added rustfmt: a rustfmt.toml file diescribing syntax (soft tabs of 2 spaces), a CONTRIBUTING.md file to explain how to use rustfmt, a .drone.yml file to add code style checks in CI, 2 lines in README.md to present CONTRIBUTING.md, and applied rustfmt on the source

author: adrien <adrien@luxeylab.net> 2021-09-11 16:34:03 +0200
committer: adrien <adrien@luxeylab.net> 2021-09-11 16:34:03 +0200
commit: f7200709059c00e74cb25f5d8967d81a834f6bb8 (patch)
tree: dab43a23074cbdf41f2ce3740532957f604af779 /src/fw.rs
parent: fa25c54e47decf9f323ba0c614f4d9de106626d5 (diff)
download: diplonat-f7200709059c00e74cb25f5d8967d81a834f6bb8.tar.gz
diplonat-f7200709059c00e74cb25f5d8967d81a834f6bb8.zip
1 files changed, 75 insertions, 59 deletions
diff --git a/src/fw.rs b/src/fw.rs
index bc4d119..0b07a12 100644
--- a/src/fw.rs
+++ b/src/fw.rs
@@ -1,81 +1,97 @@
+use crate::messages;
+use anyhow::{Context, Result};
 use iptables;
+use log::*;
 use regex::Regex;
 use std::collections::HashSet;
-use crate::messages;
-use anyhow::{Result,Context};
-use log::*;
 
 pub fn setup(ipt: &iptables::IPTables) -> Result<()> {
+  // ensure we start from a clean state without any rule already set
+  cleanup(ipt)?;
 
-    // ensure we start from a clean state without any rule already set
-    cleanup(ipt)?;
-    
-    ipt.new_chain("filter", "DIPLONAT").context("Failed to create new chain")?;
-    ipt.insert_unique("filter", "INPUT", "-j DIPLONAT", 1).context("Failed to insert jump rule")?;
+  ipt
+    .new_chain("filter", "DIPLONAT")
+    .context("Failed to create new chain")?;
+  ipt
+    .insert_unique("filter", "INPUT", "-j DIPLONAT", 1)
+    .context("Failed to insert jump rule")?;
 
-    Ok(())
+  Ok(())
 }
 
 pub fn open_ports(ipt: &iptables::IPTables, ports: messages::PublicExposedPorts) -> Result<()> {
-    for p in ports.tcp_ports {
-        ipt.append("filter", "DIPLONAT", &format!("-p tcp --dport {} -j ACCEPT", p)).context("Failed to insert port rule")?;
-    }
-
-    for p in ports.udp_ports {
-        ipt.append("filter", "DIPLONAT", &format!("-p udp --dport {} -j ACCEPT", p)).context("Failed to insert port rule")?;
-    }
-
-    Ok(())
+  for p in ports.tcp_ports {
+    ipt
+      .append(
+        "filter",
+        "DIPLONAT",
+        &format!("-p tcp --dport {} -j ACCEPT", p),
+      )
+      .context("Failed to insert port rule")?;
+  }
+
+  for p in ports.udp_ports {
+    ipt
+      .append(
+        "filter",
+        "DIPLONAT",
+        &format!("-p udp --dport {} -j ACCEPT", p),
+      )
+      .context("Failed to insert port rule")?;
+  }
+
+  Ok(())
 }
 
 pub fn get_opened_ports(ipt: &iptables::IPTables) -> Result<messages::PublicExposedPorts> {
-    let mut ports = messages::PublicExposedPorts {
-        tcp_ports: HashSet::new(),
-        udp_ports: HashSet::new()
-    };
-
-    let list = ipt.list("filter", "DIPLONAT")?;
-    let re = Regex::new(r"\-A.*? \-p (\w+).*\-\-dport (\d+).*?\-j ACCEPT").context("Regex matching open ports encountered an unexpected rule")?;
-    for i in list {
-        let caps = re.captures(&i);
-        match caps {
-            Some(c) => {
-           
-                if let (Some(raw_proto), Some(raw_port)) = (c.get(1), c.get(2)) {
-
-                    let proto = String::from(raw_proto.as_str());
-                    let number = String::from(raw_port.as_str()).parse::<u16>()?;
-
-                    if proto == "tcp" {
-                        ports.tcp_ports.insert(number);
-                    } else {
-                        ports.udp_ports.insert(number);
-                    }
-
-                } else {
-                    error!("Unexpected rule found in DIPLONAT chain")
-                }
-
-            },
-            _ => {}
+  let mut ports = messages::PublicExposedPorts {
+    tcp_ports: HashSet::new(),
+    udp_ports: HashSet::new(),
+  };
+
+  let list = ipt.list("filter", "DIPLONAT")?;
+  let re = Regex::new(r"\-A.*? \-p (\w+).*\-\-dport (\d+).*?\-j ACCEPT")
+    .context("Regex matching open ports encountered an unexpected rule")?;
+  for i in list {
+    let caps = re.captures(&i);
+    match caps {
+      Some(c) => {
+        if let (Some(raw_proto), Some(raw_port)) = (c.get(1), c.get(2)) {
+          let proto = String::from(raw_proto.as_str());
+          let number = String::from(raw_port.as_str()).parse::<u16>()?;
+
+          if proto == "tcp" {
+            ports.tcp_ports.insert(number);
+          } else {
+            ports.udp_ports.insert(number);
+          }
+        } else {
+          error!("Unexpected rule found in DIPLONAT chain")
         }
+      }
+      _ => {}
     }
+  }
 
-    Ok(ports)
+  Ok(ports)
 }
 
 pub fn cleanup(ipt: &iptables::IPTables) -> Result<()> {
-    
-    if ipt.chain_exists("filter", "DIPLONAT")? {
-        ipt.flush_chain("filter", "DIPLONAT").context("Failed to flush the DIPLONAT chain")?;
-    
-        if ipt.exists("filter", "INPUT", "-j DIPLONAT")? {
-            ipt.delete("filter", "INPUT", "-j DIPLONAT").context("Failed to delete jump rule")?;
-        }
-    
-        ipt.delete_chain("filter", "DIPLONAT").context("Failed to delete chain")?;
+  if ipt.chain_exists("filter", "DIPLONAT")? {
+    ipt
+      .flush_chain("filter", "DIPLONAT")
+      .context("Failed to flush the DIPLONAT chain")?;
+
+    if ipt.exists("filter", "INPUT", "-j DIPLONAT")? {
+      ipt
+        .delete("filter", "INPUT", "-j DIPLONAT")
+        .context("Failed to delete jump rule")?;
     }
 
-    Ok(())
-}
+    ipt
+      .delete_chain("filter", "DIPLONAT")
+      .context("Failed to delete chain")?;
+  }
 
+  Ok(())
+}
author	adrien <adrien@luxeylab.net>	2021-09-11 16:34:03 +0200
committer	adrien <adrien@luxeylab.net>	2021-09-11 16:34:03 +0200
commit	f7200709059c00e74cb25f5d8967d81a834f6bb8 (patch)
tree	dab43a23074cbdf41f2ce3740532957f604af779 /src/fw.rs
parent	fa25c54e47decf9f323ba0c614f4d9de106626d5 (diff)
download	diplonat-f7200709059c00e74cb25f5d8967d81a834f6bb8.tar.gz diplonat-f7200709059c00e74cb25f5d8967d81a834f6bb8.zip