From 34ea85ac3ab93e3eb34baf006c6ee0837834b820 Mon Sep 17 00:00:00 2001 From: sinanmohd Date: Mon, 8 Jul 2024 06:30:30 +0530 Subject: api/filter: init --- api/filter.go | 91 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ api/main.go | 11 +++++--- cmd/main.go | 2 +- 3 files changed, 99 insertions(+), 5 deletions(-) create mode 100644 api/filter.go diff --git a/api/filter.go b/api/filter.go new file mode 100644 index 0000000..3b6664d --- /dev/null +++ b/api/filter.go @@ -0,0 +1,91 @@ +package api + +import ( + "encoding/json" + "log" + "net" + + "github.com/cilium/cilium/pkg/mac" + "sinanmohd.com/redq/bpf/filter" +) + +type FilterResp map[string]string + +func handleFilterBlock(conn net.Conn, f *filter.Filter, macs []string) { + resp := make(FilterResp) + + for _, mac_string := range macs { + mac, err := mac.ParseMAC(mac_string) + if err != nil { + resp[mac_string] = err.Error() + continue + } + + mac_cilium64, err := mac.Uint64() + if err != nil { + resp[mac_string] = err.Error() + continue + } + + err = f.Block(uint64(mac_cilium64)) + if err != nil { + resp[mac_string] = err.Error() + continue + } + + resp[mac_string] = "blocked" + } + + buf, err := json.Marshal(resp) + if err != nil { + log.Printf("marshaling json: %s", err) + return + } + + conn.Write(buf) +} + +func handleFilterUnblock(conn net.Conn, f *filter.Filter, macs []string) { + resp := make(FilterResp) + + for _, mac_string := range macs { + mac, err := mac.ParseMAC(mac_string) + if err != nil { + resp[mac_string] = err.Error() + continue + } + + mac_cilium64, err := mac.Uint64() + if err != nil { + resp[mac_string] = err.Error() + continue + } + + err = f.Unblock(uint64(mac_cilium64)) + if err != nil { + resp[mac_string] = err.Error() + continue + } + + resp[mac_string] = "unblocked" + } + + buf, err := json.Marshal(resp) + if err != nil { + log.Printf("marshaling json: %s", err) + return + } + + conn.Write(buf) +} + +func handleFilter(conn net.Conn, f *filter.Filter, macs []string, action string) { + switch action { + case "block": + handleFilterBlock(conn, f, macs) + case "unblock": + handleFilterUnblock(conn, f, macs) + default: + log.Printf("handling dns: invalid action '%s'", action) + } +} diff --git a/api/main.go b/api/main.go index ea2d7f9..1a5821a 100644 --- a/api/main.go +++ b/api/main.go @@ -6,9 +6,10 @@ import ( "log" "net" + "sinanmohd.com/redq/bpf/filter" + "sinanmohd.com/redq/bpf/usage" "sinanmohd.com/redq/db" "sinanmohd.com/redq/dns" - "sinanmohd.com/redq/bpf/usage" ) const ( @@ -43,7 +44,7 @@ func New() (*Api, error) { return &a, nil } -func (a *Api) Run(u *usage.Usage, d *dns.Dns, queries *db.Queries, ctxDb context.Context) { +func (a *Api) Run(u *usage.Usage, d *dns.Dns, f *filter.Filter, queries *db.Queries, ctxDb context.Context) { for { conn, err := a.sock.Accept() if err != nil { @@ -51,11 +52,11 @@ func (a *Api) Run(u *usage.Usage, d *dns.Dns, queries *db.Queries, ctxDb context continue } - go handleConn(conn, u, d, queries, ctxDb) + go handleConn(conn, u, d, f, queries, ctxDb) } } -func handleConn(conn net.Conn, u *usage.Usage, d *dns.Dns, queries *db.Queries, ctxDb context.Context) { +func handleConn(conn net.Conn, u *usage.Usage, d *dns.Dns, f *filter.Filter, queries *db.Queries, ctxDb context.Context) { defer conn.Close() var req ApiReq buf := make([]byte, bufSize) @@ -79,6 +80,8 @@ func handleConn(conn net.Conn, u *usage.Usage, d *dns.Dns, queries *db.Queries, handleUsage(conn, u, queries, ctxDb) case "dns": handleDns(conn, d, req.Arg, req.Action) + case "filter": + handleFilter(conn, f, req.Arg, req.Action) default: log.Printf("invalid request type: %s", req.Type) } diff --git a/cmd/main.go b/cmd/main.go index dc456ce..df872f8 100644 --- a/cmd/main.go +++ b/cmd/main.go @@ -60,5 +60,5 @@ func main() { go u.Run(iface, queries, ctx) go d.Run() - a.Run(u, d, queries, ctx) + a.Run(u, d, f, queries, ctx) } -- cgit v1.2.3