lordwelch/router7
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

updates

Browse Source
This commit is contained in:
Timmy Welch 2024-01-20 11:41:04 -08:00
parent 996061b126
commit ab5bce1356
7 changed files with 45 additions and 70 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cmd/backupd/backupd.go
View File

@ -51,7 +51,7 @@ func updateListeners() error {
func logic() error {
http.HandleFunc("/backup.tar.gz", func(w http.ResponseWriter, r *http.Request) {
if err := backup.Archive(w, *perm); err != nil {
if err := backup.Archive(w, *perm, flag.Args()); err != nil {
log.Printf("backup.tar.gz: %v", err)
http.Error(w, err.Error(), http.StatusInternalServerError)
}

10
cmd/diagd/diagd.go
View File

@ -98,14 +98,14 @@ func logic() error {
m := diag.NewMonitor(diag.Link(uplink).
Then(diag.DHCPv4().
Then(diag.Ping4Gateway().
Then(diag.Ping4("google.ch").
Then(diag.TCP4("www.google.ch:80"))))).
Then(diag.Ping4("google.com").
Then(diag.TCP4("www.google.com:80"))))).
Then(diag.DHCPv6().
Then(diag.Ping6("lan0", "google.ch"))).
Then(diag.Ping6("lan0", "google.com"))).
Then(diag.RouterAdvertisments(uplink).
Then(diag.Ping6Gateway().
Then(diag.Ping6(uplink, "google.ch").
Then(diag.TCP6("www.google.ch:80"))))).
Then(diag.Ping6(uplink, "google.com").
Then(diag.TCP6("www.google.com:80"))))).
Then(diag.Ping6("", ip6allrouters+"%"+uplink)))
var mu sync.Mutex
http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {

2
go.mod
View File

@ -1,6 +1,6 @@
module github.com/rtr7/router7
go 1.13
go 1.18
require (
github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883

51
init/init.go
View File

@ -1,51 +0,0 @@
package main
import (
"flag"
"fmt"
"log"
"os/exec"
"path"
"github.com/gokrazy/gokrazy"
)
// buildTimestamp can be overridden by specifying e.g.
// -ldflags "-X main.buildTimestamp=foo" when building.
var (
buildTimestamp = "2020-06-08T19:45:52-07:00"
domain string
cmdRoot string
perm string
noFirewall bool
)
func main() {
flag.StringVar(&cmdRoot, "cmdroot", "/usr/bin", "path to rtr7 binaries")
flag.StringVar(&domain, "domain", "lan", "domain name for your network")
flag.StringVar(&perm, "perm", "/var/lib/rtr7/", "path to replace /perm")
flag.BoolVar(&noFirewall, "nofirewall", false, "disable the rtr7 firewall")
flag.Parse()
log.SetFlags(log.LstdFlags | log.Lshortfile)
fmt.Printf("gokrazy build timestamp %s\n", buildTimestamp)
cmds := []*exec.Cmd{
// exec.Command(path.Join(cmdRoot, "/ntp")),
exec.Command(path.Join(cmdRoot, "backupd"), "-perm="+perm),
exec.Command(path.Join(cmdRoot, "captured"), "-perm="+perm),
exec.Command(path.Join(cmdRoot, "dhcp4"), "-perm="+perm),
exec.Command(path.Join(cmdRoot, "dhcp4d"), fmt.Sprintf("-domain=%s", domain), "-perm="+perm),
exec.Command(path.Join(cmdRoot, "dhcp6"), "-perm="+perm),
exec.Command(path.Join(cmdRoot, "diagd"), "-perm="+perm),
exec.Command(path.Join(cmdRoot, "dnsd"), fmt.Sprintf("-domain=%s", domain), "-perm="+perm),
exec.Command(path.Join(cmdRoot, "dyndns"), "-perm="+perm),
exec.Command(path.Join(cmdRoot, "netconfigd"), fmt.Sprintf("-nofirewall=%t", noFirewall), "-perm="+perm),
exec.Command(path.Join(cmdRoot, "radvd"), "-perm="+perm),
}
if err := gokrazy.Supervise(cmds); err != nil {
log.Fatal(err)
}
select {}
}

7
internal/backup/backup.go
View File

@ -23,9 +23,10 @@ import (
"io/ioutil"
"os"
"path/filepath"
"slices"
)
func Archive(w io.Writer, dir string) error {
func Archive(w io.Writer, dir string, excludes []string) error {
gw, err := gzip.NewWriterLevel(w, gzip.BestSpeed)
if err != nil {
return err
@ -46,7 +47,7 @@ func Archive(w io.Writer, dir string) error {
if path == dir {
return nil // skip root
}
if last := filepath.Base(path); last == "nobackup" || last == "srv" {
if last := filepath.Base(path); last == "nobackup" || last == "srv" || slices.Contains(excludes, path) {
return filepath.SkipDir // skip nobackup (and srv for legacy)
}
rel, err := filepath.Rel(dir, path)
@ -61,7 +62,7 @@ func Archive(w io.Writer, dir string) error {
if err := tw.WriteHeader(hdr); err != nil {
return err
}
if !info.Mode().IsDir() {
if !info.Mode().IsDir() && !slices.Contains(excludes, path) {
b, err := ioutil.ReadFile(path)
if err != nil {
return err

20
internal/dns/dns.go
View File

@ -597,16 +597,24 @@ func (s *Server) handleRequest(w dns.ResponseWriter, r *dns.Msg) {
// DNS has no reply for resolving errors
}
func (s *Server) getSubname(domain string, queryName string) (IP,bool) {
name := strings.TrimSuffix(queryName, ".")
name = strings.TrimSuffix(name, ".lan") // trim lan domain
name = strings.TrimSuffix(name, "."+string(s.domain)) // trim server domain
name = strings.TrimSuffix(name, "."+strings.TrimSuffix(domain, "."+string(s.domain))) // trim function domain
if ip, ok := s.subname(domain, name); ok {
return ip, true
}
return IP{},false
}
func (s *Server) resolveSubname(domain string, q dns.Question) (dns.RR, error) {
if q.Qclass != dns.ClassINET {
return nil, nil
}
ip,ok := s.getSubname(domain,q.Name)
if q.Qtype == dns.TypeA || q.Qtype == dns.TypeAAAA /*|| q.Qtype == dns.TypeMX*/ {
name := strings.TrimSuffix(q.Name, ".")
name = strings.TrimSuffix(name, ".lan") // trim lan domain
name = strings.TrimSuffix(name, "."+string(s.domain)) // trim server domain
name = strings.TrimSuffix(name, "."+strings.TrimSuffix(domain, "."+string(s.domain))) // trim function domain
if ip, ok := s.subname(domain, name); ok {
if ok {
if q.Qtype == dns.TypeA && ip.IPv4.To4() != nil {
return dns.NewRR(q.Name + " 3600 IN A " + ip.IPv4.String())
}
@ -655,7 +663,7 @@ func (s *Server) subnameHandler(domain lcHostname) func(w dns.ResponseWriter, r
}
// Send an authoritative NXDOMAIN for local names:
if r.Question[0].Qtype == dns.TypePTR || !strings.Contains(strings.TrimSuffix(r.Question[0].Name, "."), ".") || strings.HasSuffix(r.Question[0].Name, ".lan.") {
if _,ok := s.getSubname(string(domain),r.Question[0].Name);r.Question[0].Qtype == dns.TypePTR || (r.Question[0].Qtype == dns.TypeCNAME && ok) || !strings.Contains(strings.TrimSuffix(r.Question[0].Name, "."), ".") || strings.HasSuffix(r.Question[0].Name, ".lan.") {
s.promInc("local", r)
m := new(dns.Msg)
m.SetReply(r)

23
internal/netconfig/netconfig.go
View File

@ -21,6 +21,7 @@ import (
"io/ioutil"
"net"
"os"
"os/exec"
"path"
"path/filepath"
"regexp"
@ -718,7 +719,7 @@ func applyFirewall(dir, ifname string) error {
nat := c.AddTable(&nftables.Table{
Family: nftables.TableFamilyIPv4,
Name: "nat",
Name: "nat-gokrazy",
})
prerouting := c.AddChain(&nftables.Chain{
@ -766,12 +767,12 @@ func applyFirewall(dir, ifname string) error {
filter4 := c.AddTable(&nftables.Table{
Family: nftables.TableFamilyIPv4,
Name: "filter",
Name: "filter-gokrazy",
})
filter6 := c.AddTable(&nftables.Table{
Family: nftables.TableFamilyIPv6,
Name: "filter",
Name: "filter-gokrazy",
})
for _, filter := range []*nftables.Table{filter4, filter6} {
@ -1005,6 +1006,22 @@ func Apply(dir, root string, firewall bool) error {
if err := applyFirewall(dir, ifname); err != nil {
appendError(fmt.Errorf("firewall: %v", err))
}
} else {
if _, err := os.Stat("/user/nft"); err == nil {
log.Println("Applying custom firewall")
cmd := &exec.Cmd{
Path: "/user/nft",
Args: []string{"/user/nft", "-f/etc/firewall.nft"},
Env: os.Environ(),
Stdout: os.Stdout,
Stderr: os.Stderr,
}
if err := cmd.Run(); err != nil {
appendError(fmt.Errorf("firewall: nft: %v", err))
}
} else {
log.Println("Firewall Disabled")
}
}
if err := applyWireGuard(dir); err != nil {