bug fixed

src/acl.c

@@ -28,6 +28,11 @@
 #include "cache.h"
 #include "acl.h"
 
+/*
+ * definition:
+ * white list: you can connect directly
+ * black list: you have to connect via proxy, or which has been blocked
+ */
 static struct ip_set white_list_ipv4;
 static struct ip_set white_list_ipv6;
 
@@ -411,14 +416,14 @@ init_acl(const char *path)
  list_ipv6 = &outbound_block_list_ipv6;
  rules = &outbound_block_list_rules;
  continue;
- } else if (strcmp(line, "[black_list]") == 0
- || strcmp(line, "[bypass_list]") == 0) {
+ } else if (strcmp(line, "[white_list]") == 0
+ || strcmp(line, "[proxy_list]") == 0) {
  list_ipv4 = &black_list_ipv4;
  list_ipv6 = &black_list_ipv6;
  rules = &black_list_rules;
  continue;
- } else if (strcmp(line, "[white_list]") == 0
- || strcmp(line, "[proxy_list]") == 0) {
+ } else if (strcmp(line, "[black_list]") == 0
+ || strcmp(line, "[bypass_list]") == 0) {
  list_ipv4 = &white_list_ipv4;
  list_ipv6 = &white_list_ipv6;
  rules = &white_list_rules;

src/local.c

@@ -712,11 +712,12 @@ server_recv_cb(EV_P_ ev_io *w, int revents)
  memset(&storage, 0, sizeof(struct sockaddr_storage));
  int err;
 
- LOGI("acl_match_host %s %d", host, host_match);
+ if (verbose)
+ LOGI("acl_match_host %s %d", host, host_match);
  if (host_match > 0)
- bypass = 1; // bypass hostnames in black list
+ bypass = 0; // bypass hostnames in black list
  else if (host_match < 0)
- bypass = 0; // proxy hostnames in white list
+ bypass = 1; // proxy hostnames in white list
  else {
 #ifndef ANDROID
  if (atyp == 3) { // resolve domain so we can bypass domain with geoip
@@ -741,7 +742,8 @@ server_recv_cb(EV_P_ ev_io *w, int revents)
  }
 #endif
  int ip_match = acl_match_host(ip);// -1 if IP in white list or 1 if IP in black list
- LOGI("acl_match_host ip %d mode %d", ip_match, get_acl_mode());
+ if (verbose)
+ LOGI("acl_match_host ip %d mode %d", ip_match, get_acl_mode());
  if (ip_match < 0 || (get_acl_mode() == BLACK_LIST && ip_match == 0))
  bypass = 1;
  }