TRKJ/EdgeNode
2
0
Fork 0
mirror of https://github.com/TeaOSLab/EdgeNode.git synced 2025-11-08 03:00:27 +08:00
Code Issues Packages Projects Releases Wiki Activity

优化nftables查找程序

Browse Source
This commit is contained in:
GoEdgeLab
2023-04-05 09:33:03 +08:00
parent 9ba3dc8172
commit d13018c51f
3 changed files with 25 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
internal/firewalls/ddos_protection.go
View File

@@ -90,7 +90,7 @@ func (this *DDoSProtectionManager) Apply(config *ddosconfigs.ProtectionConfig) e
} }
remotelogs.Println("FIREWALL", "change DDoS protection config") remotelogs.Println("FIREWALL", "change DDoS protection config")
if len(NftExePath()) == 0 { if len(nftables.NftExePath()) == 0 {
return errors.New("can not find nft command") return errors.New("can not find nft command")
} }
@@ -156,7 +156,7 @@ func (this *DDoSProtectionManager) Apply(config *ddosconfigs.ProtectionConfig) e
// 添加TCP规则 // 添加TCP规则
func (this *DDoSProtectionManager) addTCPRules(tcpConfig *ddosconfigs.TCPConfig) error { func (this *DDoSProtectionManager) addTCPRules(tcpConfig *ddosconfigs.TCPConfig) error {
var nftExe = NftExePath() var nftExe = nftables.NftExePath()
if len(nftExe) == 0 { if len(nftExe) == 0 {
return nil return nil
} }

25
internal/firewalls/firewall_nftables.go
View File

@@ -16,33 +16,12 @@ import (
"github.com/google/nftables/expr" "github.com/google/nftables/expr"
"github.com/iwind/TeaGo/types" "github.com/iwind/TeaGo/types"
"net" "net"
"os"
"os/exec"
"regexp" "regexp"
"runtime" "runtime"
"strings" "strings"
"time" "time"
) )
// NftExePath 查找nftables可执行文件路径
func NftExePath() string {
path, _ := exec.LookPath("nft")
if len(path) > 0 {
return path
}
for _, possiblePath := range []string{
"/usr/sbin/nft",
} {
_, err := os.Stat(possiblePath)
if err == nil {
return possiblePath
}
}
return ""
}
// check nft status, if being enabled we load it automatically // check nft status, if being enabled we load it automatically
func init() { func init() {
if !teaconst.IsMain { if !teaconst.IsMain {
@@ -58,7 +37,7 @@ func init() {
ticker.Stop() ticker.Stop()
break break
} }
var nftExe = NftExePath() var nftExe = nftables.NftExePath()
if len(nftExe) > 0 { if len(nftExe) > 0 {
nftablesFirewall, err := NewNFTablesFirewall() nftablesFirewall, err := NewNFTablesFirewall()
if err != nil { if err != nil {
@@ -141,7 +120,7 @@ type NFTablesFirewall struct {
func (this *NFTablesFirewall) init() error { func (this *NFTablesFirewall) init() error {
// check nft // check nft
var nftPath = NftExePath() var nftPath = nftables.NftExePath()
if len(nftPath) == 0 { if len(nftPath) == 0 {
return errors.New("'nft' not found") return errors.New("'nft' not found")
} }

25
internal/firewalls/nftables/installer.go
View File

@@ -38,8 +38,7 @@ func init() {
} }
if os.Getgid() == 0 { // root user only if os.Getgid() == 0 { // root user only
_, err := exec.LookPath("nft") if len(NftExePath()) > 0 {
if err == nil {
return return
} }
goman.New(func() { goman.New(func() {
@@ -53,6 +52,25 @@ func init() {
}) })
} }
// NftExePath 查找nftables可执行文件路径
func NftExePath() string {
path, _ := exec.LookPath("nft")
if len(path) > 0 {
return path
}
for _, possiblePath := range []string{
"/usr/sbin/nft",
} {
_, err := os.Stat(possiblePath)
if err == nil {
return possiblePath
}
}
return ""
}
type Installer struct { type Installer struct {
} }
@@ -67,8 +85,7 @@ func (this *Installer) Install() error {
} }
// 检查是否已经存在 // 检查是否已经存在
_, err := exec.LookPath("nft") if len(NftExePath()) > 0 {
if err == nil {
return nil return nil
} }