diff --git a/cmd/gluetun/main.go b/cmd/gluetun/main.go index 5398cee3..a560a026 100644 --- a/cmd/gluetun/main.go +++ b/cmd/gluetun/main.go @@ -32,6 +32,7 @@ import ( "github.com/qdm12/gluetun/internal/unix" "github.com/qdm12/gluetun/internal/updater" versionpkg "github.com/qdm12/gluetun/internal/version" + "github.com/qdm12/golibs/command" "github.com/qdm12/golibs/logging" "github.com/qdm12/golibs/params" "github.com/qdm12/goshutdown" @@ -62,7 +63,9 @@ func main() { ctx, stop := signal.NotifyContext(ctx, syscall.SIGINT, syscall.SIGTERM, os.Interrupt) ctx, cancel := context.WithCancel(ctx) - logger := logging.NewParent(logging.Settings{}) + logger := logging.NewParent(logging.Settings{ + Level: logging.LevelInfo, + }) args := os.Args unix := unix.New() @@ -137,11 +140,6 @@ func _main(ctx context.Context, buildInfo models.BuildInformation, const cacertsPath = "/etc/ssl/certs/ca-certificates.crt" dnsConf := unbound.NewConfigurator(nil, dnsCrypto, "/etc/unbound", "/usr/sbin/unbound", cacertsPath) - routingConf := routing.NewRouting( - logger.NewChild(logging.Settings{Prefix: "routing: "})) - firewallConf := firewall.NewConfigurator( - logger.NewChild(logging.Settings{Prefix: "firewall: "}), - routingConf) announcementExp, err := time.Parse(time.RFC3339, "2021-07-22T00:00:00Z") if err != nil { @@ -164,13 +162,18 @@ func _main(ctx context.Context, buildInfo models.BuildInformation, fmt.Println(line) } - if err := printVersions(ctx, logger, []printVersionElement{ + cmder := command.NewCommander() + + err = printVersions(ctx, logger, []printVersionElement{ {name: "Alpine", getVersion: alpineConf.Version}, {name: "OpenVPN 2.4", getVersion: ovpnConf.Version24}, {name: "OpenVPN 2.5", getVersion: ovpnConf.Version25}, {name: "Unbound", getVersion: dnsConf.Version}, - {name: "IPtables", getVersion: firewallConf.Version}, - }); err != nil { + {name: "IPtables", getVersion: func(ctx context.Context) (version string, err error) { + return firewall.Version(ctx, cmder) + }}, + }) + if err != nil { return err } @@ -217,10 +220,20 @@ func _main(ctx context.Context, buildInfo models.BuildInformation, return err } + firewallLogLevel := logging.LevelInfo if allSettings.Firewall.Debug { - firewallConf.SetDebug() - routingConf.SetDebug() + firewallLogLevel = logging.LevelDebug } + routingLogger := logger.NewChild(logging.Settings{ + Prefix: "routing: ", + Level: firewallLogLevel, + }) + routingConf := routing.NewRouting(routingLogger) + firewallLogger := logger.NewChild(logging.Settings{ + Prefix: "firewall: ", + Level: firewallLogLevel, + }) + firewallConf := firewall.NewConfigurator(firewallLogger, routingConf) defaultInterface, defaultGateway, err := routingConf.DefaultRoute() if err != nil { @@ -246,7 +259,7 @@ func _main(ctx context.Context, buildInfo models.BuildInformation, return fmt.Errorf("%w: %s", errSetupRouting, err) } defer func() { - routingConf.SetVerbose(false) + logger.Info("routing cleanup...") if err := routingConf.TearDown(); err != nil { logger.Error("cannot teardown routing: " + err.Error()) } diff --git a/internal/firewall/firewall.go b/internal/firewall/firewall.go index 61cf6432..a7ceb89c 100644 --- a/internal/firewall/firewall.go +++ b/internal/firewall/firewall.go @@ -15,13 +15,11 @@ import ( // Configurator allows to change firewall rules and modify network routes. type Configurator interface { - Version(ctx context.Context) (string, error) SetEnabled(ctx context.Context, enabled bool) (err error) SetVPNConnection(ctx context.Context, connection models.OpenVPNConnection) (err error) SetAllowedPort(ctx context.Context, port uint16, intf string) (err error) SetOutboundSubnets(ctx context.Context, subnets []net.IPNet) (err error) RemoveAllowedPort(ctx context.Context, port uint16) (err error) - SetDebug() // SetNetworkInformation is meant to be called only once SetNetworkInformation(defaultInterface string, defaultGateway net.IP, localNetworks []routing.LocalNetwork, localIP net.IP) @@ -33,7 +31,6 @@ type configurator struct { //nolint:maligned routing routing.Routing iptablesMutex sync.Mutex ip6tablesMutex sync.Mutex - debug bool defaultInterface string defaultGateway net.IP localNetworks []routing.LocalNetwork @@ -65,10 +62,6 @@ func NewConfigurator(logger logging.Logger, routing routing.Routing) Configurato } } -func (c *configurator) SetDebug() { - c.debug = true -} - func (c *configurator) SetNetworkInformation( defaultInterface string, defaultGateway net.IP, localNetworks []routing.LocalNetwork, localIP net.IP) { c.networkInfoMutex.Lock() diff --git a/internal/firewall/ip6tables.go b/internal/firewall/ip6tables.go index 3d90ead0..8f5c57bb 100644 --- a/internal/firewall/ip6tables.go +++ b/internal/firewall/ip6tables.go @@ -38,9 +38,9 @@ func (c *configurator) runIP6tablesInstruction(ctx context.Context, instruction } c.ip6tablesMutex.Lock() // only one ip6tables command at once defer c.ip6tablesMutex.Unlock() - if c.debug { - fmt.Println("ip6tables " + instruction) - } + + c.logger.Debug("ip6tables " + instruction) + flags := strings.Fields(instruction) cmd := exec.CommandContext(ctx, "ip6tables", flags...) if output, err := c.commander.Run(cmd); err != nil { diff --git a/internal/firewall/iptables.go b/internal/firewall/iptables.go index 9dccbcfd..385a2eaa 100644 --- a/internal/firewall/iptables.go +++ b/internal/firewall/iptables.go @@ -11,6 +11,7 @@ import ( "strings" "github.com/qdm12/gluetun/internal/models" + "github.com/qdm12/golibs/command" ) var ( @@ -46,9 +47,9 @@ func flipRule(rule string) string { } // Version obtains the version of the installed iptables. -func (c *configurator) Version(ctx context.Context) (string, error) { +func Version(ctx context.Context, commander command.Commander) (string, error) { cmd := exec.CommandContext(ctx, "iptables", "--version") - output, err := c.commander.Run(cmd) + output, err := commander.Run(cmd) if err != nil { return "", err } @@ -72,9 +73,9 @@ func (c *configurator) runIptablesInstructions(ctx context.Context, instructions func (c *configurator) runIptablesInstruction(ctx context.Context, instruction string) error { c.iptablesMutex.Lock() // only one iptables command at once defer c.iptablesMutex.Unlock() - if c.debug { - fmt.Printf("iptables %s\n", instruction) - } + + c.logger.Debug("iptables " + instruction) + flags := strings.Fields(instruction) cmd := exec.CommandContext(ctx, "iptables", flags...) if output, err := c.commander.Run(cmd); err != nil { diff --git a/internal/routing/mutate.go b/internal/routing/mutate.go index 1c6ed293..0b32afb0 100644 --- a/internal/routing/mutate.go +++ b/internal/routing/mutate.go @@ -5,6 +5,7 @@ import ( "errors" "fmt" "net" + "strconv" "github.com/vishvananda/netlink" ) @@ -18,12 +19,11 @@ var ( func (r *routing) addRouteVia(destination net.IPNet, gateway net.IP, iface string, table int) error { destinationStr := destination.String() - if r.verbose { - r.logger.Info("adding route for " + destinationStr) - } - if r.debug { - fmt.Printf("ip route replace %s via %s dev %s table %d\n", destinationStr, gateway, iface, table) - } + r.logger.Info("adding route for " + destinationStr) + r.logger.Debug("ip route replace " + destinationStr + + " via " + gateway.String() + + " dev " + iface + + " table " + strconv.Itoa(table)) link, err := netlink.LinkByName(iface) if err != nil { @@ -44,12 +44,11 @@ func (r *routing) addRouteVia(destination net.IPNet, gateway net.IP, iface strin func (r *routing) deleteRouteVia(destination net.IPNet, gateway net.IP, iface string, table int) (err error) { destinationStr := destination.String() - if r.verbose { - r.logger.Info("deleting route for " + destinationStr) - } - if r.debug { - fmt.Printf("ip route delete %s via %s dev %s table %d\n", destinationStr, gateway, iface, table) - } + r.logger.Info("deleting route for " + destinationStr) + r.logger.Debug("ip route delete " + destinationStr + + " via " + gateway.String() + + " dev " + iface + + " table " + strconv.Itoa(table)) link, err := netlink.LinkByName(iface) if err != nil { @@ -69,10 +68,9 @@ func (r *routing) deleteRouteVia(destination net.IPNet, gateway net.IP, iface st } func (r *routing) addIPRule(src net.IP, table, priority int) error { - if r.debug { - fmt.Printf("ip rule add from %s lookup %d pref %d\n", - src, table, priority) - } + r.logger.Debug("ip rule add from " + src.String() + + " lookup " + strconv.Itoa(table) + + " pref " + strconv.Itoa(priority)) rule := netlink.NewRule() rule.Src = netlink.NewIPNet(src) @@ -100,10 +98,9 @@ func (r *routing) addIPRule(src net.IP, table, priority int) error { } func (r *routing) deleteIPRule(src net.IP, table, priority int) error { - if r.debug { - fmt.Printf("ip rule del from %s lookup %d pref %d\n", - src, table, priority) - } + r.logger.Debug("ip rule del from " + src.String() + + " lookup " + strconv.Itoa(table) + + " pref " + strconv.Itoa(priority)) rule := netlink.NewRule() rule.Src = netlink.NewIPNet(src) diff --git a/internal/routing/reader.go b/internal/routing/reader.go index c9ea2736..5115385b 100644 --- a/internal/routing/reader.go +++ b/internal/routing/reader.go @@ -49,10 +49,8 @@ func (r *routing) DefaultRoute() (defaultInterface string, defaultGateway net.IP } attributes := link.Attrs() defaultInterface = attributes.Name - if r.verbose { - r.logger.Info("default route found: interface " + defaultInterface + - ", gateway " + defaultGateway.String()) - } + r.logger.Info("default route found: interface " + defaultInterface + + ", gateway " + defaultGateway.String()) return defaultInterface, defaultGateway, nil } } @@ -105,9 +103,7 @@ func (r *routing) LocalSubnet() (defaultSubnet net.IPNet, err error) { continue } defaultSubnet = *route.Dst - if r.verbose { - r.logger.Info("local subnet found: " + defaultSubnet.String()) - } + r.logger.Info("local subnet found: " + defaultSubnet.String()) return defaultSubnet, nil } @@ -128,9 +124,7 @@ func (r *routing) LocalNetworks() (localNetworks []LocalNetwork, err error) { } localLinks[link.Attrs().Index] = struct{}{} - if r.verbose { - r.logger.Info("local ethernet link found: " + link.Attrs().Name) - } + r.logger.Info("local ethernet link found: " + link.Attrs().Name) } if len(localLinks) == 0 { @@ -152,9 +146,7 @@ func (r *routing) LocalNetworks() (localNetworks []LocalNetwork, err error) { var localNet LocalNetwork localNet.IPNet = route.Dst - if r.verbose { - r.logger.Info("local ipnet found: " + localNet.IPNet.String()) - } + r.logger.Info("local ipnet found: " + localNet.IPNet.String()) link, err := netlink.LinkByIndex(route.LinkIndex) if err != nil { diff --git a/internal/routing/routing.go b/internal/routing/routing.go index 5dce9eea..7d331331 100644 --- a/internal/routing/routing.go +++ b/internal/routing/routing.go @@ -20,16 +20,10 @@ type Routing interface { DefaultIP() (defaultIP net.IP, err error) VPNDestinationIP() (ip net.IP, err error) VPNLocalGatewayIP() (ip net.IP, err error) - - // Internal state - SetVerbose(verbose bool) - SetDebug() } type routing struct { logger logging.Logger - verbose bool - debug bool outboundSubnets []net.IPNet stateMutex sync.RWMutex } @@ -37,15 +31,6 @@ type routing struct { // NewRouting creates a new routing instance. func NewRouting(logger logging.Logger) Routing { return &routing{ - logger: logger, - verbose: true, + logger: logger, } } - -func (r *routing) SetVerbose(verbose bool) { - r.verbose = verbose -} - -func (r *routing) SetDebug() { - r.debug = true -}