From 7a222923c72ef93862348002353b4ae52922ea76 Mon Sep 17 00:00:00 2001 From: "Quentin McGaw (desktop)" Date: Mon, 26 Jul 2021 16:07:50 +0000 Subject: [PATCH] Maint: use narrower interfaces for firewall config --- internal/openvpn/loop.go | 9 +++++++-- internal/provider/cyberghost/portforward.go | 2 +- internal/provider/fastestvpn/portforward.go | 2 +- internal/provider/hidemyass/portforward.go | 2 +- internal/provider/ipvanish/portforward.go | 2 +- internal/provider/ivpn/portforward.go | 2 +- internal/provider/mullvad/portforward.go | 2 +- internal/provider/nordvpn/portforward.go | 2 +- internal/provider/privado/portforward.go | 2 +- internal/provider/privateinternetaccess/portforward.go | 10 +++++----- internal/provider/privatevpn/portforward.go | 2 +- internal/provider/protonvpn/portforward.go | 2 +- internal/provider/provider.go | 2 +- internal/provider/purevpn/portforward.go | 2 +- internal/provider/surfshark/portforward.go | 2 +- internal/provider/torguard/portforward.go | 2 +- internal/provider/vpnunlimited/portforward.go | 2 +- internal/provider/vyprvpn/portforward.go | 2 +- internal/provider/windscribe/portforward.go | 2 +- 19 files changed, 29 insertions(+), 24 deletions(-) diff --git a/internal/openvpn/loop.go b/internal/openvpn/loop.go index c2c7b2cb..b0460f02 100644 --- a/internal/openvpn/loop.go +++ b/internal/openvpn/loop.go @@ -37,7 +37,7 @@ type Loop struct { targetConfPath string // Configurators conf StarterAuthWriter - fw firewall.Configurator + fw firewallConfigurer routing routing.Routing // Other objects logger, pfLogger logging.Logger @@ -54,13 +54,18 @@ type Loop struct { backoffTime time.Duration } +type firewallConfigurer interface { + firewall.VPNConnectionSetter + firewall.PortAllower +} + const ( defaultBackoffTime = 15 * time.Second ) func NewLoop(settings configuration.OpenVPN, username string, puid, pgid int, allServers models.AllServers, - conf Configurator, fw firewall.Configurator, routing routing.Routing, + conf Configurator, fw firewallConfigurer, routing routing.Routing, logger logging.ParentLogger, client *http.Client, tunnelReady chan<- struct{}) *Loop { start := make(chan struct{}) diff --git a/internal/provider/cyberghost/portforward.go b/internal/provider/cyberghost/portforward.go index 299094a9..ab351a20 100644 --- a/internal/provider/cyberghost/portforward.go +++ b/internal/provider/cyberghost/portforward.go @@ -10,7 +10,7 @@ import ( ) func (c *Cyberghost) PortForward(ctx context.Context, client *http.Client, - pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator, + pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower, syncState func(port uint16) (pfFilepath string)) { panic("port forwarding is not supported for Cyberghost") } diff --git a/internal/provider/fastestvpn/portforward.go b/internal/provider/fastestvpn/portforward.go index f3801478..41d7cea7 100644 --- a/internal/provider/fastestvpn/portforward.go +++ b/internal/provider/fastestvpn/portforward.go @@ -10,7 +10,7 @@ import ( ) func (f *Fastestvpn) PortForward(ctx context.Context, client *http.Client, - pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator, + pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower, syncState func(port uint16) (pfFilepath string)) { panic("port forwarding is not supported for FastestVPN") } diff --git a/internal/provider/hidemyass/portforward.go b/internal/provider/hidemyass/portforward.go index 3fa3a6d0..f06f1c32 100644 --- a/internal/provider/hidemyass/portforward.go +++ b/internal/provider/hidemyass/portforward.go @@ -10,7 +10,7 @@ import ( ) func (f *HideMyAss) PortForward(ctx context.Context, client *http.Client, - pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator, + pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower, syncState func(port uint16) (pfFilepath string)) { panic("port forwarding is not supported for HideMyAss") } diff --git a/internal/provider/ipvanish/portforward.go b/internal/provider/ipvanish/portforward.go index 47f486b1..0e0a3fc2 100644 --- a/internal/provider/ipvanish/portforward.go +++ b/internal/provider/ipvanish/portforward.go @@ -10,7 +10,7 @@ import ( ) func (i *Ipvanish) PortForward(ctx context.Context, client *http.Client, - pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator, + pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower, syncState func(port uint16) (pfFilepath string)) { panic("port forwarding is not supported for Ipvanish") } diff --git a/internal/provider/ivpn/portforward.go b/internal/provider/ivpn/portforward.go index 01b1eae7..51607ad6 100644 --- a/internal/provider/ivpn/portforward.go +++ b/internal/provider/ivpn/portforward.go @@ -10,7 +10,7 @@ import ( ) func (i *Ivpn) PortForward(ctx context.Context, client *http.Client, - pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator, + pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower, syncState func(port uint16) (pfFilepath string)) { panic("port forwarding is not supported for Ivpn") } diff --git a/internal/provider/mullvad/portforward.go b/internal/provider/mullvad/portforward.go index 9bb8d6a2..cc77563c 100644 --- a/internal/provider/mullvad/portforward.go +++ b/internal/provider/mullvad/portforward.go @@ -10,7 +10,7 @@ import ( ) func (m *Mullvad) PortForward(ctx context.Context, client *http.Client, - pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator, + pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower, syncState func(port uint16) (pfFilepath string)) { panic("port forwarding logic is not needed for Mullvad") } diff --git a/internal/provider/nordvpn/portforward.go b/internal/provider/nordvpn/portforward.go index 9bafbea3..9127daa3 100644 --- a/internal/provider/nordvpn/portforward.go +++ b/internal/provider/nordvpn/portforward.go @@ -10,7 +10,7 @@ import ( ) func (n *Nordvpn) PortForward(ctx context.Context, client *http.Client, - pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator, + pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower, syncState func(port uint16) (pfFilepath string)) { panic("port forwarding is not supported for NordVPN") } diff --git a/internal/provider/privado/portforward.go b/internal/provider/privado/portforward.go index 48c0dea0..9af0e306 100644 --- a/internal/provider/privado/portforward.go +++ b/internal/provider/privado/portforward.go @@ -10,7 +10,7 @@ import ( ) func (p *Privado) PortForward(ctx context.Context, client *http.Client, - pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator, + pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower, syncState func(port uint16) (pfFilepath string)) { panic("port forwarding is not supported for Privado") } diff --git a/internal/provider/privateinternetaccess/portforward.go b/internal/provider/privateinternetaccess/portforward.go index 87e90f89..30b9407e 100644 --- a/internal/provider/privateinternetaccess/portforward.go +++ b/internal/provider/privateinternetaccess/portforward.go @@ -28,7 +28,7 @@ var ( // PortForward obtains a VPN server side port forwarded from PIA. //nolint:gocognit func (p *PIA) PortForward(ctx context.Context, client *http.Client, - logger logging.Logger, gateway net.IP, fw firewall.Configurator, + logger logging.Logger, gateway net.IP, portAllower firewall.PortAllower, syncState func(port uint16) (pfFilepath string)) { commonName := p.activeServer.ServerName if !p.activeServer.PortForward { @@ -96,7 +96,7 @@ func (p *PIA) PortForward(ctx context.Context, client *http.Client, logger.Error(err.Error()) } - if err := fw.SetAllowedPort(ctx, data.Port, string(constants.TUN)); err != nil { + if err := portAllower.SetAllowedPort(ctx, data.Port, string(constants.TUN)); err != nil { logger.Error(err.Error()) } @@ -109,7 +109,7 @@ func (p *PIA) PortForward(ctx context.Context, client *http.Client, case <-ctx.Done(): removeCtx, cancel := context.WithTimeout(context.Background(), time.Second) defer cancel() - if err := fw.RemoveAllowedPort(removeCtx, data.Port); err != nil { + if err := portAllower.RemoveAllowedPort(removeCtx, data.Port); err != nil { logger.Error(err.Error()) } if !keepAliveTimer.Stop() { @@ -140,10 +140,10 @@ func (p *PIA) PortForward(ctx context.Context, client *http.Client, durationToExpiration := data.Expiration.Sub(p.timeNow()) logger.Info("Port forwarded is " + strconv.Itoa(int(data.Port)) + " expiring in " + format.FriendlyDuration(durationToExpiration)) - if err := fw.RemoveAllowedPort(ctx, oldPort); err != nil { + if err := portAllower.RemoveAllowedPort(ctx, oldPort); err != nil { logger.Error(err.Error()) } - if err := fw.SetAllowedPort(ctx, data.Port, string(constants.TUN)); err != nil { + if err := portAllower.SetAllowedPort(ctx, data.Port, string(constants.TUN)); err != nil { logger.Error(err.Error()) } filepath := syncState(data.Port) diff --git a/internal/provider/privatevpn/portforward.go b/internal/provider/privatevpn/portforward.go index ec777aaa..7f332576 100644 --- a/internal/provider/privatevpn/portforward.go +++ b/internal/provider/privatevpn/portforward.go @@ -10,7 +10,7 @@ import ( ) func (p *Privatevpn) PortForward(ctx context.Context, client *http.Client, - pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator, + pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower, syncState func(port uint16) (pfFilepath string)) { panic("port forwarding is not supported for PrivateVPN") } diff --git a/internal/provider/protonvpn/portforward.go b/internal/provider/protonvpn/portforward.go index c7990fb5..a9a6bc29 100644 --- a/internal/provider/protonvpn/portforward.go +++ b/internal/provider/protonvpn/portforward.go @@ -10,7 +10,7 @@ import ( ) func (p *Protonvpn) PortForward(ctx context.Context, client *http.Client, - pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator, + pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower, syncState func(port uint16) (pfFilepath string)) { panic("port forwarding is not supported for ProtonVPN") } diff --git a/internal/provider/provider.go b/internal/provider/provider.go index 2e7ce5f1..317119fa 100644 --- a/internal/provider/provider.go +++ b/internal/provider/provider.go @@ -37,7 +37,7 @@ type Provider interface { GetOpenVPNConnection(selection configuration.ServerSelection) (connection models.OpenVPNConnection, err error) BuildConf(connection models.OpenVPNConnection, username string, settings configuration.OpenVPN) (lines []string) PortForward(ctx context.Context, client *http.Client, - pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator, + pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower, syncState func(port uint16) (pfFilepath string)) } diff --git a/internal/provider/purevpn/portforward.go b/internal/provider/purevpn/portforward.go index d6f19664..65ec26f6 100644 --- a/internal/provider/purevpn/portforward.go +++ b/internal/provider/purevpn/portforward.go @@ -10,7 +10,7 @@ import ( ) func (p *Purevpn) PortForward(ctx context.Context, client *http.Client, - pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator, + pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower, syncState func(port uint16) (pfFilepath string)) { panic("port forwarding is not supported for PureVPN") } diff --git a/internal/provider/surfshark/portforward.go b/internal/provider/surfshark/portforward.go index e9220276..fba0350f 100644 --- a/internal/provider/surfshark/portforward.go +++ b/internal/provider/surfshark/portforward.go @@ -10,7 +10,7 @@ import ( ) func (s *Surfshark) PortForward(ctx context.Context, client *http.Client, - pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator, + pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower, syncState func(port uint16) (pfFilepath string)) { panic("port forwarding is not supported for Surfshark") } diff --git a/internal/provider/torguard/portforward.go b/internal/provider/torguard/portforward.go index 1688777c..b9f09663 100644 --- a/internal/provider/torguard/portforward.go +++ b/internal/provider/torguard/portforward.go @@ -10,7 +10,7 @@ import ( ) func (t *Torguard) PortForward(ctx context.Context, client *http.Client, - pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator, + pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower, syncState func(port uint16) (pfFilepath string)) { panic("port forwarding is not supported for Torguard") } diff --git a/internal/provider/vpnunlimited/portforward.go b/internal/provider/vpnunlimited/portforward.go index c5191a98..2d4fb2cc 100644 --- a/internal/provider/vpnunlimited/portforward.go +++ b/internal/provider/vpnunlimited/portforward.go @@ -10,7 +10,7 @@ import ( ) func (p *Provider) PortForward(ctx context.Context, client *http.Client, - pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator, + pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower, syncState func(port uint16) (pfFilepath string)) { panic("port forwarding is not supported for VPN Unlimited") } diff --git a/internal/provider/vyprvpn/portforward.go b/internal/provider/vyprvpn/portforward.go index b50d1858..2ba60448 100644 --- a/internal/provider/vyprvpn/portforward.go +++ b/internal/provider/vyprvpn/portforward.go @@ -10,7 +10,7 @@ import ( ) func (v *Vyprvpn) PortForward(ctx context.Context, client *http.Client, - pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator, + pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower, syncState func(port uint16) (pfFilepath string)) { panic("port forwarding is not supported for Vyprvpn") } diff --git a/internal/provider/windscribe/portforward.go b/internal/provider/windscribe/portforward.go index 253f1e43..05162104 100644 --- a/internal/provider/windscribe/portforward.go +++ b/internal/provider/windscribe/portforward.go @@ -10,7 +10,7 @@ import ( ) func (w *Windscribe) PortForward(ctx context.Context, client *http.Client, - pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator, + pfLogger logging.Logger, gateway net.IP, portAllower firewall.PortAllower, syncState func(port uint16) (pfFilepath string)) { panic("port forwarding is not supported for Windscribe") }