vpn-split 21.0.18 → 21.0.19

package/lib-prod/vpn-split.backend.js

@@ -0,0 +1,700 @@
+import { execSync } from "child_process";
+import * as dgram from "dgram";
+import * as http from "http";
+import axios from "axios";
+import * as express from "express";
+import * as httpProxy from "http-proxy";
+import { Log, Level } from "ng2-logger/lib-prod";
+import { config } from "tnp-core/lib-prod";
+import { path, fse, https, isElevated, crossPlatformPath, ___NS__includes, ___NS__isArray, ___NS__keys, ___NS__merge, ___NS__values, UtilsNetwork__NS__getEtcHostsPath, UtilsNetwork__NS__getFirstIpV4LocalActiveIpAddress, UtilsNetwork__NS__getLocalIpAddresses, UtilsOs__NS__commandExistsSync, UtilsOs__NS__getRealHomeDir, UtilsOs__NS__isRunningInWindowsPowerShell } from "tnp-core/lib-prod";
+import { CoreModels__NS__localhostDomain, CoreModels__NS__localhostIp127 } from "tnp-core/lib-prod";
+import { Helpers__NS__error, Helpers__NS__exists, Helpers__NS__info, Helpers__NS__killProcessByPort, Helpers__NS__run, Helpers__NS__writeFile, HelpersTaon__NS__arrays__NS__from } from "tnp-helpers/lib-prod";
+import { Hostile } from "./hostile.backend";
+import { HostForServer } from "./models";
+const HOST_FILE_PATH = UtilsNetwork__NS__getEtcHostsPath();
+const log = Log.create("vpn-split", Level.INFO);
+const GENERATED = "#GENERATED_BY_CLI#";
+const EOL = process.platform === "win32" ? "\r\n" : "\n";
+const SERVERS_PATH = "/$$$$servers$$$$";
+const HOST_FILE_PATHUSER = crossPlatformPath([
+  UtilsOs__NS__getRealHomeDir(),
+  "hosts-file__vpn-split"
+]);
+const from = HostForServer.From;
+const DefaultEtcHosts = {
+  "localhost alias": from({
+    ipOrDomain: "127.0.0.1",
+    aliases: "localhost",
+    isDefault: true
+  }),
+  broadcasthost: from({
+    ipOrDomain: "255.255.255.255",
+    aliases: "broadcasthost",
+    isDefault: true
+  }),
+  "localhost alias ipv6": from({
+    ipOrDomain: "::1",
+    aliases: "localhost",
+    isDefault: true
+  })
+};
+class VpnSplit {
+  constructor(portsToPass, hosts, cwd) {
+    this.portsToPass = portsToPass;
+    this.hosts = hosts;
+    this.cwd = cwd;
+    this.__hostile = new Hostile();
+  }
+  //#region getters
+  get hostsArr() {
+    const hosts = this.hosts;
+    return ___NS__keys(hosts).map((hostName) => {
+      const v = hosts[hostName];
+      v.name = hostName;
+      return v;
+    });
+  }
+  get hostsArrWithoutDefault() {
+    return this.hostsArr.filter((f) => !f.isDefault);
+  }
+  get serveKeyName() {
+    return "tmp-" + config.file.server_key;
+  }
+  get serveKeyPath() {
+    return path.join(this.cwd, this.serveKeyName);
+  }
+  get serveCertName() {
+    return "tmp-" + config.file.server_cert;
+  }
+  get serveCertPath() {
+    return path.join(this.cwd, this.serveCertName);
+  }
+  get serveCertChainName() {
+    return "tmp-" + config.file.server_chain_cert;
+  }
+  get serveCertChainPath() {
+    return path.join(this.cwd, this.serveCertChainName);
+  }
+  //#endregion
+  //#region fields
+  __hostile;
+  //#endregion
+  //#region singleton
+  static _instances = {};
+  static async Instance({
+    ports = [80, 443, 4443, 22, 2222, 8180, 8080, 4407, 7999, 9443],
+    additionalDefaultHosts = {},
+    cwd = process.cwd(),
+    allowNotSudo = false
+  } = {}) {
+    if (!await isElevated() && !allowNotSudo) {
+      Helpers__NS__error(
+        `[vpn-split] Please run this program as sudo (or admin on windows)`,
+        false,
+        true
+      );
+    }
+    if (!VpnSplit._instances[cwd]) {
+      VpnSplit._instances[cwd] = new VpnSplit(
+        ports,
+        ___NS__merge(DefaultEtcHosts, additionalDefaultHosts),
+        cwd
+      );
+    }
+    return VpnSplit._instances[cwd];
+  }
+  //#endregion
+  //#region start server
+  async startServer(saveHostInUserFolder = false) {
+    this.createCertificateIfNotExists();
+    const hostsForCert = this.hosts;
+    saveHosts(hostsForCert, { saveHostInUserFolder });
+    for (const portToPassthrough of this.portsToPass) {
+      await this.serverPassthrough(portToPassthrough);
+    }
+    for (const portToPassthrough of this.portsToPass) {
+      await this.serverUdpPassthrough(portToPassthrough);
+    }
+    Helpers__NS__info(`Activated (server).`);
+  }
+  //#endregion
+  //#region apply hosts
+  applyHosts(hosts) {
+    saveHosts(hosts);
+  }
+  applyHostsLocal(hosts) {
+    saveHostsLocal(hosts);
+  }
+  //#endregion
+  //#region start client
+  async startClient(vpnServerTargets, options) {
+    options = options || {};
+    const { saveHostInUserFolder } = options;
+    if (!Array.isArray(vpnServerTargets)) {
+      vpnServerTargets = [vpnServerTargets];
+    }
+    for (const vpnServerTarget of vpnServerTargets) {
+      await this.preventBadTargetForClient(vpnServerTarget);
+    }
+    this.createCertificateIfNotExists();
+    const hosts = [];
+    for (const vpnServerTarget of vpnServerTargets) {
+      const newHosts = await this.getRemoteHosts(vpnServerTarget);
+      for (const host of newHosts) {
+        host.originHostname = vpnServerTarget.hostname;
+        hosts.push(host);
+      }
+    }
+    const originalHosts = this.hostsArr;
+    const combinedHostsObj = ___NS__values(
+      [
+        ...originalHosts,
+        ...hosts.map(
+          (h) => HostForServer.From(
+            {
+              aliases: h.alias,
+              ipOrDomain: h.ip,
+              originHostname: h.originHostname
+            },
+            `external host ${h.alias} ${h.ip}`
+          )
+        )
+      ].map((c) => {
+        let copy = c.clone();
+        if (!copy.isDefault) {
+          copy.ip = `127.0.0.1`;
+        }
+        return copy;
+      }).reduce((prev, curr) => {
+        return ___NS__merge(prev, {
+          [curr.aliases.join(" ")]: curr
+        });
+      }, {})
+    );
+    const hostsForCert = options.useHost ? options.useHost : combinedHostsObj;
+    saveHosts(hostsForCert, {
+      saveHostInUserFolder
+    });
+    for (const portToPassthrough of this.portsToPass) {
+      await this.clientPassthrough(
+        portToPassthrough,
+        vpnServerTargets,
+        combinedHostsObj
+      );
+    }
+    for (const portToPassthrough of this.portsToPass) {
+      await this.clientUdpPassthrough(
+        portToPassthrough,
+        vpnServerTargets,
+        combinedHostsObj
+      );
+    }
+    Helpers__NS__info(`Client activated`);
+  }
+  //#endregion
+  //#region private methods / get remote hosts
+  async getRemoteHosts(vpnServerTarget) {
+    try {
+      const url = `http://${vpnServerTarget.hostname}${SERVERS_PATH}`;
+      const response = await axios({ url, method: "GET" });
+      return response.data;
+    } catch (err) {
+      Helpers__NS__error(
+        `Remote server: ${vpnServerTarget.hostname} may be inactive...`,
+        true,
+        true
+      );
+      return [];
+    }
+  }
+  //#endregion
+  //#region private methods / create certificate
+  createCertificateIfNotExists() {
+    if (!Helpers__NS__exists(this.serveKeyPath) || !Helpers__NS__exists(this.serveCertPath)) {
+      Helpers__NS__info(
+        `[vpn-split] Generating new self-signed certificate for localhost...`
+      );
+      const commandGen = UtilsOs__NS__isRunningInWindowsPowerShell() ? `powershell -Command "& 'C:\\Program Files\\Git\\usr\\bin\\openssl.exe' req -nodes -new -x509 -keyout ${this.serveKeyName} -out ${this.serveCertName}"` : `openssl req -nodes -new -x509 -keyout ${this.serveKeyName} -out ${this.serveCertName}`;
+      Helpers__NS__run(commandGen, { cwd: this.cwd, output: true }).sync();
+    }
+  }
+  //#endregion
+  //#region private methods / TCP & HTTPS passthrough
+  getTarget({
+    req,
+    res,
+    port,
+    hostname
+  }) {
+    return `${req.protocol}://${hostname}:${port}`;
+  }
+  getProxyConfig({
+    req,
+    res,
+    port,
+    hostname,
+    isHttps
+  }) {
+    const serverPassthrough = !!hostname;
+    const target = this.getTarget({
+      req,
+      res,
+      port,
+      hostname: serverPassthrough ? hostname : req.hostname
+    });
+    return isHttps ? {
+      target,
+      ssl: {
+        key: fse.readFileSync(this.serveKeyPath),
+        cert: fse.readFileSync(this.serveCertPath)
+      },
+      // agent: new https.Agent({
+      //   secureOptions: crypto.constants.SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION,
+      // }),
+      // changeOrigin: true,
+      secure: true
+    } : { target };
+  }
+  getNotFoundMsg(req, res, port, type) {
+    return `[vpn-split] You are requesting a URL that is not in proxy reach [${type}]
+Protocol: ${req.protocol}
+Hostname: ${req.hostname}
+OriginalUrl: ${req.originalUrl}
+Req.method: ${req.method}
+Port: ${port}
+SERVERS_PATH: ${SERVERS_PATH}`;
+  }
+  getMaybeChangeOriginTrueMsg(req, res, port, type) {
+    return `[vpn-split] Possibly need changeOrigin: true in your proxy config
+Protocol: ${req.protocol}
+Hostname: ${req.hostname}
+OriginalUrl: ${req.originalUrl}
+Req.method: ${req.method}
+Port: ${port}`;
+  }
+  filterHeaders(req, res) {
+    const headersToRemove = [
+      // 'Strict-Transport-Security',
+      // 'Content-Security-Policy',
+      // ...
+    ];
+    headersToRemove.forEach((headerName) => {
+      delete req.headers[headerName];
+      res.setHeader(headerName, "");
+    });
+  }
+  isHttpsPort(port) {
+    return [443, 4443, 9443].includes(port);
+  }
+  //#region server passthrough (TCP/HTTPS)
+  async serverPassthrough(portToPassthrough) {
+    const isHttps = this.isHttpsPort(portToPassthrough);
+    process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";
+    const app = express();
+    const proxy = httpProxy.createProxyServer({});
+    const localIp = await UtilsNetwork__NS__getLocalIpAddresses();
+    const currentLocalIps = [
+      CoreModels__NS__localhostDomain,
+      CoreModels__NS__localhostIp127,
+      ...localIp.map((a) => a.address)
+    ];
+    app.use(
+      (req, res, next) => {
+        this.filterHeaders(req, res);
+        if (currentLocalIps.includes(req.hostname)) {
+          if (req.method === "GET" && req.originalUrl === SERVERS_PATH) {
+            res.send(
+              JSON.stringify(
+                this.hostsArrWithoutDefault.map((h) => ({
+                  ip: h.ip,
+                  alias: HelpersTaon__NS__arrays__NS__from(h.aliases).join(" ")
+                }))
+              )
+            );
+          } else {
+            const msg = this.getNotFoundMsg(
+              req,
+              res,
+              portToPassthrough,
+              "server"
+            );
+            log.d(msg);
+            res.send(msg);
+          }
+          next();
+        } else {
+          proxy.web(
+            req,
+            res,
+            this.getProxyConfig({ req, res, port: portToPassthrough, isHttps }),
+            next
+          );
+        }
+      }
+    );
+    const server = isHttps ? https.createServer(
+      {
+        key: fse.readFileSync(this.serveKeyPath),
+        cert: fse.readFileSync(this.serveCertPath)
+      },
+      app
+    ) : http.createServer(app);
+    await Helpers__NS__killProcessByPort(portToPassthrough, { silent: true });
+    await new Promise((resolve, reject) => {
+      server.listen(portToPassthrough, () => {
+        console.log(
+          `TCP/HTTPS server listening on port ${portToPassthrough} (secure=${isHttps})`
+        );
+        resolve();
+      });
+    });
+  }
+  //#endregion
+  //#region client passthrough (TCP/HTTPS)
+  async clientPassthrough(portToPassthrough, vpnServerTargets, hostsArr) {
+    const aliasToOriginHostname = {};
+    for (const h of hostsArr) {
+      for (const alias of h.aliases) {
+        aliasToOriginHostname[alias] = h.originHostname;
+      }
+    }
+    delete aliasToOriginHostname["localhost"];
+    delete aliasToOriginHostname["broadcasthost"];
+    const originToUrlMap = {};
+    for (const url of vpnServerTargets) {
+      originToUrlMap[url.hostname] = url;
+    }
+    const isHttps = this.isHttpsPort(portToPassthrough);
+    process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";
+    const app = express();
+    const proxy = httpProxy.createProxyServer({});
+    app.use(
+      (req, res, next) => {
+        this.filterHeaders(req, res);
+        const originHostname = aliasToOriginHostname[req.hostname];
+        if (!originHostname) {
+          const msg = this.getMaybeChangeOriginTrueMsg(
+            req,
+            res,
+            portToPassthrough,
+            "client"
+          );
+          res.send(msg);
+          next();
+          return;
+        }
+        const targetUrlObj = originToUrlMap[originHostname];
+        if (!targetUrlObj) {
+          const notFoundMsg = this.getNotFoundMsg(
+            req,
+            res,
+            portToPassthrough,
+            "client"
+          );
+          res.send(notFoundMsg);
+          next();
+          return;
+        }
+        proxy.web(
+          req,
+          res,
+          this.getProxyConfig({
+            req,
+            res,
+            port: portToPassthrough,
+            isHttps,
+            hostname: targetUrlObj.hostname
+          }),
+          next
+        );
+      }
+    );
+    const server = isHttps ? https.createServer(
+      {
+        key: fse.readFileSync(this.serveKeyPath),
+        cert: fse.readFileSync(this.serveCertPath)
+      },
+      app
+    ) : http.createServer(app);
+    await Helpers__NS__killProcessByPort(portToPassthrough, { silent: true });
+    await new Promise((resolve, reject) => {
+      server.listen(portToPassthrough, () => {
+        log.i(
+          `TCP/HTTPS client listening on port ${portToPassthrough} (secure=${isHttps})`
+        );
+        resolve();
+      });
+    });
+  }
+  //#endregion
+  //#region UDP passthrough
+  /**
+   * Start a UDP socket for “server” mode on a given port.
+   * This example forwards inbound messages right back to the sender,
+   * or you can forward them to an external IP:port if desired.
+   */
+  async serverUdpPassthrough(port) {
+    return;
+    const socket = dgram.createSocket("udp4");
+    socket.on("message", (msg, rinfo) => {
+      socket.send(msg, 0, msg.length, rinfo.port, rinfo.address, (err) => {
+        if (err) {
+          log.er(`UDP server send error: ${err}`);
+        }
+      });
+    });
+    socket.on("listening", () => {
+      const address = socket.address();
+      log.i(`UDP server listening at ${address.address}:${address.port}`);
+    });
+    socket.bind(port);
+  }
+  /**
+   * Start a UDP socket for “client” mode on a given port.
+   * This example also just does a trivial pass-through or echo,
+   * but you can adapt to forward to a remote server.
+   */
+  async clientUdpPassthrough(port, vpnServerTargets, hostsArr) {
+    return;
+    const socket = dgram.createSocket("udp4");
+    const primaryTarget = vpnServerTargets[0];
+    const targetHost = primaryTarget.hostname;
+    const targetPort = port;
+    const clientMap = /* @__PURE__ */ new Map();
+    socket.on("message", (msg, rinfo) => {
+      const isFromLocal = !___NS__includes(
+        hostsArr.map((h) => h.ipOrDomain),
+        rinfo.address
+      );
+      if (isFromLocal) {
+        const key = `local-${rinfo.address}:${rinfo.port}`;
+        clientMap.set(key, rinfo);
+        socket.send(msg, 0, msg.length, targetPort, targetHost, (err) => {
+          if (err) {
+            log.er(`UDP client forward error: ${err}`);
+          }
+        });
+      } else {
+        clientMap.forEach((localRinfo, key) => {
+          socket.send(
+            msg,
+            0,
+            msg.length,
+            localRinfo.port,
+            localRinfo.address,
+            (err) => {
+              if (err) {
+                log.er(`UDP client re-send error: ${err}`);
+              }
+            }
+          );
+        });
+      }
+    });
+    socket.on("listening", () => {
+      const address = socket.address();
+      log.i(
+        `UDP client listening at ${address.address}:${address.port}, forwarding to ${targetHost}:${targetPort}`
+      );
+    });
+    socket.bind(port);
+  }
+  //#endregion
+  //#region private methods / get port from request
+  getPortFromRequest(req) {
+    const host = req.headers.host;
+    const protocol = req.protocol;
+    if (host) {
+      const hostParts = host.split(":");
+      if (hostParts.length === 2) {
+        return Number(hostParts[1]);
+      } else {
+        return protocol === "https" ? 443 : 80;
+      }
+    }
+    return 80;
+  }
+  //#endregion
+  // Put this method in your VpnSplit class (or outside as a static helper)
+  ensureMkcertCertificate(domains) {
+    if (!UtilsOs__NS__commandExistsSync("mkcert")) {
+      Helpers__NS__error("[vpn-split] mkcert is not installed.", false, true);
+    }
+    const certPath = this.serveCertPath;
+    const keyPath = this.serveKeyPath;
+    const allNames = [
+      "localhost",
+      "127.0.0.1",
+      // '::1',
+      // optional: common local networks so the cert also works for raw IP access
+      // '10.0.0.0/8',
+      // '172.16.0.0/12',
+      // '192.168.0.0/16',
+      ...domains
+      // <-- your 120+ domains here
+    ];
+    const runMkcert = (args) => {
+      try {
+        return execSync(`mkcert ${args}`, { stdio: "pipe" }).toString().trim();
+      } catch (err) {
+        const stderr = err.stderr?.toString() || "";
+        if (stderr.includes("command not found")) {
+          Helpers__NS__error(
+            "[vpn-split] mkcert is not installed. Install it first: https://github.com/FiloSottile/mkcert",
+            false,
+            true
+          );
+        }
+        throw err;
+      }
+    };
+    let caInstalled = false;
+    try {
+      const output = runMkcert("-CAROOT");
+      const rootDir = crossPlatformPath(output.trim());
+      if (rootDir && fse.pathExistsSync(crossPlatformPath([rootDir, "rootCA.pem"]))) {
+        Helpers__NS__info("[vpn-split] mkcert local CA is already installed");
+        caInstalled = true;
+      } else {
+        Helpers__NS__info("[vpn-split] mkcert local CA is NOT installed");
+      }
+    } catch {
+      Helpers__NS__info("[vpn-split] mkcert error checking local CA installation");
+    }
+    if (!caInstalled) {
+      Helpers__NS__info(
+        "[vpn-split] Installing mkcert local CA (requires sudo once)..."
+      );
+      try {
+        execSync("mkcert -install", { stdio: "inherit" });
+        Helpers__NS__info("[vpn-split] Local CA installed and trusted system-wide");
+      } catch (err) {
+        Helpers__NS__error(
+          '[vpn-split] Failed to run "mkcert -install". Run it manually with sudo.',
+          false,
+          true
+        );
+      }
+    }
+    const isWindows = process.platform === "win32";
+    let tempCertFiles = [];
+    let tempKeyFiles = [];
+    if (allNames.length <= 20 || !isWindows) {
+      const namesArg = allNames.map((d) => `"${d}"`).join(" ");
+      const mkcertCmd = `-key-file "${keyPath}" -cert-file "${certPath}" ${namesArg}`;
+      fse.ensureDirSync(path.dirname(certPath));
+      runMkcert(mkcertCmd);
+    } else {
+      const chunkSize = 20;
+      fse.ensureDirSync(path.dirname(certPath));
+      for (let i = 0; i < allNames.length; i += chunkSize) {
+        const chunk = allNames.slice(i, i + chunkSize);
+        const tempCert = `${certPath}.${i}.pem`;
+        const tempKey = `${keyPath}.${i}.pem`;
+        const namesArg = chunk.map((d) => `"${d}"`).join(" ");
+        const mkcertCmd = `-key-file "${tempKey}" -cert-file "${tempCert}" ${namesArg}`;
+        Helpers__NS__info(
+          `[vpn-split] Generating batch ${Math.floor(i / chunkSize) + 1}/${Math.ceil(allNames.length / chunkSize)}...`
+        );
+        runMkcert(mkcertCmd);
+        tempCertFiles.push(tempCert);
+        tempKeyFiles.push(tempKey);
+      }
+      Helpers__NS__info("[vpn-split] Merging batches into final cert...");
+      const firstKey = tempKeyFiles[0];
+      fse.copySync(firstKey, keyPath);
+      const mergedCertContent = tempCertFiles.map((f) => fse.readFileSync(f, "utf8")).join("\n");
+      fse.writeFileSync(certPath, mergedCertContent);
+      tempCertFiles.forEach((f) => fse.removeSync(f));
+      tempKeyFiles.slice(1).forEach((f) => fse.removeSync(f));
+      Helpers__NS__info("[vpn-split] Merged cert ready!");
+    }
+    if (!fse.existsSync(certPath) || !fse.existsSync(keyPath)) {
+      Helpers__NS__error("[vpn-split] Files missing after generation!", false, true);
+    } else {
+      Helpers__NS__info(
+        `[vpn-split] Trusted cert ready: ${allNames.length} hostnames covered`
+      );
+    }
+  }
+  //#region private methods / prevent bad target for client
+  async preventBadTargetForClient(vpnServerTarget) {
+    if (!vpnServerTarget) {
+      const currentLocalIp = await UtilsNetwork__NS__getFirstIpV4LocalActiveIpAddress();
+      Helpers__NS__error(
+        `[vpn-server] Please provide a correct target server.
+Example:
+vpn-server ${currentLocalIp}
+
+Your local IP is: ${currentLocalIp}`,
+        false,
+        true
+      );
+    }
+  }
+  //#endregion
+}
+const genMsg = `
+################################################
+## This file is generated #####################
+################################################
+`.trim() + EOL;
+function saveHosts(hosts, options) {
+  const { saveHostInUserFolder } = options || {};
+  if (___NS__isArray(hosts)) {
+    hosts = hosts.reduce((prev, curr) => {
+      return ___NS__merge(prev, {
+        [curr.name]: curr
+      });
+    }, {});
+  }
+  const toSave = parseHost(hosts, !!saveHostInUserFolder);
+  if (saveHostInUserFolder) {
+    Helpers__NS__writeFile(HOST_FILE_PATHUSER, toSave);
+  } else {
+    Helpers__NS__writeFile(HOST_FILE_PATH, toSave);
+  }
+}
+function saveHostsLocal(hosts, options) {
+  const { saveHostInUserFolder } = options || {};
+  if (___NS__isArray(hosts)) {
+    hosts = hosts.reduce((prev, curr) => {
+      return ___NS__merge(prev, {
+        [curr.name]: curr
+      });
+    }, {});
+  }
+  const toSave = parseHost(hosts, !!saveHostInUserFolder, true);
+  if (saveHostInUserFolder) {
+    Helpers__NS__writeFile(HOST_FILE_PATHUSER, toSave);
+  } else {
+    Helpers__NS__writeFile(HOST_FILE_PATH, toSave);
+  }
+}
+function parseHost(hosts, saveHostInUserFolder, useLocal = false) {
+  hosts = {
+    ...DefaultEtcHosts,
+    ...hosts
+  };
+  ___NS__keys(hosts).forEach((hostName) => {
+    const v = hosts[hostName];
+    v.name = hostName;
+  });
+  return genMsg + EOL + ___NS__keys(hosts).map((hostName) => {
+    const v = hosts[hostName];
+    if (v.skipUpdateOfServerEtcHosts) {
+      console.warn(
+        `[vpn-split] Skip saving host: ${v.name} (${v.ipOrDomain})`
+      );
+      return `# SKIPPING HOST ${v.ipOrDomain} ${v.aliases.join(" ")} ${GENERATED}`;
+    }
+    const aliasesStr = v.aliases.join(" ");
+    if (saveHostInUserFolder) {
+      return useLocal ? `127.0.0.1 ${aliasesStr}` : `${v.disabled ? "#" : ""}${v.ipOrDomain} ${aliasesStr}`;
+    }
+    return useLocal ? `127.0.0.1 ${aliasesStr}` : `${v.disabled ? "#" : ""}${v.ipOrDomain} ${aliasesStr} # ${v.name} ${GENERATED}`;
+  }).join(EOL) + EOL + EOL + genMsg;
+}
+export {
+  VpnSplit
+};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "vpn-split",
-  "version": "21.0.18",
+  "version": "21.0.19",
   "scripts": {
     "taon init": "taon init",
     "taon start": "taon start",

package/websql/package.json

@@ -1,6 +1,6 @@
 {
   "name": "vpn-split/websql",
-  "version": "21.0.18",
+  "version": "21.0.19",
   "peerDependencies": {
     "@angular/common": "^21.0.0",
     "@angular/core": "^21.0.0"