Skip to content
Snippets Groups Projects
Unverified Commit 52206cc7 authored by Kali Kaneko's avatar Kali Kaneko
Browse files

[feat] udp nameservers

parent 0419a178
No related branches found
No related tags found
No related merge requests found
......@@ -29,11 +29,11 @@ package helper
import (
"errors"
"fmt"
"path/filepath"
"log"
"os"
"os/exec"
"path"
"path/filepath"
"strconv"
"strings"
......@@ -43,8 +43,8 @@ import (
const (
bitmask_anchor = "com.apple/250.BitmaskFirewall"
gateways_table = "bitmask_gateways"
pfctl = "/sbin/pfctl"
LogFolder = "/var/log/"
pfctl = "/sbin/pfctl"
LogFolder = "/var/log/"
)
func _getExecPath() string {
......@@ -119,9 +119,9 @@ func kill(cmd *exec.Cmd) error {
return nil
}
func firewallStart(gateways []string) error {
func firewallStart(gateways []string, mode string) error {
enablePf()
err := resetGatewaysTable(gateways)
err := resetGatewaysTable(gateways, mode)
if err != nil {
return err
}
......@@ -155,7 +155,7 @@ func enablePf() {
cmd.Run()
}
func resetGatewaysTable(gateways []string) error {
func resetGatewaysTable(gateways []string, mode string) error {
log.Println("Resetting gateways")
cmd := exec.Command(pfctl, "-a", bitmask_anchor, "-t", gateways_table, "-T", "delete")
err := cmd.Run()
......@@ -172,6 +172,11 @@ func resetGatewaysTable(gateways []string) error {
}
}
nameserver := nameserverTCP
if mode == "udp" {
nameserver = nameserverUDP
}
cmd = exec.Command(pfctl, "-a", bitmask_anchor, "-t", gateways_table, "-T", "add", nameserver)
return cmd.Run()
......
......@@ -122,6 +122,12 @@ func (openvpn *openvpnT) kill() error {
}
func firewallStartHandler(w http.ResponseWriter, r *http.Request) {
mode := "tcp"
query := r.URL.Query()
udp, udpParam := query["udp"]
if udpParam && len(udp) == 1 && udp[0] == "1" {
mode = "udp"
}
gateways, err := getArgs(r)
if err != nil {
log.Printf("An error has occurred processing gateways: %v", err)
......@@ -135,7 +141,7 @@ func firewallStartHandler(w http.ResponseWriter, r *http.Request) {
}
}
err = firewallStart(gateways)
err = firewallStart(gateways, mode)
if err != nil {
log.Printf("Error starting firewall: %v", err)
w.Write([]byte(err.Error()))
......
......@@ -33,7 +33,7 @@ const (
)
var (
snapOpenvpnPath = "/snap/bin/" + config.BinaryName + ".openvpn"
snapOpenvpnPath = "/snap/bin/" + config.BinaryName + ".openvpn"
)
func getPlatformOpenvpnFlags() []string {
......@@ -68,7 +68,7 @@ func kill(cmd *exec.Cmd) error {
return cmd.Process.Signal(os.Interrupt)
}
func firewallStart(gateways []string) error {
func firewallStart(gateways []string, mode string) error {
log.Println("Start firewall: do nothing, not implemented")
return nil
}
......
......@@ -21,25 +21,23 @@ import (
"log"
"os"
"os/exec"
"path"
"strconv"
"strings"
"path"
"golang.org/x/sys/windows"
"golang.org/x/sys/windows/svc"
)
var (
svcName = BinaryName + `-helper-v2`
svcName = BinaryName + `-helper-v2`
// XXX this is set to c:\WINDOWS\system32 on initialization. Do not use it, use a function call instead.
appPath = getExecDir()
LogFolder = getExecDir()
openvpnPath = path.Join(appPath, "openvpn.exe")
chocoOpenvpnPath = `C:\Program Files\OpenVPN\bin\openvpn.exe`
httpServerConf = &httpConf{}
httpServerConf = &httpConf{}
)
func getPlatformOpenvpnFlags() []string {
......@@ -63,7 +61,6 @@ type httpConf struct {
BindAddr string
}
// parseCliArgs allows the helper binary to install/uninstall itself. It requires admin privileges.
// However, be warned: if you intend to use it from the command line, you will have to compile it with the Go compiler yourself.
// the version we're shipping (ie, cross-compiled with the mingw compiler) apparently is not able to output to stdout/stderr properly.
......@@ -154,7 +151,7 @@ func kill(cmd *exec.Cmd) error {
return cmd.Process.Kill()
}
func firewallStart(gateways []string) error {
func firewallStart(gateways []string, mode string) error {
log.Println("Start firewall: do nothing, not implemented")
return nil
}
......
......@@ -24,6 +24,7 @@ import (
"io/ioutil"
"log"
"net/http"
"os"
"strconv"
"strings"
"time"
......@@ -115,7 +116,11 @@ func (l *launcher) firewallStart(gateways []bonafide.Gateway) error {
if err != nil {
return err
}
return l.send("/firewall/start", byteIPs)
uri := "/firewall/start"
if os.Getenv("UDP") == "1" {
uri = uri + "?udp=1"
}
return l.send(uri, byteIPs)
}
func (l *launcher) firewallStop() error {
......
......@@ -155,6 +155,11 @@ func (b *Bitmask) startOpenVPN() error {
if err != nil {
return err
}
if b.udp {
os.Setenv("UDP", "1")
} else {
os.Setenv("UDP", "0")
}
err = b.launch.firewallStart(gateways)
if err != nil {
return err
......@@ -164,10 +169,8 @@ func (b *Bitmask) startOpenVPN() error {
for _, port := range gw.Ports {
if port != "53" {
if b.udp {
os.Setenv("UDP", "1")
arg = append(arg, "--remote", gw.IPAddress, port, "udp4")
} else {
os.Setenv("UDP", "0")
arg = append(arg, "--remote", gw.IPAddress, port, "tcp4")
}
}
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment