ipv6 todo and short names

README.md

@@ -22,3 +22,4 @@ Realized features:
 - [ ] It is not a concept now... REFACTORING TIME!!!
 - [ ] (Keenetic) Getting readable names of interfaces from Keenetic NDMS
 - [ ] HTTP Auth
+- [ ] IPv6 support

kvas2.go

@@ -35,12 +35,12 @@ type App struct {
 	Config Config
 
 	DNSProxy         *dnsProxy.DNSProxy
-	NetfilterHelper *netfilterHelper.NetfilterHelper
+	NetfilterHelper4 *netfilterHelper.NetfilterHelper
 	Records          *Records
 	Groups           map[int]*Group
 
 	isRunning     bool
-	dnsOverrider *netfilterHelper.PortRemap
+	dnsOverrider4 *netfilterHelper.PortRemap
 }
 
 func (a *App) Listen(ctx context.Context) []error {
@@ -83,8 +83,8 @@ func (a *App) Listen(ctx context.Context) []error {
 	newCtx, cancel := context.WithCancel(ctx)
 	defer cancel()
 
-	a.dnsOverrider = a.NetfilterHelper.PortRemap(fmt.Sprintf("%sDNSOVERRIDER", a.Config.ChainPostfix), 53, a.Config.ListenPort)
-	err := a.dnsOverrider.Enable()
+	a.dnsOverrider4 = a.NetfilterHelper4.PortRemap(fmt.Sprintf("%sDNSOR", a.Config.ChainPostfix), 53, a.Config.ListenPort)
+	err := a.dnsOverrider4.Enable()
 
 	for _, group := range a.Groups {
 		err = group.Enable()
@@ -134,8 +134,8 @@ func (a *App) Listen(ctx context.Context) []error {
 				args := strings.Split(string(buf[:n]), ":")
 				if len(args) == 3 && args[0] == "netfilter.d" {
 					log.Debug().Str("table", args[2]).Msg("netfilter.d event")
-					if a.dnsOverrider.Enabled {
-						err := a.dnsOverrider.PutIPTable(args[2])
+					if a.dnsOverrider4.Enabled {
+						err := a.dnsOverrider4.PutIPTable(args[2])
 						if err != nil {
 							log.Error().Err(err).Msg("error while fixing iptables after netfilter.d")
 						}
@@ -197,7 +197,7 @@ Loop:
 
 	close(done)
 
-	errs2 := a.dnsOverrider.Disable()
+	errs2 := a.dnsOverrider4.Disable()
 	if errs2 != nil {
 		handleErrors(errs2)
 	}
@@ -302,11 +302,11 @@ func New(config Config) (*App, error) {
 
 	app.Records = NewRecords()
 
-	nh, err := netfilterHelper.New()
+	nh4, err := netfilterHelper.New(false)
 	if err != nil {
 		return nil, fmt.Errorf("netfilter helper init fail: %w", err)
 	}
-	app.NetfilterHelper = nh
+	app.NetfilterHelper4 = nh4
 
 	app.Groups = make(map[int]*Group)
 

netfilter-helper/interface-to-ipset.go

@@ -63,7 +63,7 @@ func (r *IfaceToIPSet) PutIPTable(table string) error {
 		}
 	} else {
 		if table == "all" || table == "mangle" {
-			preroutingChainName := fmt.Sprintf("%s_PREROUTING", r.ChainName)
+			preroutingChainName := fmt.Sprintf("%s_PRR", r.ChainName)
 
 			err = r.IPTables.ClearChain("mangle", preroutingChainName)
 			if err != nil {
@@ -83,7 +83,7 @@ func (r *IfaceToIPSet) PutIPTable(table string) error {
 	}
 
 	if table == "all" || table == "nat" {
-		postroutingChainName := fmt.Sprintf("%s_POSTROUTING", r.ChainName)
+		postroutingChainName := fmt.Sprintf("%s_POR", r.ChainName)
 
 		err = r.IPTables.ClearChain("nat", postroutingChainName)
 		if err != nil {
@@ -221,7 +221,7 @@ func (r *IfaceToIPSet) Disable() []error {
 			errs = append(errs, fmt.Errorf("failed to delete chain: %w", err))
 		}
 	} else {
-		preroutingChainName := fmt.Sprintf("%s_PREROUTING", r.ChainName)
+		preroutingChainName := fmt.Sprintf("%s_PRR", r.ChainName)
 
 		err = r.IPTables.DeleteIfExists("mangle", "PREROUTING", "-j", preroutingChainName)
 		if err != nil {
@@ -234,7 +234,7 @@ func (r *IfaceToIPSet) Disable() []error {
 		}
 	}
 
-	postroutingChainName := fmt.Sprintf("%s_POSTROUTING", r.ChainName)
+	postroutingChainName := fmt.Sprintf("%s_POR", r.ChainName)
 
 	err = r.IPTables.DeleteIfExists("nat", "POSTROUTING", "-j", postroutingChainName)
 	if err != nil {

netfilter-helper/netfiler-helper.go

@@ -9,8 +9,15 @@ type NetfilterHelper struct {
 	IPTables *iptables.IPTables
 }
 
-func New() (*NetfilterHelper, error) {
-	ipt, err := iptables.New()
+func New(isIPv6 bool) (*NetfilterHelper, error) {
+	var proto iptables.Protocol
+	if !isIPv6 {
+		proto = iptables.ProtocolIPv4
+	} else {
+		proto = iptables.ProtocolIPv6
+	}
+
+	ipt, err := iptables.New(iptables.IPFamily(proto))
 	if err != nil {
 		return nil, fmt.Errorf("iptables init fail: %w", err)
 	}