ipset integration
This commit is contained in:
parent
3058a14f56
commit
3fd43f0d18
@ -9,7 +9,7 @@ Realized features:
|
||||
- [x] IPTables rules to remap DNS server [1]
|
||||
- [ ] Rule composer
|
||||
- [ ] List loading/watching (temporary)
|
||||
- [ ] IPSet integration
|
||||
- [X] IPSet integration
|
||||
- [ ] Listing of interfaces
|
||||
- [ ] IPTables rules to IPSet [2]
|
||||
- [ ] It is not a concept now... REFACTORING TIME!!!
|
||||
|
||||
1
go.mod
1
go.mod
@ -5,4 +5,5 @@ go 1.21
|
||||
require (
|
||||
github.com/IGLOU-EU/go-wildcard/v2 v2.0.2
|
||||
github.com/coreos/go-iptables v0.7.0
|
||||
github.com/nadoo/ipset v0.5.0
|
||||
)
|
||||
|
||||
18
group.go
18
group.go
@ -3,6 +3,7 @@ package main
|
||||
import (
|
||||
"errors"
|
||||
"fmt"
|
||||
"github.com/nadoo/ipset"
|
||||
"strconv"
|
||||
|
||||
"kvas2-go/models"
|
||||
@ -17,7 +18,8 @@ type GroupOptions struct {
|
||||
|
||||
type Group struct {
|
||||
*models.Group
|
||||
options GroupOptions
|
||||
ipsetName string
|
||||
options GroupOptions
|
||||
}
|
||||
|
||||
func (g *Group) Enable() error {
|
||||
@ -45,6 +47,15 @@ func (g *Group) Enable() error {
|
||||
return errors.New(string(out))
|
||||
}
|
||||
|
||||
err = ipset.Destroy(g.ipsetName)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to destroy ipset: %w", err)
|
||||
}
|
||||
err = ipset.Create(g.ipsetName)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to create ipset: %w", err)
|
||||
}
|
||||
|
||||
g.options.Enabled = true
|
||||
g.options.FWMark = fwmark
|
||||
g.options.Table = table
|
||||
@ -67,6 +78,11 @@ func (g *Group) Disable() error {
|
||||
return errors.New(string(out))
|
||||
}
|
||||
|
||||
err = ipset.Destroy(g.ipsetName)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to destroy ipset: %w", err)
|
||||
}
|
||||
|
||||
g.options.Enabled = false
|
||||
g.options.FWMark = 0
|
||||
g.options.Table = 0
|
||||
|
||||
10
kvas2.go
10
kvas2.go
@ -10,6 +10,8 @@ import (
|
||||
"kvas2-go/models"
|
||||
"kvas2-go/pkg/dns-proxy"
|
||||
"kvas2-go/pkg/iptables-helper"
|
||||
|
||||
"github.com/nadoo/ipset"
|
||||
)
|
||||
|
||||
var (
|
||||
@ -20,6 +22,7 @@ var (
|
||||
type Config struct {
|
||||
MinimalTTL time.Duration
|
||||
ChainPostfix string
|
||||
IpSetPostfix string
|
||||
TargetDNSServerAddress string
|
||||
ListenPort uint16
|
||||
}
|
||||
@ -113,7 +116,8 @@ func (a *App) AppendGroup(group *models.Group) error {
|
||||
}
|
||||
|
||||
a.Groups[group.ID] = &Group{
|
||||
Group: group,
|
||||
Group: group,
|
||||
ipsetName: fmt.Sprintf("%s%d", a.Config.IpSetPostfix, group.ID),
|
||||
}
|
||||
|
||||
if a.isRunning {
|
||||
@ -183,6 +187,10 @@ func (a *App) handleMessage(msg *dnsProxy.Message) {
|
||||
func New(config Config) (*App, error) {
|
||||
var err error
|
||||
|
||||
if err = ipset.Init(); err != nil {
|
||||
return nil, fmt.Errorf("failed to initialize ipset: %w", err)
|
||||
}
|
||||
|
||||
app := &App{}
|
||||
|
||||
app.Config = config
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user