Maint: firewall and routing use logger.Debug

- Remove SetVerbose and SetDebug from both - Log routing teardown - Default logging level set to info
2021-07-23 18:20:18 +00:00
parent b23eb8f29d
commit 94b60d9f70
7 changed files with 57 additions and 76 deletions
--- a/cmd/gluetun/main.go
+++ b/cmd/gluetun/main.go
@@ -32,6 +32,7 @@ import (
 	"github.com/qdm12/gluetun/internal/unix"
 	"github.com/qdm12/gluetun/internal/updater"
 	versionpkg "github.com/qdm12/gluetun/internal/version"
 	"github.com/qdm12/golibs/command"
 	"github.com/qdm12/golibs/logging"
 	"github.com/qdm12/golibs/params"
 	"github.com/qdm12/goshutdown"
@@ -62,7 +63,9 @@ func main() {
 	ctx, stop := signal.NotifyContext(ctx, syscall.SIGINT, syscall.SIGTERM, os.Interrupt)
 	ctx, cancel := context.WithCancel(ctx)
-	logger := logging.NewParent(logging.Settings{})
+	logger := logging.NewParent(logging.Settings{
 		Level: logging.LevelInfo,
 	})
 	args := os.Args
 	unix := unix.New()
@@ -137,11 +140,6 @@ func _main(ctx context.Context, buildInfo models.BuildInformation,
 	const cacertsPath = "/etc/ssl/certs/ca-certificates.crt"
 	dnsConf := unbound.NewConfigurator(nil, dnsCrypto,
 		"/etc/unbound", "/usr/sbin/unbound", cacertsPath)
 	routingConf := routing.NewRouting(
 		logger.NewChild(logging.Settings{Prefix: "routing: "}))
 	firewallConf := firewall.NewConfigurator(
 		logger.NewChild(logging.Settings{Prefix: "firewall: "}),
 		routingConf)
 	announcementExp, err := time.Parse(time.RFC3339, "2021-07-22T00:00:00Z")
 	if err != nil {
@@ -164,13 +162,18 @@ func _main(ctx context.Context, buildInfo models.BuildInformation,
 		fmt.Println(line)
 	}
-	if err := printVersions(ctx, logger, []printVersionElement{
+	cmder := command.NewCommander()
 	err = printVersions(ctx, logger, []printVersionElement{
 		{name: "Alpine", getVersion: alpineConf.Version},
 		{name: "OpenVPN 2.4", getVersion: ovpnConf.Version24},
 		{name: "OpenVPN 2.5", getVersion: ovpnConf.Version25},
 		{name: "Unbound", getVersion: dnsConf.Version},
-		{name: "IPtables", getVersion: firewallConf.Version},
+		{name: "IPtables", getVersion: func(ctx context.Context) (version string, err error) {
-	}); err != nil {
+			return firewall.Version(ctx, cmder)
 		}},
 	})
 	if err != nil {
 		return err
 	}
@@ -217,10 +220,20 @@ func _main(ctx context.Context, buildInfo models.BuildInformation,
 		return err
 	}
 	firewallLogLevel := logging.LevelInfo
 	if allSettings.Firewall.Debug {
-		firewallConf.SetDebug()
+		firewallLogLevel = logging.LevelDebug
 		routingConf.SetDebug()
 	}
 	routingLogger := logger.NewChild(logging.Settings{
 		Prefix: "routing: ",
 		Level:  firewallLogLevel,
 	})
 	routingConf := routing.NewRouting(routingLogger)
 	firewallLogger := logger.NewChild(logging.Settings{
 		Prefix: "firewall: ",
 		Level:  firewallLogLevel,
 	})
 	firewallConf := firewall.NewConfigurator(firewallLogger, routingConf)
 	defaultInterface, defaultGateway, err := routingConf.DefaultRoute()
 	if err != nil {
@@ -246,7 +259,7 @@ func _main(ctx context.Context, buildInfo models.BuildInformation,
 		return fmt.Errorf("%w: %s", errSetupRouting, err)
 	}
 	defer func() {
-		routingConf.SetVerbose(false)
+		logger.Info("routing cleanup...")
 		if err := routingConf.TearDown(); err != nil {
 			logger.Error("cannot teardown routing: " + err.Error())
 		}
--- a/internal/firewall/firewall.go
+++ b/internal/firewall/firewall.go
@@ -15,13 +15,11 @@ import (
 // Configurator allows to change firewall rules and modify network routes.
 type Configurator interface {
 	Version(ctx context.Context) (string, error)
 	SetEnabled(ctx context.Context, enabled bool) (err error)
 	SetVPNConnection(ctx context.Context, connection models.OpenVPNConnection) (err error)
 	SetAllowedPort(ctx context.Context, port uint16, intf string) (err error)
 	SetOutboundSubnets(ctx context.Context, subnets []net.IPNet) (err error)
 	RemoveAllowedPort(ctx context.Context, port uint16) (err error)
 	SetDebug()
 	// SetNetworkInformation is meant to be called only once
 	SetNetworkInformation(defaultInterface string, defaultGateway net.IP,
 		localNetworks []routing.LocalNetwork, localIP net.IP)
@@ -33,7 +31,6 @@ type configurator struct { //nolint:maligned
 	routing          routing.Routing
 	iptablesMutex    sync.Mutex
 	ip6tablesMutex   sync.Mutex
 	debug            bool
 	defaultInterface string
 	defaultGateway   net.IP
 	localNetworks    []routing.LocalNetwork
@@ -65,10 +62,6 @@ func NewConfigurator(logger logging.Logger, routing routing.Routing) Configurato
 	}
 }
 func (c *configurator) SetDebug() {
 	c.debug = true
 }
 func (c *configurator) SetNetworkInformation(
 	defaultInterface string, defaultGateway net.IP, localNetworks []routing.LocalNetwork, localIP net.IP) {
 	c.networkInfoMutex.Lock()
--- a/internal/firewall/ip6tables.go
+++ b/internal/firewall/ip6tables.go
@@ -38,9 +38,9 @@ func (c *configurator) runIP6tablesInstruction(ctx context.Context, instruction
 	}
 	c.ip6tablesMutex.Lock() // only one ip6tables command at once
 	defer c.ip6tablesMutex.Unlock()
-	if c.debug {
+
-		fmt.Println("ip6tables " + instruction)
+	c.logger.Debug("ip6tables " + instruction)
-	}
+
 	flags := strings.Fields(instruction)
 	cmd := exec.CommandContext(ctx, "ip6tables", flags...)
 	if output, err := c.commander.Run(cmd); err != nil {
--- a/internal/firewall/iptables.go
+++ b/internal/firewall/iptables.go
@@ -11,6 +11,7 @@ import (
 	"strings"
 	"github.com/qdm12/gluetun/internal/models"
 	"github.com/qdm12/golibs/command"
 )
 var (
@@ -46,9 +47,9 @@ func flipRule(rule string) string {
 }
 // Version obtains the version of the installed iptables.
-func (c *configurator) Version(ctx context.Context) (string, error) {
+func Version(ctx context.Context, commander command.Commander) (string, error) {
 	cmd := exec.CommandContext(ctx, "iptables", "--version")
-	output, err := c.commander.Run(cmd)
+	output, err := commander.Run(cmd)
 	if err != nil {
 		return "", err
 	}
@@ -72,9 +73,9 @@ func (c *configurator) runIptablesInstructions(ctx context.Context, instructions
 func (c *configurator) runIptablesInstruction(ctx context.Context, instruction string) error {
 	c.iptablesMutex.Lock() // only one iptables command at once
 	defer c.iptablesMutex.Unlock()
-	if c.debug {
+
-		fmt.Printf("iptables %s\n", instruction)
+	c.logger.Debug("iptables " + instruction)
-	}
+
 	flags := strings.Fields(instruction)
 	cmd := exec.CommandContext(ctx, "iptables", flags...)
 	if output, err := c.commander.Run(cmd); err != nil {
--- a/internal/routing/mutate.go
+++ b/internal/routing/mutate.go
@@ -5,6 +5,7 @@ import (
 	"errors"
 	"fmt"
 	"net"
 	"strconv"
 	"github.com/vishvananda/netlink"
 )
@@ -18,12 +19,11 @@ var (
 func (r *routing) addRouteVia(destination net.IPNet, gateway net.IP, iface string, table int) error {
 	destinationStr := destination.String()
-	if r.verbose {
+	r.logger.Info("adding route for " + destinationStr)
-		r.logger.Info("adding route for " + destinationStr)
+	r.logger.Debug("ip route replace " + destinationStr +
-	}
+		" via " + gateway.String() +
-	if r.debug {
+		" dev " + iface +
-		fmt.Printf("ip route replace %s via %s dev %s table %d\n", destinationStr, gateway, iface, table)
+		" table " + strconv.Itoa(table))
 	}
 	link, err := netlink.LinkByName(iface)
 	if err != nil {
@@ -44,12 +44,11 @@ func (r *routing) addRouteVia(destination net.IPNet, gateway net.IP, iface strin
 func (r *routing) deleteRouteVia(destination net.IPNet, gateway net.IP, iface string, table int) (err error) {
 	destinationStr := destination.String()
-	if r.verbose {
+	r.logger.Info("deleting route for " + destinationStr)
-		r.logger.Info("deleting route for " + destinationStr)
+	r.logger.Debug("ip route delete " + destinationStr +
-	}
+		" via " + gateway.String() +
-	if r.debug {
+		" dev " + iface +
-		fmt.Printf("ip route delete %s via %s dev %s table %d\n", destinationStr, gateway, iface, table)
+		" table " + strconv.Itoa(table))
 	}
 	link, err := netlink.LinkByName(iface)
 	if err != nil {
@@ -69,10 +68,9 @@ func (r *routing) deleteRouteVia(destination net.IPNet, gateway net.IP, iface st
 }
 func (r *routing) addIPRule(src net.IP, table, priority int) error {
-	if r.debug {
+	r.logger.Debug("ip rule add from " + src.String() +
-		fmt.Printf("ip rule add from %s lookup %d pref %d\n",
+		" lookup " + strconv.Itoa(table) +
-			src, table, priority)
+		" pref " + strconv.Itoa(priority))
 	}
 	rule := netlink.NewRule()
 	rule.Src = netlink.NewIPNet(src)
@@ -100,10 +98,9 @@ func (r *routing) addIPRule(src net.IP, table, priority int) error {
 }
 func (r *routing) deleteIPRule(src net.IP, table, priority int) error {
-	if r.debug {
+	r.logger.Debug("ip rule del from " + src.String() +
-		fmt.Printf("ip rule del from %s lookup %d pref %d\n",
+		" lookup " + strconv.Itoa(table) +
-			src, table, priority)
+		" pref " + strconv.Itoa(priority))
 	}
 	rule := netlink.NewRule()
 	rule.Src = netlink.NewIPNet(src)
--- a/internal/routing/reader.go
+++ b/internal/routing/reader.go
@@ -49,10 +49,8 @@ func (r *routing) DefaultRoute() (defaultInterface string, defaultGateway net.IP
 			}
 			attributes := link.Attrs()
 			defaultInterface = attributes.Name
-			if r.verbose {
+			r.logger.Info("default route found: interface " + defaultInterface +
-				r.logger.Info("default route found: interface " + defaultInterface +
+				", gateway " + defaultGateway.String())
 					", gateway " + defaultGateway.String())
 			}
 			return defaultInterface, defaultGateway, nil
 		}
 	}
@@ -105,9 +103,7 @@ func (r *routing) LocalSubnet() (defaultSubnet net.IPNet, err error) {
 			continue
 		}
 		defaultSubnet = *route.Dst
-		if r.verbose {
+		r.logger.Info("local subnet found: " + defaultSubnet.String())
 			r.logger.Info("local subnet found: " + defaultSubnet.String())
 		}
 		return defaultSubnet, nil
 	}
@@ -128,9 +124,7 @@ func (r *routing) LocalNetworks() (localNetworks []LocalNetwork, err error) {
 		}
 		localLinks[link.Attrs().Index] = struct{}{}
-		if r.verbose {
+		r.logger.Info("local ethernet link found: " + link.Attrs().Name)
 			r.logger.Info("local ethernet link found: " + link.Attrs().Name)
 		}
 	}
 	if len(localLinks) == 0 {
@@ -152,9 +146,7 @@ func (r *routing) LocalNetworks() (localNetworks []LocalNetwork, err error) {
 		var localNet LocalNetwork
 		localNet.IPNet = route.Dst
-		if r.verbose {
+		r.logger.Info("local ipnet found: " + localNet.IPNet.String())
 			r.logger.Info("local ipnet found: " + localNet.IPNet.String())
 		}
 		link, err := netlink.LinkByIndex(route.LinkIndex)
 		if err != nil {
--- a/internal/routing/routing.go
+++ b/internal/routing/routing.go
@@ -20,16 +20,10 @@ type Routing interface {
 	DefaultIP() (defaultIP net.IP, err error)
 	VPNDestinationIP() (ip net.IP, err error)
 	VPNLocalGatewayIP() (ip net.IP, err error)
 	// Internal state
 	SetVerbose(verbose bool)
 	SetDebug()
 }
 type routing struct {
 	logger          logging.Logger
 	verbose         bool
 	debug           bool
 	outboundSubnets []net.IPNet
 	stateMutex      sync.RWMutex
 }
@@ -37,15 +31,6 @@ type routing struct {
 // NewRouting creates a new routing instance.
 func NewRouting(logger logging.Logger) Routing {
 	return &routing{
-		logger:  logger,
+		logger: logger,
 		verbose: true,
 	}
 }
 func (r *routing) SetVerbose(verbose bool) {
 	r.verbose = verbose
 }
 func (r *routing) SetDebug() {
 	r.debug = true
 }