asonix/router
1
0
Fork 0
Code Issues Pull requests Projects Releases 2 Wiki Activity

Update dependencies

Browse source
This commit is contained in:
asonix 2021-02-07 17:10:36 -06:00
parent ca718ec30e
commit 1d5e591805
8 changed files with 734 additions and 489 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1114
Cargo.lock generated
View file

File diff suppressed because it is too large Load diff

14
Cargo.toml
View file

@ -12,22 +12,22 @@ anyhow = "1.0"
async-fs = "1.3.0" async-fs = "1.3.0"
async-process = "1.0.0" async-process = "1.0.0"
async-trait = "0.1.40" async-trait = "0.1.40"
base64 = "0.12.3" base64 = "0.13.0"
bcrypt = "0.8.2" bcrypt = "0.9.0"
blocking = "1.0.0" blocking = "1.0.0"
config = { version = "0.10.1", features = ["toml"] } config = { version = "0.10.1", features = ["toml"] }
futures-lite = "1.1.0" futures-lite = "1.8.0"
mime = "0.3" mime = "0.3"
once_cell = "1.4.1" once_cell = "1.4.1"
rand = "0.7.3" rand = "0.8.0"
regex = "1.3.9" regex = "1.3.9"
serde = { version = "1.0", features = ["derive"] } serde = { version = "1.0", features = ["derive"] }
serde_json = "1.0" serde_json = "1.0"
serde_qs = "0.7" serde_qs = "0.8"
serde_with = "1.4.0" serde_with = "1.4.0"
sled = "0.34.3" sled = "0.34.3"
tide = "0.13.0" tide = "0.16.0"
[build-dependencies] [build-dependencies]
anyhow = "1.0" anyhow = "1.0"
ructe = { version = "0.12.0", features = ["sass", "mime03"] } ructe = { version = "0.13.0", features = ["sass", "mime03"] }

32
src/iptables.rs
View file

@ -156,30 +156,48 @@ async fn forward(
pub(crate) async fn forward_postrouting( pub(crate) async fn forward_postrouting(
proto: Proto, proto: Proto,
internal_ip: Ipv4Addr,
internal_mask: u8,
external_ip: Ipv4Addr, external_ip: Ipv4Addr,
external_port: u16, external_port: u16,
destination_ip: Ipv4Addr, destination_ip: Ipv4Addr,
) -> Result<(), anyhow::Error> { ) -> Result<(), anyhow::Error> {
forward_postrouting_snat(proto, external_ip, external_port, destination_ip, |cmd| { forward_postrouting_snat(
cmd.arg("-I") proto,
}) internal_ip,
internal_mask,
external_ip,
external_port,
destination_ip,
|cmd| cmd.arg("-I"),
)
.await .await
} }
pub(crate) async fn delete_forward_postrouting( pub(crate) async fn delete_forward_postrouting(
proto: Proto, proto: Proto,
internal_ip: Ipv4Addr,
internal_mask: u8,
external_ip: Ipv4Addr, external_ip: Ipv4Addr,
external_port: u16, external_port: u16,
destination_ip: Ipv4Addr, destination_ip: Ipv4Addr,
) -> Result<(), anyhow::Error> { ) -> Result<(), anyhow::Error> {
forward_postrouting_snat(proto, external_ip, external_port, destination_ip, |cmd| { forward_postrouting_snat(
cmd.arg("-D") proto,
}) internal_ip,
internal_mask,
external_ip,
external_port,
destination_ip,
|cmd| cmd.arg("-D"),
)
.await .await
} }
async fn forward_postrouting_snat( async fn forward_postrouting_snat(
proto: Proto, proto: Proto,
internal_ip: Ipv4Addr,
internal_mask: u8,
external_ip: Ipv4Addr, external_ip: Ipv4Addr,
external_port: u16, external_port: u16,
destination_ip: Ipv4Addr, destination_ip: Ipv4Addr,
@ -188,6 +206,8 @@ async fn forward_postrouting_snat(
iptables_nat(move |cmd| { iptables_nat(move |cmd| {
func(cmd).args(&[ func(cmd).args(&[
"POSTROUTING", "POSTROUTING",
"-s",
&format!("{}/{}", internal_ip, internal_mask),
"-d", "-d",
&destination_ip.to_string(), &destination_ip.to_string(),
"-p", "-p",

4
src/main.rs
View file

@ -269,9 +269,9 @@ fn to_tunnels_page() -> tide::Response {
} }
async fn statics(req: tide::Request<()>) -> tide::Result { async fn statics(req: tide::Request<()>) -> tide::Result {
let file: String = req.param("file")?; let file: &str = req.param("file")?;
if let Some(data) = StaticFile::get(&file) { if let Some(data) = StaticFile::get(file) {
Ok(tide::Response::builder(200) Ok(tide::Response::builder(200)
.header("Content-Type", data.mime.to_string()) .header("Content-Type", data.mime.to_string())
.body(data.content) .body(data.content)

53
src/rules.rs
View file

@ -64,7 +64,7 @@ pub(crate) fn read(db: &Db) -> Result<Vec<(String, Rule)>, anyhow::Error> {
.collect::<Result<Vec<_>, anyhow::Error>>() .collect::<Result<Vec<_>, anyhow::Error>>()
} }
pub(crate) async fn delete(db: &Db, rule_id: String) -> Result<Rule, anyhow::Error> { pub(crate) async fn delete(db: &Db, rule_id: &str) -> Result<Rule, anyhow::Error> {
let tree = rules_tree(db); let tree = rules_tree(db);
let rule = tree let rule = tree
@ -109,13 +109,28 @@ pub(crate) async fn unset(interfaces: &Interfaces, rule: Rule) -> Result<(), any
dest_port, dest_port,
) )
.await?; .await?;
iptables::delete_forward_postrouting( for iface in &interfaces.internal {
rule.proto, iptables::delete_forward_postrouting(
interfaces.external.ip, rule.proto,
rule.port, iface.ip,
dest_ip, iface.mask,
) interfaces.external.ip,
.await?; rule.port,
dest_ip,
)
.await?;
}
for iface in &interfaces.tunnel {
iptables::delete_forward_postrouting(
rule.proto,
iface.ip,
iface.mask,
interfaces.external.ip,
rule.port,
dest_ip,
)
.await?;
}
} }
} }
@ -166,8 +181,28 @@ pub(crate) async fn apply(interfaces: &Interfaces, rule: Rule) -> Result<(), any
dest_port, dest_port,
) )
.await?; .await?;
iptables::forward_postrouting(rule.proto, interfaces.external.ip, rule.port, dest_ip) for iface in &interfaces.internal {
iptables::forward_postrouting(
rule.proto,
iface.ip,
iface.mask,
interfaces.external.ip,
rule.port,
dest_ip,
)
.await?; .await?;
}
for iface in &interfaces.tunnel {
iptables::forward_postrouting(
rule.proto,
iface.ip,
iface.mask,
interfaces.external.ip,
rule.port,
dest_ip,
)
.await?;
}
} }
} }

1
src/session.rs
View file

@ -88,6 +88,7 @@ pub(crate) async fn create_admin(db: &Db) -> Result<(), anyhow::Error> {
let password = rand::thread_rng() let password = rand::thread_rng()
.sample_iter(rand::distributions::Alphanumeric) .sample_iter(rand::distributions::Alphanumeric)
.take(16) .take(16)
.map(char::from)
.collect::<String>(); .collect::<String>();
if add_user(db, String::from("admin"), password.clone()) if add_user(db, String::from("admin"), password.clone())
.await .await

4
src/startup/preload.rs
View file

@ -194,6 +194,10 @@ fn filter(interfaces: &Interfaces) -> String {
"-A FORWARD -o {tunface} -j ACCEPT\n", "-A FORWARD -o {tunface} -j ACCEPT\n",
tunface = iface.interface, tunface = iface.interface,
); );
filter += &format!(
"-A OUTPUT -o {tunface} -j ACCEPT\n",
tunface = iface.interface,
);
} }
// Accept TCP packets // Accept TCP packets

1
src/tunnels/wireguard.rs
View file

@ -60,6 +60,7 @@ pub(crate) async fn add_peer(interface: &Interface, peer: &Peer) -> Result<(), a
let filename = rand::thread_rng() let filename = rand::thread_rng()
.sample_iter(rand::distributions::Alphanumeric) .sample_iter(rand::distributions::Alphanumeric)
.take(8) .take(8)
.map(char::from)
.collect::<String>(); .collect::<String>();
let filename = format!("{}.conf", filename); let filename = format!("{}.conf", filename);