glider/ipset/ipset_linux.go

package ipset

import (
	"errors"
	"strings"
	"sync"

	"github.com/nadoo/ipset"

	"github.com/nadoo/glider/rule"
)

// Manager struct.
type Manager struct {
	domainSet sync.Map
}

// NewManager returns a Manager
func NewManager(rules []*rule.Config) (*Manager, error) {
	if err := ipset.Init(); err != nil {
		return nil, err
	}

	// create ipset, avoid redundant.
	sets := make(map[string]struct{})
	for _, r := range rules {
		if r.IPSet != "" {
			sets[r.IPSet] = struct{}{}
		}
	}

	for set := range sets {
		ipset.Create(set)
		ipset.Flush(set)
	}

	// init ipset
	m := &Manager{}
	for _, r := range rules {
		if r.IPSet != "" {
			for _, domain := range r.Domain {
				m.domainSet.Store(domain, r.IPSet)
			}
			for _, ip := range r.IP {
				ipset.Add(r.IPSet, ip)
			}
			for _, cidr := range r.CIDR {
				ipset.Add(r.IPSet, cidr)
			}
		}
	}

	return m, nil
}

// AddDomainIP implements the dns AnswerHandler function, used to update ipset according to domainSet rule.
func (m *Manager) AddDomainIP(domain, ip string) error {
	if domain == "" || ip == "" {
		return errors.New("please specify the domain and ip address")
	}

	domain = strings.ToLower(domain)
	for i := len(domain); i != -1; {
		i = strings.LastIndexByte(domain[:i], '.')
		if setName, ok := m.domainSet.Load(domain[i+1:]); ok {
			ipset.Add(setName.(string), ip)
		}
	}

	return nil
}
ipset: move to separate package 2018-08-13 00:42:59 +08:00			`package ipset`
ipset: add ipset management. REQUIRE CAP_NET_ADMIN capability. 2017-08-28 19:23:32 +08:00
			`import (`
ipset: add missing package 2020-04-06 23:37:36 +08:00			`"errors"`
ipset: add ipset management. REQUIRE CAP_NET_ADMIN capability. 2017-08-28 19:23:32 +08:00			`"strings"`
			`"sync"`

doc: fix typo 2020-09-27 00:08:16 +08:00			`"github.com/nadoo/ipset"`
config: better naming and some minor optimizations 2020-09-26 23:34:26 +08:00
doc: fix typo 2020-09-27 00:08:16 +08:00			`"github.com/nadoo/glider/rule"`
general: tidy code 2018-06-28 09:49:23 +08:00			`)`
ipset: add ipset management. REQUIRE CAP_NET_ADMIN capability. 2017-08-28 19:23:32 +08:00
ipset: use github.com/nadoo/ipset package 2020-09-25 11:04:13 +08:00			`// Manager struct.`
strategy: experimental latency based high availability mode supported 2018-08-14 19:33:18 +08:00			`type Manager struct {`
ipset: add ipset management. REQUIRE CAP_NET_ADMIN capability. 2017-08-28 19:23:32 +08:00			`domainSet sync.Map`
			`}`

strategy: experimental latency based high availability mode supported 2018-08-14 19:33:18 +08:00			`// NewManager returns a Manager`
ipset: only allow to set ipset in rule files #69 2018-11-27 23:25:20 +08:00			`func NewManager(rules []rule.Config) (Manager, error) {`
doc: fix typo 2020-09-27 00:08:16 +08:00			`if err := ipset.Init(); err != nil {`
ipset: add ipset management. REQUIRE CAP_NET_ADMIN capability. 2017-08-28 19:23:32 +08:00			`return nil, err`
			`}`
ipset: 1. ipset flush; 2. ipset in main config 2017-08-29 18:36:42 +08:00
general: optimize memory allocations 2020-08-26 19:21:35 +08:00			`// create ipset, avoid redundant.`
			`sets := make(map[string]struct{})`
ipset: add ipset management. REQUIRE CAP_NET_ADMIN capability. 2017-08-28 19:23:32 +08:00			`for _, r := range rules {`
ipset: only allow to set ipset in rule files #69 2018-11-27 23:25:20 +08:00			`if r.IPSet != "" {`
general: optimize memory allocations 2020-08-26 19:21:35 +08:00			`sets[r.IPSet] = struct{}{}`
ipset: add ipset management. REQUIRE CAP_NET_ADMIN capability. 2017-08-28 19:23:32 +08:00			`}`
ipset: only allow to set ipset in rule files #69 2018-11-27 23:25:20 +08:00			`}`
ipset: add ipset management. REQUIRE CAP_NET_ADMIN capability. 2017-08-28 19:23:32 +08:00
general: optimize memory allocations 2020-08-26 19:21:35 +08:00			`for set := range sets {`
doc: fix typo 2020-09-27 00:08:16 +08:00			`ipset.Create(set)`
			`ipset.Flush(set)`
general: optimize memory allocations 2020-08-26 19:21:35 +08:00			`}`

ipset: only allow to set ipset in rule files #69 2018-11-27 23:25:20 +08:00			`// init ipset`
ipset: use github.com/nadoo/ipset package 2020-09-25 11:04:13 +08:00			`m := &Manager{}`
ipset: only allow to set ipset in rule files #69 2018-11-27 23:25:20 +08:00			`for _, r := range rules {`
			`if r.IPSet != "" {`
			`for _, domain := range r.Domain {`
			`m.domainSet.Store(domain, r.IPSet)`
			`}`
			`for _, ip := range r.IP {`
doc: fix typo 2020-09-27 00:08:16 +08:00			`ipset.Add(r.IPSet, ip)`
ipset: only allow to set ipset in rule files #69 2018-11-27 23:25:20 +08:00			`}`
			`for _, cidr := range r.CIDR {`
doc: fix typo 2020-09-27 00:08:16 +08:00			`ipset.Add(r.IPSet, cidr)`
ipset: only allow to set ipset in rule files #69 2018-11-27 23:25:20 +08:00			`}`
ipset: 1. ipset flush; 2. ipset in main config 2017-08-29 18:36:42 +08:00			`}`
ipset: add ipset management. REQUIRE CAP_NET_ADMIN capability. 2017-08-28 19:23:32 +08:00			`}`

ipset: 1. ipset flush; 2. ipset in main config 2017-08-29 18:36:42 +08:00			`return m, nil`
ipset: add ipset management. REQUIRE CAP_NET_ADMIN capability. 2017-08-28 19:23:32 +08:00			`}`

ipset: use github.com/nadoo/ipset package 2020-09-25 11:04:13 +08:00			`// AddDomainIP implements the dns AnswerHandler function, used to update ipset according to domainSet rule.`
strategy: experimental latency based high availability mode supported 2018-08-14 19:33:18 +08:00			`func (m *Manager) AddDomainIP(domain, ip string) error {`
general: minor changes in github actions and codes 2020-04-06 23:33:23 +08:00			`if domain == "" \|\| ip == "" {`
			`return errors.New("please specify the domain and ip address")`
			`}`
ipset: use github.com/nadoo/ipset package 2020-09-25 11:04:13 +08:00
general: optimize domain parts operations 2020-08-16 12:00:46 +08:00			`domain = strings.ToLower(domain)`
			`for i := len(domain); i != -1; {`
			`i = strings.LastIndexByte(domain[:i], '.')`
doc: fix typo 2020-09-27 00:08:16 +08:00			`if setName, ok := m.domainSet.Load(domain[i+1:]); ok {`
			`ipset.Add(setName.(string), ip)`
ipset: add ipset management. REQUIRE CAP_NET_ADMIN capability. 2017-08-28 19:23:32 +08:00			`}`
			`}`

ipset: use github.com/nadoo/ipset package 2020-09-25 11:04:13 +08:00			`return nil`
ipset: add ipset management. REQUIRE CAP_NET_ADMIN capability. 2017-08-28 19:23:32 +08:00			`}`