internal/routing/enable.go

package routing

import (
	"errors"
	"fmt"
)

var (
	ErrDefaultRoute          = errors.New("cannot get default route")
	ErrAddInboundFromDefault = errors.New("cannot add routes for inbound traffic from default IP")
	ErrDelInboundFromDefault = errors.New("cannot remove routes for inbound traffic from default IP")
	ErrSubnetsOutboundSet    = errors.New("cannot set outbound subnets routes")
)

type Setuper interface {
	Setup() (err error)
}

func (r *Routing) Setup() (err error) {
	defaultInterfaceName, defaultGateway, err := r.DefaultRoute()
	if err != nil {
		return fmt.Errorf("%w: %s", ErrDefaultRoute, err)
	}

	touched := false
	defer func() {
		if err != nil && touched {
			if tearDownErr := r.TearDown(); tearDownErr != nil {
				r.logger.Error("cannot reverse routing changes: " + tearDownErr.Error())
			}
		}
	}()

	touched = true

	err = r.routeInboundFromDefault(defaultGateway, defaultInterfaceName)
	if err != nil {
		return fmt.Errorf("%w: %s", ErrAddInboundFromDefault, err)
	}

	r.stateMutex.RLock()
	outboundSubnets := r.outboundSubnets
	r.stateMutex.RUnlock()
	if err := r.setOutboundRoutes(outboundSubnets, defaultInterfaceName, defaultGateway); err != nil {
		return fmt.Errorf("%w: %s", ErrSubnetsOutboundSet, err)
	}

	return nil
}

type TearDowner interface {
	TearDown() error
}

func (r *Routing) TearDown() error {
	defaultInterfaceName, defaultGateway, err := r.DefaultRoute()
	if err != nil {
		return fmt.Errorf("%w: %s", ErrDefaultRoute, err)
	}

	err = r.unrouteInboundFromDefault(defaultGateway, defaultInterfaceName)
	if err != nil {
		return fmt.Errorf("%w: %s", ErrDelInboundFromDefault, err)
	}

	if err := r.setOutboundRoutes(nil, defaultInterfaceName, defaultGateway); err != nil {
		return fmt.Errorf("%w: %s", ErrSubnetsOutboundSet, err)
	}

	return nil
}
Routing improvements (#268) - Fixes #82 - Remove `EXTRA_SUBNETS` - Remove no longer needed iptables rules - Reduce routing interface arity - Routing setup is done in main.go instead of in the firewall - Routing setup gets reverted at shutdown 2020-10-24 18:05:11 -04:00			`package routing`

			`import (`
Maintenance: improve error codes in IP routing 2021-05-10 17:33:31 +00:00			`"errors"`
Routing improvements (#268) - Fixes #82 - Remove `EXTRA_SUBNETS` - Remove no longer needed iptables rules - Reduce routing interface arity - Routing setup is done in main.go instead of in the firewall - Routing setup gets reverted at shutdown 2020-10-24 18:05:11 -04:00			`"fmt"`
			`)`

Maintenance: improve error codes in IP routing 2021-05-10 17:33:31 +00:00			`var (`
Maint: `internal/routing/inbound.go` file 2021-08-25 19:08:55 +00:00			`ErrDefaultRoute = errors.New("cannot get default route")`
			`ErrAddInboundFromDefault = errors.New("cannot add routes for inbound traffic from default IP")`
			`ErrDelInboundFromDefault = errors.New("cannot remove routes for inbound traffic from default IP")`
			`ErrSubnetsOutboundSet = errors.New("cannot set outbound subnets routes")`
Maintenance: improve error codes in IP routing 2021-05-10 17:33:31 +00:00			`)`

Maint: routing interface composition 2021-07-26 16:18:53 +00:00			`type Setuper interface {`
			`Setup() (err error)`
			`}`

Maint: `internal/routing` returns `*Routine` struct 2021-08-23 20:50:32 +00:00			`func (r *Routing) Setup() (err error) {`
Routing improvements (#268) - Fixes #82 - Remove `EXTRA_SUBNETS` - Remove no longer needed iptables rules - Reduce routing interface arity - Routing setup is done in main.go instead of in the firewall - Routing setup gets reverted at shutdown 2020-10-24 18:05:11 -04:00			`defaultInterfaceName, defaultGateway, err := r.DefaultRoute()`
			`if err != nil {`
Maintenance: improve error codes in IP routing 2021-05-10 17:33:31 +00:00			`return fmt.Errorf("%w: %s", ErrDefaultRoute, err)`
Routing improvements (#268) - Fixes #82 - Remove `EXTRA_SUBNETS` - Remove no longer needed iptables rules - Reduce routing interface arity - Routing setup is done in main.go instead of in the firewall - Routing setup gets reverted at shutdown 2020-10-24 18:05:11 -04:00			`}`

Feature: only teardown routing if changes occurred 2021-05-10 22:16:26 +00:00			`touched := false`
Routing improvements (#268) - Fixes #82 - Remove `EXTRA_SUBNETS` - Remove no longer needed iptables rules - Reduce routing interface arity - Routing setup is done in main.go instead of in the firewall - Routing setup gets reverted at shutdown 2020-10-24 18:05:11 -04:00			`defer func() {`
Feature: only teardown routing if changes occurred 2021-05-10 22:16:26 +00:00			`if err != nil && touched {`
			`if tearDownErr := r.TearDown(); tearDownErr != nil {`
			`r.logger.Error("cannot reverse routing changes: " + tearDownErr.Error())`
			`}`
Routing improvements (#268) - Fixes #82 - Remove `EXTRA_SUBNETS` - Remove no longer needed iptables rules - Reduce routing interface arity - Routing setup is done in main.go instead of in the firewall - Routing setup gets reverted at shutdown 2020-10-24 18:05:11 -04:00			`}`
			`}()`
Feature: only teardown routing if changes occurred 2021-05-10 22:16:26 +00:00
			`touched = true`

Maint: `internal/routing/inbound.go` file 2021-08-25 19:08:55 +00:00			`err = r.routeInboundFromDefault(defaultGateway, defaultInterfaceName)`
			`if err != nil {`
			`return fmt.Errorf("%w: %s", ErrAddInboundFromDefault, err)`
Routing improvements (#268) - Fixes #82 - Remove `EXTRA_SUBNETS` - Remove no longer needed iptables rules - Reduce routing interface arity - Routing setup is done in main.go instead of in the firewall - Routing setup gets reverted at shutdown 2020-10-24 18:05:11 -04:00			`}`
Fix #273 (#277), adding FIREWALL_OUTBOUND_SUBNETS 2020-10-29 19:23:44 -04:00
			`r.stateMutex.RLock()`
			`outboundSubnets := r.outboundSubnets`
			`r.stateMutex.RUnlock()`
			`if err := r.setOutboundRoutes(outboundSubnets, defaultInterfaceName, defaultGateway); err != nil {`
Maintenance: improve error codes in IP routing 2021-05-10 17:33:31 +00:00			`return fmt.Errorf("%w: %s", ErrSubnetsOutboundSet, err)`
Fix #273 (#277), adding FIREWALL_OUTBOUND_SUBNETS 2020-10-29 19:23:44 -04:00			`}`

Routing improvements (#268) - Fixes #82 - Remove `EXTRA_SUBNETS` - Remove no longer needed iptables rules - Reduce routing interface arity - Routing setup is done in main.go instead of in the firewall - Routing setup gets reverted at shutdown 2020-10-24 18:05:11 -04:00			`return nil`
			`}`

Maint: routing interface composition 2021-07-26 16:18:53 +00:00			`type TearDowner interface {`
			`TearDown() error`
			`}`

Maint: `internal/routing` returns `*Routine` struct 2021-08-23 20:50:32 +00:00			`func (r *Routing) TearDown() error {`
Routing improvements (#268) - Fixes #82 - Remove `EXTRA_SUBNETS` - Remove no longer needed iptables rules - Reduce routing interface arity - Routing setup is done in main.go instead of in the firewall - Routing setup gets reverted at shutdown 2020-10-24 18:05:11 -04:00			`defaultInterfaceName, defaultGateway, err := r.DefaultRoute()`
			`if err != nil {`
Maintenance: improve error codes in IP routing 2021-05-10 17:33:31 +00:00			`return fmt.Errorf("%w: %s", ErrDefaultRoute, err)`
Routing improvements (#268) - Fixes #82 - Remove `EXTRA_SUBNETS` - Remove no longer needed iptables rules - Reduce routing interface arity - Routing setup is done in main.go instead of in the firewall - Routing setup gets reverted at shutdown 2020-10-24 18:05:11 -04:00			`}`

Maint: `internal/routing/inbound.go` file 2021-08-25 19:08:55 +00:00			`err = r.unrouteInboundFromDefault(defaultGateway, defaultInterfaceName)`
			`if err != nil {`
			`return fmt.Errorf("%w: %s", ErrDelInboundFromDefault, err)`
Routing improvements (#268) - Fixes #82 - Remove `EXTRA_SUBNETS` - Remove no longer needed iptables rules - Reduce routing interface arity - Routing setup is done in main.go instead of in the firewall - Routing setup gets reverted at shutdown 2020-10-24 18:05:11 -04:00			`}`
Fix #273 (#277), adding FIREWALL_OUTBOUND_SUBNETS 2020-10-29 19:23:44 -04:00
			`if err := r.setOutboundRoutes(nil, defaultInterfaceName, defaultGateway); err != nil {`
Maintenance: improve error codes in IP routing 2021-05-10 17:33:31 +00:00			`return fmt.Errorf("%w: %s", ErrSubnetsOutboundSet, err)`
Fix #273 (#277), adding FIREWALL_OUTBOUND_SUBNETS 2020-10-29 19:23:44 -04:00			`}`

Routing improvements (#268) - Fixes #82 - Remove `EXTRA_SUBNETS` - Remove no longer needed iptables rules - Reduce routing interface arity - Routing setup is done in main.go instead of in the firewall - Routing setup gets reverted at shutdown 2020-10-24 18:05:11 -04:00			`return nil`
			`}`