package com.github.shadowsocksrpro;

import android.content.Intent;
import android.content.pm.ApplicationInfo;
import android.os.IBinder;
import android.os.Process;
import android.text.TextUtils;
import androidx.annotation.Nullable;
import com.github.shadowsocksrpro.BaseService;
import com.github.shadowsocksrpro.database.Profile;
import com.github.shadowsocksrpro.job.AclSyncJob;
import com.github.shadowsocksrpro.utils.Constants;
import com.github.shadowsocksrpro.utils.TcpFastOpen;
import com.github.shadowsocksrpro.utils.Utils;
import com.github.shadowsocksrpro.utils.VayLog;
import eu.chainfire.libsuperuser.Shell;
import java.io.File;
import java.io.RandomAccessFile;
import java.net.Inet6Address;
import java.net.InetAddress;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Locale;

/* loaded from: classes.dex */
public class ShadowsocksNatService extends BaseService {
    private static final String CMD_IPTABLES_DNAT_ADD_SOCKS = "iptables -t nat -A OUTPUT -p tcp -j DNAT --to-destination 127.0.0.1:8123";
    private static final String TAG = "ShadowsocksNatService";
    private ShadowsocksNotification notification;
    private GuardedProcess pdnsdProcess;
    private GuardedProcess redsocksProcess;
    private GuardedProcess sslocalProcess;
    private GuardedProcess sstunnelProcess;
    private Shell.Interactive su;
    private final int myUid = Process.myUid();
    private boolean proxychains_enable = false;
    private String host_arg = "";
    private String dns_address = "";
    private int dns_port = 0;
    private String china_dns_address = "";
    private int china_dns_port = 0;

    @Override // com.github.shadowsocksrpro.BaseService
    public void connect() throws BaseService.NameNotResolvedException, BaseService.KcpcliParseException {
        super.connect();
        killProcesses();
        if (new File(getApplicationInfo().dataDir + "/proxychains.conf").exists()) {
            this.proxychains_enable = true;
        } else {
            this.proxychains_enable = false;
        }
        try {
            List asList = Arrays.asList(this.profile.dns.split(","));
            Collections.shuffle(asList);
            String str = (String) asList.get(0);
            this.dns_address = str.split(":")[0];
            this.dns_port = Integer.parseInt(str.split(":")[1]);
            List asList2 = Arrays.asList(this.profile.china_dns.split(","));
            Collections.shuffle(asList2);
            String str2 = (String) asList2.get(0);
            this.china_dns_address = str2.split(":")[0];
            this.china_dns_port = Integer.parseInt(str2.split(":")[1]);
        } catch (Exception unused) {
            this.dns_address = "8.8.8.8";
            this.dns_port = 53;
            this.china_dns_address = "223.5.5.5";
            this.china_dns_port = 53;
        }
        this.host_arg = this.profile.host;
        if (!Utils.isNumeric(this.profile.host)) {
            String resolve = Utils.resolve(this.profile.host, true);
            if (TextUtils.isEmpty(resolve)) {
                throw new BaseService.NameNotResolvedException();
            }
            this.profile.host = resolve;
        }
        handleConnection();
        if (!Constants.Route.ALL.equals(this.profile.route)) {
            AclSyncJob.schedule(this.profile.route);
        }
        changeState(2);
        this.notification = new ShadowsocksNotification(this, this.profile.name, true);
    }

    public void handleConnection() {
        startTunnel();
        if (!this.profile.udpdns) {
            startDnsDaemon();
        }
        startRedsocksDaemon();
        startShadowsocksDaemon();
        try {
            setupIptables();
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    public void killProcesses() {
        GuardedProcess guardedProcess = this.sslocalProcess;
        if (guardedProcess != null) {
            guardedProcess.destroy();
            this.sslocalProcess = null;
        }
        GuardedProcess guardedProcess2 = this.sstunnelProcess;
        if (guardedProcess2 != null) {
            guardedProcess2.destroy();
            this.sstunnelProcess = null;
        }
        GuardedProcess guardedProcess3 = this.redsocksProcess;
        if (guardedProcess3 != null) {
            guardedProcess3.destroy();
            this.redsocksProcess = null;
        }
        GuardedProcess guardedProcess4 = this.pdnsdProcess;
        if (guardedProcess4 != null) {
            guardedProcess4.destroy();
            this.pdnsdProcess = null;
        }
        this.su.addCommand("iptables -t nat -F OUTPUT");
    }

    @Override // android.app.Service
    @Nullable
    public IBinder onBind(Intent intent) {
        VayLog.d(TAG, "onBind");
        if (Constants.Action.SERVICE.equals(intent.getAction())) {
            return this.binder;
        }
        return null;
    }

    public void setupIptables() throws Exception {
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        arrayList.add("ulimit -n 4096");
        arrayList.add("iptables -t nat -F OUTPUT");
        if (!(InetAddress.getByName(this.profile.host.toUpperCase()) instanceof Inet6Address)) {
            if (this.proxychains_enable) {
                RandomAccessFile randomAccessFile = new RandomAccessFile(getApplicationInfo().dataDir + "/proxychains.conf", "r");
                long length = randomAccessFile.length();
                String str = "";
                if (length != 0) {
                    long j = length - 1;
                    String str2 = "";
                    for (long j2 = 0; j > j2; j2 = 0) {
                        j--;
                        randomAccessFile.seek(j);
                        if (randomAccessFile.readByte() == 10 && str2.equals("")) {
                            str2 = randomAccessFile.readLine();
                        }
                    }
                    str = str2;
                }
                randomAccessFile.close();
                String str3 = str.split(" ")[1];
                if (!Utils.isNumeric(str3)) {
                    str3 = Utils.resolve(str3, true);
                    if (TextUtils.isEmpty(str3)) {
                        throw new BaseService.NameNotResolvedException();
                    }
                }
                arrayList.add("iptables -t nat -A OUTPUT -p tcp -d 0.0.0.0 -j RETURN".replace("-p tcp -d 0.0.0.0", "-d " + str3));
            } else {
                arrayList.add("iptables -t nat -A OUTPUT -p tcp -d 0.0.0.0 -j RETURN".replace("-p tcp -d 0.0.0.0", "-d " + this.profile.host));
            }
        }
        arrayList.add("iptables -t nat -A OUTPUT -p tcp -d 0.0.0.0 -j RETURN".replace("-p tcp -d 0.0.0.0", "-d 127.0.0.1"));
        arrayList.add("iptables -t nat -A OUTPUT -p tcp -d 0.0.0.0 -j RETURN".replace("-p tcp -d 0.0.0.0", "-m owner --uid-owner " + this.myUid));
        arrayList.add("iptables -t nat -A OUTPUT -p tcp -d 0.0.0.0 -j RETURN".replace("-d 0.0.0.0", "--dport 53"));
        arrayList.add("iptables -t nat -A OUTPUT -p udp --dport 53 -j DNAT --to-destination 127.0.0.1:" + (this.profile.localPort + 53));
        if (!this.profile.proxyApps || this.profile.bypass) {
            arrayList2.add(CMD_IPTABLES_DNAT_ADD_SOCKS);
        }
        if (this.profile.proxyApps) {
            List<ApplicationInfo> installedApplications = getPackageManager().getInstalledApplications(0);
            HashMap hashMap = new HashMap(installedApplications.size());
            for (ApplicationInfo applicationInfo : installedApplications) {
                hashMap.put(applicationInfo.packageName, Integer.valueOf(applicationInfo.uid));
            }
            for (String str4 : this.profile.individual.split("\n")) {
                int intValue = ((Integer) hashMap.get(str4)).intValue();
                if (this.profile.bypass) {
                    arrayList.add("iptables -t nat -A OUTPUT -p tcp -d 0.0.0.0 -j RETURN".replace("-d 0.0.0.0", "-m owner --uid-owner " + intValue));
                } else {
                    arrayList2.add(CMD_IPTABLES_DNAT_ADD_SOCKS.replace("-t nat", "-t nat -m owner --uid-owner " + intValue));
                }
            }
        }
        arrayList.addAll(arrayList2);
        this.su.addCommand(arrayList);
    }

    public void startDnsDaemon() {
        boolean z;
        String str = this.profile.ipv6 ? "224.0.0.0/3" : "224.0.0.0/3, ::/0";
        if (Constants.Route.ACL.equals(this.profile.route)) {
            Iterator<String> it = Utils.getLinesByFile(new File(getApplicationInfo().dataDir + '/' + this.profile.route + ".acl")).iterator();
            z = false;
            while (it.hasNext()) {
                if ("[remote_dns]".equals(it.next())) {
                    z = true;
                }
            }
        } else {
            z = false;
        }
        String blackList = (Constants.Route.BYPASS_CHN.equals(this.profile.route) || Constants.Route.BYPASS_LAN_CHN.equals(this.profile.route) || Constants.Route.GFWLIST.equals(this.profile.route)) ? getBlackList() : (!Constants.Route.ACL.equals(this.profile.route) || z) ? "" : getBlackList();
        String str2 = "";
        for (String str3 : this.profile.china_dns.split(",")) {
            str2 = str2 + String.format(Locale.ENGLISH, Constants.ConfigUtils.REMOTE_SERVER, str3.split(":")[0], Integer.valueOf(Integer.parseInt(str3.split(":")[1])), blackList, str);
        }
        Utils.printToFile(new File(getApplicationInfo().dataDir + "/pdnsd-nat.conf"), (Constants.Route.BYPASS_CHN.equals(this.profile.route) || Constants.Route.BYPASS_LAN_CHN.equals(this.profile.route) || Constants.Route.GFWLIST.equals(this.profile.route)) ? String.format(Locale.ENGLISH, Constants.ConfigUtils.PDNSD_DIRECT, "", getApplicationInfo().dataDir, "127.0.0.1", Integer.valueOf(this.profile.localPort + 53), str2, Integer.valueOf(this.profile.localPort + 63), str) : Constants.Route.CHINALIST.equals(this.profile.route) ? String.format(Locale.ENGLISH, Constants.ConfigUtils.PDNSD_DIRECT, "", getApplicationInfo().dataDir, "127.0.0.1", Integer.valueOf(this.profile.localPort + 53), str2, Integer.valueOf(this.profile.localPort + 63), str) : Constants.Route.ACL.equals(this.profile.route) ? !z ? String.format(Locale.ENGLISH, Constants.ConfigUtils.PDNSD_DIRECT, "", getApplicationInfo().dataDir, "127.0.0.1", Integer.valueOf(this.profile.localPort + 53), str2, Integer.valueOf(this.profile.localPort + 63), str) : String.format(Locale.ENGLISH, Constants.ConfigUtils.PDNSD_LOCAL, "", getApplicationInfo().dataDir, "127.0.0.1", Integer.valueOf(this.profile.localPort + 53), Integer.valueOf(this.profile.localPort + 63), str) : String.format(Locale.ENGLISH, Constants.ConfigUtils.PDNSD_LOCAL, "", getApplicationInfo().dataDir, "127.0.0.1", Integer.valueOf(this.profile.localPort + 53), Integer.valueOf(this.profile.localPort + 63), str));
        List asList = Arrays.asList(getApplicationInfo().dataDir + "/pdnsd", "-c", getApplicationInfo().dataDir + "/pdnsd-nat.conf");
        String str4 = TAG;
        StringBuilder sb = new StringBuilder();
        sb.append("startDnsDaemon()  cmds = ");
        sb.append(Utils.makeString((List<String>) asList, " "));
        VayLog.d(str4, sb.toString());
        try {
            this.pdnsdProcess = new GuardedProcess(asList).start();
        } catch (InterruptedException e) {
            e.printStackTrace();
        }
    }

    public void startRedsocksDaemon() {
        String format = String.format(Locale.ENGLISH, Constants.ConfigUtils.REDSOCKS, Integer.valueOf(this.profile.localPort));
        String[] strArr = {getApplicationInfo().dataDir + "/redsocks", "-c", getApplicationInfo().dataDir + "/redsocks-nat.conf"};
        StringBuilder sb = new StringBuilder();
        sb.append(getApplicationInfo().dataDir);
        sb.append("/redsocks-nat.conf");
        Utils.printToFile(new File(sb.toString()), format);
        List asList = Arrays.asList(strArr);
        VayLog.d(TAG, "startRedsocksDaemon()  cmds = " + Utils.makeString((List<String>) asList, " "));
        try {
            this.redsocksProcess = new GuardedProcess(asList).start();
        } catch (InterruptedException e) {
            e.printStackTrace();
        }
    }

    @Override // com.github.shadowsocksrpro.BaseService
    public void startRunner(final Profile profile) {
        if (this.su == null) {
            this.su = new Shell.Builder().useSU().setWatchdogTimeout(10).open(new Shell.OnShellOpenResultListener() { // from class: com.github.shadowsocksrpro.ShadowsocksNatService.1
                @Override // eu.chainfire.libsuperuser.Shell.OnShellOpenResultListener
                public void onOpenResult(boolean z, int i) {
                    if (z) {
                        ShadowsocksNatService.super.startRunner(profile);
                        return;
                    }
                    if (ShadowsocksNatService.this.su != null) {
                        ShadowsocksNatService.this.su.close();
                        ShadowsocksNatService.this.su = null;
                    }
                    ShadowsocksNatService shadowsocksNatService = ShadowsocksNatService.this;
                    ShadowsocksNatService.super.stopRunner(true, shadowsocksNatService.getString(R.string.nat_no_root));
                }
            });
        }
    }

    public void startShadowsocksDaemon() {
        Utils.printToFile(new File(getApplicationInfo().dataDir + "/ss-local-nat.conf"), String.format(Locale.ENGLISH, Constants.ConfigUtils.SHADOWSOCKS, this.profile.host, Integer.valueOf(this.profile.remotePort), Integer.valueOf(this.profile.localPort), Constants.ConfigUtils.EscapedJson(this.profile.password), this.profile.method, 600, this.profile.protocol, this.profile.obfs, Constants.ConfigUtils.EscapedJson(this.profile.obfs_param), Constants.ConfigUtils.EscapedJson(this.profile.protocol_param)));
        LinkedList linkedList = new LinkedList(Arrays.asList(getApplicationInfo().dataDir + "/ss-local", "-x", "-b", "127.0.0.1", "-t", "600", "--host", this.host_arg, "-P", getApplicationInfo().dataDir, "-c", getApplicationInfo().dataDir + "/ss-local-nat.conf"));
        if (TcpFastOpen.sendEnabled()) {
            linkedList.add("--fast-open");
        }
        if (!Constants.Route.ALL.equals(this.profile.route)) {
            linkedList.add("--acl");
            linkedList.add(getApplicationInfo().dataDir + '/' + this.profile.route + ".acl");
        }
        if (this.proxychains_enable) {
            linkedList.addFirst("LD_PRELOAD=" + getApplicationInfo().dataDir + "/lib/libproxychains4.so");
            linkedList.addFirst("PROXYCHAINS_CONF_FILE=" + getApplicationInfo().dataDir + "/proxychains.conf");
            StringBuilder sb = new StringBuilder();
            sb.append("PROXYCHAINS_PROTECT_FD_PREFIX=");
            sb.append(getApplicationInfo().dataDir);
            linkedList.addFirst(sb.toString());
            linkedList.addFirst("env");
        }
        VayLog.d(TAG, "startShadowsocksDaemon()  cmds = " + Utils.makeString(linkedList, " "));
        try {
            this.sslocalProcess = new GuardedProcess(linkedList).start();
        } catch (InterruptedException unused) {
        }
    }

    public void startTunnel() {
        int i = this.profile.localPort + 63;
        if (this.profile.udpdns) {
            i = this.profile.localPort + 53;
        }
        Utils.printToFile(new File(getApplicationInfo().dataDir + "/ss-tunnel-nat.conf"), String.format(Locale.ENGLISH, Constants.ConfigUtils.SHADOWSOCKS, this.profile.host, Integer.valueOf(this.profile.remotePort), Integer.valueOf(i), Constants.ConfigUtils.EscapedJson(this.profile.password), this.profile.method, 600, this.profile.protocol, this.profile.obfs, Constants.ConfigUtils.EscapedJson(this.profile.obfs_param), Constants.ConfigUtils.EscapedJson(this.profile.protocol_param)));
        LinkedList linkedList = new LinkedList(Arrays.asList(getApplicationInfo().dataDir + "/ss-local", "-u", "-t", "60", "--host", this.host_arg, "-b", "127.0.0.1", "-l", String.valueOf(i), "-P", getApplicationInfo().dataDir, "-c", getApplicationInfo().dataDir + "/ss-tunnel-nat.conf"));
        linkedList.add("-L");
        if (Constants.Route.CHINALIST.equals(this.profile.route)) {
            linkedList.add(this.china_dns_address + ":" + String.valueOf(this.china_dns_port));
        } else {
            linkedList.add(this.dns_address + ":" + String.valueOf(this.dns_port));
        }
        if (this.proxychains_enable) {
            linkedList.addFirst("LD_PRELOAD=" + getApplicationInfo().dataDir + "/lib/libproxychains4.so");
            linkedList.addFirst("PROXYCHAINS_CONF_FILE=" + getApplicationInfo().dataDir + "/proxychains.conf");
            StringBuilder sb = new StringBuilder();
            sb.append("PROXYCHAINS_PROTECT_FD_PREFIX=");
            sb.append(getApplicationInfo().dataDir);
            linkedList.addFirst(sb.toString());
            linkedList.addFirst("env");
        }
        VayLog.d(TAG, "startTunnel()  cmds = " + Utils.makeString(linkedList, " "));
        try {
            this.sstunnelProcess = new GuardedProcess(linkedList).start();
        } catch (InterruptedException e) {
            e.printStackTrace();
        }
    }

    @Override // com.github.shadowsocksrpro.BaseService
    public void stopRunner(boolean z) {
        stopRunner(z, null);
    }

    @Override // com.github.shadowsocksrpro.BaseService
    public void stopRunner(boolean z, String str) {
        ShadowsocksNotification shadowsocksNotification = this.notification;
        if (shadowsocksNotification != null) {
            shadowsocksNotification.destroy();
        }
        changeState(3);
        ShadowsocksApplication.app.track(TAG, "stop");
        killProcesses();
        this.su.close();
        this.su = null;
        super.stopRunner(z, str);
    }
}
