diff --git a/rust/crates/zaprett/src/config.rs b/rust/crates/zaprett/src/config.rs index a09d3e6..ade207f 100644 --- a/rust/crates/zaprett/src/config.rs +++ b/rust/crates/zaprett/src/config.rs @@ -1,6 +1,6 @@ +use crate::{MODULE_PATH, merge_files}; use getset::Getters; use serde::{Deserialize, Serialize}; -use crate::{merge_files, MODULE_PATH}; #[derive(Serialize, Deserialize)] #[serde(rename_all = "lowercase")] @@ -9,20 +9,51 @@ pub enum ListType { Blacklist, } +impl Default for ListType { + fn default() -> Self { + Self::Whitelist + } +} + #[derive(Serialize, Deserialize, Getters)] #[getset(get = "pub")] pub struct Config { + #[serde(default)] active_lists: Vec, + #[serde(default)] active_ipsets: Vec, + #[serde(default)] active_exclude_lists: Vec, + #[serde(default)] active_exclude_ipsets: Vec, + #[serde(default)] list_type: ListType, + #[serde(default)] strategy: String, + #[serde(default)] app_list: String, + #[serde(default)] whitelist: Vec, + #[serde(default)] blacklist: Vec, } +impl Default for Config { + fn default() -> Self { + Self { + active_lists: vec![], + active_ipsets: vec![], + active_exclude_lists: vec![], + active_exclude_ipsets: vec![], + list_type: Default::default(), + strategy: String::new(), + app_list: String::new(), + whitelist: vec![], + blacklist: vec![], + } + } +} + impl ListType { /// # Returns /// @@ -36,14 +67,14 @@ impl ListType { &config.active_ipsets, "hostlist", "ipset", - "" + "", ), ListType::Blacklist => ( &config.active_exclude_lists, &config.active_exclude_ipsets, "hostlist-exclude", "ipset-exclude", - "-exclude" + "-exclude", ), }; @@ -52,7 +83,7 @@ impl ListType { merge_files(host_files, host_path).await.unwrap(); merge_files(ipset_files, ipset_path).await.unwrap(); - + ( format!("--hostlist{exclude_flag}={module_path_str}/tmp/{host_suffix}"), format!("--ipset{exclude_flag}={module_path_str}/tmp/{ipset_suffix}"), diff --git a/rust/crates/zaprett/src/daemon.rs b/rust/crates/zaprett/src/daemon.rs index 38f404e..6441fce 100644 --- a/rust/crates/zaprett/src/daemon.rs +++ b/rust/crates/zaprett/src/daemon.rs @@ -12,7 +12,6 @@ pub async fn daemonize_nfqws(args: &str) { let daemonize = Daemonize::new() .pid_file(MODULE_PATH.join("tmp/pid.lock").as_path()) .working_directory(MODULE_PATH.join("tmp")) - // .group("daemon") .stdout(stdout) .stderr(stderr) .privileged_action(|| "Executed before drop privileges"); @@ -20,7 +19,7 @@ pub async fn daemonize_nfqws(args: &str) { match daemonize.start() { Ok(_) => { info!("Success, daemonized"); - run_nfqws(args).await.unwrap() + run_nfqws(args).unwrap() } Err(e) => error!("Error while starting nfqws daemon: {e}"), } diff --git a/rust/crates/zaprett/src/lib.rs b/rust/crates/zaprett/src/lib.rs index 09541bf..e9d4031 100644 --- a/rust/crates/zaprett/src/lib.rs +++ b/rust/crates/zaprett/src/lib.rs @@ -4,7 +4,6 @@ mod daemon; pub mod iptables_rust; mod service; -use anyhow::bail; use ini::Ini; use libnfqws::nfqws_main; use std::error; @@ -12,9 +11,9 @@ use std::ffi::CString; use std::os::raw::c_char; use std::path::Path; use std::sync::LazyLock; +use tokio::fs; use tokio::fs::File; use tokio::io::{AsyncWriteExt, copy}; -use tokio::{fs, task}; pub static MODULE_PATH: LazyLock<&Path> = LazyLock::new(|| Path::new("/data/adb/modules/zaprett")); pub static ZAPRETT_DIR_PATH: LazyLock<&Path> = @@ -85,11 +84,7 @@ pub async fn merge_files( Ok(()) } -async fn run_nfqws(args_str: &str) -> anyhow::Result<()> { - if service::service_status().await? { - bail!("nfqws already started!"); - } - +fn run_nfqws(args_str: &str) -> anyhow::Result<()> { let mut args = vec![ "nfqws".to_string(), "--uid=0:0".to_string(), @@ -101,20 +96,16 @@ async fn run_nfqws(args_str: &str) -> anyhow::Result<()> { } else { args.extend(args_str.split_whitespace().map(String::from)); } + let c_args: Vec = args + .into_iter() + .map(|arg| CString::new(arg).unwrap()) + .collect(); - task::spawn_blocking(move || { - let c_args: Vec = args - .into_iter() - .map(|arg| CString::new(arg).unwrap()) - .collect(); + let mut ptrs: Vec<*const c_char> = c_args.iter().map(|arg| arg.as_ptr()).collect(); - let mut ptrs: Vec<*const c_char> = c_args.iter().map(|arg| arg.as_ptr()).collect(); - - unsafe { - nfqws_main(c_args.len() as libc::c_int, ptrs.as_mut_ptr() as *mut _); - } - }) - .await?; + unsafe { + nfqws_main(c_args.len() as libc::c_int, ptrs.as_mut_ptr() as *mut _); + } Ok(()) } diff --git a/rust/crates/zaprett/src/service.rs b/rust/crates/zaprett/src/service.rs index 0600054..1aea3f1 100644 --- a/rust/crates/zaprett/src/service.rs +++ b/rust/crates/zaprett/src/service.rs @@ -20,6 +20,10 @@ pub async fn start_service() -> anyhow::Result<()> { bail!("Running not from root, exiting"); }; + if service_status().await.unwrap() { + bail!("zaprett already started") + } + println!("Starting zaprett service..."); let tmp_dir = MODULE_PATH.join("tmp"); @@ -73,6 +77,10 @@ pub async fn stop_service() -> anyhow::Result<()> { bail!("Running not from root, exiting"); }; + if service_status().await.unwrap() { + bail!("zaprett service alreeady stopped") + } + clear_iptables_rules().expect("clear iptables rules"); let pid_str = fs::read_to_string(MODULE_PATH.join("tmp/pid.lock")).await?;