-rc1"
HOME_URL="https://openwrt.org/"
BUG_URL="https://bugs.openwrt.org/"
SUPPORT_URL="https://forum.openwrt.org/"
BUILD_ID="r23069-e2701e0f33"
OPENWRT_BOARD="x86/64"
OPENWRT_ARCH="x86_64"
OPENWRT_TAINTS="override"
OPENWRT_DEVICE_MANUFACTURER="OpenWrt"
OPENWRT_DEVICE_MANUFACTURER_URL="https://openwrt.org/"
OPENWRT_DEVICE_PRODUCT="Generic"
OPENWRT_DEVICE_REVISION="v0"
OPENWRT_RELEASE="OpenWrt 23.05.0-rc1 r23069-e2701e0f33"
  • Kernel:
Linux OpenWrt 5.15.114 #0 SMP Sat Jun 3 09:42:00 2023 x86_64 GNU/Linux

BUG描述

路由器上面同时装有daesamba4, dae启动前samba4能够正常使用, 只要启动一次后除非重启或者dae suspend(kill -9 dae pid也不行), 否则被dae绑定的网口都连不上samba4, 未绑定的网口可以正常使用

配置文件

global {
	tproxy_port: 12345
	tproxy_port_protect: true
	so_mark_from_dae: 0
	log_level: info
	disable_waiting_network: false
	lan_interface: eth0,eth2
	#wan_interface: auto
	auto_config_kernel_parameter: true
	tcp_check_url: 'http://cp.cloudflare.com,1.1.1.1,2606:4700:4700::1111'
	tcp_check_http_method: HEAD
	udp_check_dns: 'dns.google.com:53,8.8.8.8,2001:4860:4860::8888'
	check_interval: 30s
	check_tolerance: 50ms
	dial_mode: domain
	allow_insecure: false
	sniffing_timeout: 100ms
	tls_implementation: tls
	utls_imitate: chrome_auto
}

subscription {
	FC: 'https://'
}

dns {
	ipversion_prefer: 4
	upstream {
		localdns: 'udp://223.5.5.5:53'
		remotedns: 'tcp://1.1.1.1:53'
	}
	routing {
		request {
			#qname(geosite:category-ads-all) -> reject
			qname(geosite:cn) -> localdns
			qname(geosite:geolocation-!cn) -> remotedns
			fallback: localdns
		}
		response {
			upstream(remotedns) -> accept
			!qname(geosite:cn) && ip(geoip:private) -> remotedns
			fallback: accept
		}
	}
}

group {
	proxy {
		#filter: name(keyword: '新加坡')
		filter: subtag(FC) && name(keyword: '新加坡') && !name(keyword: '实验性')
		policy: fixed(0)
	}
}

routing {
	### Preset rules.
	pname(NetworkManager) -> direct

	### Dest IP rule
	dip(224.0.0.0/3, 'ff00::/8') -> direct
	dip(geoip:private) -> direct

	### Source IP rule

	### Dest port rule
	!dport(22, 53, 80, 143, 443, 465, 587, 853, 993, 995, 8080, 8443, 9418) -> direct

	### Source port rule

	### Level 4 protocol rule

	### IP version rule:

	### Write your rules below.
	#domain(geosite:category-ads-all) -> block
	l4proto(udp) && dport(443) && domain(geosite:youtube) -> block
	dip(geoip:cn) -> direct
	domain(geosite:cn) -> direct
	domain(geosite:steam@cn) -> direct
	fallback: proxy
}

其他尝试

  • 空载运行,同样也连不上samba4
global{}
routing{}
  • 使用隔壁的daed,同样也连不上samba4

Happyeyeballs is not fully supported by some softwares

What would you like us to improve

If local has ipv6 addresses and routes and remote proxy doesn't, eBPF program will disable the ipv6 traffic to this remote proxy.

However, some softwares have bad happy eyeballs support and always retry.

Node.js

Occurs since v17.
Fixed in v20.

nodejs/node#41625
nodejs/node#44731

Powershell

Occurs on but not only v7.3.4.

image

wget

No version context was given.

Wait 60s for timeout and fallback.

image

What should do

We should disable dropping ipv6 traffic if node has no ipv6 connectivity (at least) in domain++ mode.

Or, only drop them in IP mode (not a good idea if no sniffed domain).

[ENHANCE] Config checker not working on reload

What would you like us to improve

Currently, I am using dae with version v0.1.7. I noticed that when doing dae reload, it does NOT check the config syntax even though there is an error.

Why is this needed

This should be considered a minor issue. However, if the functionality of checking syntax errors can be inherited to reload, that would certainly bring additional joy when using dae.

[求助] OpenWrt上面dae启动失败

  • Dae version (use dae --version):
dae version 0.1.8-20230505
  • OS (e.g cat /etc/os-release):
NAME="OpenWrt"
VERSION="SNAPSHOT"
ID="openwrt"
ID_LIKE="lede openwrt"
PRETTY_NAME="OpenWrt SNAPSHOT"
VERSION_ID="snapshot"
HOME_URL="https://openwrt.org/"
BUG_URL="https://bugs.openwrt.org/"
SUPPORT_URL="https://forum.openwrt.org/"
BUILD_ID="r5942-f953b064c"
OPENWRT_BOARD="x86/64"
OPENWRT_ARCH="x86_64"
OPENWRT_TAINTS="no-all"
OPENWRT_DEVICE_MANUFACTURER="OpenWrt"
OPENWRT_DEVICE_MANUFACTURER_URL="https://openwrt.org/"
OPENWRT_DEVICE_PRODUCT="Generic"
OPENWRT_DEVICE_REVISION="v0"
OPENWRT_RELEASE="OpenWrt SNAPSHOT r5942-f953b064c"
  • Kernel (e.g. uname -a):
Linux OpenWrt 5.15.105 #0 SMP Fri May 5 05:11:46 2023 x86_64 GNU/Linux
  • 配置
global {
    tproxy_port: 12345
    log_level: debug
    tcp_check_url: 'http://cp.cloudflare.com,1.1.1.1,2606:4700:4700::1111'
    udp_check_dns: 'dns.google.com:53,8.8.8.8,2001:4860:4860::8888'
    check_interval: 30s
    check_tolerance: 50ms
    #lan_interface: docker0
    wan_interface: auto
    allow_insecure: false
    dial_mode: domain
    disable_waiting_network: false
    auto_config_kernel_parameter: true
    sniffing_timeout: 100ms
}

subscription {

}

node {
    # Add your node links here.
    # Support socks5, http, https, ss, ssr, vmess, vless, trojan, trojan-go
    # 'socks5://localhost:1080'
    # mylink: 'ss://LINK'
    # node1: 'vmess://LINK'
    # node2: 'vless://LINK'
    iepl: '节点链接'
}

dns {
    ipversion_prefer: 4
    upstream {
        alidns: 'udp://223.5.5.5:53'
        googledns: 'tcp+udp://8.8.8.8:53'
    }
    routing {
        request {
            fallback: alidns
        }
        response {
            upstream(googledns) -> accept
            !qname(geosite:cn) && ip(geoip:private) -> googledns
            fallback: accept
        }
    }
}

group {
    amy {
        policy: fixed(0)
    }
}

# See https://github.com/daeuniverse/dae/blob/main/docs/routing.md for full examples.
routing {
    pname(dnsmasq, systemd-resolved, NetworkManager) -> direct
    dip(224.0.0.0/3, 'ff00::/8') -> direct
    dip(geoip:private) -> direct

    ### Write your rules below.
    dip(geoip:cn) -> direct
    domain(geosite:cn) -> direct
    qname(geolocation-!cn) -> amy
    fallback: amy
}
  • 内核支持
root@OpenWrt:~# (zcat /proc/config.gz || cat /boot/{config,config-$(uname -r)}) | grep -E 'CONFIG_(DEBUG_INFO|DEBUG_INFO_BTF|KPROBES|
KPROBE_EVENTS|BPF|BPF_SYSCALL|BPF_JIT|BPF_STREAM_PARSER|NET_CLS_ACT|NET_SCH_INGRESS|NET_INGRESS|NET_EGRESS|NET_CLS_BPF|BPF_EVENTS|CGR
OUPS)=|# CONFIG_DEBUG_INFO_REDUCED is not set'
CONFIG_BPF=y
CONFIG_BPF_SYSCALL=y
CONFIG_BPF_JIT=y
CONFIG_CGROUPS=y
CONFIG_KPROBES=y
CONFIG_NET_INGRESS=y
CONFIG_NET_EGRESS=y
CONFIG_NET_SCH_INGRESS=m
CONFIG_NET_CLS_BPF=m
CONFIG_NET_CLS_ACT=y
CONFIG_BPF_STREAM_PARSER=y
CONFIG_DEBUG_INFO=y
# CONFIG_DEBUG_INFO_REDUCED is not set
CONFIG_DEBUG_INFO_BTF=y
CONFIG_KPROBE_EVENTS=y
CONFIG_BPF_EVENTS=y
  • 系统日志
Fri May  5 19:34:06 2023 daemon.err dae[6846]: time="May 05 11:34:06" level=info msg="Include config files: [/etc/dae/config.dae]"
Fri May  5 19:34:06 2023 daemon.err dae[6846]: time="May 05 11:34:06" level=info msg="Loading eBPF programs and maps into the kernel..."
Fri May  5 19:34:06 2023 daemon.err dae[6846]: time="May 05 11:34:06" level=info msg="The loading process takes about 120MB free memory, which will be released after loading. Insufficient memory will cause loading failure."
Fri May  5 19:34:08 2023 daemon.info procd: - init complete -
Fri May  5 19:34:10 2023 daemon.err dae[6846]: time="May 05 11:34:10" level=info msg="Loaded eBPF programs and maps"
Fri May  5 19:34:10 2023 daemon.err dae[6846]: time="May 05 11:34:10" level=info msg="Bind to WAN: pppoe-wan"
Fri May  5 19:34:10 2023 daemon.err dae[6846]: time="May 05 11:34:10" level=info msg="Group "amy" node list:"
Fri May  5 19:34:10 2023 daemon.err dae[6846]: time="May 05 11:34:10" level=info msg="	iepl"
Fri May  5 19:34:10 2023 daemon.err dae[6846]: time="May 05 11:34:10" level=debug msg="Search "geoip.dat" in [/.local/share/dae, /usr/local/share/dae, /usr/share/dae, /etc/dae]"
Fri May  5 19:34:10 2023 daemon.err dae[6846]: time="May 05 11:34:10" level=debug msg="Found "geoip.dat" at /usr/share/dae/geoip.dat"
Fri May  5 19:34:10 2023 daemon.err dae[6846]: time="May 05 11:34:10" level=debug msg="Read geoip "geoip.dat:private" from /usr/share/dae/geoip.dat"
Fri May  5 19:34:10 2023 daemon.err dae[6846]: time="May 05 11:34:10" level=debug msg="Read geoip "geoip.dat:cn" from /usr/share/dae/geoip.dat"
Fri May  5 19:34:10 2023 daemon.err dae[6846]: time="May 05 11:34:10" level=debug msg="Search "geosite.dat" in [/.local/share/dae, /usr/local/share/dae, /usr/share/dae, /etc/dae]"
Fri May  5 19:34:10 2023 daemon.err dae[6846]: time="May 05 11:34:10" level=debug msg="Found "geosite.dat" at /usr/share/dae/geosite.dat"
Fri May  5 19:34:10 2023 daemon.err dae[6846]: time="May 05 11:34:10" level=debug msg="Read geosite "geosite.dat:cn" from /usr/share/dae/geosite.dat"
Fri May  5 19:34:11 2023 daemon.err dae[6846]: time="May 05 11:34:11" level=debug msg="RoutingA:
Fri May  5 19:34:11 2023 daemon.err dae[6846]: pname([n = 3]) -> direct
Fri May  5 19:34:11 2023 daemon.err dae[6846]: ip([n = 10981]) -> direct
Fri May  5 19:34:11 2023 daemon.err dae[6846]: domain([n = 65703]) -> direct
Fri May  5 19:34:11 2023 daemon.err dae[6846]: qname([n = 1]) -> amy
Fri May  5 19:34:11 2023 daemon.err dae[6846]: fallback: amy
Fri May  5 19:34:11 2023 daemon.err dae[6846]: "
Fri May  5 19:34:11 2023 daemon.err dae[6846]: time="May 05 11:34:11" level=debug msg="[rule] pname([n = 3]) -> direct"
Fri May  5 19:34:11 2023 daemon.err dae[6846]: time="May 05 11:34:11" level=debug msg="	pname() -> direct"
Fri May  5 19:34:11 2023 daemon.err dae[6846]: time="May 05 11:34:11" level=debug msg="[rule] ip([n = 10981]) -> direct"
Fri May  5 19:34:11 2023 daemon.err dae[6846]: time="May 05 11:34:11" level=debug msg="	ip() -> direct"
Fri May  5 19:34:11 2023 daemon.err dae[6846]: time="May 05 11:34:11" level=debug msg="[rule] domain([n = 65703]) -> direct"
Fri May  5 19:34:11 2023 daemon.err dae[6846]: time="May 05 11:34:11" level=debug msg="	domain(full) -> <OR>"
Fri May  5 19:34:11 2023 daemon.err dae[6846]: time="May 05 11:34:11" level=debug msg="	domain(regex) -> <OR>"
Fri May  5 19:34:11 2023 daemon.err dae[6846]: time="May 05 11:34:11" level=debug msg="	domain(suffix) -> direct"
Fri May  5 19:34:11 2023 daemon.err dae[6846]: time="May 05 11:34:11" level=debug msg="[rule] qname([n = 1]) -> amy"
Fri May  5 19:34:11 2023 daemon.err dae[6846]: time="2023-05-05T11:34:11Z" level=fatal msg="NewRoutingMatcherBuilder: unknown function: qname"
Fri May  5 19:34:16 2023 daemon.err dae[6986]: time="May 05 11:34:16" level=info msg="Include config files: [/etc/dae/config.dae]"
Fri May  5 19:34:16 2023 daemon.err dae[6986]: time="May 05 11:34:16" level=info msg="Loading eBPF programs and maps into the kernel..."
Fri May  5 19:34:16 2023 daemon.err dae[6986]: time="May 05 11:34:16" level=info msg="The loading process takes about 120MB free memory, which will be released after loading. Insufficient memory will cause loading failure."
Fri May  5 19:34:20 2023 daemon.err dae[6986]: time="May 05 11:34:20" level=info msg="Loaded eBPF programs and maps"
Fri May  5 19:34:20 2023 daemon.err dae[6986]: time="May 05 11:34:20" level=info msg="Bind to WAN: pppoe-wan"
Fri May  5 19:34:20 2023 daemon.err dae[6986]: time="May 05 11:34:20" level=info msg="Group "amy" node list:"
Fri May  5 19:34:20 2023 daemon.err dae[6986]: time="May 05 11:34:20" level=info msg="	iepl"
Fri May  5 19:34:20 2023 daemon.err dae[6986]: time="May 05 11:34:20" level=debug msg="Search "geoip.dat" in [/.local/share/dae, /usr/local/share/dae, /usr/share/dae, /etc/dae]"
Fri May  5 19:34:20 2023 daemon.err dae[6986]: time="May 05 11:34:20" level=debug msg="Found "geoip.dat" at /usr/share/dae/geoip.dat"
Fri May  5 19:34:20 2023 daemon.err dae[6986]: time="May 05 11:34:20" level=debug msg="Read geoip "geoip.dat:private" from /usr/share/dae/geoip.dat"
Fri May  5 19:34:20 2023 daemon.err dae[6986]: time="May 05 11:34:20" level=debug msg="Read geoip "geoip.dat:cn" from /usr/share/dae/geoip.dat"
Fri May  5 19:34:20 2023 daemon.err dae[6986]: time="May 05 11:34:20" level=debug msg="Search "geosite.dat" in [/.local/share/dae, /usr/local/share/dae, /usr/share/dae, /etc/dae]"
Fri May  5 19:34:20 2023 daemon.err dae[6986]: time="May 05 11:34:20" level=debug msg="Found "geosite.dat" at /usr/share/dae/geosite.dat"
Fri May  5 19:34:20 2023 daemon.err dae[6986]: time="May 05 11:34:20" level=debug msg="Read geosite "geosite.dat:cn" from /usr/share/dae/geosite.dat"
Fri May  5 19:34:20 2023 daemon.err dae[6986]: time="May 05 11:34:20" level=debug msg="RoutingA:
Fri May  5 19:34:20 2023 daemon.err dae[6986]: pname([n = 3]) -> direct
Fri May  5 19:34:20 2023 daemon.err dae[6986]: ip([n = 10981]) -> direct
Fri May  5 19:34:20 2023 daemon.err dae[6986]: domain([n = 65703]) -> direct
Fri May  5 19:34:20 2023 daemon.err dae[6986]: qname([n = 1]) -> amy
Fri May  5 19:34:20 2023 daemon.err dae[6986]: fallback: amy
Fri May  5 19:34:20 2023 daemon.err dae[6986]: "
Fri May  5 19:34:20 2023 daemon.err dae[6986]: time="May 05 11:34:20" level=debug msg="[rule] pname([n = 3]) -> direct"
Fri May  5 19:34:20 2023 daemon.err dae[6986]: time="May 05 11:34:20" level=debug msg="	pname() -> direct"
Fri May  5 19:34:20 2023 daemon.err dae[6986]: time="May 05 11:34:20" level=debug msg="[rule] ip([n = 10981]) -> direct"
Fri May  5 19:34:20 2023 daemon.err dae[6986]: time="May 05 11:34:20" level=debug msg="	ip() -> direct"
Fri May  5 19:34:20 2023 daemon.err dae[6986]: time="May 05 11:34:20" level=debug msg="[rule] domain([n = 65703]) -> direct"
Fri May  5 19:34:20 2023 daemon.err dae[6986]: time="May 05 11:34:20" level=debug msg="	domain(full) -> <OR>"
Fri May  5 19:34:20 2023 daemon.err dae[6986]: time="May 05 11:34:20" level=debug msg="	domain(regex) -> <OR>"
Fri May  5 19:34:20 2023 daemon.err dae[6986]: time="May 05 11:34:20" level=debug msg="	domain(suffix) -> direct"
Fri May  5 19:34:20 2023 daemon.err dae[6986]: time="May 05 11:34:20" level=debug msg="[rule] qname([n = 1]) -> amy"
Fri May  5 19:34:20 2023 daemon.err dae[6986]: time="2023-05-05T11:34:20Z" level=fatal msg="NewRoutingMatcherBuilder: unknown function: qname"
Fri May  5 19:34:25 2023 daemon.err dae[7040]: time="May 05 11:34:25" level=info msg="Include config files: [/etc/dae/config.dae]"
Fri May  5 19:34:25 2023 daemon.err dae[7040]: time="May 05 11:34:25" level=info msg="Loading eBPF programs and maps into the kernel..."
Fri May  5 19:34:25 2023 daemon.err dae[7040]: time="May 05 11:34:25" level=info msg="The loading process takes about 120MB free memory, which will be released after loading. Insufficient memory will cause loading failure."
Fri May  5 19:34:29 2023 daemon.err nmbd[4804]: [2023/05/05 19:34:29.164238,  0] ../../source3/nmbd/nmbd_become_lmb.c:398(become_local_master_stage2)
Fri May  5 19:34:29 2023 daemon.err nmbd[4804]:   *****
Fri May  5 19:34:29 2023 daemon.err nmbd[4804]:
Fri May  5 19:34:29 2023 daemon.err nmbd[4804]:   Samba name server OPENWRT is now a local master browser for workgroup WORKGROUP on subnet 192.168.1.1
Fri May  5 19:34:29 2023 daemon.err nmbd[4804]:
Fri May  5 19:34:29 2023 daemon.err nmbd[4804]:   *****
Fri May  5 19:34:29 2023 daemon.err dae[7040]: time="May 05 11:34:29" level=info msg="Loaded eBPF programs and maps"
Fri May  5 19:34:29 2023 daemon.err dae[7040]: time="May 05 11:34:29" level=info msg="Bind to WAN: pppoe-wan"
Fri May  5 19:34:29 2023 daemon.err dae[7040]: time="May 05 11:34:29" level=info msg="Group "amy" node list:"
Fri May  5 19:34:29 2023 daemon.err dae[7040]: time="May 05 11:34:29" level=info msg="	iepl"
Fri May  5 19:34:29 2023 daemon.err dae[7040]: time="May 05 11:34:29" level=debug msg="Search "geoip.dat" in [/.local/share/dae, /usr/local/share/dae, /usr/share/dae, /etc/dae]"
Fri May  5 19:34:29 2023 daemon.err dae[7040]: time="May 05 11:34:29" level=debug msg="Found "geoip.dat" at /usr/share/dae/geoip.dat"
Fri May  5 19:34:29 2023 daemon.err dae[7040]: time="May 05 11:34:29" level=debug msg="Read geoip "geoip.dat:private" from /usr/share/dae/geoip.dat"
Fri May  5 19:34:29 2023 daemon.err dae[7040]: time="May 05 11:34:29" level=debug msg="Read geoip "geoip.dat:cn" from /usr/share/dae/geoip.dat"
Fri May  5 19:34:29 2023 daemon.err dae[7040]: time="May 05 11:34:29" level=debug msg="Search "geosite.dat" in [/.local/share/dae, /usr/local/share/dae, /usr/share/dae, /etc/dae]"
Fri May  5 19:34:29 2023 daemon.err dae[7040]: time="May 05 11:34:29" level=debug msg="Found "geosite.dat" at /usr/share/dae/geosite.dat"
Fri May  5 19:34:29 2023 daemon.err dae[7040]: time="May 05 11:34:29" level=debug msg="Read geosite "geosite.dat:cn" from /usr/share/dae/geosite.dat"
Fri May  5 19:34:29 2023 daemon.err dae[7040]: time="May 05 11:34:29" level=debug msg="RoutingA:
Fri May  5 19:34:29 2023 daemon.err dae[7040]: pname([n = 3]) -> direct
Fri May  5 19:34:29 2023 daemon.err dae[7040]: ip([n = 10981]) -> direct
Fri May  5 19:34:29 2023 daemon.err dae[7040]: domain([n = 65703]) -> direct
Fri May  5 19:34:29 2023 daemon.err dae[7040]: qname([n = 1]) -> amy
Fri May  5 19:34:29 2023 daemon.err dae[7040]: fallback: amy
Fri May  5 19:34:29 2023 daemon.err dae[7040]: "
Fri May  5 19:34:29 2023 daemon.err dae[7040]: time="May 05 11:34:29" level=debug msg="[rule] pname([n = 3]) -> direct"
Fri May  5 19:34:29 2023 daemon.err dae[7040]: time="May 05 11:34:29" level=debug msg="	pname() -> direct"
Fri May  5 19:34:29 2023 daemon.err dae[7040]: time="May 05 11:34:29" level=debug msg="[rule] ip([n = 10981]) -> direct"
Fri May  5 19:34:29 2023 daemon.err dae[7040]: time="May 05 11:34:29" level=debug msg="	ip() -> direct"
Fri May  5 19:34:29 2023 daemon.err dae[7040]: time="May 05 11:34:29" level=debug msg="[rule] domain([n = 65703]) -> direct"
Fri May  5 19:34:30 2023 daemon.err dae[7040]: time="May 05 11:34:30" level=debug msg="	domain(full) -> <OR>"
Fri May  5 19:34:30 2023 daemon.err dae[7040]: time="May 05 11:34:30" level=debug msg="	domain(regex) -> <OR>"
Fri May  5 19:34:30 2023 daemon.err dae[7040]: time="May 05 11:34:30" level=debug msg="	domain(suffix) -> direct"
Fri May  5 19:34:30 2023 daemon.err dae[7040]: time="May 05 11:34:30" level=debug msg="[rule] qname([n = 1]) -> amy"
Fri May  5 19:34:30 2023 daemon.err dae[7040]: time="2023-05-05T11:34:30Z" level=fatal msg="NewRoutingMatcherBuilder: unknown function: qname"
Fri May  5 19:34:35 2023 daemon.err dae[7076]: time="May 05 11:34:35" level=info msg="Include config files: [/etc/dae/config.dae]"
Fri May  5 19:34:35 2023 daemon.err dae[7076]: time="May 05 11:34:35" level=info msg="Loading eBPF programs and maps into the kernel..."
Fri May  5 19:34:35 2023 daemon.err dae[7076]: time="May 05 11:34:35" level=info msg="The loading process takes about 120MB free memory, which will be released after loading. Insufficient memory will cause loading failure."
Fri May  5 19:34:39 2023 daemon.err dae[7076]: time="May 05 11:34:39" level=info msg="Loaded eBPF programs and maps"
Fri May  5 19:34:39 2023 daemon.err dae[7076]: time="May 05 11:34:39" level=info msg="Bind to WAN: pppoe-wan"
Fri May  5 19:34:39 2023 daemon.err dae[7076]: time="May 05 11:34:39" level=info msg="Group "amy" node list:"
Fri May  5 19:34:39 2023 daemon.err dae[7076]: time="May 05 11:34:39" level=info msg="	iepl"
Fri May  5 19:34:39 2023 daemon.err dae[7076]: time="May 05 11:34:39" level=debug msg="Search "geoip.dat" in [/.local/share/dae, /usr/local/share/dae, /usr/share/dae, /etc/dae]"
Fri May  5 19:34:39 2023 daemon.err dae[7076]: time="May 05 11:34:39" level=debug msg="Found "geoip.dat" at /usr/share/dae/geoip.dat"
Fri May  5 19:34:39 2023 daemon.err dae[7076]: time="May 05 11:34:39" level=debug msg="Read geoip "geoip.dat:private" from /usr/share/dae/geoip.dat"
Fri May  5 19:34:39 2023 daemon.err dae[7076]: time="May 05 11:34:39" level=debug msg="Read geoip "geoip.dat:cn" from /usr/share/dae/geoip.dat"
Fri May  5 19:34:39 2023 daemon.err dae[7076]: time="May 05 11:34:39" level=debug msg="Search "geosite.dat" in [/.local/share/dae, /usr/local/share/dae, /usr/share/dae, /etc/dae]"
Fri May  5 19:34:39 2023 daemon.err dae[7076]: time="May 05 11:34:39" level=debug msg="Found "geosite.dat" at /usr/share/dae/geosite.dat"
Fri May  5 19:34:39 2023 daemon.err dae[7076]: time="May 05 11:34:39" level=debug msg="Read geosite "geosite.dat:cn" from /usr/share/dae/geosite.dat"
Fri May  5 19:34:39 2023 daemon.err dae[7076]: time="May 05 11:34:39" level=debug msg="RoutingA:
Fri May  5 19:34:39 2023 daemon.err dae[7076]: pname([n = 3]) -> direct
Fri May  5 19:34:39 2023 daemon.err dae[7076]: ip([n = 10981]) -> direct
Fri May  5 19:34:39 2023 daemon.err dae[7076]: domain([n = 65703]) -> direct
Fri May  5 19:34:39 2023 daemon.err dae[7076]: qname([n = 1]) -> amy
Fri May  5 19:34:39 2023 daemon.err dae[7076]: fallback: amy
Fri May  5 19:34:39 2023 daemon.err dae[7076]: "
Fri May  5 19:34:39 2023 daemon.err dae[7076]: time="May 05 11:34:39" level=debug msg="[rule] pname([n = 3]) -> direct"
Fri May  5 19:34:39 2023 daemon.err dae[7076]: time="May 05 11:34:39" level=debug msg="	pname() -> direct"
Fri May  5 19:34:39 2023 daemon.err dae[7076]: time="May 05 11:34:39" level=debug msg="[rule] ip([n = 10981]) -> direct"
Fri May  5 19:34:39 2023 daemon.err dae[7076]: time="May 05 11:34:39" level=debug msg="	ip() -> direct"
Fri May  5 19:34:39 2023 daemon.err dae[7076]: time="May 05 11:34:39" level=debug msg="[rule] domain([n = 65703]) -> direct"
Fri May  5 19:34:39 2023 daemon.err dae[7076]: time="May 05 11:34:39" level=debug msg="	domain(full) -> <OR>"
Fri May  5 19:34:39 2023 daemon.err dae[7076]: time="May 05 11:34:39" level=debug msg="	domain(regex) -> <OR>"
Fri May  5 19:34:39 2023 daemon.err dae[7076]: time="May 05 11:34:39" level=debug msg="	domain(suffix) -> direct"
Fri May  5 19:34:39 2023 daemon.err dae[7076]: time="May 05 11:34:39" level=debug msg="[rule] qname([n = 1]) -> amy"
Fri May  5 19:34:39 2023 daemon.err dae[7076]: time="2023-05-05T11:34:39Z" level=fatal msg="NewRoutingMatcherBuilder: unknown function: qname"
Fri May  5 19:34:44 2023 daemon.err dae[7090]: time="May 05 11:34:44" level=info msg="Include config files: [/etc/dae/config.dae]"
Fri May  5 19:34:44 2023 daemon.err dae[7090]: time="May 05 11:34:44" level=info msg="Loading eBPF programs and maps into the kernel..."
Fri May  5 19:34:44 2023 daemon.err dae[7090]: time="May 05 11:34:44" level=info msg="The loading process takes about 120MB free memory, which will be released after loading. Insufficient memory will cause loading failure."
Fri May  5 19:34:48 2023 daemon.err dae[7090]: time="May 05 11:34:48" level=info msg="Loaded eBPF programs and maps"
Fri May  5 19:34:48 2023 daemon.err dae[7090]: time="May 05 11:34:48" level=info msg="Bind to WAN: pppoe-wan"
Fri May  5 19:34:48 2023 daemon.err dae[7090]: time="May 05 11:34:48" level=info msg="Group "amy" node list:"
Fri May  5 19:34:48 2023 daemon.err dae[7090]: time="May 05 11:34:48" level=info msg="	iepl"
Fri May  5 19:34:48 2023 daemon.err dae[7090]: time="May 05 11:34:48" level=debug msg="Search "geoip.dat" in [/.local/share/dae, /usr/local/share/dae, /usr/share/dae, /etc/dae]"
Fri May  5 19:34:48 2023 daemon.err dae[7090]: time="May 05 11:34:48" level=debug msg="Found "geoip.dat" at /usr/share/dae/geoip.dat"
Fri May  5 19:34:48 2023 daemon.err dae[7090]: time="May 05 11:34:48" level=debug msg="Read geoip "geoip.dat:private" from /usr/share/dae/geoip.dat"
Fri May  5 19:34:48 2023 daemon.err dae[7090]: time="May 05 11:34:48" level=debug msg="Read geoip "geoip.dat:cn" from /usr/share/dae/geoip.dat"
Fri May  5 19:34:48 2023 daemon.err dae[7090]: time="May 05 11:34:48" level=debug msg="Search "geosite.dat" in [/.local/share/dae, /usr/local/share/dae, /usr/share/dae, /etc/dae]"
Fri May  5 19:34:48 2023 daemon.err dae[7090]: time="May 05 11:34:48" level=debug msg="Found "geosite.dat" at /usr/share/dae/geosite.dat"
Fri May  5 19:34:48 2023 daemon.err dae[7090]: time="May 05 11:34:48" level=debug msg="Read geosite "geosite.dat:cn" from /usr/share/dae/geosite.dat"
Fri May  5 19:34:48 2023 daemon.err dae[7090]: time="May 05 11:34:48" level=debug msg="RoutingA:
Fri May  5 19:34:48 2023 daemon.err dae[7090]: pname([n = 3]) -> direct
Fri May  5 19:34:48 2023 daemon.err dae[7090]: ip([n = 10981]) -> direct
Fri May  5 19:34:48 2023 daemon.err dae[7090]: domain([n = 65703]) -> direct
Fri May  5 19:34:48 2023 daemon.err dae[7090]: qname([n = 1]) -> amy
Fri May  5 19:34:48 2023 daemon.err dae[7090]: fallback: amy
Fri May  5 19:34:48 2023 daemon.err dae[7090]: "
Fri May  5 19:34:48 2023 daemon.err dae[7090]: time="May 05 11:34:48" level=debug msg="[rule] pname([n = 3]) -> direct"
Fri May  5 19:34:48 2023 daemon.err dae[7090]: time="May 05 11:34:48" level=debug msg="	pname() -> direct"
Fri May  5 19:34:48 2023 daemon.err dae[7090]: time="May 05 11:34:48" level=debug msg="[rule] ip([n = 10981]) -> direct"
Fri May  5 19:34:48 2023 daemon.err dae[7090]: time="May 05 11:34:48" level=debug msg="	ip() -> direct"
Fri May  5 19:34:48 2023 daemon.err dae[7090]: time="May 05 11:34:48" level=debug msg="[rule] domain([n = 65703]) -> direct"
Fri May  5 19:34:48 2023 daemon.err dae[7090]: time="May 05 11:34:48" level=debug msg="	domain(full) -> <OR>"
Fri May  5 19:34:48 2023 daemon.err dae[7090]: time="May 05 11:34:48" level=debug msg="	domain(regex) -> <OR>"
Fri May  5 19:34:48 2023 daemon.err dae[7090]: time="May 05 11:34:48" level=debug msg="	domain(suffix) -> direct"
Fri May  5 19:34:48 2023 daemon.err dae[7090]: time="May 05 11:34:48" level=debug msg="[rule] qname([n = 1]) -> amy"
Fri May  5 19:34:49 2023 daemon.err dae[7090]: time="2023-05-05T11:34:49Z" level=fatal msg="NewRoutingMatcherBuilder: unknown function: qname"
Fri May  5 19:34:49 2023 daemon.info procd: Instance dae::dae s in a crash loop 6 crashes, 4 seconds since last crash

load eBPF objects: field TproxyLanIngress: program tproxy_lan_ingress

The latest commit "[fix: should update system DNS every 5 seconds" caused the error

INFO The loading process takes about 150MB free memory, which will be released after loading. Insufficient memory will cause loading failure.
FATA[0004] load eBPF objects: field TproxyLanIngress: program tproxy_lan_ingress : load program: argument list too long: ; if (match_set->outbound != OUTBOUND_LOGICAL_OR) {: 938: (15) if r2 == 0xfe goto pc-117 ; frame1: R (truncated, 954 line(s) omitted)

Build command
git clone --depth 1 https://github.com/daeuniverse/dae.git
cd dae
git submodule update --init
go mod download
go mod vendor
make CGO_ENABLED=0 GOFLAGS="-trimpath -modcacherw" CFLAGS="-D__REMOVE_BPF_PRINTK" CC=clang goos=linux goarch=amd64 goamd64=v2

Do you have any suggestions?

dae work with adguardhome

I am using adguardhome as upstream DNS but it is not working with dae, the domain traffic split not work. Could you please give me a sample config file. Many thanks!

Node is naiveproxy socks5
adguardhome:china website 223.5.5.5 upd dns,other site Google DoH dns

My current configuration file is below

global {
tproxy_port: 12345
log_level: info
#tcp_check_url: 'http://keep-alv.google.com/generate_204'
#udp_check_dns: 'dns.google:53'
#check_interval: 30s
#check_tolerance: 50ms
lan_interface: enp1s0
# wan_interface: enp1s0
allow_insecure: false
dial_mode: domain
}

node {
fast_node: 'socks5://127.0.0.1:10000'
cloud_node: 'socks5://127.0.0.1:10001'
}

dns {
upstream {
adguardhomedns: 'tcp+udp://127.0.0.1:53'
}
#routing {
#request {
#fallback: asis
#}
#response {
#upstream(localdns) -> accept
# !qname(geosite:cn) && ip(geoip:private) -> googledns
#fallback: accept
#}
#}
}

Node group (outbound).

group {
fast_group {
policy: fixed(0)
}

cloud_group {
policy: fixed(1)
}

}

routing {
### Preset rules.
pname(AdGuardHome) -> must_direct
# pname(NetworkManager, systemd-resolved) -> direct
dip(224.0.0.0/3, 'ff00::/8') -> direct
dip(geoip:private) -> direct

### Write your rules below.
dip(1.0.0.1) -> fast_group
dip(1.1.1.1) -> fast_group
domain(apple.com) -> direct
domain(apple.news) -> direct
dip(geoip:cn) -> direct
domain(geosite:cn) -> direct
fallback: fast_group

}

随机出现一段时间后打开网页很长时间转圈加载的情况

运行环境

NAME="OpenWrt"
VERSION="23.05.0-rc2"
ID="openwrt"
ID_LIKE="lede openwrt"
PRETTY_NAME="OpenWrt 23.05.0-rc2"
VERSION_ID="23.05.0-rc2"
HOME_URL="https://openwrt.org/"
BUG_URL="https://bugs.openwrt.org/"
SUPPORT_URL="https://forum.openwrt.org/"
BUILD_ID="r23228-cd17d8df2a"
OPENWRT_BOARD="x86/64"
OPENWRT_ARCH="x86_64"
OPENWRT_TAINTS=""
OPENWRT_DEVICE_MANUFACTURER="OpenWrt"
OPENWRT_DEVICE_MANUFACTURER_URL="https://openwrt.org/"
OPENWRT_DEVICE_PRODUCT="Generic"
OPENWRT_DEVICE_REVISION="v0"
OPENWRT_RELEASE="OpenWrt 23.05.0-rc2 r23228-cd17d8df2a"
  • Kernel:
Linux OpenWrt 5.15.118 #0 SMP Mon Jun 26 11:20:39 2023 x86_64 GNU/Linux

BUG描述

dae安装在主路由上面, 该路由器为PPPoE拨号, 启动dae后刚开始一段时间打开国外网站都很快, 过几分钟/几十分钟后随机出现某些被代理的网站打开时浏览器页面一直转圈, 也没有该网站域名相关的日志输出, 等几秒/几十秒后网站就打开了(这时候有该网站域名相关的日志输出了), 之后一段时间内打开该网站都会很快

节点类型

加密协议 'Shadowsocks AEAD'
shadowsocks_encrypt_method 'aes-128-gcm'
shadowsocks_plugin 'obfs-local'
shadowsocks_plugin_opts 'obfs=http;obfs-host=5c2d9c0098.douyincdn.com'

配置文件

global {
	tproxy_port: 12345
	tproxy_port_protect: true
	so_mark_from_dae: 0
	log_level: info
	disable_waiting_network: false
	lan_interface: eth0,eth2
	#wan_interface: auto
	auto_config_kernel_parameter: true
	tcp_check_url: 'http://cp.cloudflare.com,1.1.1.1,2606:4700:4700::1111'
	tcp_check_http_method: HEAD
	udp_check_dns: 'dns.google.com:53,8.8.8.8,2001:4860:4860::8888'
	check_interval: 30s
	check_tolerance: 50ms
	dial_mode: domain
	allow_insecure: false
	sniffing_timeout: 100ms
	tls_implementation: tls
	utls_imitate: chrome_auto
}

subscription {
	FC: 'https://'
}

dns {
	ipversion_prefer: 4
	upstream {
		localdns: 'udp://223.5.5.5:53'
		remotedns: 'tcp://1.1.1.1:53'
	}
	routing {
		request {
			#qname(geosite:category-ads-all) -> reject
			qname(geosite:cn) -> localdns
			qname(geosite:geolocation-!cn) -> remotedns
			fallback: localdns
		}
		response {
			upstream(remotedns) -> accept
			!qname(geosite:cn) && ip(geoip:private) -> remotedns
			fallback: accept
		}
	}
}

group {
	proxy {
		#filter: name(keyword: '新加坡')
		filter: subtag(FC) && name(keyword: '新加坡') && !name(keyword: '实验性')
		policy: fixed(0)
	}
}

routing {
	### Preset rules.
	pname(NetworkManager) -> direct

	### Dest IP rule
	dip(224.0.0.0/3, 'ff00::/8') -> direct
	dip(geoip:private) -> direct

	### Source IP rule

	### Dest port rule
	!dport(22, 53, 80, 143, 443, 465, 587, 853, 993, 995, 8080, 8443, 9418) -> direct

	### Source port rule

	### Level 4 protocol rule

	### IP version rule:

	### Write your rules below.
	#domain(geosite:category-ads-all) -> block
	l4proto(udp) && dport(443) && domain(geosite:youtube) -> block
	dip(geoip:cn) -> direct
	domain(geosite:cn) -> direct
	domain(geosite:steam@cn) -> direct
	fallback: proxy
}

补充

同样的节点配置在homeproxy下面没有这种情况出现

`allow_insecure: true` will cause failure to connect with grpc node

What happened

allow_insecure: true will cause failure to connect with grpc node. And this problem will disappear after set it false.

Log:

[Jun 03 23:19:10] DEBUG Connectivity Check Failed err=context deadline exceeded network=udp6(DNS) node=test
[Jun 03 23:19:10] DEBUG Connectivity Check Failed err=context deadline exceeded network=udp4(DNS) node=test
[Jun 03 23:19:10] DEBUG Connectivity Check Failed err=timeout network=tcp6 node=test
[Jun 03 23:19:10] DEBUG Connectivity Check Failed err=context deadline exceeded network=tcp6(DNS) node=test
[Jun 03 23:19:10]  INFO ALIVE --udp6(DNS)-> NOT ALIVE:  dialer=test group=default
[Jun 03 23:19:10]  INFO Group has no dialer alive group=default network=udp6(DNS)
[Jun 03 23:19:10]  WARN Outbound <default> udp6 -> NOT ALIVE, notify the kernel program. outboundId=2
[Jun 03 23:19:10] DEBUG Connectivity Check Failed err=context deadline exceeded network=tcp4(DNS) node=test

What you expected to happen

How to reproduce it (as minimally and precisely as possible):

  1. Add a vmess+grpc node.
  2. Set allow_insecure: true .
  3. Run dae.

Anything else we need to know

Environment

  • Dae version (use dae --version): v0.1.10rc1
  • OS (e.g cat /etc/os-release):
  • Kernel (e.g. uname -a):
  • Others:

optimize: cache NXDomain and reject with 0.0.0.0 may caused issue

What happened:

ifeng.com slow to open, the problem disappears after rolling back to the file before this change.

What you expected to happen:

How to reproduce it (as minimally and precisely as possible):

Anything else we need to know

Environment:

  • Dae version (use dae --version):
  • OS (e.g cat /etc/os-release):
  • Kernel (e.g. uname -a):
  • Others:

[Feature Request] Add /etc/dae as geoip.dat search dir

Summary

Is it possible to include /etc/dae/ as one of the search dirs for geoip.dat and geosite.dat?

[Mar 24 20:58:26] DEBUG Search "geoip.dat" in [/root/.local/share/dae, /usr/local/share/dae, /usr/share/dae, /var/lib/snapd/desktop/dae]
[Mar 24 20:58:26] DEBUG Failed to read geoip "geoip.dat:private": geoip.dat: file does not exist in [/root/.local/share/dae, /usr/local/share/dae, /usr/share/dae, /var/lib/snapd/desktop/dae]

i225/226 NIC PVE Hardware passthrough

If you are using Intel i225/226 NIC, you may encounter the problem that the client cannot get the DNS IP after enabling the NIC hardware passthrough feature under PVE.

Solution

  1. Install ethtool
    apt install ethtool
  2. Add command line to /etc/systemd/system/dae.service file
    [Service]
    ExecStartPre=/usr/sbin/ethtool -K [Your network interface name] tx-checksum-ip-generic off

Please add this solution to the Troubleshooting Doc. Thank you.

DNS缓存仍然有些问题

What happened:

我注意到dae的DNS缓存更新比较慢,上游DNS的查询结果已经更新,但是dae的缓存却迟迟不更新。
请考虑设计禁用DNS缓存的功能。目前的操作系统和路由器都自带了DNS缓存功能,网关有没有缓存应该是无所谓的。
如果您觉得缓存是有必要的,请让用户自行设置缓存时间或者选择哪些域名不缓存。
非常感谢你带来如此强大而简洁的程序,祝周末愉快 ;)

What you expected to happen:

How to reproduce it (as minimally and precisely as possible):

Anything else we need to know

Environment:

  • Dae version (use dae --version):
  • OS (e.g cat /etc/os-release):
  • Kernel (e.g. uname -a):
  • Others:

[Release Changelogs] v0.2.0

Context

🚀 @daebot proposed the following changelogs for release v0.1.0 generated in workflow run.

Changelogs

Bug Fixes

  • fix: samba not work in #173 by (@mzz2017)
  • fix: should allow fallbacking ip version if dialing domain in #164 by (@mzz2017)

Others

  • chore: expose the routable dialer for dae-wing in #172 by (@mzz2017)
  • ci(generate-changelogs): add control on whether to write to issue page in #170 by (@yqlbu)
  • chore(geodata): change back to v2fly geodata in #168 by (@mzz2017)

Full Changelog: v0.2.0rc4...v0.2.0

Bad compatibility of `tcp_check_http_method: CONNECT`

What happened

Using the following config will cause failures to check connectivity:

tcp_check_http_method: CONNECT
tcp_check_url: 'http://gstatic.com/generate_204'

This is because CONNECT to http://gstatic.com/generate_204 returns 400, and dae assumes it is a failure.

How to reproduce it (as minimally and precisely as possible):

Reproduce it manually as following image:

image

Anything else we need to know

Related: #77

Environment

  • Dae version (use dae --version): >=v0.1.10
  • OS (e.g cat /etc/os-release):
  • Kernel (e.g. uname -a):
  • Others:

[CI] Automatic docs synchronization

What feature you would like us to integrate into the dae project

I would like to introduce a new dedicated CI pipeline to achieve the followings:

  • Watch any changes made in ./docs
  • Design and implement a dedicated workflow to raise a new PR in daeuniverse/dae-docs in which the PR should include all the proposed changes made to this repository.
  • Add regex pattern in the CI to pick up the special syntax for Docusarus

Why is this needed

To reduce maintenance overheads.

TODOs

  • Add another script to monitor changes to *.md

[Release Changelogs] v0.2.0rc3

Context

🚀 @daebot proposed the following changelogs for release v0.1.0 generated in workflow run.

Changelogs

Features

  • feat(config): support IgnoreZero option for config.Marhsaller in #153 by (@mzz2017)
  • optimize(routing): fix slow domain++ ip routing in #133 by (@mzz2017)

Bug Fixes

  • fix: bad connectivity check of dns(tcp) caused by #80 in #155 by (@mzz2017)
  • fix/chore(grpc): allow insecure caused no connection in #151 by (@mzz2017)
  • fix: new control plane should reset grpc conn pool cache in #150 by (@mzz2017)
  • fix(group): policy 'fixed' parsing in #149 by (@mzz2017)
  • fix(socks5): udp problem in #148 by (@mzz2017)
  • fix: should gracefully exit if failed to listen when reloading in #138 by (@mzz2017)
  • fix: change default tcp_check_http_method from CONNECT to HEAD in #137 by (@mzz2017)
  • fix: failed to sniff tls1.2 traffic in some cases in #135 by (@mzz2017)
  • fix: enlarge kernel geoip size limit in #130 by (@mzz2017)
  • fix(config): problem that always append values to default list in #128 by (@mzz2017)

Others

  • ci: add generate-changelogs workflow in #159 by (@yqlbu)
  • chore/docs: support to unroll route loop and update troubleshooting.md in #158 by (@mzz2017)
  • ci: separate release build from main build in #157 by (@yqlbu)
  • docs(getting-started): add ref to run-as-daemon in #147 by (@yqlbu)
  • chore(pr_template): correct a typo in #146 by (@yqlbu)
  • chore: allow to modify app name and assets dir name in #144 by (@mzz2017)
  • chore(Dockerfile): change geodata upstream in #140 by (@mzz2017)
  • chore: fix incorrect number of routing rule stringer in #131 by (@mzz2017)
  • chore: fix make with /bin/sh in #129 by (@mzz2017)
  • chore(Makefile): support submodules in #126 by (@mzz2017)
  • chore(changelogs-v0.2.0rc1): apply minor fix in #125 by (@yqlbu)

Example Config: https://github.com/daeuniverse/dae/blob/v0.2.0rc3/example.dae

Full Changelog: v0.2.0rc2...v0.2.0rc3

IPv6 UDP 连通性问题

What happened:

带有 IPv6 目标地址的 UDP 数据包无法被代理

What you expected to happen:

带有 IPv6 目标地址的 UDP 数据包正常代理

How to reproduce it (as minimally and precisely as possible):

% dig +short www.google.com @2400:3200:: // 证实本地 IPv6 环境正常
107.181.166.244
% dig +short +tcp www.google.com @2606:4700:4700::1111 // 证实服务端 IPv6 环境正常
172.217.25.164
% dig +short www.google.com @2606:4700:4700::1111 // 代理 v6udp 超时
;; communications error to 2606:4700:4700::1111#53: timed out
^C

Anything else we need to know

未在日志中观察到任何关于 [2606:4700:4700::1111]:53 的条目

Environment:

  • Dae version (use dae --version): dae version 0.1.9patch1
  • OS (e.g cat /etc/os-release):
  • Kernel (e.g. uname -a):
  • Others:

[Bug Report] FATA[0000] dae.Run: rlimit.RemoveMemlock:failed to set memlock rlimit: operation not permitted

What happened

image

Failed to start with error

FATA[0000] dae.Run: rlimit.RemoveMemlock:failed to set memlock rlimit: operation not permitted

What you expected to happen

Runs without panicking

How to reproduce it (as minimally and precisely as possible):

Clone daed repo and checkout to ci-publish-docker-image branch

git clone [email protected]:daeuniverse/daed.git -b ci-publish-docker-image

Docker build and run

docker build . -t daed
docker run -it --rm daed

Anything else we need to know

Origin issue opened in dae-wing here

Environment

  • Dae version (use dae --version):
image image
  • OS (e.g cat /etc/os-release):

NAME="Arch Linux"
PRETTY_NAME="Arch Linux"
ID=arch
BUILD_ID=rolling
ANSI_COLOR="38;2;23;147;209"
HOME_URL="https://archlinux.org/"
DOCUMENTATION_URL="https://wiki.archlinux.org/"
SUPPORT_URL="https://bbs.archlinux.org/"
BUG_REPORT_URL="https://bugs.archlinux.org/"
PRIVACY_POLICY_URL="https://terms.archlinux.org/docs/privacy-policy/"
LOGO=archlinux-logo
IMAGE_ID=archlinux
IMAGE_VERSION=2023.06.01

  • Kernel (e.g. uname -a):

Linux dae-test 6.3.6-arch1-1 #1 SMP PREEMPT_DYNAMIC Mon, 05 Jun 2023 15:12:57 +0000 x86_64 GNU/Linux

  • Others:

Docker Version:

image

domain++ does not rewrite target

What happened

sniffed_domain in log is set, but target remains ip.

What you expected to happen

How to reproduce it (as minimally and precisely as possible):

  1. Set up dae on the gateway with dial_mode: domain++.
  2. Use shadowrocket with direct mode and DoH enabled.
  3. Access some websites.

Anything else we need to know

Environment

  • Dae version (use dae --version): 0.2.0
  • OS (e.g cat /etc/os-release):
  • Kernel (e.g. uname -a):
  • Others:

[Feature] Add support to automate geodata update

What feature you would like us to integrate into the dae project

Add ansible scripts to automate the workflow of updating geodata

Why is this needed:

Some end-users in our community request such a feature.

[Feature Request] Add support to separate policy routing as rules.dae

Summary

As a successor of v2raya, I wonder if dae can support separating policy-based routing (former: routingA) as a file.

Consider the following examples

/etc/dae/config.dae

routing {
    ### Preset rules.

    # If you bind to WAN and set upstream (in section "dns") to a DNS service in localhost (dnsmasq, adguard, etc.),
    # to avoid loops, let them "must_direct", which makes DNS requests not redirect back to dae again.
    # "pname" means process name.
    pname(dnsmasq, systemd-resolved) && l4proto(udp) && dport(53) -> must_direct

    # Network managers in localhost should be direct to avoid false negative network connectivity check when binding to
    # WAN.
    pname(NetworkManager) -> direct

    # Put it in the front to prevent broadcast, multicast and other packets that should be sent to the LAN from being
    # forwarded by the proxy.
    # "dip" means destination IP.
    dip(224.0.0.0/3, 'ff00::/8') -> direct

    # This line allows you to access private addresses directly instead of via your proxy. If you really want to access
    # private addresses in your proxy host network, modify the below line.
    dip(geoip:private) -> direct

    ### Write your rules below.

    rule_file: # <-- ideally in array format
      - ./custom-rules.dae

/etc/dae/custom-rules.dae

### Write your rules below.

dip(geoip:cn) -> direct
domain(geosite:cn) -> direct

ip(ext:"geoip.dat:netflix") -> SG
domain(ext:"geosite.dat:netflix") -> SG

fallback: proxy

[Support] Remove local dns from must_direct in README

What would you like us to support (In short summary)

Motivation & Background

If we add dnsmasq and systemd-resolved to must_direct, in 'binding to WAN' scenario, DNS mapping will fail because all DNS queries will bypass dae.

The best way is to refer to external-dns.md. But it is not OOTB (out-of-the-box) and is expensive to configure.

Removing them from must_direct is not the best way but just acceptable. Its disadvantage is that those local domain servers have cache and they will not always request to upstream each time, thus if some domains share the same IP, domain rules can be incorrectly matched due to incorrect mappings.

sni sniffing for domain based routing

What would you like us to improve

domain based routing

Why is this needed

currently we are dns query associated with ip to get domain. it may not works if client not using standard way to query dns. afaik, some chinese bloat ware will use httpdns to query dns. and modern browser will enable doh by default. both of them will make dae not works.

in my case. dae will run on a router. and i dont have control to all client connecting it. so that i cant disable doh on every client manually.

i saw that you said its hard to write a sni sniffer in ebpf. but can we send first few bit of a packet back to userspace. do the sniffing as usual. then send result back to kernel? i know that it would be slower. so keep it as a default off option.

Openwrt 启动dae的init.d脚本

Openwrt 启动dae的init.d脚本

一、使用说明: 请把以下内容替换到 /etc/init.d/dae 感谢@tty228给的改进版本,修复了dnsmasq问题

#!/bin/sh /etc/rc.common

START=99
STOP=99

LOG_FILE="/var/log/dae.log"
# 如果不需要生成日志,取消下一行的注释
#LOG_FILE="/dev/null"

start_pre() {
   if ! /usr/bin/dae validate -c /etc/dae/config.dae; then
      echo "dae config file /etc/dae/config.dae is invalid or too open, exiting."
      exit 1
   fi
}

start() {
    # 检查 dae 进程是否已经在运行
    if [ $(pidof /usr/bin/dae) ]; then
        echo "dae process is already running!"
        return 1
    fi
	# 清空并添加 DNS 转发,否则关闭劫持后,会因无网络无法启动 dae
	uci -q del dhcp.@dnsmasq[0].server
	uci add_list dhcp.@dnsmasq[0].server='223.5.5.5'
	# 关闭 OpenWrt dnsmasq 53 劫持
	uci set dhcp.@dnsmasq[0].noresolv='1'
	uci commit dhcp
	/etc/init.d/dnsmasq reload
	echo "Disable the 'noresolv' feature in Dnsmasq"
	# 清空日志,自选
	echo "" > $LOG_FILE
	# 启动 dae 进程,并将日志输出到 LOG_FILE 文件中
	start_pre
	/usr/bin/dae run --disable-timestamp -c /etc/dae/config.dae >> $LOG_FILE 2>&1 &
	echo "Started dae process."

	# 记录进程 PID
	echo $! > /var/run/dae.pid
   
}

stop() {
	# 停止 dae 进程
	if [ -f /var/run/dae.pid ]; then
		pid=$(cat /var/run/dae.pid)
		
		kill -15 $pid
		echo "dae stopped"
		# 清空添加的 DNS 转发,并恢复 noresolv 功能
		uci -q del dhcp.@dnsmasq[0].server
		uci set dhcp.@dnsmasq[0].noresolv='0'
		uci commit dhcp
		/etc/init.d/dnsmasq reload
		echo "Enable the 'noresolv' feature in Dnsmasq"
	else
		echo "dae is not running"
	fi

    # 删除进程 PID 文件
    rm -f /var/run/dae.pid
}

restart() {
    stop
    sleep 1
    start
}

reload() {
    # 从 PID 文件中读取进程 ID
    if [ -f /var/run/dae.pid ]; then
        pid=$(cat /var/run/dae.pid)

        # 重新加载 dae 进程
        /usr/bin/dae reload $pid
        echo "Reloaded dae process."
    else
        echo "dae process is not running!"
    fi
}

二、扩展功能:
1.暂停dae: /usr/bin/dae suspend $(cat /var/run/dae.pid)
2.查看日志: tail -f /var/log/dae.log
(ps:自己注意dae日志文件大小 ,已知问题OPENWRT下日志文件大于512M dae会崩,建议安装第三方日志管理软件)

以下废弃。。
三、目前已知dae会和Dnsmasq发生冲突
1.

echo "nameserver 223.5.5.5" > /etc/resolv.conf

2.建议把 Dnsmasq DNS监听端口设置为 0 或者 /etc/init.d/dnsmasq stop (ps:慎用!!!可能会失去dhcp功能)(补充:不需要关,见评论区)

关于代理路由器本机的疑问

当我ssh到路由器执行

curl -kfSLo "/tmp/temp.dat" "https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geoip.dat"

或者

wget --no-check-certificate -O "/tmp/temp.dat" "https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geoip.dat"

命令时, 发现路由器本机并没有被dae代理
在路由器下局域网的电脑上执行上面的命令, 上面的链接是会被正常代理的

  • 配置文件
global {
    tproxy_port: 12345
    log_level: info
    tcp_check_url: 'http://www.google-analytics.com/generate_204'
    udp_check_dns: 'one.one.one.one:53'
    check_interval: 30s
    check_tolerance: 50ms
    lan_interface: br-lan
    wan_interface: auto
    allow_insecure: false
    dial_mode: domain
    disable_waiting_network: false
    auto_config_kernel_parameter: true
    sniffing_timeout: 100ms
}

subscription {
    xxx_SSR: 'https://xxx.xxxnodes.com/Subscription/ShadowRocketImportService?sid=373757&token=xxxxx'
}

node {
    # Add your node links here.
    # Support socks5, http, https, ss, ssr, vmess, vless, trojan, trojan-go
    # 'socks5://localhost:1080'
    # mylink: 'ss://LINK'
    # node1: 'vmess://LINK'
    # node2: 'vless://LINK'
}

dns {
    ipversion_prefer: 4
    upstream {
        alidns: 'udp://dns.alidns.com:53'
        googledns: 'tcp+udp://dns.google.com:53'
    }
    routing {
        request {
            qname(geosite:category-ads-all) -> reject
            qname(geosite:geolocation-!cn) -> googledns
            qname(geosite:apple-cn, geosite:cn) -> alidns
            fallback: asis
        }
        response {
            upstream(googledns) -> accept
            !qname(geosite:cn) && ip(geoip:private) -> googledns
            fallback: accept
        }
    }
}

group {
    AT_SG {
        filter: name(keyword: '新加坡', keyword: 'SG')
        policy: min_moving_avg
    }

    AT_TW {
        filter: name(keyword: '**', keyword: 'TW')
        policy: min_moving_avg
    }
}

routing {
    pname(NetworkManager) -> direct

    dip(224.0.0.0/3, 'ff00::/8') -> direct

    dip(geoip:private, geoip:cn) -> direct

    dport(6888) -> direct

    domain(geosite:cn,
        geosite:apple-cn,
        geosite:spotify,
        geosite:zoom,
        geosite:win-update,
        geosite:category-scholar-cn,
        geosite:category-scholar-!cn) -> direct

    domain(suffix: microsoft.com,
        suffix: liveatc.net,
        suffix: ls.apple.com,
        suffix: akadns.net,
        suffix: akamaiedge.net) -> direct

    fallback: AT_SG
}

v0.1.10rc 无法启动

What happened:

v0.1.10rc 无法启动,v0.1.9-patch.1没有问题。应该是这个修改([patch: search geodata at same dir with config first ))导致的。
dae, config.dae,geoip.dat 均在同一目录。

日志如下
root@debian:~# journalctl -u dae.service
Mar 15 09:11:20 debian systemd[1]: Starting dae Service...
Mar 15 09:12:50 debian systemd[1]: dae.service: start-pre operation timed out. >
Mar 15 09:12:50 debian systemd[1]: dae.service: Control process exited, code=ki>
Mar 15 09:12:50 debian systemd[1]: dae.service: Failed with result 'timeout'.
Mar 15 09:12:50 debian systemd[1]: Failed to start dae Service.
Mar 15 09:12:50 debian systemd[1]: dae.service: Scheduled restart job, restart >
Mar 15 09:12:50 debian systemd[1]: Stopped dae Service.
Mar 15 09:12:50 debian systemd[1]: Starting dae Service...
Mar 15 09:12:50 debian systemd[484]: dae.service: Failed to locate executable />
Mar 15 09:12:50 debian systemd[484]: dae.service: Failed at step EXEC spawning >
Mar 15 09:12:50 debian systemd[1]: dae.service: Control process exited, code=ex>
Mar 15 09:12:50 debian systemd[1]: dae.service: Failed with result 'exit-code'.
Mar 15 09:12:50 debian systemd[1]: Failed to start dae Service.
Mar 15 09:17:57 debian systemd[1]: Starting dae Service...
Mar 15 09:17:57 debian bash[529]: /bin/bash: line 1: /usr/local/bin/naive.sh: N>
Mar 15 09:17:57 debian systemd[1]: dae.service: Control process exited, code=ex>
Mar 15 09:17:57 debian systemd[1]: dae.service: Failed with result 'exit-code'.
Mar 15 09:17:57 debian systemd[1]: Failed to start dae Service.
Mar 15 09:19:28 debian systemd[1]: Starting dae Service...
Mar 15 09:19:28 debian bash[559]: /bin/bash: line 1: /usr/local/bin/naive.sh: N>
Mar 15 09:19:28 debian systemd[1]: dae.service: Control process exited, code=ex>
Mar 15 09:19:28 debian systemd[1]: dae.service: Failed with result 'exit-code'.
Mar 15 09:19:28 debian systemd[1]: Failed to start dae Service.
lines 1-23...skipping...
Mar 15 09:11:20 debian systemd[1]: Starting dae Service...
Mar 15 09:12:50 debian systemd[1]: dae.service: start-pre operation timed out. Terminating.
Mar 15 09:12:50 debian systemd[1]: dae.service: Control process exited, code=killed, status=15/TERM
Mar 15 09:12:50 debian systemd[1]: dae.service: Failed with result 'timeout'.
Mar 15 09:12:50 debian systemd[1]: Failed to start dae Service.
Mar 15 09:12:50 debian systemd[1]: dae.service: Scheduled restart job, restart counter is at 1.
Mar 15 09:12:50 debian systemd[1]: Stopped dae Service.
Mar 15 09:12:50 debian systemd[1]: Starting dae Service...
Mar 15 09:12:50 debian systemd[484]: dae.service: Failed to locate executable /usr/bin/naive: No such file or directory
Mar 15 09:12:50 debian systemd[484]: dae.service: Failed at step EXEC spawning /usr/bin/naive: No such file or directory
Mar 15 09:12:50 debian systemd[1]: dae.service: Control process exited, code=exited, status=203/EXEC
Mar 15 09:12:50 debian systemd[1]: dae.service: Failed with result 'exit-code'.
Mar 15 09:12:50 debian systemd[1]: Failed to start dae Service.
Mar 15 09:17:57 debian systemd[1]: Starting dae Service...
Mar 15 09:17:57 debian bash[529]: /bin/bash: line 1: /usr/local/bin/naive.sh: No such file or directory
Mar 15 09:17:57 debian systemd[1]: dae.service: Control process exited, code=exited, status=127/n/a
Mar 15 09:17:57 debian systemd[1]: dae.service: Failed with result 'exit-code'.
Mar 15 09:17:57 debian systemd[1]: Failed to start dae Service.
Mar 15 09:19:28 debian systemd[1]: Starting dae Service...
Mar 15 09:19:28 debian bash[559]: /bin/bash: line 1: /usr/local/bin/naive.sh: No such file or directory
Mar 15 09:19:28 debian systemd[1]: dae.service: Control process exited, code=exited, status=127/n/a
Mar 15 09:19:28 debian systemd[1]: dae.service: Failed with result 'exit-code'.
Mar 15 09:19:28 debian systemd[1]: Failed to start dae Service.

What you expected to happen:

How to reproduce it (as minimally and precisely as possible):

Anything else we need to know

Environment:

  • Dae version (use dae --version):
  • OS (e.g cat /etc/os-release):
  • Kernel (e.g. uname -a):
  • Others:

[Support] Keyword mismatch

What would you like us to support (In short summary)

Seems like the keyword matching does NOT actually take effect. Consider the following configs:

    domain(suffix:linkedin.com) -> proxy
    domain(keyword:linkedin) -> proxy
    domain(keyword:linuxfoundation,
           keyword:notion,
           keyword:github,
           keyword:gist,
           keyword:aws,
           keyword:oracle,
           keyword:quay,
           keyword:docker,
           keyword:kubernetes,
           keyword:yahoo,
           keyword:pikpak
    ) -> proxy

[Support Request] DNS Cache problem

What happened:

Does dae have DNS cache? I have DDNS configured on my router and nslookup can return the correct IP if not connected through dae. If connected via dae it always returns the old IP unless I restart the dae service

What you expected to happen:

How to reproduce it (as minimally and precisely as possible):

Anything else we need to know

Environment:

  • Dae version (use dae --version):
  • OS (e.g cat /etc/os-release):
  • Kernel (e.g. uname -a):
  • Others:

DNS缓存建议

What would you like us to support (In short summary)

为了避免系统中存在多个DNS缓存,对于同时使用dae和其他DNS服务程序 (如dnsmasq,coredns,adguardhome)的用户,是否应该建议将DNS服务程序的缓存disable?

[Support] Add version control on config.dae

What would you like us to support (In short summary)

In future release cycles, we should consider adding a link to point users to the example.dae based on the associated release tag. Consider the following release notes:

Full Changelog: v0.1.10rc...v0.1.10rc1

Example Config: https://github.com/daeuniverse/dae/blob/v0.1.10rc1/example.dae

What's next

We should also make some modifications to the installer script, including logic to pull the latest example.dae for any new future releases.

怎么用,看不懂

What happened

What you expected to happen

How to reproduce it (as minimally and precisely as possible):

Anything else we need to know

Environment

  • Dae version (use dae --version):
  • OS (e.g cat /etc/os-release):
  • Kernel (e.g. uname -a):
  • Others:

CI Roadmap

Context

Constantly improve CI quality build.

TODOs

  • Separate release build from regular build
  • Separate pr-based build from regular build
  • Add automation of example.dae to generate-changelogs workflow
  • Add daily-preview build
  • Use shared workflows/actions to chain reusable steps to various downstream workflows ==> CI Modularity

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.