implemented config reload

.github/workflows/lint.yml

@@ -14,6 +14,7 @@ jobs:
       matrix:
         python-version: [3.10]
     runs-on: ubuntu-latest
+    timeout-minutes: 5
 
     steps:
       - uses: actions/checkout@v3

lib/cnf/cnf_file/config.yml → config_example.yml

@@ -11,6 +11,7 @@ service:
     udp: false  # not yet implemented
     transparent: false
 
+  debug: true
   timeout:
     connection: 5
     handshake: 5
@@ -27,20 +28,3 @@ vars:
   - name: 'svc_http'
     value: [80, 443]
 
-rules:
-  - match:
-      dest: '192.168.100.0/24'
-    action: 'drop'
-
-  - match:
-      src: '$net_private'
-      dest: '$net_private'
-      port: '$svc_http'
-      protoL4: 'tcp'
-    action: 'accept'
-
-  - match:
-      dest: '!$net_private'
-      port: 443
-      protoL4: 'tcp'
-    action: 'accept'

lib/cnf/cnf_file/main.go

@@ -42,10 +42,15 @@ func readConfig() (config []byte) {
 }
 
 func Load() {
-	err := yaml.Unmarshal(readConfig(), &cnf.C)
+	log.Info("config", "Loading config from file")
+	newConfig := cnf.Config{}
+	err := yaml.Unmarshal(readConfig(), &newConfig)
 	if err != nil {
 		log.ErrorS("config", "Failed to parse config! Check if it is valid!")
 		panic(fmt.Errorf("failed to parse config"))
 	}
-	cnf.RULES = ParseRules(cnf.C.Rules)
+	cnf.C = &newConfig
+	newRules := ParseRules(cnf.C.Rules)
+	cnf.RULES = &newRules
+	log.Debug("config", "Finished loading config")
 }

lib/cnf/cnf_file/rules_parse.go

@@ -117,7 +117,7 @@ func ParseRules(rawRules []cnf.RuleRaw) (rules []cnf.Rule) {
 
 		rules = append(rules, rule)
 	}
-	return
+	return rules
 }
 
 func cleanRaw(configRaw string) (configClean string) {

lib/cnf/config.go

@@ -1,9 +1,8 @@
 package cnf
 
-var DEBUG bool = false
 var LOG_TIME bool = true
-var C = Config{}
-var RULES = []Rule{}
+var C *Config
+var RULES *[]Rule
 
 type Config struct {
 	Service ServiceConfig `yaml:"service"`
@@ -15,6 +14,7 @@ type ServiceConfig struct {
 	Timeout ServiceConfigTimeout `yaml:"timeout"`
 	Listen  ServiceConfigListen  `yaml:"listen"`
 	Output  ServiceConfigOutput  `yaml:"output"`
+	Debug   bool                 `yaml:"debug" default="false"`
 }
 
 type ServiceConfigListen struct {

lib/log/main.go

@@ -9,7 +9,7 @@ import (
 
 func log(lvl string, pkg string, msg string) {
 	var base string
-	if cnf.DEBUG {
+	if cnf.C.Service.Debug {
 		base = fmt.Sprintf("%s | %s | %s\n", lvl, pkg, msg)
 	} else {
 		base = fmt.Sprintf("%s | %s\n", lvl, msg)
@@ -24,7 +24,7 @@ func log(lvl string, pkg string, msg string) {
 
 func logConn(lvl string, pkg string, src string, dst string, msg string) {
 	var base string
-	if cnf.DEBUG {
+	if cnf.C.Service.Debug {
 		base = fmt.Sprintf("%s | %s | %s => %s | %s\n", lvl, pkg, src, dst, msg)
 	} else {
 		base = fmt.Sprintf("%s | %s => %s | %s\n", lvl, src, dst, msg)
@@ -55,13 +55,13 @@ func ConnError(pkg string, src string, dst string, err error) {
 }
 
 func Debug(pkg string, msg string) {
-	if cnf.DEBUG {
+	if cnf.C.Service.Debug {
 		log("DEBUG", pkg, msg)
 	}
 }
 
 func ConnDebug(pkg string, src string, dst string, msg string) {
-	if cnf.DEBUG {
+	if cnf.C.Service.Debug {
 		logConn("DEBUG", pkg, src, dst, msg)
 	}
 }
@@ -80,7 +80,7 @@ func Warn(pkg string, msg string) {
 
 func Fatal(pkg string, msg string) {
 	var base string
-	if cnf.DEBUG {
+	if cnf.C.Service.Debug {
 		base = fmt.Sprintf("FATAL | %s | %s\n", pkg, msg)
 	} else {
 		base = fmt.Sprintf("FATAL | %s\n", msg)

lib/main/main.go

@@ -3,6 +3,7 @@ package main
 import (
 	"fmt"
 
+	"github.com/superstes/calamary/cnf"
 	"github.com/superstes/calamary/cnf/cnf_file"
 )
 
@@ -17,10 +18,10 @@ func welcome() {
 }
 
 func main() {
+	cnf.C = &cnf.Config{}
 	welcome()
 	cnf_file.Load()
 	service := &service{}
-	_, cancel := service.start()
-	defer service.shutdown(cancel)
+	service.start()
 	service.signalHandler()
 }

lib/main/service.go

@@ -10,6 +10,7 @@ import (
 	"syscall"
 	"time"
 
+	"github.com/superstes/calamary/cnf/cnf_file"
 	"github.com/superstes/calamary/log"
 	"github.com/superstes/calamary/proc/fwd"
 	"github.com/superstes/calamary/rcv"
@@ -20,21 +21,33 @@ type service struct {
 }
 
 func (svc *service) signalHandler() {
-	sigc := make(chan os.Signal, 1)
-	signal.Notify(sigc, syscall.SIGHUP, syscall.SIGINT, syscall.SIGTERM, syscall.SIGQUIT)
-	sig := <-sigc
-	log.Info("service", fmt.Sprintf("Signal received: %v", sig))
+	signalCh := make(chan os.Signal, 1024)
+	signal.Notify(signalCh, syscall.SIGHUP, syscall.SIGINT, syscall.SIGQUIT, syscall.SIGTERM)
+	for {
+		select {
+		case s := <-signalCh:
+			switch s {
+			case syscall.SIGHUP:
+				log.Warn("service", "Received reload signal")
+				cnf_file.Load()
+
+			case syscall.SIGINT, syscall.SIGQUIT, syscall.SIGTERM:
+				log.Warn("service", "Received shutdown signal")
+				_, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+				defer cancel()
+				svc.shutdown(cancel)
+			}
+		}
+	}
 }
 
-func (svc *service) start() (ctx context.Context, cancel context.CancelFunc) {
-	ctx, cancel = context.WithCancel(context.Background())
+func (svc *service) start() {
 	svc.listeners = rcv.Start()
 	for i := range svc.listeners {
 		listener := svc.listeners[i]
 		go svc.serve(listener)
 	}
 	log.Info("service", "Started")
-	return
 }
 
 func (svc *service) shutdown(cancel context.CancelFunc) {
@@ -44,6 +57,7 @@ func (svc *service) shutdown(cancel context.CancelFunc) {
 		listener.Close()
 	}
 	log.Info("service", "Stopped")
+	os.Exit(0)
 	/*
 		ctx := context.Background()
 		doneHTTP := httpserver.Shutdown(ctx)

scripts/test_nat.sh

@@ -0,0 +1,5 @@
+#!/bin/bash
+
+TEST_TARGET='135.181.170.219'
+
+sudo iptables -t nat -I OUTPUT -d "$TEST_TARGET" -p tcp -j DNAT --to-destination 127.0.0.1:4128