diff --git a/.gitignore b/.gitignore
index e9240d3..6a2741f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,5 @@
config.json
nftables.conf
go.work
-bin/*
\ No newline at end of file
+nfsense
+nfsense.exe
\ No newline at end of file
diff --git a/client/src/pages/index.vue b/client/src/pages/index.vue
index 63d767c..fa70ec2 100644
--- a/client/src/pages/index.vue
+++ b/client/src/pages/index.vue
@@ -21,4 +21,474 @@ let options = [{ name: 'Vue.js', code: 'vu' },
-
\ No newline at end of file
+
\ No newline at end of file
diff --git a/cmd/api.go b/cmd/api.go
deleted file mode 100644
index 74acd5c..0000000
--- a/cmd/api.go
+++ /dev/null
@@ -1,11 +0,0 @@
-package main
-
-import (
- "nfsense.net/nfsense/api/firewall"
- "nfsense.net/nfsense/pkg/definitions"
- "nfsense.net/nfsense/pkg/jsonrpc"
-)
-
-func RegisterAPIMethods(apiHandler *jsonrpc.Handler, conf *definitions.Config) {
- apiHandler.Register("Firewall", &firewall.Firewall{Conf: conf})
-}
diff --git a/cmd/apply.go b/cmd/apply.go
deleted file mode 100644
index 4d1ede7..0000000
--- a/cmd/apply.go
+++ /dev/null
@@ -1,23 +0,0 @@
-package main
-
-import (
- "fmt"
-
- "golang.org/x/exp/slog"
- "nfsense.net/nfsense/pkg/definitions"
- "nfsense.net/nfsense/pkg/nftables"
-)
-
-func apply(conf *definitions.Config) error {
- fileContent, err := nftables.GenerateNfTablesFile(*conf)
- if err != nil {
- return fmt.Errorf("Generating nftables file %w", err)
- }
-
- err = nftables.ApplyNfTablesFile(fileContent)
- if err != nil {
- return fmt.Errorf("Applying nftables %w", err)
- }
- slog.Info("Wrote nftables File!")
- return nil
-}
diff --git a/cmd/config.go b/cmd/config.go
deleted file mode 100644
index cb22104..0000000
--- a/cmd/config.go
+++ /dev/null
@@ -1,26 +0,0 @@
-package main
-
-import (
- "encoding/json"
- "fmt"
- "os"
-
- "nfsense.net/nfsense/pkg/definitions"
-)
-
-func LoadConfiguration(file string) (*definitions.Config, error) {
- var config definitions.Config
- configFile, err := os.Open(file)
- if err != nil {
- return nil, fmt.Errorf("opening Config File %w", err)
- }
- defer configFile.Close()
-
- jsonParser := json.NewDecoder(configFile)
- jsonParser.DisallowUnknownFields()
- err = jsonParser.Decode(&config)
- if err != nil {
- return nil, fmt.Errorf("decoding Config File %w", err)
- }
- return &config, nil
-}
diff --git a/api/firewall/addresses.go b/internal/api/firewall/addresses.go
similarity index 88%
rename from api/firewall/addresses.go
rename to internal/api/firewall/addresses.go
index fea374a..70f0e85 100644
--- a/api/firewall/addresses.go
+++ b/internal/api/firewall/addresses.go
@@ -3,7 +3,7 @@ package firewall
import (
"context"
- "nfsense.net/nfsense/pkg/definitions"
+ "nfsense.net/nfsense/internal/definitions"
)
type GetAddressesParameters struct {
diff --git a/api/firewall/destination_nat_rules.go b/internal/api/firewall/destination_nat_rules.go
similarity index 90%
rename from api/firewall/destination_nat_rules.go
rename to internal/api/firewall/destination_nat_rules.go
index 7575aec..7d3e4b5 100644
--- a/api/firewall/destination_nat_rules.go
+++ b/internal/api/firewall/destination_nat_rules.go
@@ -3,7 +3,7 @@ package firewall
import (
"context"
- "nfsense.net/nfsense/pkg/definitions"
+ "nfsense.net/nfsense/internal/definitions"
)
type GetDestinationNATRulesParameters struct {
diff --git a/api/firewall/firewall.go b/internal/api/firewall/firewall.go
similarity index 64%
rename from api/firewall/firewall.go
rename to internal/api/firewall/firewall.go
index 2ec9904..31ef0ec 100644
--- a/api/firewall/firewall.go
+++ b/internal/api/firewall/firewall.go
@@ -1,7 +1,7 @@
package firewall
import (
- "nfsense.net/nfsense/pkg/definitions"
+ "nfsense.net/nfsense/internal/definitions"
)
type Firewall struct {
diff --git a/api/firewall/forward_rules.go b/internal/api/firewall/forward_rules.go
similarity index 89%
rename from api/firewall/forward_rules.go
rename to internal/api/firewall/forward_rules.go
index 525261d..c8b0870 100644
--- a/api/firewall/forward_rules.go
+++ b/internal/api/firewall/forward_rules.go
@@ -3,7 +3,7 @@ package firewall
import (
"context"
- "nfsense.net/nfsense/pkg/definitions"
+ "nfsense.net/nfsense/internal/definitions"
)
type GetForwardRulesParameters struct {
diff --git a/api/firewall/services.go b/internal/api/firewall/services.go
similarity index 88%
rename from api/firewall/services.go
rename to internal/api/firewall/services.go
index ffe8982..d8dff31 100644
--- a/api/firewall/services.go
+++ b/internal/api/firewall/services.go
@@ -3,7 +3,7 @@ package firewall
import (
"context"
- "nfsense.net/nfsense/pkg/definitions"
+ "nfsense.net/nfsense/internal/definitions"
)
type GetServicesParameters struct {
diff --git a/api/firewall/source_nat_rules.go b/internal/api/firewall/source_nat_rules.go
similarity index 89%
rename from api/firewall/source_nat_rules.go
rename to internal/api/firewall/source_nat_rules.go
index becd459..0933760 100644
--- a/api/firewall/source_nat_rules.go
+++ b/internal/api/firewall/source_nat_rules.go
@@ -3,7 +3,7 @@ package firewall
import (
"context"
- "nfsense.net/nfsense/pkg/definitions"
+ "nfsense.net/nfsense/internal/definitions"
)
type GetSourceNATRulesParameters struct {
diff --git a/pkg/definitions/address.go b/internal/definitions/address.go
similarity index 100%
rename from pkg/definitions/address.go
rename to internal/definitions/address.go
diff --git a/pkg/definitions/config.go b/internal/definitions/config.go
similarity index 100%
rename from pkg/definitions/config.go
rename to internal/definitions/config.go
diff --git a/pkg/definitions/destination_nat.go b/internal/definitions/destination_nat.go
similarity index 100%
rename from pkg/definitions/destination_nat.go
rename to internal/definitions/destination_nat.go
diff --git a/pkg/definitions/firewall.go b/internal/definitions/firewall.go
similarity index 100%
rename from pkg/definitions/firewall.go
rename to internal/definitions/firewall.go
diff --git a/pkg/definitions/ipnet.go b/internal/definitions/ipnet.go
similarity index 100%
rename from pkg/definitions/ipnet.go
rename to internal/definitions/ipnet.go
diff --git a/pkg/definitions/match.go b/internal/definitions/match.go
similarity index 100%
rename from pkg/definitions/match.go
rename to internal/definitions/match.go
diff --git a/pkg/definitions/rule.go b/internal/definitions/rule.go
similarity index 100%
rename from pkg/definitions/rule.go
rename to internal/definitions/rule.go
diff --git a/pkg/definitions/service.go b/internal/definitions/service.go
similarity index 100%
rename from pkg/definitions/service.go
rename to internal/definitions/service.go
diff --git a/pkg/definitions/source_nat.go b/internal/definitions/source_nat.go
similarity index 100%
rename from pkg/definitions/source_nat.go
rename to internal/definitions/source_nat.go
diff --git a/pkg/jsonrpc/error.go b/internal/jsonrpc/error.go
similarity index 100%
rename from pkg/jsonrpc/error.go
rename to internal/jsonrpc/error.go
diff --git a/pkg/jsonrpc/handler.go b/internal/jsonrpc/handler.go
similarity index 98%
rename from pkg/jsonrpc/handler.go
rename to internal/jsonrpc/handler.go
index 859413e..27d34d0 100644
--- a/pkg/jsonrpc/handler.go
+++ b/internal/jsonrpc/handler.go
@@ -10,7 +10,7 @@ import (
"runtime/debug"
"golang.org/x/exp/slog"
- "nfsense.net/nfsense/pkg/session"
+ "nfsense.net/nfsense/internal/session"
)
type Handler struct {
diff --git a/pkg/jsonrpc/method.go b/internal/jsonrpc/method.go
similarity index 100%
rename from pkg/jsonrpc/method.go
rename to internal/jsonrpc/method.go
diff --git a/pkg/jsonrpc/register.go b/internal/jsonrpc/register.go
similarity index 100%
rename from pkg/jsonrpc/register.go
rename to internal/jsonrpc/register.go
diff --git a/pkg/jsonrpc/request.go b/internal/jsonrpc/request.go
similarity index 100%
rename from pkg/jsonrpc/request.go
rename to internal/jsonrpc/request.go
diff --git a/pkg/jsonrpc/response.go b/internal/jsonrpc/response.go
similarity index 100%
rename from pkg/jsonrpc/response.go
rename to internal/jsonrpc/response.go
diff --git a/pkg/nftables/config.go b/internal/nftables/config.go
similarity index 93%
rename from pkg/nftables/config.go
rename to internal/nftables/config.go
index a641da1..7b87b94 100644
--- a/pkg/nftables/config.go
+++ b/internal/nftables/config.go
@@ -5,7 +5,7 @@ import (
"fmt"
"os"
- "nfsense.net/nfsense/pkg/definitions"
+ "nfsense.net/nfsense/internal/definitions"
)
func GenerateNfTablesFile(conf definitions.Config) (string, error) {
diff --git a/pkg/nftables/match.go b/internal/nftables/match.go
similarity index 97%
rename from pkg/nftables/match.go
rename to internal/nftables/match.go
index 25bce6a..da45bfc 100644
--- a/pkg/nftables/match.go
+++ b/internal/nftables/match.go
@@ -3,8 +3,8 @@ package nftables
import (
"fmt"
- "nfsense.net/nfsense/pkg/definitions"
- "nfsense.net/nfsense/pkg/util"
+ "nfsense.net/nfsense/internal/definitions"
+ "nfsense.net/nfsense/internal/util"
)
func GenerateMatcher(services map[string]definitions.Service, addresses map[string]definitions.Address, match definitions.Match) (string, error) {
diff --git a/pkg/nftables/template.go b/internal/nftables/template.go
similarity index 100%
rename from pkg/nftables/template.go
rename to internal/nftables/template.go
diff --git a/pkg/nftables/template/addresses.tmpl b/internal/nftables/template/addresses.tmpl
similarity index 100%
rename from pkg/nftables/template/addresses.tmpl
rename to internal/nftables/template/addresses.tmpl
diff --git a/pkg/nftables/template/destination_nat_rules.tmpl b/internal/nftables/template/destination_nat_rules.tmpl
similarity index 100%
rename from pkg/nftables/template/destination_nat_rules.tmpl
rename to internal/nftables/template/destination_nat_rules.tmpl
diff --git a/pkg/nftables/template/forward_rules.tmpl b/internal/nftables/template/forward_rules.tmpl
similarity index 100%
rename from pkg/nftables/template/forward_rules.tmpl
rename to internal/nftables/template/forward_rules.tmpl
diff --git a/pkg/nftables/template/inbound_rules.tmpl b/internal/nftables/template/inbound_rules.tmpl
similarity index 100%
rename from pkg/nftables/template/inbound_rules.tmpl
rename to internal/nftables/template/inbound_rules.tmpl
diff --git a/pkg/nftables/template/nftables.tmpl b/internal/nftables/template/nftables.tmpl
similarity index 100%
rename from pkg/nftables/template/nftables.tmpl
rename to internal/nftables/template/nftables.tmpl
diff --git a/pkg/nftables/template/source_nat_rules.tmpl b/internal/nftables/template/source_nat_rules.tmpl
similarity index 100%
rename from pkg/nftables/template/source_nat_rules.tmpl
rename to internal/nftables/template/source_nat_rules.tmpl
diff --git a/pkg/server/api.go b/internal/server/api.go
similarity index 95%
rename from pkg/server/api.go
rename to internal/server/api.go
index eb5cd81..14da64e 100644
--- a/pkg/server/api.go
+++ b/internal/server/api.go
@@ -8,7 +8,7 @@ import (
"time"
"golang.org/x/exp/slog"
- "nfsense.net/nfsense/pkg/session"
+ "nfsense.net/nfsense/internal/session"
)
func HandleAPI(w http.ResponseWriter, r *http.Request) {
diff --git a/pkg/server/server.go b/internal/server/server.go
similarity index 89%
rename from pkg/server/server.go
rename to internal/server/server.go
index 25f4b6f..d54c9ba 100644
--- a/pkg/server/server.go
+++ b/internal/server/server.go
@@ -8,9 +8,9 @@ import (
"golang.org/x/exp/slog"
- "nfsense.net/nfsense/pkg/definitions"
- "nfsense.net/nfsense/pkg/jsonrpc"
- "nfsense.net/nfsense/pkg/session"
+ "nfsense.net/nfsense/internal/definitions"
+ "nfsense.net/nfsense/internal/jsonrpc"
+ "nfsense.net/nfsense/internal/session"
)
var server http.Server
diff --git a/pkg/server/session.go b/internal/server/session.go
similarity index 97%
rename from pkg/server/session.go
rename to internal/server/session.go
index b785bb7..1896f29 100644
--- a/pkg/server/session.go
+++ b/internal/server/session.go
@@ -7,7 +7,7 @@ import (
"time"
"golang.org/x/exp/slog"
- "nfsense.net/nfsense/pkg/session"
+ "nfsense.net/nfsense/internal/session"
)
type LoginRequest struct {
diff --git a/pkg/server/webinterface.go b/internal/server/webinterface.go
similarity index 100%
rename from pkg/server/webinterface.go
rename to internal/server/webinterface.go
diff --git a/pkg/server/websocket.go b/internal/server/websocket.go
similarity index 97%
rename from pkg/server/websocket.go
rename to internal/server/websocket.go
index 86299a6..e0e80e6 100644
--- a/pkg/server/websocket.go
+++ b/internal/server/websocket.go
@@ -9,7 +9,7 @@ import (
"time"
"golang.org/x/exp/slog"
- "nfsense.net/nfsense/pkg/session"
+ "nfsense.net/nfsense/internal/session"
"nhooyr.io/websocket"
)
diff --git a/pkg/session/cookie.go b/internal/session/cookie.go
similarity index 100%
rename from pkg/session/cookie.go
rename to internal/session/cookie.go
diff --git a/internal/session/session.go b/internal/session/session.go
new file mode 100644
index 0000000..83b7b9d
--- /dev/null
+++ b/internal/session/session.go
@@ -0,0 +1,93 @@
+package session
+
+import (
+ "net/http"
+ "runtime/debug"
+ "sync"
+ "time"
+
+ "github.com/google/uuid"
+)
+
+type SessionKeyType string
+
+const SessionKey SessionKeyType = "session"
+const SessionCookieName string = "session"
+
+type Session struct {
+ Username string
+ Expires time.Time
+ // TODO Add []websocket.Conn pointer to close all active websockets, alternativly do this via context cancelation
+}
+
+type SessionResponse struct {
+ CommitHash string `json:"commit_hash"`
+}
+
+var sessionsSync sync.Mutex
+var sessions map[string]*Session = map[string]*Session{}
+
+var CommitHash = func() string {
+ if info, ok := debug.ReadBuildInfo(); ok {
+ for _, setting := range info.Settings {
+ if setting.Key == "vcs.revision" {
+ return setting.Value
+ }
+ }
+ }
+ return "asd"
+}()
+
+func ExtendSession(s *Session) {
+ sessionsSync.Lock()
+ defer sessionsSync.Unlock()
+ if s != nil {
+ s.Expires = time.Now().Add(time.Minute * 5)
+ }
+}
+
+func GetSession(r *http.Request) (string, *Session) {
+ c, err := r.Cookie("session")
+ if err != nil {
+ return "", nil
+ }
+ s, ok := sessions[c.Value]
+ if ok {
+ return c.Value, s
+ }
+ return "", nil
+}
+
+func GenerateSession(w http.ResponseWriter, username string) {
+ id := uuid.New().String()
+ expires := time.Now().Add(time.Minute * 5)
+ sessionsSync.Lock()
+ defer sessionsSync.Unlock()
+ sessions[id] = &Session{
+ Username: username,
+ Expires: expires,
+ }
+ http.SetCookie(w, &http.Cookie{Name: SessionCookieName, HttpOnly: true, SameSite: http.SameSiteStrictMode, Value: id, Expires: expires})
+}
+
+func CleanupSessions(stop chan struct{}) {
+ tick := time.NewTicker(time.Minute)
+ for {
+ select {
+ case <-tick.C:
+ ids := []string{}
+ sessionsSync.Lock()
+ for id, s := range sessions {
+ if time.Now().After(s.Expires) {
+ ids = append(ids, id)
+ }
+ }
+ for _, id := range ids {
+ delete(sessions, id)
+ }
+ sessionsSync.Unlock()
+ case <-stop:
+ return
+ }
+ }
+}
diff --git a/pkg/util/address.go b/internal/util/address.go
similarity index 95%
rename from pkg/util/address.go
rename to internal/util/address.go
index bfbec7b..dc42dc3 100644
--- a/pkg/util/address.go
+++ b/internal/util/address.go
@@ -1,6 +1,6 @@
package util
-import "nfsense.net/nfsense/pkg/definitions"
+import "nfsense.net/nfsense/internal/definitions"
// ResolveBaseAddresses Resolves all groups to their base Addresses
func ResolveBaseAddresses(allAddresses map[string]definitions.Address, addressNames []string) []definitions.Address {
diff --git a/pkg/util/service.go b/internal/util/service.go
similarity index 95%
rename from pkg/util/service.go
rename to internal/util/service.go
index 8e90668..e72cade 100644
--- a/pkg/util/service.go
+++ b/internal/util/service.go
@@ -1,6 +1,6 @@
package util
-import "nfsense.net/nfsense/pkg/definitions"
+import "nfsense.net/nfsense/internal/definitions"
// ResolveBaseServices Resolves all groups to their base Services
func ResolveBaseServices(allServices map[string]definitions.Service, serviceNames []string) []definitions.Service {
diff --git a/pkg/util/set.go b/internal/util/set.go
similarity index 100%
rename from pkg/util/set.go
rename to internal/util/set.go
diff --git a/cmd/main.go b/main.go
similarity index 52%
rename from cmd/main.go
rename to main.go
index 4919841..a677b60 100644
--- a/cmd/main.go
+++ b/main.go
@@ -2,16 +2,20 @@ package main
import (
"context"
+ "encoding/json"
"flag"
+ "fmt"
"os"
"os/signal"
"syscall"
"time"
"golang.org/x/exp/slog"
- "nfsense.net/nfsense/pkg/definitions"
- "nfsense.net/nfsense/pkg/jsonrpc"
- "nfsense.net/nfsense/pkg/server"
+ "nfsense.net/nfsense/internal/api/firewall"
+ "nfsense.net/nfsense/internal/definitions"
+ "nfsense.net/nfsense/internal/jsonrpc"
+ "nfsense.net/nfsense/internal/nftables"
+ "nfsense.net/nfsense/internal/server"
)
func main() {
@@ -69,3 +73,38 @@ func main() {
slog.Info("Done")
}
+
+func LoadConfiguration(file string) (*definitions.Config, error) {
+ var config definitions.Config
+ configFile, err := os.Open(file)
+ if err != nil {
+ return nil, fmt.Errorf("opening Config File %w", err)
+ }
+ defer configFile.Close()
+
+ jsonParser := json.NewDecoder(configFile)
+ jsonParser.DisallowUnknownFields()
+ err = jsonParser.Decode(&config)
+ if err != nil {
+ return nil, fmt.Errorf("decoding Config File %w", err)
+ }
+ return &config, nil
+}
+
+func RegisterAPIMethods(apiHandler *jsonrpc.Handler, conf *definitions.Config) {
+ apiHandler.Register("Firewall", &firewall.Firewall{Conf: conf})
+}
+
+func apply(conf *definitions.Config) error {
+ fileContent, err := nftables.GenerateNfTablesFile(*conf)
+ if err != nil {
+ return fmt.Errorf("Generating nftables file %w", err)
+ }
+
+ err = nftables.ApplyNfTablesFile(fileContent)
+ if err != nil {
+ return fmt.Errorf("Applying nftables %w", err)
+ }
+ slog.Info("Wrote nftables File!")
+ return nil
+}
diff --git a/pkg/session/session.go b/pkg/session/session.go
index 83b7b9d..71b531f 100644
--- a/pkg/session/session.go
+++ b/pkg/session/session.go
@@ -13,6 +13,7 @@ type SessionKeyType string
const SessionKey SessionKeyType = "session"
const SessionCookieName string = "session"
+const SessionLiveTime = 15
type Session struct {
Username string
@@ -42,7 +43,7 @@ func ExtendSession(s *Session) {
sessionsSync.Lock()
defer sessionsSync.Unlock()
if s != nil {
- s.Expires = time.Now().Add(time.Minute * 5)
+ s.Expires = time.Now().Add(time.Minute * SessionLiveTime)
}
}
@@ -60,7 +61,7 @@ func GetSession(r *http.Request) (string, *Session) {
func GenerateSession(w http.ResponseWriter, username string) {
id := uuid.New().String()
- expires := time.Now().Add(time.Minute * 5)
+ expires := time.Now().Add(time.Minute * SessionLiveTime)
sessionsSync.Lock()
defer sessionsSync.Unlock()
sessions[id] = &Session{