Maint: use narrower interfaces for firewall config

2021-07-26 16:07:50 +00:00
parent 430512dd27
commit 7a222923c7
19 changed files with 29 additions and 24 deletions
--- a/internal/openvpn/loop.go
+++ b/internal/openvpn/loop.go
@@ -37,7 +37,7 @@ type Loop struct {
 	targetConfPath string
 	// Configurators
 	conf    StarterAuthWriter
-	fw      firewall.Configurator
+	fw      firewallConfigurer
 	routing routing.Routing
 	// Other objects
 	logger, pfLogger logging.Logger
@@ -54,13 +54,18 @@ type Loop struct {
 	backoffTime time.Duration
 }

+type firewallConfigurer interface {
+	firewall.VPNConnectionSetter
+	firewall.PortAllower
+}
+
 const (
 	defaultBackoffTime = 15 * time.Second
 )

 func NewLoop(settings configuration.OpenVPN,
 	username string, puid, pgid int, allServers models.AllServers,
-	conf Configurator, fw firewall.Configurator, routing routing.Routing,
+	conf Configurator, fw firewallConfigurer, routing routing.Routing,
 	logger logging.ParentLogger, client *http.Client,
 	tunnelReady chan<- struct{}) *Loop {
 	start := make(chan struct{})
--- a/internal/provider/cyberghost/portforward.go
+++ b/internal/provider/cyberghost/portforward.go
@@ -10,7 +10,7 @@ import (
 )

 func (c *Cyberghost) PortForward(ctx context.Context, client *http.Client,
-	pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator,
+	pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower,
 	syncState func(port uint16) (pfFilepath string)) {
 	panic("port forwarding is not supported for Cyberghost")
 }
--- a/internal/provider/fastestvpn/portforward.go
+++ b/internal/provider/fastestvpn/portforward.go
@@ -10,7 +10,7 @@ import (
 )

 func (f *Fastestvpn) PortForward(ctx context.Context, client *http.Client,
-	pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator,
+	pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower,
 	syncState func(port uint16) (pfFilepath string)) {
 	panic("port forwarding is not supported for FastestVPN")
 }
--- a/internal/provider/hidemyass/portforward.go
+++ b/internal/provider/hidemyass/portforward.go
@@ -10,7 +10,7 @@ import (
 )

 func (f *HideMyAss) PortForward(ctx context.Context, client *http.Client,
-	pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator,
+	pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower,
 	syncState func(port uint16) (pfFilepath string)) {
 	panic("port forwarding is not supported for HideMyAss")
 }
--- a/internal/provider/ipvanish/portforward.go
+++ b/internal/provider/ipvanish/portforward.go
@@ -10,7 +10,7 @@ import (
 )

 func (i *Ipvanish) PortForward(ctx context.Context, client *http.Client,
-	pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator,
+	pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower,
 	syncState func(port uint16) (pfFilepath string)) {
 	panic("port forwarding is not supported for Ipvanish")
 }
--- a/internal/provider/ivpn/portforward.go
+++ b/internal/provider/ivpn/portforward.go
@@ -10,7 +10,7 @@ import (
 )

 func (i *Ivpn) PortForward(ctx context.Context, client *http.Client,
-	pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator,
+	pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower,
 	syncState func(port uint16) (pfFilepath string)) {
 	panic("port forwarding is not supported for Ivpn")
 }
--- a/internal/provider/mullvad/portforward.go
+++ b/internal/provider/mullvad/portforward.go
@@ -10,7 +10,7 @@ import (
 )

 func (m *Mullvad) PortForward(ctx context.Context, client *http.Client,
-	pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator,
+	pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower,
 	syncState func(port uint16) (pfFilepath string)) {
 	panic("port forwarding logic is not needed for Mullvad")
 }
--- a/internal/provider/nordvpn/portforward.go
+++ b/internal/provider/nordvpn/portforward.go
@@ -10,7 +10,7 @@ import (
 )

 func (n *Nordvpn) PortForward(ctx context.Context, client *http.Client,
-	pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator,
+	pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower,
 	syncState func(port uint16) (pfFilepath string)) {
 	panic("port forwarding is not supported for NordVPN")
 }
--- a/internal/provider/privado/portforward.go
+++ b/internal/provider/privado/portforward.go
@@ -10,7 +10,7 @@ import (
 )

 func (p *Privado) PortForward(ctx context.Context, client *http.Client,
-	pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator,
+	pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower,
 	syncState func(port uint16) (pfFilepath string)) {
 	panic("port forwarding is not supported for Privado")
 }
--- a/internal/provider/privateinternetaccess/portforward.go
+++ b/internal/provider/privateinternetaccess/portforward.go
@@ -28,7 +28,7 @@ var (
 // PortForward obtains a VPN server side port forwarded from PIA.
 //nolint:gocognit
 func (p *PIA) PortForward(ctx context.Context, client *http.Client,
-	logger logging.Logger, gateway net.IP, fw firewall.Configurator,
+	logger logging.Logger, gateway net.IP, portAllower firewall.PortAllower,
 	syncState func(port uint16) (pfFilepath string)) {
 	commonName := p.activeServer.ServerName
 	if !p.activeServer.PortForward {
@@ -96,7 +96,7 @@ func (p *PIA) PortForward(ctx context.Context, client *http.Client,
 		logger.Error(err.Error())
 	}

-	if err := fw.SetAllowedPort(ctx, data.Port, string(constants.TUN)); err != nil {
+	if err := portAllower.SetAllowedPort(ctx, data.Port, string(constants.TUN)); err != nil {
 		logger.Error(err.Error())
 	}

@@ -109,7 +109,7 @@ func (p *PIA) PortForward(ctx context.Context, client *http.Client,
 		case <-ctx.Done():
 			removeCtx, cancel := context.WithTimeout(context.Background(), time.Second)
 			defer cancel()
-			if err := fw.RemoveAllowedPort(removeCtx, data.Port); err != nil {
+			if err := portAllower.RemoveAllowedPort(removeCtx, data.Port); err != nil {
 				logger.Error(err.Error())
 			}
 			if !keepAliveTimer.Stop() {
@@ -140,10 +140,10 @@ func (p *PIA) PortForward(ctx context.Context, client *http.Client,
 			durationToExpiration := data.Expiration.Sub(p.timeNow())
 			logger.Info("Port forwarded is " + strconv.Itoa(int(data.Port)) +
 				" expiring in " + format.FriendlyDuration(durationToExpiration))
-			if err := fw.RemoveAllowedPort(ctx, oldPort); err != nil {
+			if err := portAllower.RemoveAllowedPort(ctx, oldPort); err != nil {
 				logger.Error(err.Error())
 			}
-			if err := fw.SetAllowedPort(ctx, data.Port, string(constants.TUN)); err != nil {
+			if err := portAllower.SetAllowedPort(ctx, data.Port, string(constants.TUN)); err != nil {
 				logger.Error(err.Error())
 			}
 			filepath := syncState(data.Port)
--- a/internal/provider/privatevpn/portforward.go
+++ b/internal/provider/privatevpn/portforward.go
@@ -10,7 +10,7 @@ import (
 )

 func (p *Privatevpn) PortForward(ctx context.Context, client *http.Client,
-	pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator,
+	pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower,
 	syncState func(port uint16) (pfFilepath string)) {
 	panic("port forwarding is not supported for PrivateVPN")
 }
--- a/internal/provider/protonvpn/portforward.go
+++ b/internal/provider/protonvpn/portforward.go
@@ -10,7 +10,7 @@ import (
 )

 func (p *Protonvpn) PortForward(ctx context.Context, client *http.Client,
-	pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator,
+	pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower,
 	syncState func(port uint16) (pfFilepath string)) {
 	panic("port forwarding is not supported for ProtonVPN")
 }
--- a/internal/provider/provider.go
+++ b/internal/provider/provider.go
@@ -37,7 +37,7 @@ type Provider interface {
 	GetOpenVPNConnection(selection configuration.ServerSelection) (connection models.OpenVPNConnection, err error)
 	BuildConf(connection models.OpenVPNConnection, username string, settings configuration.OpenVPN) (lines []string)
 	PortForward(ctx context.Context, client *http.Client,
-		pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator,
+		pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower,
 		syncState func(port uint16) (pfFilepath string))
 }

--- a/internal/provider/purevpn/portforward.go
+++ b/internal/provider/purevpn/portforward.go
@@ -10,7 +10,7 @@ import (
 )

 func (p *Purevpn) PortForward(ctx context.Context, client *http.Client,
-	pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator,
+	pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower,
 	syncState func(port uint16) (pfFilepath string)) {
 	panic("port forwarding is not supported for PureVPN")
 }
--- a/internal/provider/surfshark/portforward.go
+++ b/internal/provider/surfshark/portforward.go
@@ -10,7 +10,7 @@ import (
 )

 func (s *Surfshark) PortForward(ctx context.Context, client *http.Client,
-	pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator,
+	pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower,
 	syncState func(port uint16) (pfFilepath string)) {
 	panic("port forwarding is not supported for Surfshark")
 }
--- a/internal/provider/torguard/portforward.go
+++ b/internal/provider/torguard/portforward.go
@@ -10,7 +10,7 @@ import (
 )

 func (t *Torguard) PortForward(ctx context.Context, client *http.Client,
-	pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator,
+	pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower,
 	syncState func(port uint16) (pfFilepath string)) {
 	panic("port forwarding is not supported for Torguard")
 }
--- a/internal/provider/vpnunlimited/portforward.go
+++ b/internal/provider/vpnunlimited/portforward.go
@@ -10,7 +10,7 @@ import (
 )

 func (p *Provider) PortForward(ctx context.Context, client *http.Client,
-	pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator,
+	pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower,
 	syncState func(port uint16) (pfFilepath string)) {
 	panic("port forwarding is not supported for VPN Unlimited")
 }
--- a/internal/provider/vyprvpn/portforward.go
+++ b/internal/provider/vyprvpn/portforward.go
@@ -10,7 +10,7 @@ import (
 )

 func (v *Vyprvpn) PortForward(ctx context.Context, client *http.Client,
-	pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator,
+	pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower,
 	syncState func(port uint16) (pfFilepath string)) {
 	panic("port forwarding is not supported for Vyprvpn")
 }
--- a/internal/provider/windscribe/portforward.go
+++ b/internal/provider/windscribe/portforward.go
@@ -10,7 +10,7 @@ import (
 )

 func (w *Windscribe) PortForward(ctx context.Context, client *http.Client,
-	pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator,
+	pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower,
 	syncState func(port uint16) (pfFilepath string)) {
 	panic("port forwarding is not supported for Windscribe")
 }