admin/gluetun
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Maint: firewall and routing use logger.Debug

Browse Source 
- Remove SetVerbose and SetDebug from both
- Log routing teardown
- Default logging level set to info
This commit is contained in:
Quentin McGaw (desktop)
2021-07-23 18:20:18 +00:00
parent b23eb8f29d
commit 94b60d9f70
7 changed files with 57 additions and 76 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
internal/firewall/firewall.go
View File

@@ -15,13 +15,11 @@ import (
// Configurator allows to change firewall rules and modify network routes.
type Configurator interface {
Version(ctx context.Context) (string, error)
SetEnabled(ctx context.Context, enabled bool) (err error)
SetVPNConnection(ctx context.Context, connection models.OpenVPNConnection) (err error)
SetAllowedPort(ctx context.Context, port uint16, intf string) (err error)
SetOutboundSubnets(ctx context.Context, subnets []net.IPNet) (err error)
RemoveAllowedPort(ctx context.Context, port uint16) (err error)
SetDebug()
// SetNetworkInformation is meant to be called only once
SetNetworkInformation(defaultInterface string, defaultGateway net.IP,
localNetworks []routing.LocalNetwork, localIP net.IP)
@@ -33,7 +31,6 @@ type configurator struct { //nolint:maligned
routing routing.Routing
iptablesMutex sync.Mutex
ip6tablesMutex sync.Mutex
debug bool
defaultInterface string
defaultGateway net.IP
localNetworks []routing.LocalNetwork
@@ -65,10 +62,6 @@ func NewConfigurator(logger logging.Logger, routing routing.Routing) Configurato
}
}
func (c *configurator) SetDebug() {
c.debug = true
}
func (c *configurator) SetNetworkInformation(
defaultInterface string, defaultGateway net.IP, localNetworks []routing.LocalNetwork, localIP net.IP) {
c.networkInfoMutex.Lock()

6
internal/firewall/ip6tables.go
View File

@@ -38,9 +38,9 @@ func (c *configurator) runIP6tablesInstruction(ctx context.Context, instruction
}
c.ip6tablesMutex.Lock() // only one ip6tables command at once
defer c.ip6tablesMutex.Unlock()
if c.debug {
fmt.Println("ip6tables " + instruction)
}
c.logger.Debug("ip6tables " + instruction)
flags := strings.Fields(instruction)
cmd := exec.CommandContext(ctx, "ip6tables", flags...)
if output, err := c.commander.Run(cmd); err != nil {

11
internal/firewall/iptables.go
View File

@@ -11,6 +11,7 @@ import (
"strings"
"github.com/qdm12/gluetun/internal/models"
"github.com/qdm12/golibs/command"
)
var (
@@ -46,9 +47,9 @@ func flipRule(rule string) string {
}
// Version obtains the version of the installed iptables.
func (c *configurator) Version(ctx context.Context) (string, error) {
func Version(ctx context.Context, commander command.Commander) (string, error) {
cmd := exec.CommandContext(ctx, "iptables", "--version")
output, err := c.commander.Run(cmd)
output, err := commander.Run(cmd)
if err != nil {
return "", err
}
@@ -72,9 +73,9 @@ func (c *configurator) runIptablesInstructions(ctx context.Context, instructions
func (c *configurator) runIptablesInstruction(ctx context.Context, instruction string) error {
c.iptablesMutex.Lock() // only one iptables command at once
defer c.iptablesMutex.Unlock()
if c.debug {
fmt.Printf("iptables %s\n", instruction)
}
c.logger.Debug("iptables " + instruction)
flags := strings.Fields(instruction)
cmd := exec.CommandContext(ctx, "iptables", flags...)
if output, err := c.commander.Run(cmd); err != nil {

37
internal/routing/mutate.go
View File

@@ -5,6 +5,7 @@ import (
"errors"
"fmt"
"net"
"strconv"
"github.com/vishvananda/netlink"
)
@@ -18,12 +19,11 @@ var (
func (r *routing) addRouteVia(destination net.IPNet, gateway net.IP, iface string, table int) error {
destinationStr := destination.String()
if r.verbose {
r.logger.Info("adding route for " + destinationStr)
}
if r.debug {
fmt.Printf("ip route replace %s via %s dev %s table %d\n", destinationStr, gateway, iface, table)
}
r.logger.Info("adding route for " + destinationStr)
r.logger.Debug("ip route replace " + destinationStr +
" via " + gateway.String() +
" dev " + iface +
" table " + strconv.Itoa(table))
link, err := netlink.LinkByName(iface)
if err != nil {
@@ -44,12 +44,11 @@ func (r *routing) addRouteVia(destination net.IPNet, gateway net.IP, iface strin
func (r *routing) deleteRouteVia(destination net.IPNet, gateway net.IP, iface string, table int) (err error) {
destinationStr := destination.String()
if r.verbose {
r.logger.Info("deleting route for " + destinationStr)
}
if r.debug {
fmt.Printf("ip route delete %s via %s dev %s table %d\n", destinationStr, gateway, iface, table)
}
r.logger.Info("deleting route for " + destinationStr)
r.logger.Debug("ip route delete " + destinationStr +
" via " + gateway.String() +
" dev " + iface +
" table " + strconv.Itoa(table))
link, err := netlink.LinkByName(iface)
if err != nil {
@@ -69,10 +68,9 @@ func (r *routing) deleteRouteVia(destination net.IPNet, gateway net.IP, iface st
}
func (r *routing) addIPRule(src net.IP, table, priority int) error {
if r.debug {
fmt.Printf("ip rule add from %s lookup %d pref %d\n",
src, table, priority)
}
r.logger.Debug("ip rule add from " + src.String() +
" lookup " + strconv.Itoa(table) +
" pref " + strconv.Itoa(priority))
rule := netlink.NewRule()
rule.Src = netlink.NewIPNet(src)
@@ -100,10 +98,9 @@ func (r *routing) addIPRule(src net.IP, table, priority int) error {
}
func (r *routing) deleteIPRule(src net.IP, table, priority int) error {
if r.debug {
fmt.Printf("ip rule del from %s lookup %d pref %d\n",
src, table, priority)
}
r.logger.Debug("ip rule del from " + src.String() +
" lookup " + strconv.Itoa(table) +
" pref " + strconv.Itoa(priority))
rule := netlink.NewRule()
rule.Src = netlink.NewIPNet(src)

18
internal/routing/reader.go
View File

@@ -49,10 +49,8 @@ func (r *routing) DefaultRoute() (defaultInterface string, defaultGateway net.IP
}
attributes := link.Attrs()
defaultInterface = attributes.Name
if r.verbose {
r.logger.Info("default route found: interface " + defaultInterface +
", gateway " + defaultGateway.String())
}
r.logger.Info("default route found: interface " + defaultInterface +
", gateway " + defaultGateway.String())
return defaultInterface, defaultGateway, nil
}
}
@@ -105,9 +103,7 @@ func (r *routing) LocalSubnet() (defaultSubnet net.IPNet, err error) {
continue
}
defaultSubnet = *route.Dst
if r.verbose {
r.logger.Info("local subnet found: " + defaultSubnet.String())
}
r.logger.Info("local subnet found: " + defaultSubnet.String())
return defaultSubnet, nil
}
@@ -128,9 +124,7 @@ func (r *routing) LocalNetworks() (localNetworks []LocalNetwork, err error) {
}
localLinks[link.Attrs().Index] = struct{}{}
if r.verbose {
r.logger.Info("local ethernet link found: " + link.Attrs().Name)
}
r.logger.Info("local ethernet link found: " + link.Attrs().Name)
}
if len(localLinks) == 0 {
@@ -152,9 +146,7 @@ func (r *routing) LocalNetworks() (localNetworks []LocalNetwork, err error) {
var localNet LocalNetwork
localNet.IPNet = route.Dst
if r.verbose {
r.logger.Info("local ipnet found: " + localNet.IPNet.String())
}
r.logger.Info("local ipnet found: " + localNet.IPNet.String())
link, err := netlink.LinkByIndex(route.LinkIndex)
if err != nil {

17
internal/routing/routing.go
View File

@@ -20,16 +20,10 @@ type Routing interface {
DefaultIP() (defaultIP net.IP, err error)
VPNDestinationIP() (ip net.IP, err error)
VPNLocalGatewayIP() (ip net.IP, err error)
// Internal state
SetVerbose(verbose bool)
SetDebug()
}
type routing struct {
logger logging.Logger
verbose bool
debug bool
outboundSubnets []net.IPNet
stateMutex sync.RWMutex
}
@@ -37,15 +31,6 @@ type routing struct {
// NewRouting creates a new routing instance.
func NewRouting(logger logging.Logger) Routing {
return &routing{
logger: logger,
verbose: true,
logger: logger,
}
}
func (r *routing) SetVerbose(verbose bool) {
r.verbose = verbose
}
func (r *routing) SetDebug() {
r.debug = true
}