Update dependencies
This commit is contained in:
parent
ca718ec30e
commit
1d5e591805
1114
Cargo.lock
generated
1114
Cargo.lock
generated
File diff suppressed because it is too large
Load diff
14
Cargo.toml
14
Cargo.toml
|
@ -12,22 +12,22 @@ anyhow = "1.0"
|
||||||
async-fs = "1.3.0"
|
async-fs = "1.3.0"
|
||||||
async-process = "1.0.0"
|
async-process = "1.0.0"
|
||||||
async-trait = "0.1.40"
|
async-trait = "0.1.40"
|
||||||
base64 = "0.12.3"
|
base64 = "0.13.0"
|
||||||
bcrypt = "0.8.2"
|
bcrypt = "0.9.0"
|
||||||
blocking = "1.0.0"
|
blocking = "1.0.0"
|
||||||
config = { version = "0.10.1", features = ["toml"] }
|
config = { version = "0.10.1", features = ["toml"] }
|
||||||
futures-lite = "1.1.0"
|
futures-lite = "1.8.0"
|
||||||
mime = "0.3"
|
mime = "0.3"
|
||||||
once_cell = "1.4.1"
|
once_cell = "1.4.1"
|
||||||
rand = "0.7.3"
|
rand = "0.8.0"
|
||||||
regex = "1.3.9"
|
regex = "1.3.9"
|
||||||
serde = { version = "1.0", features = ["derive"] }
|
serde = { version = "1.0", features = ["derive"] }
|
||||||
serde_json = "1.0"
|
serde_json = "1.0"
|
||||||
serde_qs = "0.7"
|
serde_qs = "0.8"
|
||||||
serde_with = "1.4.0"
|
serde_with = "1.4.0"
|
||||||
sled = "0.34.3"
|
sled = "0.34.3"
|
||||||
tide = "0.13.0"
|
tide = "0.16.0"
|
||||||
|
|
||||||
[build-dependencies]
|
[build-dependencies]
|
||||||
anyhow = "1.0"
|
anyhow = "1.0"
|
||||||
ructe = { version = "0.12.0", features = ["sass", "mime03"] }
|
ructe = { version = "0.13.0", features = ["sass", "mime03"] }
|
||||||
|
|
|
@ -156,30 +156,48 @@ async fn forward(
|
||||||
|
|
||||||
pub(crate) async fn forward_postrouting(
|
pub(crate) async fn forward_postrouting(
|
||||||
proto: Proto,
|
proto: Proto,
|
||||||
|
internal_ip: Ipv4Addr,
|
||||||
|
internal_mask: u8,
|
||||||
external_ip: Ipv4Addr,
|
external_ip: Ipv4Addr,
|
||||||
external_port: u16,
|
external_port: u16,
|
||||||
destination_ip: Ipv4Addr,
|
destination_ip: Ipv4Addr,
|
||||||
) -> Result<(), anyhow::Error> {
|
) -> Result<(), anyhow::Error> {
|
||||||
forward_postrouting_snat(proto, external_ip, external_port, destination_ip, |cmd| {
|
forward_postrouting_snat(
|
||||||
cmd.arg("-I")
|
proto,
|
||||||
})
|
internal_ip,
|
||||||
|
internal_mask,
|
||||||
|
external_ip,
|
||||||
|
external_port,
|
||||||
|
destination_ip,
|
||||||
|
|cmd| cmd.arg("-I"),
|
||||||
|
)
|
||||||
.await
|
.await
|
||||||
}
|
}
|
||||||
|
|
||||||
pub(crate) async fn delete_forward_postrouting(
|
pub(crate) async fn delete_forward_postrouting(
|
||||||
proto: Proto,
|
proto: Proto,
|
||||||
|
internal_ip: Ipv4Addr,
|
||||||
|
internal_mask: u8,
|
||||||
external_ip: Ipv4Addr,
|
external_ip: Ipv4Addr,
|
||||||
external_port: u16,
|
external_port: u16,
|
||||||
destination_ip: Ipv4Addr,
|
destination_ip: Ipv4Addr,
|
||||||
) -> Result<(), anyhow::Error> {
|
) -> Result<(), anyhow::Error> {
|
||||||
forward_postrouting_snat(proto, external_ip, external_port, destination_ip, |cmd| {
|
forward_postrouting_snat(
|
||||||
cmd.arg("-D")
|
proto,
|
||||||
})
|
internal_ip,
|
||||||
|
internal_mask,
|
||||||
|
external_ip,
|
||||||
|
external_port,
|
||||||
|
destination_ip,
|
||||||
|
|cmd| cmd.arg("-D"),
|
||||||
|
)
|
||||||
.await
|
.await
|
||||||
}
|
}
|
||||||
|
|
||||||
async fn forward_postrouting_snat(
|
async fn forward_postrouting_snat(
|
||||||
proto: Proto,
|
proto: Proto,
|
||||||
|
internal_ip: Ipv4Addr,
|
||||||
|
internal_mask: u8,
|
||||||
external_ip: Ipv4Addr,
|
external_ip: Ipv4Addr,
|
||||||
external_port: u16,
|
external_port: u16,
|
||||||
destination_ip: Ipv4Addr,
|
destination_ip: Ipv4Addr,
|
||||||
|
@ -188,6 +206,8 @@ async fn forward_postrouting_snat(
|
||||||
iptables_nat(move |cmd| {
|
iptables_nat(move |cmd| {
|
||||||
func(cmd).args(&[
|
func(cmd).args(&[
|
||||||
"POSTROUTING",
|
"POSTROUTING",
|
||||||
|
"-s",
|
||||||
|
&format!("{}/{}", internal_ip, internal_mask),
|
||||||
"-d",
|
"-d",
|
||||||
&destination_ip.to_string(),
|
&destination_ip.to_string(),
|
||||||
"-p",
|
"-p",
|
||||||
|
|
|
@ -269,9 +269,9 @@ fn to_tunnels_page() -> tide::Response {
|
||||||
}
|
}
|
||||||
|
|
||||||
async fn statics(req: tide::Request<()>) -> tide::Result {
|
async fn statics(req: tide::Request<()>) -> tide::Result {
|
||||||
let file: String = req.param("file")?;
|
let file: &str = req.param("file")?;
|
||||||
|
|
||||||
if let Some(data) = StaticFile::get(&file) {
|
if let Some(data) = StaticFile::get(file) {
|
||||||
Ok(tide::Response::builder(200)
|
Ok(tide::Response::builder(200)
|
||||||
.header("Content-Type", data.mime.to_string())
|
.header("Content-Type", data.mime.to_string())
|
||||||
.body(data.content)
|
.body(data.content)
|
||||||
|
|
53
src/rules.rs
53
src/rules.rs
|
@ -64,7 +64,7 @@ pub(crate) fn read(db: &Db) -> Result<Vec<(String, Rule)>, anyhow::Error> {
|
||||||
.collect::<Result<Vec<_>, anyhow::Error>>()
|
.collect::<Result<Vec<_>, anyhow::Error>>()
|
||||||
}
|
}
|
||||||
|
|
||||||
pub(crate) async fn delete(db: &Db, rule_id: String) -> Result<Rule, anyhow::Error> {
|
pub(crate) async fn delete(db: &Db, rule_id: &str) -> Result<Rule, anyhow::Error> {
|
||||||
let tree = rules_tree(db);
|
let tree = rules_tree(db);
|
||||||
|
|
||||||
let rule = tree
|
let rule = tree
|
||||||
|
@ -109,13 +109,28 @@ pub(crate) async fn unset(interfaces: &Interfaces, rule: Rule) -> Result<(), any
|
||||||
dest_port,
|
dest_port,
|
||||||
)
|
)
|
||||||
.await?;
|
.await?;
|
||||||
iptables::delete_forward_postrouting(
|
for iface in &interfaces.internal {
|
||||||
rule.proto,
|
iptables::delete_forward_postrouting(
|
||||||
interfaces.external.ip,
|
rule.proto,
|
||||||
rule.port,
|
iface.ip,
|
||||||
dest_ip,
|
iface.mask,
|
||||||
)
|
interfaces.external.ip,
|
||||||
.await?;
|
rule.port,
|
||||||
|
dest_ip,
|
||||||
|
)
|
||||||
|
.await?;
|
||||||
|
}
|
||||||
|
for iface in &interfaces.tunnel {
|
||||||
|
iptables::delete_forward_postrouting(
|
||||||
|
rule.proto,
|
||||||
|
iface.ip,
|
||||||
|
iface.mask,
|
||||||
|
interfaces.external.ip,
|
||||||
|
rule.port,
|
||||||
|
dest_ip,
|
||||||
|
)
|
||||||
|
.await?;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -166,8 +181,28 @@ pub(crate) async fn apply(interfaces: &Interfaces, rule: Rule) -> Result<(), any
|
||||||
dest_port,
|
dest_port,
|
||||||
)
|
)
|
||||||
.await?;
|
.await?;
|
||||||
iptables::forward_postrouting(rule.proto, interfaces.external.ip, rule.port, dest_ip)
|
for iface in &interfaces.internal {
|
||||||
|
iptables::forward_postrouting(
|
||||||
|
rule.proto,
|
||||||
|
iface.ip,
|
||||||
|
iface.mask,
|
||||||
|
interfaces.external.ip,
|
||||||
|
rule.port,
|
||||||
|
dest_ip,
|
||||||
|
)
|
||||||
.await?;
|
.await?;
|
||||||
|
}
|
||||||
|
for iface in &interfaces.tunnel {
|
||||||
|
iptables::forward_postrouting(
|
||||||
|
rule.proto,
|
||||||
|
iface.ip,
|
||||||
|
iface.mask,
|
||||||
|
interfaces.external.ip,
|
||||||
|
rule.port,
|
||||||
|
dest_ip,
|
||||||
|
)
|
||||||
|
.await?;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -88,6 +88,7 @@ pub(crate) async fn create_admin(db: &Db) -> Result<(), anyhow::Error> {
|
||||||
let password = rand::thread_rng()
|
let password = rand::thread_rng()
|
||||||
.sample_iter(rand::distributions::Alphanumeric)
|
.sample_iter(rand::distributions::Alphanumeric)
|
||||||
.take(16)
|
.take(16)
|
||||||
|
.map(char::from)
|
||||||
.collect::<String>();
|
.collect::<String>();
|
||||||
if add_user(db, String::from("admin"), password.clone())
|
if add_user(db, String::from("admin"), password.clone())
|
||||||
.await
|
.await
|
||||||
|
|
|
@ -194,6 +194,10 @@ fn filter(interfaces: &Interfaces) -> String {
|
||||||
"-A FORWARD -o {tunface} -j ACCEPT\n",
|
"-A FORWARD -o {tunface} -j ACCEPT\n",
|
||||||
tunface = iface.interface,
|
tunface = iface.interface,
|
||||||
);
|
);
|
||||||
|
filter += &format!(
|
||||||
|
"-A OUTPUT -o {tunface} -j ACCEPT\n",
|
||||||
|
tunface = iface.interface,
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Accept TCP packets
|
// Accept TCP packets
|
||||||
|
|
|
@ -60,6 +60,7 @@ pub(crate) async fn add_peer(interface: &Interface, peer: &Peer) -> Result<(), a
|
||||||
let filename = rand::thread_rng()
|
let filename = rand::thread_rng()
|
||||||
.sample_iter(rand::distributions::Alphanumeric)
|
.sample_iter(rand::distributions::Alphanumeric)
|
||||||
.take(8)
|
.take(8)
|
||||||
|
.map(char::from)
|
||||||
.collect::<String>();
|
.collect::<String>();
|
||||||
|
|
||||||
let filename = format!("{}.conf", filename);
|
let filename = format!("{}.conf", filename);
|
||||||
|
|
Loading…
Reference in a new issue