dsnet/up.go

package dsnet

import (
	"net"

	"github.com/vishvananda/netlink"
)

func Up() {
	conf := MustLoadDsnetConfig()
	CreateLink(conf)
	ConfigureDevice(conf)
	RunPostUp(conf)
}

func RunPostUp(conf *DsnetConfig) {
	ShellOut(conf.PostUp, "PostUp")
}

// CreateLink sets up the WG interface and link with the correct
// address
func CreateLink(conf *DsnetConfig) {
	linkAttrs := netlink.NewLinkAttrs()
	linkAttrs.Name = conf.InterfaceName

	link := &netlink.GenericLink{
		LinkAttrs: linkAttrs,
		LinkType:  "wireguard",
	}

	err := netlink.LinkAdd(link)
	if err != nil {
		ExitFail("Could not add interface '%s' (%v)", conf.InterfaceName, err)
	}

	if conf.IP != nil {
		addr := &netlink.Addr{
			IPNet: &net.IPNet{
				IP:   conf.IP,
				Mask: conf.Network.IPNet.Mask,
			},
		}

		err = netlink.AddrAdd(link, addr)
		if err != nil {
			ExitFail("Could not add ipv4 addr %s to interface %s", addr.IP, err)
		}
	}

	if conf.IP6 != nil {
		addr6 := &netlink.Addr{
			IPNet: &net.IPNet{
				IP:   conf.IP6,
				Mask: conf.Network6.IPNet.Mask,
			},
		}

		err = netlink.AddrAdd(link, addr6)
		if err != nil {
			ExitFail("Could not add ipv6 addr %s to interface %s", addr6.IP, err)
		}
	}

	// bring up interface (UNKNOWN state instead of UP, a wireguard quirk)
	err = netlink.LinkSetUp(link)

	if err != nil {
		ExitFail("Could not bring up device '%s' (%v)", conf.InterfaceName, err)
	}
}
start attempt at interface creation 2020-03-04 20:38:48 +01:00			`package dsnet`

			`import (`
			`"net"`

			`"github.com/vishvananda/netlink"`
			`)`

			`func Up() {`
			`conf := MustLoadDsnetConfig()`
separate link creation / device configuration 2020-03-04 23:01:30 +01:00			`CreateLink(conf)`
			`ConfigureDevice(conf)`
Implements PostUp and PostDown commands using `/bin/sh` This introduces PostUp and PostDown in dsnet. PostUp and PostDown allow the user to run arbitrary commands after the device is up or down. These are typically used to change the firewall rules via iptables. A working example would be ... "PostUp" : "iptables -A FORWARD -i dsnet -j ACCEPT; iptables -A FORWARD -o dsnet -j ACCEPT; iptables -t nat -A POSTROUTING -o ens2 -j MASQUERADE ", "PostDown" : "iptables -D FORWARD -i dsnet -j ACCEPT; iptables -D FORWARD -o dsnet -j ACCEPT; iptables -t nat -D POSTROUTING -o ens2 -j MASQUERADE ", ... All commands are executed by `/bin/sh` and no filtering or sandboxing is applied. Users of this should know what they are doing. Fixes https://github.com/naggie/dsnet/issues/16 2020-11-18 23:37:32 +01:00			`RunPostUp(conf)`
			`}`

			`func RunPostUp(conf *DsnetConfig) {`
			`ShellOut(conf.PostUp, "PostUp")`
start attempt at interface creation 2020-03-04 20:38:48 +01:00			`}`

Set ip if configured, otherwise just bring up link 2020-12-20 16:27:02 +01:00			`// CreateLink sets up the WG interface and link with the correct`
			`// address`
separate link creation / device configuration 2020-03-04 23:01:30 +01:00			`func CreateLink(conf *DsnetConfig) {`
start attempt at interface creation 2020-03-04 20:38:48 +01:00			`linkAttrs := netlink.NewLinkAttrs()`
			`linkAttrs.Name = conf.InterfaceName`

add dead codde to bring up iface 2020-03-04 20:56:57 +01:00			`link := &netlink.GenericLink{`
start attempt at interface creation 2020-03-04 20:38:48 +01:00			`LinkAttrs: linkAttrs,`
			`LinkType: "wireguard",`
			`}`

add dead codde to bring up iface 2020-03-04 20:56:57 +01:00			`err := netlink.LinkAdd(link)`
start attempt at interface creation 2020-03-04 20:38:48 +01:00			`if err != nil {`
also bring iface up 2020-03-04 22:09:12 +01:00			`ExitFail("Could not add interface '%s' (%v)", conf.InterfaceName, err)`
start attempt at interface creation 2020-03-04 20:38:48 +01:00			`}`

Set ip if configured, otherwise just bring up link 2020-12-20 16:27:02 +01:00			`if conf.IP != nil {`
			`addr := &netlink.Addr{`
			`IPNet: &net.IPNet{`
			`IP: conf.IP,`
			`Mask: conf.Network.IPNet.Mask,`
			`},`
			`}`
start attempt at interface creation 2020-03-04 20:38:48 +01:00
Set ip if configured, otherwise just bring up link 2020-12-20 16:27:02 +01:00			`err = netlink.AddrAdd(link, addr)`
			`if err != nil {`
			`ExitFail("Could not add ipv4 addr %s to interface %s", addr.IP, err)`
			`}`
start attempt at interface creation 2020-03-04 20:38:48 +01:00			`}`

Set ip if configured, otherwise just bring up link 2020-12-20 16:27:02 +01:00			`if conf.IP6 != nil {`
			`addr6 := &netlink.Addr{`
			`IPNet: &net.IPNet{`
			`IP: conf.IP6,`
			`Mask: conf.Network6.IPNet.Mask,`
			`},`
			`}`
add IPv6 to interface 2020-10-30 13:34:35 +01:00
Set ip if configured, otherwise just bring up link 2020-12-20 16:27:02 +01:00			`err = netlink.AddrAdd(link, addr6)`
			`if err != nil {`
			`ExitFail("Could not add ipv6 addr %s to interface %s", addr6.IP, err)`
			`}`
add IPv6 to interface 2020-10-30 13:34:35 +01:00			`}`

separate link creation / device configuration 2020-03-04 23:01:30 +01:00			`// bring up interface (UNKNOWN state instead of UP, a wireguard quirk)`
			`err = netlink.LinkSetUp(link)`
check error in correct place 2020-03-04 23:04:13 +01:00
			`if err != nil {`
			`ExitFail("Could not bring up device '%s' (%v)", conf.InterfaceName, err)`
			`}`
separate link creation / device configuration 2020-03-04 23:01:30 +01:00			`}`