Skip to content

Commit

Permalink
Change the transfer data type of network/allow/block list
Browse files Browse the repository at this point in the history
  • Loading branch information
@msk
Hanbeom kim authored and msk committed May 24, 2023
1 parent e7a0c04 commit 5b891e1
Show file tree
Hide file tree
Showing 2 changed files with 76 additions and 44 deletions.
7 changes: 7 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,13 @@ file is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and
this project adheres to [Semantic
Versioning](https://semver.org/spec/v2.0.0.html).

## [Unreleased]

### Changed

- Change the transfer data type of `RequestCode:InternalNetworkList`/
`RequestCode:AllowList`/`RequestCodeBlockList` to `HostNetworkGroup`.

## [0.7.1] - 2023-05-17

### Added
Expand Down
113 changes: 69 additions & 44 deletions src/request.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,10 @@ use ipnet::IpNet;
use num_enum::FromPrimitive;
use quinn::{RecvStream, SendStream};
use serde::{Deserialize, Serialize};
use std::net::SocketAddr;
use std::{
net::{IpAddr, SocketAddr},
ops::RangeInclusive,
};
use thiserror::Error;

use crate::{frame, message, RequestCode};
Expand Down Expand Up @@ -42,6 +45,13 @@ pub struct Configuration {
pub log_options: Option<Vec<String>>,
}

#[derive(Clone, Default, Deserialize, Eq, PartialEq, Serialize)]
pub struct HostNetworkGroup {
pub hosts: Vec<IpAddr>,
pub networks: Vec<IpNet>,
pub ip_ranges: Vec<RangeInclusive<IpAddr>>,
}

/// The error type for handling a request.
#[derive(Debug, Error)]
pub enum HandlerError {
Expand Down Expand Up @@ -113,15 +123,15 @@ pub trait Handler: Send {
return Err("not supported".to_string());
}

async fn internal_network_list(&mut self, _list: &[&str]) -> Result<(), String> {
async fn internal_network_list(&mut self, _list: HostNetworkGroup) -> Result<(), String> {
return Err("not supported".to_string());
}

async fn allow_list(&mut self, _list: &[&str]) -> Result<(), String> {
async fn allow_list(&mut self, _list: HostNetworkGroup) -> Result<(), String> {
return Err("not supported".to_string());
}

async fn block_list(&mut self, _list: &[&str]) -> Result<(), String> {
async fn block_list(&mut self, _list: HostNetworkGroup) -> Result<(), String> {
return Err("not supported".to_string());
}
}
Expand Down Expand Up @@ -219,23 +229,23 @@ pub async fn handle<H: Handler>(
}
RequestCode::InternalNetworkList => {
let network_list = codec
.deserialize::<Vec<&str>>(body)
.deserialize::<HostNetworkGroup>(body)
.map_err(frame::RecvError::DeserializationFailure)?;
let result = handler.internal_network_list(&network_list).await;
let result = handler.internal_network_list(network_list).await;
send_response(send, &mut buf, result).await?;
}
RequestCode::AllowList => {
let allow_list = codec
.deserialize::<Vec<&str>>(body)
.deserialize::<HostNetworkGroup>(body)
.map_err(frame::RecvError::DeserializationFailure)?;
let result = handler.allow_list(&allow_list).await;
let result = handler.allow_list(allow_list).await;
send_response(send, &mut buf, result).await?;
}
RequestCode::BlockList => {
let block_list = codec
.deserialize::<Vec<&str>>(body)
.deserialize::<HostNetworkGroup>(body)
.map_err(frame::RecvError::DeserializationFailure)?;
let result = handler.block_list(&block_list).await;
let result = handler.block_list(block_list).await;
send_response(send, &mut buf, result).await?;
}
RequestCode::ReloadFilterRule => {
Expand Down Expand Up @@ -279,12 +289,18 @@ async fn send_response<T: Serialize>(
mod tests {
use crate::{
frame, message,
request::HostNetworkGroup,
test::{channel, TOKEN},
RequestCode,
};
use async_trait::async_trait;
use ipnet::IpNet;
use std::{mem::size_of, str::FromStr};
use std::{
mem::size_of,
net::{IpAddr, Ipv4Addr},
ops::RangeInclusive,
str::FromStr,
};

#[tokio::test]
async fn handle_forward() {
Expand Down Expand Up @@ -322,16 +338,19 @@ mod tests {
Ok(())
}

async fn internal_network_list(&mut self, network_list: &[&str]) -> Result<(), String> {
self.internal_network_list = network_list.len();
async fn internal_network_list(
&mut self,
network_list: HostNetworkGroup,
) -> Result<(), String> {
self.internal_network_list = network_list.hosts.len();
Ok(())
}
async fn allow_list(&mut self, allow_list: &[&str]) -> Result<(), String> {
self.allow_list = allow_list.len();
async fn allow_list(&mut self, allow_list: HostNetworkGroup) -> Result<(), String> {
self.allow_list = allow_list.networks.len();
Ok(())
}
async fn block_list(&mut self, block_list: &[&str]) -> Result<(), String> {
self.block_list = block_list.len();
async fn block_list(&mut self, block_list: HostNetworkGroup) -> Result<(), String> {
self.block_list = block_list.ip_ranges.len();
Ok(())
}
}
Expand Down Expand Up @@ -380,53 +399,59 @@ mod tests {
.await;
assert!(res.is_ok());

let network_list: Vec<String> = vec![
"10.0.1.1/24".to_string(),
"10.0.3.1/28".to_string(),
"10.0.5.1/21".to_string(),
];
let mut buf = Vec::new();
let input_internal_list = HostNetworkGroup {
hosts: vec![
IpAddr::V4(Ipv4Addr::new(10, 0, 9, 1)),
IpAddr::V4(Ipv4Addr::new(10, 0, 9, 2)),
IpAddr::V4(Ipv4Addr::new(10, 0, 9, 3)),
],
networks: Vec::new(),
ip_ranges: Vec::new(),
};

let res = message::send_request(
&mut channel.client.send,
&mut buf,
RequestCode::InternalNetworkList,
network_list,
input_internal_list,
)
.await;
assert!(res.is_ok());

let allow_list: Vec<String> = vec![
"100.200.1.1/24".to_string(),
"100.200.3.1/28".to_string(),
"100.200.5.1/21".to_string(),
"100.200.7.1/23".to_string(),
"100.200.9.1/25".to_string(),
];
let input_allow_list = HostNetworkGroup {
hosts: Vec::new(),
networks: vec![
IpNet::from_str("192.168.1.0/24").unwrap(),
IpNet::from_str("10.80.10.10/32").unwrap(),
],
ip_ranges: Vec::new(),
};

let mut buf = Vec::new();
let res = message::send_request(
&mut channel.client.send,
&mut buf,
RequestCode::AllowList,
allow_list,
input_allow_list,
)
.await;
assert!(res.is_ok());

let block_list: Vec<String> = vec![
"50.30.1.1/24".to_string(),
"50.30.3.1/28".to_string(),
"50.30.5.1/23".to_string(),
"50.30.6.1/22".to_string(),
"50.30.7.1/25".to_string(),
"50.30.8.1/27".to_string(),
"50.30.9.1/21".to_string(),
];
let input_block_list = HostNetworkGroup {
hosts: Vec::new(),
networks: Vec::new(),
ip_ranges: vec![RangeInclusive::new(
IpAddr::V4(Ipv4Addr::new(10, 80, 10, 10)),
IpAddr::V4(Ipv4Addr::new(10, 80, 10, 20)),
)],
};

let mut buf = Vec::new();
let res = message::send_request(
&mut channel.client.send,
&mut buf,
RequestCode::BlockList,
block_list,
input_block_list,
)
.await;
assert!(res.is_ok());
Expand All @@ -450,8 +475,8 @@ mod tests {
assert_eq!(handler.filter_rules, 2);
assert_eq!(handler.trusted_domains, 2);
assert_eq!(handler.internal_network_list, 3);
assert_eq!(handler.allow_list, 5);
assert_eq!(handler.block_list, 7);
assert_eq!(handler.allow_list, 2);
assert_eq!(handler.block_list, 1);

frame::recv_raw(&mut channel.client.recv, &mut buf)
.await
Expand Down

0 comments on commit 5b891e1

Please sign in to comment.