Shikong/iptables-helper
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

支持自定义规则链管理

Browse Source
This commit is contained in:
zxb 2023-11-03 14:07:50 +08:00
parent 5be0be8a8d
commit dbef6669b1
5 changed files with 66 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
cmd/service/main.go
View File

@ -1,6 +1,7 @@
package service package service
import ( import (
"errors"
"github.com/fsnotify/fsnotify" "github.com/fsnotify/fsnotify"
"github.com/spf13/viper" "github.com/spf13/viper"
"iptables-helper/internel/app" "iptables-helper/internel/app"
@ -19,11 +20,10 @@ func Main() {
} }
if err := viper.ReadInConfig(); err != nil { if err := viper.ReadInConfig(); err != nil {
if _, ok := err.(viper.ConfigFileNotFoundError); ok { var configFileNotFoundError viper.ConfigFileNotFoundError
if errors.As(err, &configFileNotFoundError) {
_ = toml.GenerateConfig() _ = toml.GenerateConfig()
logger.Log().Fatalf("未找到配置文件, 已生成示例配置文件于运行路径下") logger.Log().Fatalf("未找到配置文件, 已生成示例配置文件于运行路径下")
} else {
logger.Log().Fatalf("配置解析失败 %s", err)
} }
} }

27
internel/app/app.go
View File

@ -2,13 +2,17 @@ package app
import ( import (
"encoding/json" "encoding/json"
"fmt"
"github.com/gofiber/fiber/v2" "github.com/gofiber/fiber/v2"
"github.com/spf13/viper" "github.com/spf13/viper"
globalConf "iptables-helper/internel/conf"
"iptables-helper/internel/middleware" "iptables-helper/internel/middleware"
"iptables-helper/internel/route" "iptables-helper/internel/route"
"iptables-helper/pkg/config" "iptables-helper/pkg/config"
"iptables-helper/pkg/logger" "iptables-helper/pkg/logger"
"iptables-helper/pkg/utils/command"
fib "iptables-helper/pkg/utils/fiber" fib "iptables-helper/pkg/utils/fiber"
"strings"
"time" "time"
) )
@ -29,14 +33,35 @@ func CreateApp(c *config.Conf) *fiber.App {
func Run() { func Run() {
err := viper.Unmarshal(conf) err := viper.Unmarshal(conf)
globalConf.Conf = conf
if err != nil { if err != nil {
logger.Log().Fatalf("配置文件解析失败: %s, 请检查配置是否有误", err) logger.Log().Fatalf("配置文件解析失败: %s, 请检查配置是否有误", err)
} }
Shutdown() Shutdown()
// 初始化数据源 // 初始化数据源
fib.Exec(func() { fib.Exec(func() {
InitApp(conf) InitApp(conf)
if !conf.Custom.UseCustomChain {
logger.Log().Infof("使用全局管理")
} else {
customChain := strings.TrimSpace(conf.Custom.CustomChain)
logger.Log().Infof("使用自定义链管理 (管理自定义链: %s)", customChain)
if len(customChain) > 0 {
commander := command.Commander{}
_, err := commander.ExecuteWithResult(fmt.Sprintf("sudo iptables -N %s", customChain))
if err == nil {
// 入口
commander.Execute(fmt.Sprintf("sudo iptables -A INPUT -j %s", customChain))
// 出口
commander.Execute(fmt.Sprintf("sudo iptables -A OUTPUT -j %s", customChain))
// 转发
commander.Execute(fmt.Sprintf("sudo iptables -A FORWARD -j %s", customChain))
}
} else {
logger.Log().Fatal("防火墙配置失败: 自定义链名称不能为空")
}
}
}) })
// 创建 fiber 服务器 // 创建 fiber 服务器

5
internel/conf/conf.go Normal file
View File

@ -0,0 +1,5 @@
package conf
import "iptables-helper/pkg/config"
var Conf = new(config.Conf)

22
internel/controller/controller.go
View File

@ -3,6 +3,7 @@ package controller
import ( import (
"github.com/gofiber/fiber/v2" "github.com/gofiber/fiber/v2"
"github.com/shirou/gopsutil/net" "github.com/shirou/gopsutil/net"
"iptables-helper/internel/conf"
response "iptables-helper/pkg/resp" response "iptables-helper/pkg/resp"
"iptables-helper/pkg/resp/errorx" "iptables-helper/pkg/resp/errorx"
"iptables-helper/pkg/utils/command" "iptables-helper/pkg/utils/command"
@ -30,7 +31,26 @@ func getRuleInfo(api fiber.Router) {
api.Get("/info", func(ctx *fiber.Ctx) error { api.Get("/info", func(ctx *fiber.Ctx) error {
cmder := command.Commander{} cmder := command.Commander{}
result, _ := cmder.ExecuteWithResult("sudo iptables -S") result, _ := cmder.ExecuteWithResult("sudo iptables -S")
return ctx.JSON(response.NewResponse(iptables.Parse(result))) data := iptables.Parse(result)
if conf.Conf.Custom.UseCustomChain {
chains := make([]iptables.Chain, 0)
for _, chain := range data.Chains {
if string(chain) == conf.Conf.Custom.CustomChain {
chains = append(chains, chain)
break
}
}
data.Chains = chains
rules := make([]iptables.Rule, 0)
for _, rule := range data.Rules {
if string(rule.Chain) == conf.Conf.Custom.CustomChain {
rules = append(rules, rule)
}
}
data.Rules = rules
}
return ctx.JSON(response.NewResponse(data))
}) })
} }

12
pkg/config/config.go
View File

@ -1,7 +1,8 @@
package config package config
type Conf struct { type Conf struct {
Server *ServerConfig `comment:"服务器配置"` Server *ServerConfig `comment:"服务器配置"`
Custom *CustomFireWallConfig `comment:"自定义配置"`
} }
type ServerConfig struct { type ServerConfig struct {
@ -17,6 +18,11 @@ type ServerConfig struct {
EnableSwag bool `yaml:"enableSwag" comment:"是否启用 swag 访问路径: /swagger"` EnableSwag bool `yaml:"enableSwag" comment:"是否启用 swag 访问路径: /swagger"`
} }
type CustomFireWallConfig struct {
UseCustomChain bool `yaml:"useCustomChain" comment:"是否只使用某个自定义规则链进行管理, 否则管理所有规则链, 是则只管理指定的链"`
CustomChain string `yaml:"customChain" comment:"自定义规则链名称"`
}
func DefaultConfig() *Conf { func DefaultConfig() *Conf {
return &Conf{ return &Conf{
Server: &ServerConfig{ Server: &ServerConfig{
@ -27,5 +33,9 @@ func DefaultConfig() *Conf {
ServerHeader: "SkServer", ServerHeader: "SkServer",
EnableRoutesMsg: false, EnableRoutesMsg: false,
}, },
Custom: &CustomFireWallConfig{
UseCustomChain: false,
CustomChain: "",
},
} }
} }