First basic version

- NFT and DNS Update skeletons
- Integrated viper configuration management
- Integrated cobra CLI management
- Basic webservice skeleton

service/clientinfo.go

@@ -0,0 +1,70 @@
+package service
+
+import (
+	"errors"
+	"fmt"
+	"net"
+	"net/url"
+)
+
+type ClientInfo struct {
+	IPv4      net.IP
+	IPv6      net.IP
+	UserName  string
+	Password  string
+	Domain    string
+	DualStack bool
+	IPv6Net   *net.IPNet
+}
+
+func (ci *ClientInfo) String() string {
+	return fmt.Sprintf("IPv4: %v, IPv6: %v, UserName: %v, Password: %v, Domain: %v, DualStack: %v, IPv6Net: %v",
+		ci.IPv4, ci.IPv6, ci.UserName, ci.Password, ci.Domain, ci.DualStack, ci.IPv6Net)
+}
+
+func CreateClientInfoFromForm(form url.Values) (*ClientInfo, error) {
+	ci := &ClientInfo{}
+
+	if form.Get("IPv4") != "" {
+		if ci.IPv4 = net.ParseIP(form.Get("IPv4")); ci.IPv4 == nil {
+			return nil, errors.New("could not parse IPv4 address")
+		}
+	}
+
+	if form.Get("IPv6") != "" {
+		if ci.IPv6 = net.ParseIP(form.Get("IPv6")); ci.IPv6 == nil {
+			return nil, errors.New("could not parse IPv6 address")
+		}
+	}
+
+	ci.UserName = form.Get("UserName")
+	if ci.UserName == "" {
+		return nil, errors.New("a UserName must be specified")
+	}
+
+	ci.Password = form.Get("Password")
+	if ci.Password == "" {
+		return nil, errors.New("a Password must be specified")
+	}
+
+	ci.Domain = form.Get("Domain")
+	if ci.Domain == "" {
+		return nil, errors.New("a Domain must be specified")
+	}
+
+	if form.Get("DualStack") == "1" {
+		ci.DualStack = true
+	} else {
+		ci.DualStack = false
+	}
+
+	if ip6net := form.Get("IPv6Net"); ip6net != "" {
+		_, ipnet, err := net.ParseCIDR(ip6net)
+		if err != nil {
+			return nil, errors.New("could not parse IPv6Net")
+		}
+		ci.IPv6Net = ipnet
+	}
+
+	return ci, nil
+}

service/config.go

@@ -0,0 +1,24 @@
+package service
+
+import "github.com/spf13/viper"
+
+type config struct {
+	DNSServer  string
+	DefaultTTL uint32
+}
+
+var C config
+
+func init() {
+	SetConfigDefaults()
+}
+
+func SetConfigDefaults() {
+	viper.SetDefault("Service.DNS.Server", "10.10.11.254:53")
+	viper.SetDefault("Service.DNS.DefaultTTL", 60)
+}
+
+func LoadConfig() {
+	C.DNSServer = viper.GetString("Service.DNS.Server")
+	C.DefaultTTL = viper.GetUint32("Service.DNS.DefaultTTL")
+}

service/dns.go

@@ -0,0 +1,79 @@
+package service
+
+import (
+	"fmt"
+	"log"
+	"net"
+
+	"github.com/miekg/dns"
+)
+
+var dnsClient dns.Client
+
+func init() {
+	dnsClient = dns.Client{
+		Net: "tcp",
+	}
+}
+
+func UpdateDNSEntry(domain string, hostname string, ip4 net.IP, ip6 net.IP) error {
+	if ip4 == nil && ip6 == nil {
+		return fmt.Errorf("at least one of --ipv4 and --ipv6 have to be set")
+	}
+
+	msg := new(dns.Msg)
+	fqdn := fmt.Sprintf("%s.%s.", hostname, domain)
+	zone := fmt.Sprintf("%s.", domain)
+
+	msg.SetUpdate(zone)
+	msg.RemoveName([]dns.RR{
+		&dns.RR_Header{Name: fqdn},
+	})
+
+	var rrs []dns.RR
+
+	if ip4 != nil {
+		ip4bin := ip4.To4()
+		if ip4bin == nil {
+			return fmt.Errorf("ip4 (%v) is not a valid IPv4 address", ip4)
+		}
+		rrs = append(rrs, &dns.A{
+			Hdr: dns.RR_Header{
+				Name:   fqdn,
+				Rrtype: dns.TypeA,
+				Class:  dns.ClassINET,
+				Ttl:    C.DefaultTTL,
+			},
+			A: ip4bin,
+		})
+	}
+
+	if ip6 != nil {
+		ip6bin := ip6.To16()
+		if ip6bin == nil {
+			return fmt.Errorf("ip6 (%v) is not a valid IPv6 address", ip4)
+		}
+		rrs = append(rrs, &dns.AAAA{
+			Hdr: dns.RR_Header{
+				Name:   fqdn,
+				Rrtype: dns.TypeAAAA,
+				Class:  dns.ClassINET,
+				Ttl:    C.DefaultTTL,
+			},
+			AAAA: ip6bin,
+		})
+	}
+
+	msg.Insert(rrs)
+
+	log.Printf("Sending DNS Update: %v", msg)
+
+	reply, _, err := dnsClient.Exchange(msg, C.DNSServer)
+	if err != nil {
+		return fmt.Errorf("failed to execute DNS Udpate: %v", err)
+	}
+
+	log.Printf("Received DNS Update Reply: %v", reply)
+
+	return nil
+}

service/nftables.go

@@ -0,0 +1,82 @@
+package service
+
+import (
+	"fmt"
+	"net"
+	"runtime"
+
+	"github.com/google/nftables"
+)
+
+func UpdateNFTSets(tableName string, set4name string, ip4 net.IP, set6name string, ip6 net.IP) error {
+	runtime.LockOSThread()
+	defer runtime.UnlockOSThread()
+
+	conn := &nftables.Conn{}
+
+	tables, err := conn.ListTables()
+	if err != nil {
+		return fmt.Errorf("could not list NFT tables: %v", err)
+	}
+
+	var table *nftables.Table = nil
+	for _, t := range tables {
+		if t.Name == tableName {
+			if table == nil {
+				table = t
+			} else {
+				return fmt.Errorf("found two tables with name %s", tableName)
+			}
+		}
+	}
+	if table == nil {
+		return fmt.Errorf("could not find table %s", tableName)
+	}
+
+	if ip4 != nil {
+		ip4bin := ip4.To4()
+		if ip4bin == nil {
+			return fmt.Errorf("ipv4 must be a valid IPv4 address")
+		}
+
+		set4, err := conn.GetSetByName(table, set4name)
+		if err != nil {
+			return fmt.Errorf("could not find IPv4 NFT set %s: %v", set4name, err)
+		}
+		if set4.KeyType.GetNFTMagic() != nftables.TypeIPAddr.GetNFTMagic() {
+			return fmt.Errorf("the NFT set %s is not of type ip", set4name)
+		}
+
+		conn.FlushSet(set4)
+
+		err = conn.SetAddElements(set4, []nftables.SetElement{{Key: ip4bin}})
+		if err != nil {
+			return fmt.Errorf("failed to add IP %v to set %s: %v", ip4, set4name, err)
+		}
+	}
+
+	if ip6 != nil {
+		ip6bin := ip6.To16()
+		if ip6bin == nil {
+			return fmt.Errorf("ipv6 must be a valid IPv6 address")
+		}
+
+		set6, err := conn.GetSetByName(table, set6name)
+		if err != nil {
+			return fmt.Errorf("could not find IPv6 NFT set %s: %v", set6name, err)
+		}
+		if set6.KeyType.GetNFTMagic() != nftables.TypeIP6Addr.GetNFTMagic() {
+			return fmt.Errorf("the NFT set %s is not of type ip6", set6name)
+		}
+
+		conn.FlushSet(set6)
+
+		err = conn.SetAddElements(set6, []nftables.SetElement{{Key: ip6bin}})
+		if err != nil {
+			return fmt.Errorf("failed to add IP %v to set %s: %v", ip6, set6name, err)
+		}
+	}
+
+	conn.Flush()
+	return nil
+}