Compare commits
2 Commits
bfe6a00589
...
c6831f98e0
| Author | SHA1 | Date | |
|---|---|---|---|
| c6831f98e0 | |||
| 891f6ee7c2 |
5
Makefile
5
Makefile
@ -18,7 +18,10 @@ PKG_DIR = $(BUILD_DIR)/$(ARCH)
|
||||
BIN_DIR = $(PKG_DIR)/data/opt/bin
|
||||
PARAMS = -v -a -trimpath -ldflags="-X 'magitrickle/constant.Version=$(VERSION)' -X 'magitrickle/constant.Commit=$(COMMIT)' -w -s"
|
||||
|
||||
all: build_daemon package
|
||||
all: clear build_daemon package
|
||||
|
||||
clear:
|
||||
rm -rf $(PKG_DIR)
|
||||
|
||||
build_daemon:
|
||||
GOOS=$(GOOS) GOARCH=$(GOARCH) GOMIPS=$(GOMIPS) GOARM=$(GOARM) go build $(PARAMS) -o $(BIN_DIR)/magitrickled ./cmd/magitrickled
|
||||
|
||||
@ -37,6 +37,7 @@ func (r *IPSetToLink) insertIPTablesRules(table string) error {
|
||||
}
|
||||
|
||||
for _, iptablesArgs := range [][]string{
|
||||
{"-j", "CONNMARK", "--restore-mark"},
|
||||
{"-j", "MARK", "--set-mark", strconv.Itoa(int(r.mark))},
|
||||
{"-j", "CONNMARK", "--save-mark"},
|
||||
} {
|
||||
|
||||
@ -21,7 +21,8 @@ type PortRemap struct {
|
||||
|
||||
func (r *PortRemap) insertIPTablesRules(table string) error {
|
||||
if table == "" || table == "nat" {
|
||||
err := r.IPTables.NewChain("nat", r.ChainName)
|
||||
preroutingChain := r.ChainName + "_PRR"
|
||||
err := r.IPTables.NewChain("nat", preroutingChain)
|
||||
if err != nil {
|
||||
// If not "AlreadyExists"
|
||||
if eerr, eok := err.(*iptables.Error); !(eok && eerr.ExitStatus() == 1) {
|
||||
@ -34,18 +35,62 @@ func (r *PortRemap) insertIPTablesRules(table string) error {
|
||||
continue
|
||||
}
|
||||
|
||||
if r.IPTables.Proto() != iptables.ProtocolIPv6 {
|
||||
for _, iptablesArgs := range [][]string{
|
||||
{"-p", "tcp", "-d", addr.IP.String(), "--dport", fmt.Sprintf("%d", r.From), "-j", "REDIRECT", "--to-port", fmt.Sprintf("%d", r.To)},
|
||||
{"-p", "udp", "-d", addr.IP.String(), "--dport", fmt.Sprintf("%d", r.From), "-j", "REDIRECT", "--to-port", fmt.Sprintf("%d", r.To)},
|
||||
} {
|
||||
err = r.IPTables.AppendUnique("nat", preroutingChain, iptablesArgs...)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to append rule: %w", err)
|
||||
}
|
||||
}
|
||||
} else {
|
||||
for _, iptablesArgs := range [][]string{
|
||||
{"-p", "tcp", "-d", addr.IP.String(), "--dport", strconv.Itoa(int(r.From)), "-j", "DNAT", "--to-destination", fmt.Sprintf(":%d", r.To)},
|
||||
{"-p", "udp", "-d", addr.IP.String(), "--dport", strconv.Itoa(int(r.From)), "-j", "DNAT", "--to-destination", fmt.Sprintf(":%d", r.To)},
|
||||
} {
|
||||
err = r.IPTables.AppendUnique("nat", r.ChainName, iptablesArgs...)
|
||||
err = r.IPTables.AppendUnique("nat", preroutingChain, iptablesArgs...)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to append rule: %w", err)
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
err = r.IPTables.InsertUnique("nat", "PREROUTING", 1, "-j", r.ChainName)
|
||||
err = r.IPTables.InsertUnique("nat", "PREROUTING", 1, "-j", preroutingChain)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to linking chain: %w", err)
|
||||
}
|
||||
|
||||
postroutingChain := r.ChainName + "_POR"
|
||||
err = r.IPTables.NewChain("nat", postroutingChain)
|
||||
if err != nil {
|
||||
// If not "AlreadyExists"
|
||||
if eerr, eok := err.(*iptables.Error); !(eok && eerr.ExitStatus() == 1) {
|
||||
return fmt.Errorf("failed to create chain: %w", err)
|
||||
}
|
||||
}
|
||||
|
||||
for _, addr := range r.Addresses {
|
||||
if !((r.IPTables.Proto() == iptables.ProtocolIPv4 && len(addr.IP) == net.IPv4len) || (r.IPTables.Proto() == iptables.ProtocolIPv6 && len(addr.IP) == net.IPv6len)) {
|
||||
continue
|
||||
}
|
||||
|
||||
if r.IPTables.Proto() == iptables.ProtocolIPv4 {
|
||||
for _, iptablesArgs := range [][]string{
|
||||
{"-p", "tcp", "-d", addr.IP.String(), "--sport", strconv.Itoa(int(r.To)), "-j", "SNAT", "--to-source", addr.IP.String()},
|
||||
{"-p", "udp", "-d", addr.IP.String(), "--sport", strconv.Itoa(int(r.To)), "-j", "SNAT", "--to-source", addr.IP.String()},
|
||||
} {
|
||||
err = r.IPTables.AppendUnique("nat", postroutingChain, iptablesArgs...)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to append rule: %w", err)
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
err = r.IPTables.InsertUnique("nat", "POSTROUTING", 1, "-j", postroutingChain)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to linking chain: %w", err)
|
||||
}
|
||||
@ -57,7 +102,14 @@ func (r *PortRemap) insertIPTablesRules(table string) error {
|
||||
func (r *PortRemap) deleteIPTablesRules() []error {
|
||||
var errs []error
|
||||
|
||||
err := r.IPTables.DeleteIfExists("nat", "PREROUTING", "-j", r.ChainName)
|
||||
preroutingChain := r.ChainName + "_PRR"
|
||||
err := r.IPTables.DeleteIfExists("nat", "PREROUTING", "-j", preroutingChain)
|
||||
if err != nil {
|
||||
errs = append(errs, fmt.Errorf("failed to unlinking chain: %w", err))
|
||||
}
|
||||
|
||||
postroutingChain := r.ChainName + "_POR"
|
||||
err = r.IPTables.DeleteIfExists("nat", "POSTROUTING", "-j", postroutingChain)
|
||||
if err != nil {
|
||||
errs = append(errs, fmt.Errorf("failed to unlinking chain: %w", err))
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user