summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRuben Pollan <meskio@sindominio.net>2019-01-08 19:24:13 +0100
committerKali Kaneko (leap communications) <kali@leap.se>2019-01-12 18:25:42 +0100
commit933ad2aeda754499753e91be05aa9f5556539d35 (patch)
treeacb104e4a984e67fc007037ed55e3b6182ee8b91
parentf274ec2beaf060cc8bfe4f5eb6f2ce3b5c6aa1f3 (diff)
[feat] reload firewall with SIGUSR1
- Resolves: riseup_vpn#46
-rw-r--r--bitmask/bitmask.go1
-rw-r--r--bitmaskd/vpn.go6
-rw-r--r--main.go1
-rw-r--r--signal_unix.go34
-rw-r--r--signal_windows.go24
-rw-r--r--standalone/vpn.go22
6 files changed, 88 insertions, 0 deletions
diff --git a/bitmask/bitmask.go b/bitmask/bitmask.go
index f9b1cc9..a7aabaa 100644
--- a/bitmask/bitmask.go
+++ b/bitmask/bitmask.go
@@ -21,6 +21,7 @@ type Bitmask interface {
Version() (string, error)
StartVPN(provider string) error
StopVPN() error
+ ReloadFirewall() error
GetStatus() (string, error)
InstallHelpers() error
VPNCheck() (helpers bool, priviledge bool, err error)
diff --git a/bitmaskd/vpn.go b/bitmaskd/vpn.go
index aee5e8f..cfbe7df 100644
--- a/bitmaskd/vpn.go
+++ b/bitmaskd/vpn.go
@@ -32,6 +32,12 @@ func (b *Bitmask) StopVPN() error {
return err
}
+// ReloadFirewall restarts the firewall
+func (b *Bitmask) ReloadFirewall() error {
+ _, err := b.send("vpn", "fw_reload")
+ return err
+}
+
// GetStatus returns the VPN status
func (b *Bitmask) GetStatus() (string, error) {
res, err := b.send("vpn", "status")
diff --git a/main.go b/main.go
index a9dc9e9..2683a88 100644
--- a/main.go
+++ b/main.go
@@ -85,6 +85,7 @@ func initialize(conf *systrayConfig, bt *bmTray) {
}
defer b.Close()
go checkAndStartBitmask(b, notify, conf)
+ go listenSignals(b)
as := newAutostart(applicationName, getIconPath())
err = as.Enable()
diff --git a/signal_unix.go b/signal_unix.go
new file mode 100644
index 0000000..37b3908
--- /dev/null
+++ b/signal_unix.go
@@ -0,0 +1,34 @@
+// +build !windows
+// Copyright (C) 2018 LEAP
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+package main
+
+import (
+ "os"
+ "os/signal"
+ "syscall"
+
+ "0xacab.org/leap/bitmask-systray/bitmask"
+)
+
+func listenSignals(bm bitmask.Bitmask) {
+ sigusrCh := make(chan os.Signal, 1)
+ signal.Notify(sigusrCh, syscall.SIGUSR1)
+
+ for range sigusrCh {
+ bm.ReloadFirewall()
+ }
+}
diff --git a/signal_windows.go b/signal_windows.go
new file mode 100644
index 0000000..7e0eb3d
--- /dev/null
+++ b/signal_windows.go
@@ -0,0 +1,24 @@
+// +build windows
+// Copyright (C) 2018 LEAP
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+package main
+
+import (
+ "0xacab.org/leap/bitmask-systray/bitmask"
+)
+
+func listenSignals(bm bitmask.Bitmask) {
+}
diff --git a/standalone/vpn.go b/standalone/vpn.go
index 0ff090c..c3b2693 100644
--- a/standalone/vpn.go
+++ b/standalone/vpn.go
@@ -82,6 +82,28 @@ func (b *Bitmask) StopVPN() error {
return b.launch.openvpnStop()
}
+// ReloadFirewall restarts the firewall
+func (b *Bitmask) ReloadFirewall() error {
+ err := b.launch.firewallStop()
+ if err != nil {
+ return err
+ }
+
+ status, err := b.GetStatus()
+ if err != nil {
+ return err
+ }
+
+ if status != Off {
+ gateways, err := b.bonafide.getGateways()
+ if err != nil {
+ return err
+ }
+ return b.launch.firewallStart(gateways)
+ }
+ return nil
+}
+
// GetStatus returns the VPN status
func (b *Bitmask) GetStatus() (string, error) {
status, err := b.getOpenvpnState()