fix: fake ips should not be passed to ACL rules (#2029)

ACL rules are likely not written for fake IPs.

One of the major selling point of using the `fake-dns` feature is to be
able to make use of ACL rules that are based on domain names instead of
purely IP addresses. Passing fake IPs to ACL nullifies this benefit,
which is likely not expected from users.

Closes #2028

Author: shadowsocks69420

crates/shadowsocks-service/src/local/net/tcp/auto_proxy_stream.rs

@@ -8,6 +8,7 @@ use std::{
     task::{self, Poll},
 };
 
+use log::trace;
 use pin_project::pin_project;
 use shadowsocks::{
     net::{ConnectOpts, TcpStream},
@@ -49,10 +50,17 @@ impl AutoProxyClientStream {
     where
         A: Into<Address>,
     {
-        let addr = addr.into();
+        #[cfg_attr(not(feature = "local-fake-dns"), allow(unused_mut))]
+        let mut addr = addr.into();
+        #[cfg(feature = "local-fake-dns")]
+        if let Some(mapped_addr) = context.try_map_fake_address(&addr).await {
+            addr = mapped_addr;
+        }
         if context.check_target_bypassed(&addr).await {
+            trace!("Bypassing target address {addr}");
             Self::connect_bypassed_with_opts(context, addr, opts).await
         } else {
+            trace!("Proxying target address {addr}");
             Self::connect_proxied_with_opts(context, server, addr, opts).await
         }
     }