diff options
author | Ruben Pollan <meskio@sindominio.net> | 2019-01-08 19:24:13 +0100 |
---|---|---|
committer | Kali Kaneko (leap communications) <kali@leap.se> | 2019-01-12 18:25:42 +0100 |
commit | 933ad2aeda754499753e91be05aa9f5556539d35 (patch) | |
tree | acb104e4a984e67fc007037ed55e3b6182ee8b91 | |
parent | f274ec2beaf060cc8bfe4f5eb6f2ce3b5c6aa1f3 (diff) |
[feat] reload firewall with SIGUSR1
- Resolves: riseup_vpn#46
-rw-r--r-- | bitmask/bitmask.go | 1 | ||||
-rw-r--r-- | bitmaskd/vpn.go | 6 | ||||
-rw-r--r-- | main.go | 1 | ||||
-rw-r--r-- | signal_unix.go | 34 | ||||
-rw-r--r-- | signal_windows.go | 24 | ||||
-rw-r--r-- | standalone/vpn.go | 22 |
6 files changed, 88 insertions, 0 deletions
diff --git a/bitmask/bitmask.go b/bitmask/bitmask.go index f9b1cc9..a7aabaa 100644 --- a/bitmask/bitmask.go +++ b/bitmask/bitmask.go @@ -21,6 +21,7 @@ type Bitmask interface { Version() (string, error) StartVPN(provider string) error StopVPN() error + ReloadFirewall() error GetStatus() (string, error) InstallHelpers() error VPNCheck() (helpers bool, priviledge bool, err error) diff --git a/bitmaskd/vpn.go b/bitmaskd/vpn.go index aee5e8f..cfbe7df 100644 --- a/bitmaskd/vpn.go +++ b/bitmaskd/vpn.go @@ -32,6 +32,12 @@ func (b *Bitmask) StopVPN() error { return err } +// ReloadFirewall restarts the firewall +func (b *Bitmask) ReloadFirewall() error { + _, err := b.send("vpn", "fw_reload") + return err +} + // GetStatus returns the VPN status func (b *Bitmask) GetStatus() (string, error) { res, err := b.send("vpn", "status") @@ -85,6 +85,7 @@ func initialize(conf *systrayConfig, bt *bmTray) { } defer b.Close() go checkAndStartBitmask(b, notify, conf) + go listenSignals(b) as := newAutostart(applicationName, getIconPath()) err = as.Enable() diff --git a/signal_unix.go b/signal_unix.go new file mode 100644 index 0000000..37b3908 --- /dev/null +++ b/signal_unix.go @@ -0,0 +1,34 @@ +// +build !windows +// Copyright (C) 2018 LEAP +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with this program. If not, see <http://www.gnu.org/licenses/>. + +package main + +import ( + "os" + "os/signal" + "syscall" + + "0xacab.org/leap/bitmask-systray/bitmask" +) + +func listenSignals(bm bitmask.Bitmask) { + sigusrCh := make(chan os.Signal, 1) + signal.Notify(sigusrCh, syscall.SIGUSR1) + + for range sigusrCh { + bm.ReloadFirewall() + } +} diff --git a/signal_windows.go b/signal_windows.go new file mode 100644 index 0000000..7e0eb3d --- /dev/null +++ b/signal_windows.go @@ -0,0 +1,24 @@ +// +build windows +// Copyright (C) 2018 LEAP +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with this program. If not, see <http://www.gnu.org/licenses/>. + +package main + +import ( + "0xacab.org/leap/bitmask-systray/bitmask" +) + +func listenSignals(bm bitmask.Bitmask) { +} diff --git a/standalone/vpn.go b/standalone/vpn.go index 0ff090c..c3b2693 100644 --- a/standalone/vpn.go +++ b/standalone/vpn.go @@ -82,6 +82,28 @@ func (b *Bitmask) StopVPN() error { return b.launch.openvpnStop() } +// ReloadFirewall restarts the firewall +func (b *Bitmask) ReloadFirewall() error { + err := b.launch.firewallStop() + if err != nil { + return err + } + + status, err := b.GetStatus() + if err != nil { + return err + } + + if status != Off { + gateways, err := b.bonafide.getGateways() + if err != nil { + return err + } + return b.launch.firewallStart(gateways) + } + return nil +} + // GetStatus returns the VPN status func (b *Bitmask) GetStatus() (string, error) { status, err := b.getOpenvpnState() |