update man and readme

config.json

@@ -1,13 +1,13 @@
 {
     "port": 12345,
-    "program_noproxy": ["/usr/lib/v2ray/v2ray", "/usr/bin/qv2ray"],
+    "program_noproxy": ["v2ray", "qv2ray"],
     "program_proxy": [],
     "cgroup_noproxy": ["/system.slice/v2ray.service"],
     "cgroup_proxy": [],
     "enable_gateway": false,
     "enable_dns": true,
-    "enable_ipv4": true,
-    "enable_ipv6": true,
+    "enable_udp": true,
     "enable_tcp": true,
-    "enable_udp": true
+    "enable_ipv4": true,
+    "enable_ipv6": true
 }

man/cgnoproxy.1

@@ -3,11 +3,13 @@
 .SH NAME
 cgnoproxy \- Run program without proxy
 .SH SYNOPSIS
-cgnoproxy [--help] [--debug] <CMD>
+cgnoproxy --help
+cgnoproxy [--debug] <CMD>
+cgnoproxy [--debug] --pid <PID>
 .SH ALIAS
 cgnoproxy = cgproxy --noproxy
 .SH DESCRIPTION
-cgnoproxy send current running process pid to cgproxyd through unix socket, then pid is attached to non-proxied cgroup 
+cgnoproxy send current running process pid or specified pid to cgproxyd through unix socket, then pid is attached to non-proxied cgroup 
 .SH EXAMPLES
 cgnoproxy sudo v2ray -config config_file
 .SH SEE ALSO

man/cgproxy.1

@@ -3,9 +3,11 @@
 .SH NAME
 cgproxy \- Run program with proxy
 .SH SYNOPSIS
-cgproxy [--help] [--debug] <CMD>
+cgproxy --help
+cgproxy [--debug] <CMD>
+cgproxy [--debug] --pid <PID>
 .SH DESCRIPTION
-cgproxy send current running process pid to cgproxyd through unix socket, then pid is attached to proxied cgroup 
+cgproxy send current running process pid or specified pid to cgproxyd through unix socket, then pid is attached to proxied cgroup 
 .SH EXAMPLES
 cgproxy curl -vI https://www.google.com
 .SH SEE ALSO

man/cgproxyd.1

@@ -3,20 +3,38 @@
 .SH NAME
 cgproxyd \- Start a daemon with unix socket to accept control from cgproxy/cgnoproxy
 .SH SYNOPSIS
-cgproxyd [--help] [--debug]
+cgproxyd [--help] [--debug] [--execsnoop]
 .SH ALIAS
 cgproxyd = cgproxy --daemon
+.SH OPTIONS
+.B  --execsnoop
+.br
+enable execsnoop to support program level proxy, need python-bcc installed to actually work
 .SH CONFIGURATION
 .I /etc/cgproxy/config.json
 .br
 .B port 
 tproxy listenning port
 .br
+program level proxy controll, need `python-bcc` installed to work:
+.br
+.RS
+.B program_proxy
+program need to be proxied
+.br
+.B program_noproxy
+program that won't be proxied
+.RE
+.br
+cgroup level proxy control:
+.br
+.RS
 .B cgroup_noproxy
 cgroup array that no need to proxy, /noproxy.slice is preserved.
 .br
 .B cgroup_proxy
 cgroup array that need to proxy, /proxy.slice is preserved.
+.RE
 .br
 .B enable_gateway
 enable gateway proxy for local devices.
@@ -24,7 +42,14 @@ enable gateway proxy for local devices.
 .B enable_dns
 enable dns to go to proxy.
 .br
-.B enable_tcp enable_udp enable_ipv4 enable_ipv6
+.B enable_tcp
+.br
+.B enable_udp
+.br
+.B enable_ipv4 
+.br
+.B enable_ipv6
+.br
 .SH SEE ALSO
 cgproxyd(1), cgproxy(1), cgnoproxy(1)
 

readme.md

@@ -87,28 +87,51 @@ Config file: **/etc/cgproxy/config.json**
 
 ```json
 {
+    "port": 12345,
+    "program_noproxy": ["v2ray", "qv2ray"],
+    "program_proxy": [ ],
     "cgroup_noproxy": ["/system.slice/v2ray.service"],
-    "cgroup_proxy": [],
-    "enable_dns": true,
+    "cgroup_proxy": [ ],
     "enable_gateway": false,
-    "enable_ipv4": true,
-    "enable_ipv6": true,
-    "enable_tcp": true,
+    "enable_dns": true,
     "enable_udp": true,
-    "port": 12345
+    "enable_tcp": true,
+    "enable_ipv4": true,
+    "enable_ipv6": true
 }
 ```
 
 - **port** tproxy listenning port
-- **cgroup_noproxy** cgroup array that no need to proxy, `/noproxy.slice` is preserved
-- **cgroup_proxy** cgroup array that need to proxy, `/proxy.slice` is preserved
+
+- program level proxy controll, need `python-bcc` installed to work
+
+  - **program_proxy**  program need to be proxied
+  - **program_noproxy** program that won't be proxied
+
+- cgroup level proxy control:
+
+  - **cgroup_noproxy** cgroup array that no need to proxy, `/noproxy.slice` is preserved
+  - **cgroup_proxy** cgroup array that need to proxy, `/proxy.slice` is preserved
+
 - **enable_gateway** enable gateway proxy for local devices
+
 - **enable_dns** enable dns to go to proxy
+
 - **enable_tcp**
+
 - **enable_udp**
+
 - **enable_ipv4**
+
 - **enable_ipv6**
 
+- options priority
+
+  ```
+  program_noproxy > program_proxy > cgroup_noproxy > cgroup_proxy
+  enable_ipv6 > enable_ipv4 > enable_tcp > enable_udp > enable_dns
+  ```
+
 **Note**: cgroup in configuration need to be exist, otherwise ignored
 
 If you changed config, remember to restart service
@@ -146,7 +169,8 @@ sudo systemctl restart cgproxy.service
 - `cgnoproxy` run program wihout proxy, very useful in global transparent proxy
 
   ```bash
-  cgnoproxy [--debug] <CMD> 
+  cgnoproxy [--debug] <CMD>
+  cgnoproxy [--debug] --pid <PID>
   ```
   
 - `cgattach` attach specific process pid to specific cgroup which will create if not exist , cgroup can be only one level down exist cgroup, otherwise created fail. 
@@ -158,6 +182,8 @@ sudo systemctl restart cgproxy.service
   # example
   cgattch 9999 /proxy.slice
   ```
+  
+- For more detail command usage, see `man cgproxyd`  `man cgproxy`  `man cgnoproxy` 
 
 ## NOTES