diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2019-05-03 16:53:05 +0200 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2019-05-03 16:53:05 +0200 |
commit | 9316f1c3d4fc47fb4f806d9554bfc78a4a7357ed (patch) | |
tree | 18943c62deb6aa40cdaa4a2b6cad931546d0ff43 /service/service_tunnel.go | |
parent | firewall: introduce incomplete untested prototype (diff) | |
download | wireguard-windows-9316f1c3d4fc47fb4f806d9554bfc78a4a7357ed.tar.xz wireguard-windows-9316f1c3d4fc47fb4f806d9554bfc78a4a7357ed.zip |
service: wire up firewall
Diffstat (limited to 'service/service_tunnel.go')
-rw-r--r-- | service/service_tunnel.go | 45 |
1 files changed, 29 insertions, 16 deletions
diff --git a/service/service_tunnel.go b/service/service_tunnel.go index 419cfdbe..01e7b417 100644 --- a/service/service_tunnel.go +++ b/service/service_tunnel.go @@ -119,47 +119,45 @@ func (service *tunnelService) Execute(args []string, r <-chan svc.ChangeRequest, logger = &device.Logger{stdLog, stdLog, stdLog} logger.Info.Println("Starting wireguard-go version", device.WireGuardGoVersion) - logger.Debug.Println("Debug log enabled") + logger.Info.Println("Resolving DNS names") uapiConf, err := conf.ToUAPI() if err != nil { serviceError = ErrorDNSLookup return } + logger.Info.Println("Creating Wintun device") wintun, err := tun.CreateTUN(conf.Name) if err != nil { serviceError = ErrorCreateWintun return } + logger.Info.Println("Determining Wintun device name") realInterfaceName, err := wintun.Name() if err != nil { serviceError = ErrorDetermineWintunName return } conf.Name = realInterfaceName + nativeTun := wintun.(*tun.NativeTun) + + logger.Info.Println("Enabling firewall rules") + err = enableFirewall(conf, nativeTun) + if err != nil { + serviceError = ErrorFirewall + return + } + logger.Info.Println("Creating interface instance") dev = device.NewDevice(wintun, logger) - dev.Up() - logger.Info.Println("Device started") + logger.Info.Println("Setting interface configuration") uapi, err = ipc.UAPIListen(conf.Name) if err != nil { serviceError = ErrorUAPIListen return } - - go func() { - for { - conn, err := uapi.Accept() - if err != nil { - continue - } - go dev.IpcHandle(conn) - } - }() - logger.Info.Println("UAPI listener started") - ipcErr := dev.IpcSetOperation(bufio.NewReader(strings.NewReader(uapiConf))) if ipcErr != nil { err = ipcErr @@ -167,21 +165,36 @@ func (service *tunnelService) Execute(args []string, r <-chan svc.ChangeRequest, return } - nativeTun := wintun.(*tun.NativeTun) + logger.Info.Println("Bringing peers up") + dev.Up() + logger.Info.Println("Monitoring default routes") routeChangeCallback, err = monitorDefaultRoutes(dev, conf.Interface.Mtu == 0, nativeTun) if err != nil { serviceError = ErrorBindSocketsToDefaultRoutes return } + logger.Info.Println("Setting device address") err = configureInterface(conf, nativeTun) if err != nil { serviceError = ErrorSetNetConfig return } + logger.Info.Println("Listening for UAPI requests") + go func() { + for { + conn, err := uapi.Accept() + if err != nil { + continue + } + go dev.IpcHandle(conn) + } + }() + changes <- svc.Status{State: svc.Running, Accepts: svc.AcceptStop} + logger.Info.Println("Startup complete") for { select { |