From a64ec2b5db33a4f1269ba5032c897beb8a0ebe6e Mon Sep 17 00:00:00 2001 From: Ruakij Date: Tue, 11 Apr 2023 10:34:07 +0200 Subject: [PATCH 1/5] Add documentation for Filter-prefix env-var --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 8111478..530cf9a 100644 --- a/README.md +++ b/README.md @@ -51,6 +51,7 @@ Variable|Description|Default -|-|- `INTERFACE`* | Wireguard-Interface Name | `IPV6_FORMAT` | Format to use for converting v4 to v6
The CIDR-Mask gets translated using 128 - 24 - Mask
e.g. `10.0.100.5/16` -> `fc12::0a00:6405/96` | `fc12::%02x%02x:%02x%02x/%d` +`FILTER_PREFIX` | Prefix to filter for IP-Networks | `100.100` `RECHECK_INTERVAL` | Interval in seconds to recheck AllowedIPs entries in case something changed | 300 *\* Required* From abe3d0dc3356824285ad424a45f3f295da73ee7b Mon Sep 17 00:00:00 2001 From: Ruakij Date: Tue, 11 Apr 2023 10:38:38 +0200 Subject: [PATCH 2/5] Change recheck-interval to go-time-format --- README.md | 2 +- cmd/app/main.go | 8 +++----- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 530cf9a..69ceda9 100644 --- a/README.md +++ b/README.md @@ -52,7 +52,7 @@ Variable|Description|Default `INTERFACE`* | Wireguard-Interface Name | `IPV6_FORMAT` | Format to use for converting v4 to v6
The CIDR-Mask gets translated using 128 - 24 - Mask
e.g. `10.0.100.5/16` -> `fc12::0a00:6405/96` | `fc12::%02x%02x:%02x%02x/%d` `FILTER_PREFIX` | Prefix to filter for IP-Networks | `100.100` -`RECHECK_INTERVAL` | Interval in seconds to recheck AllowedIPs entries in case something changed | 300 +`RECHECK_INTERVAL` | Interval in go-time-format to recheck AllowedIPs entries in case something changed | 5m *\* Required* diff --git a/cmd/app/main.go b/cmd/app/main.go index 0e94083..1482fdd 100644 --- a/cmd/app/main.go +++ b/cmd/app/main.go @@ -4,7 +4,6 @@ import ( "fmt" "net" "os" - "strconv" "time" envChecks "git.ruekov.eu/ruakij/routingtabletowg/lib/environmentchecks" @@ -21,7 +20,7 @@ var envRequired = []string{ var envDefaults = map[string]string{ "IPV6_FORMAT": "fc12::%02x%02x:%02x%02x/%d", "FILTER_PREFIX": "100.100", - "RECHECK_INTERVAL": "300", + "RECHECK_INTERVAL": "5m", } func main() { @@ -49,11 +48,10 @@ func main() { filterPrefix := os.Getenv("FILTER_PREFIX") checkIntervalStr := os.Getenv("RECHECK_INTERVAL") - checkIntervalSec, err := strconv.Atoi(checkIntervalStr) + checkInterval, err := time.ParseDuration(checkIntervalStr) if err != nil { - logger.Error.Fatalf("Couldn't read RECHECK_INTERVAL '%s': %s", checkIntervalStr, err) + logger.Error.Fatalf("Couldn't parse RECHECK_INTERVAL '%s': %s", checkIntervalStr, err) } - checkInterval := time.Second * time.Duration(checkIntervalSec) // Get the IPv4 address of the interface addrs, err := netlink.AddrList(netInterface, netlink.FAMILY_V4) From 71de2d376c8244531110deb683ac182cb9971383 Mon Sep 17 00:00:00 2001 From: Ruakij Date: Tue, 11 Apr 2023 11:10:48 +0200 Subject: [PATCH 3/5] Make no ipv4-addr on iface warn instead of error --- cmd/app/main.go | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/cmd/app/main.go b/cmd/app/main.go index 1482fdd..aaa9e08 100644 --- a/cmd/app/main.go +++ b/cmd/app/main.go @@ -59,23 +59,23 @@ func main() { logger.Error.Fatal(err) } if(len(addrs) == 0){ - logger.Error.Fatal("Interface doesnt have IPv4-Adresses") - } - - // Add the IPv6 address to the interface - ipv6Str := *convertIPv4ToIPv6(&ipv6Format, addrs[0].IPNet) - ipv6, err := netlink.ParseAddr(ipv6Str) - if err != nil { - logger.Error.Fatal(err) - } - logger.Info.Printf("Adding converted %s -> %s to interface", addrs[0].IPNet.String(), ipv6Str) - err = netlink.AddrAdd(netInterface, ipv6) - if err != nil { - switch { - case os.IsExist(err): - logger.Warn.Println("Address is already set on interface") - default: - logger.Error.Fatalf("Failed to set address on interface: %v", err) + logger.Warn.Println("Interface doesnt have IPv4-Adresses") + } else { + // Add the IPv6 address to the interface + ipv6Str := *convertIPv4ToIPv6(&ipv6Format, addrs[0].IPNet) + ipv6, err := netlink.ParseAddr(ipv6Str) + if err != nil { + logger.Error.Fatal(err) + } + logger.Info.Printf("Adding converted %s -> %s to interface", addrs[0].IPNet.String(), ipv6Str) + err = netlink.AddrAdd(netInterface, ipv6) + if err != nil { + switch { + case os.IsExist(err): + logger.Warn.Println("Address is already set on interface") + default: + logger.Error.Fatalf("Failed to set address on interface: %v", err) + } } } From ca1b66dc994cd731156a53bdbd6aaa8e4914e384 Mon Sep 17 00:00:00 2001 From: Ruakij Date: Tue, 11 Apr 2023 11:33:10 +0200 Subject: [PATCH 4/5] Process all IPv4-Addresses on interface --- cmd/app/main.go | 26 +++++++++++++++++++------- 1 file changed, 19 insertions(+), 7 deletions(-) diff --git a/cmd/app/main.go b/cmd/app/main.go index aaa9e08..cde099d 100644 --- a/cmd/app/main.go +++ b/cmd/app/main.go @@ -58,25 +58,37 @@ func main() { if err != nil { logger.Error.Fatal(err) } - if(len(addrs) == 0){ - logger.Warn.Println("Interface doesnt have IPv4-Adresses") - } else { + processedCount := 0 + filteredCount := 0 + for _, addr := range addrs { + // Check filter + if addr.String()[:len(filterPrefix)] != filterPrefix { + filteredCount++ + continue + } + // Add the IPv6 address to the interface - ipv6Str := *convertIPv4ToIPv6(&ipv6Format, addrs[0].IPNet) + ipv6Str := *convertIPv4ToIPv6(&ipv6Format, addr.IPNet) ipv6, err := netlink.ParseAddr(ipv6Str) if err != nil { - logger.Error.Fatal(err) + logger.Warn.Printf("failed parsing converted %s -> %s : %s", addr.IPNet.String(), ipv6Str, err) + continue } - logger.Info.Printf("Adding converted %s -> %s to interface", addrs[0].IPNet.String(), ipv6Str) + + logger.Info.Printf("Adding converted %s -> %s to interface", addr.IPNet.String(), ipv6Str) err = netlink.AddrAdd(netInterface, ipv6) if err != nil { switch { case os.IsExist(err): logger.Warn.Println("Address is already set on interface") default: - logger.Error.Fatalf("Failed to set address on interface: %v", err) + logger.Warn.Printf("Failed to set address on interface: %v", err) } } + processedCount++ + } + if(processedCount != len(addrs)) { + logger.Warn.Printf("Not all Interface-Addresses were processed. Summary: %d processed, %d filtered, %d failed", processedCount, filteredCount, len(addrs)-processedCount-filteredCount) } // Create a WireGuard client From 34bfe19158c22633d273d9e4399436c4dd94a4e3 Mon Sep 17 00:00:00 2001 From: Ruakij Date: Tue, 11 Apr 2023 11:36:49 +0200 Subject: [PATCH 5/5] Add build-scripts with docker --- build/Dockerfile | 13 +++++++++++++ build/build-multiarch.sh | 9 +++++++++ build/build-ownarch.sh | 7 +++++++ 3 files changed, 29 insertions(+) create mode 100644 build/Dockerfile create mode 100755 build/build-multiarch.sh create mode 100755 build/build-ownarch.sh diff --git a/build/Dockerfile b/build/Dockerfile new file mode 100644 index 0000000..1b1762c --- /dev/null +++ b/build/Dockerfile @@ -0,0 +1,13 @@ +# ---- Build ---- +FROM golang:1.19-alpine AS build +WORKDIR /build +# Copy sources +ADD . . +# Get dependencies +RUN go get ./cmd/app +# Compile +RUN CGO_ENABLED=0 go build -a -o app ./cmd/app + +# ---- Output ---- +FROM scratch AS export-stage +COPY --from=build /build/app . diff --git a/build/build-multiarch.sh b/build/build-multiarch.sh new file mode 100755 index 0000000..2cf8691 --- /dev/null +++ b/build/build-multiarch.sh @@ -0,0 +1,9 @@ +PLATFORM="linux/amd64,linux/arm64/v8,linux/arm/v7" +EXTRA_ARGS="$@" + +docker buildx build \ + --platform $PLATFORM \ + -f $(dirname $0)/Dockerfile \ + --output out \ + $EXTRA_ARGS \ + . diff --git a/build/build-ownarch.sh b/build/build-ownarch.sh new file mode 100755 index 0000000..dff75fc --- /dev/null +++ b/build/build-ownarch.sh @@ -0,0 +1,7 @@ +EXTRA_ARGS="$@" + +docker build \ + -f $(dirname $0)/Dockerfile \ + --output out \ + $EXTRA_ARGS \ + .