ipset integration
This commit is contained in:
parent
3058a14f56
commit
3fd43f0d18
@ -9,7 +9,7 @@ Realized features:
|
|||||||
- [x] IPTables rules to remap DNS server [1]
|
- [x] IPTables rules to remap DNS server [1]
|
||||||
- [ ] Rule composer
|
- [ ] Rule composer
|
||||||
- [ ] List loading/watching (temporary)
|
- [ ] List loading/watching (temporary)
|
||||||
- [ ] IPSet integration
|
- [X] IPSet integration
|
||||||
- [ ] Listing of interfaces
|
- [ ] Listing of interfaces
|
||||||
- [ ] IPTables rules to IPSet [2]
|
- [ ] IPTables rules to IPSet [2]
|
||||||
- [ ] It is not a concept now... REFACTORING TIME!!!
|
- [ ] It is not a concept now... REFACTORING TIME!!!
|
||||||
|
1
go.mod
1
go.mod
@ -5,4 +5,5 @@ go 1.21
|
|||||||
require (
|
require (
|
||||||
github.com/IGLOU-EU/go-wildcard/v2 v2.0.2
|
github.com/IGLOU-EU/go-wildcard/v2 v2.0.2
|
||||||
github.com/coreos/go-iptables v0.7.0
|
github.com/coreos/go-iptables v0.7.0
|
||||||
|
github.com/nadoo/ipset v0.5.0
|
||||||
)
|
)
|
||||||
|
16
group.go
16
group.go
@ -3,6 +3,7 @@ package main
|
|||||||
import (
|
import (
|
||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"github.com/nadoo/ipset"
|
||||||
"strconv"
|
"strconv"
|
||||||
|
|
||||||
"kvas2-go/models"
|
"kvas2-go/models"
|
||||||
@ -17,6 +18,7 @@ type GroupOptions struct {
|
|||||||
|
|
||||||
type Group struct {
|
type Group struct {
|
||||||
*models.Group
|
*models.Group
|
||||||
|
ipsetName string
|
||||||
options GroupOptions
|
options GroupOptions
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -45,6 +47,15 @@ func (g *Group) Enable() error {
|
|||||||
return errors.New(string(out))
|
return errors.New(string(out))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
err = ipset.Destroy(g.ipsetName)
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("failed to destroy ipset: %w", err)
|
||||||
|
}
|
||||||
|
err = ipset.Create(g.ipsetName)
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("failed to create ipset: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
g.options.Enabled = true
|
g.options.Enabled = true
|
||||||
g.options.FWMark = fwmark
|
g.options.FWMark = fwmark
|
||||||
g.options.Table = table
|
g.options.Table = table
|
||||||
@ -67,6 +78,11 @@ func (g *Group) Disable() error {
|
|||||||
return errors.New(string(out))
|
return errors.New(string(out))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
err = ipset.Destroy(g.ipsetName)
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("failed to destroy ipset: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
g.options.Enabled = false
|
g.options.Enabled = false
|
||||||
g.options.FWMark = 0
|
g.options.FWMark = 0
|
||||||
g.options.Table = 0
|
g.options.Table = 0
|
||||||
|
8
kvas2.go
8
kvas2.go
@ -10,6 +10,8 @@ import (
|
|||||||
"kvas2-go/models"
|
"kvas2-go/models"
|
||||||
"kvas2-go/pkg/dns-proxy"
|
"kvas2-go/pkg/dns-proxy"
|
||||||
"kvas2-go/pkg/iptables-helper"
|
"kvas2-go/pkg/iptables-helper"
|
||||||
|
|
||||||
|
"github.com/nadoo/ipset"
|
||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
@ -20,6 +22,7 @@ var (
|
|||||||
type Config struct {
|
type Config struct {
|
||||||
MinimalTTL time.Duration
|
MinimalTTL time.Duration
|
||||||
ChainPostfix string
|
ChainPostfix string
|
||||||
|
IpSetPostfix string
|
||||||
TargetDNSServerAddress string
|
TargetDNSServerAddress string
|
||||||
ListenPort uint16
|
ListenPort uint16
|
||||||
}
|
}
|
||||||
@ -114,6 +117,7 @@ func (a *App) AppendGroup(group *models.Group) error {
|
|||||||
|
|
||||||
a.Groups[group.ID] = &Group{
|
a.Groups[group.ID] = &Group{
|
||||||
Group: group,
|
Group: group,
|
||||||
|
ipsetName: fmt.Sprintf("%s%d", a.Config.IpSetPostfix, group.ID),
|
||||||
}
|
}
|
||||||
|
|
||||||
if a.isRunning {
|
if a.isRunning {
|
||||||
@ -183,6 +187,10 @@ func (a *App) handleMessage(msg *dnsProxy.Message) {
|
|||||||
func New(config Config) (*App, error) {
|
func New(config Config) (*App, error) {
|
||||||
var err error
|
var err error
|
||||||
|
|
||||||
|
if err = ipset.Init(); err != nil {
|
||||||
|
return nil, fmt.Errorf("failed to initialize ipset: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
app := &App{}
|
app := &App{}
|
||||||
|
|
||||||
app.Config = config
|
app.Config = config
|
||||||
|
1
main.go
1
main.go
@ -14,6 +14,7 @@ func main() {
|
|||||||
app, err := New(Config{
|
app, err := New(Config{
|
||||||
MinimalTTL: time.Hour,
|
MinimalTTL: time.Hour,
|
||||||
ChainPostfix: "KVAS2_",
|
ChainPostfix: "KVAS2_",
|
||||||
|
IpSetPostfix: "kvas2_",
|
||||||
TargetDNSServerAddress: "127.0.0.1:53",
|
TargetDNSServerAddress: "127.0.0.1:53",
|
||||||
ListenPort: 7548,
|
ListenPort: 7548,
|
||||||
})
|
})
|
||||||
|
Loading…
x
Reference in New Issue
Block a user