use a default config and rules

README.md

@@ -2,7 +2,11 @@
 ![Tests](https://github.com/mushorg/glutton/actions/workflows/workflow.yml/badge.svg)
 [![GoDoc](https://godoc.org/github.com/mushorg/glutton?status.svg)](https://godoc.org/github.com/mushorg/glutton)
 
-Setup `go 1.17`. Install required system packages:
+Setup `go 1.21`. 
+
+Install required system packages:
+
+Debian(ish)
 ```
 apt-get install gcc libpcap-dev iptables
 ```
@@ -12,11 +16,6 @@ Arch:
 pacman -S gcc libpcap iptables
 ```
 
-To change your SSH server default port (i.e. 5001, see `rules.yaml`) and restart SSHD:
-```
-sed -i 's/[# ]*Port .*/Port 5001/g' /etc/ssh/sshd_config
-```
-
 Build glutton:
 ```
 make build

app/server.go

@@ -65,7 +65,6 @@ func main() {
 			fmt.Println("stacktrace from panic: \n" + string(debug.Stack()))
 		}
 		exitMtx.Lock()
-		fmt.Println("\nshutting down...")
 		gtn.Shutdown()
 	}
 	defer exit()

config/rules.yaml

@@ -1,7 +1,4 @@
 rules:
-  - match: tcp dst port 5001
-    type: passthrough
-    name: ssh
   - match: tcp dst port 23 or port 2323 or port 23231
     type: conn_handler
     target: telnet
@@ -29,9 +26,6 @@ rules:
   - match: tcp dst port 5222 or port 5223
     type: conn_handler
     target: jabber
-  - match: tcp dst port 1080
-    type: passthrough
-    name: http
   - match: tcp dst port 11211
     type: conn_handler
     target: memcache

config/schema.json

@@ -40,14 +40,6 @@
                 "type"
             ],
             "title": "Rule"
-        },
-        "Type": {
-            "type": "string",
-            "enum": [
-                "passthrough",
-                "conn_handler"
-            ],
-            "title": "Type"
         }
     }
 }

glutton.go

@@ -1,7 +1,9 @@
 package glutton
 
 import (
+	"bytes"
 	"context"
+	_ "embed"
 	"fmt"
 	"io"
 	"log/slog"
@@ -37,17 +39,24 @@ type Glutton struct {
 	publicAddrs         []net.IP
 }
 
+//go:embed config/rules.yaml
+var defaultRules []byte
+
 func (g *Glutton) initConfig() error {
 	viper.SetConfigName("config")
 	viper.AddConfigPath(viper.GetString("confpath"))
-	if err := viper.ReadInConfig(); err != nil {
-		return err
+	if _, err := os.Stat(viper.GetString("confpath")); !os.IsNotExist(err) {
+		if err := viper.ReadInConfig(); err != nil {
+			return err
+		}
 	}
 	// If no config is found, use the defaults
-	viper.SetDefault("ports.glutton_server", 5000)
+	viper.SetDefault("ports.tcp", 5000)
+	viper.SetDefault("ports.udp", 5001)
 	viper.SetDefault("max_tcp_payload", 4096)
+	viper.SetDefault("conn_timeout", 45)
 	viper.SetDefault("rules_path", "rules/rules.yaml")
-	g.Logger.Debug("configuration loaded successfully", slog.String("reporter", "glutton"))
+	g.Logger.Debug("configuration set successfully", slog.String("reporter", "glutton"))
 	return nil
 }
 
@@ -71,13 +80,21 @@ func New(ctx context.Context) (*Glutton, error) {
 		return nil, err
 	}
 
+	var rulesFile io.ReadCloser
+
 	rulesPath := viper.GetString("rules_path")
-	rulesFile, err := os.Open(rulesPath)
-	if err != nil {
-		return nil, err
+	if _, err := os.Stat(rulesPath); !os.IsNotExist(err) {
+		rulesFile, err = os.Open(rulesPath)
+		if err != nil {
+			return nil, err
+		}
+		defer rulesFile.Close()
+	} else {
+		g.Logger.Warn("No rules file found, using default rules", slog.String("reporter", "glutton"))
+		rulesFile = io.NopCloser(bytes.NewBuffer(defaultRules))
 	}
-	defer rulesFile.Close()
 
+	var err error
 	g.rules, err = rules.ParseRuleSpec(rulesFile)
 	if err != nil {
 		return nil, err
@@ -317,9 +334,11 @@ func (g *Glutton) Shutdown() {
 		g.Logger.Error("failed to shutdown server", producer.ErrAttr(err))
 	}
 
+	g.Logger.Info("FLushing TCP iptables")
 	if err := flushTProxyIPTables(viper.GetString("interface"), g.publicAddrs[0].String(), "tcp", uint32(g.Server.tcpPort)); err != nil {
 		g.Logger.Error("failed to drop tcp iptables", producer.ErrAttr(err))
 	}
+	g.Logger.Info("FLushing UDP iptables")
 	if err := flushTProxyIPTables(viper.GetString("interface"), g.publicAddrs[0].String(), "udp", uint32(g.Server.udpPort)); err != nil {
 		g.Logger.Error("failed to drop udp iptables", producer.ErrAttr(err))
 	}

rules/rules.go

@@ -2,8 +2,8 @@ package rules
 
 import (
 	"fmt"
+	"io"
 	"net"
-	"os"
 	"strconv"
 	"time"
 
@@ -20,7 +20,6 @@ const (
 	Rewrite RuleType = iota
 	UserConnHandler
 	Drop
-	PassThrough
 )
 
 type Config struct {
@@ -45,7 +44,7 @@ func (r *Rule) String() string {
 	return fmt.Sprintf("Rule: %s", r.Match)
 }
 
-func ParseRuleSpec(file *os.File) (Rules, error) {
+func ParseRuleSpec(file io.Reader) (Rules, error) {
 	config := &Config{}
 	if err := yaml.NewDecoder(file).Decode(config); err != nil {
 		return nil, err
@@ -75,8 +74,6 @@ func InitRule(idx int, rule *Rule) error {
 		rule.ruleType = UserConnHandler
 	case "drop":
 		rule.ruleType = Drop
-	case "passthrough":
-		rule.ruleType = PassThrough
 	default:
 		return fmt.Errorf("unknown rule type: %s", rule.Type)
 	}

rules/test.yaml

@@ -1,7 +1,4 @@
 rules:
-  - match: tcp dst port 5001
-    type: passthrough
-    name: ssh
   - match: tcp dst port 22 or port 2222
     type: conn_handler
     name: proxy_ssh

server.go

@@ -45,11 +45,14 @@ func (s *Server) Start() error {
 }
 
 func (s *Server) Shutdown() error {
+	var err error
 	if s.tcpListener != nil {
-		return s.tcpListener.Close()
+		println("closing tcp listener")
+		err = s.tcpListener.Close()
 	}
 	if s.udpListener != nil {
-		return s.udpListener.Close()
+		println("closing udp listener")
+		err = s.udpListener.Close()
 	}
-	return nil
+	return err
 }