Blame - src/main-firewall.cpp - CzechLight/velia

blob: 8cf58a60c7821188f62974963b49e52beef20f98 [file] [log] [blame]

Václav Kubernát	d386aba	2021-01-19 10:03:28 +0100	[diff] [blame]	1	#include <boost/process.hpp>
				2	#include <docopt.h>
				3	#include <spdlog/sinks/ansicolor_sink.h>
				4	#include <spdlog/spdlog.h>
				5	#include <sysrepo-cpp/Session.hpp>
				6	#include <unistd.h>
				7	#include "VELIA_VERSION.h"
				8	#include "firewall/Firewall.h"
Václav Kubernát	de0e4e6	2021-02-08 17:46:14 +0100	[diff] [blame]	9	#include "system_vars.h"
Václav Kubernát	d386aba	2021-01-19 10:03:28 +0100	[diff] [blame]	10	#include "utils/exceptions.h"
Václav Kubernát	6d9357e	2021-01-28 15:38:24 +0100	[diff] [blame]	11	#include "utils/exec.h"
Václav Kubernát	d386aba	2021-01-19 10:03:28 +0100	[diff] [blame]	12	#include "utils/journal.h"
				13	#include "utils/log-init.h"
Václav Kubernát	6018f08	2021-02-11 01:32:18 +0100	[diff] [blame]	14	#include "utils/log.h"
Václav Kubernát	d386aba	2021-01-19 10:03:28 +0100	[diff] [blame]	15	#include "utils/waitUntilSignalled.h"
				16
Václav Kubernát	d386aba	2021-01-19 10:03:28 +0100	[diff] [blame]	17	static const char usage[] =
				18	R"(Bridge between sysrepo and nftables.
				19
				20	Usage:
				21	veliad-firewall
				22	[--sysrepo-log-level=<Level>]
				23	[--firewall-log-level=<Level>]
				24	veliad-firewall (-h \| --help)
				25	veliad-firewall --version
				26
				27	Options:
				28	-h --help Show this screen.
				29	--version Show version.
				30	--firewall-log-level=<N> Log level for the firewall [default: 3]
Václav Kubernát	5f57dec	2021-02-11 02:02:46 +0100	[diff] [blame^]	31	--sysrepo-log-level=<N> Log level for the sysrepo library [default: 2]
				32	(0 -> critical, 1 -> error, 2 -> warning, 3 -> info,
				33	4 -> debug, 5 -> trace)
Václav Kubernát	d386aba	2021-01-19 10:03:28 +0100	[diff] [blame]	34	)";
				35
				36	int main(int argc, char* argv[])
				37	{
				38	std::shared_ptr<spdlog::sinks::sink> loggingSink;
				39	if (velia::utils::isJournaldActive()) {
				40	loggingSink = velia::utils::create_journald_sink();
				41	} else {
				42	loggingSink = std::make_shared<spdlog::sinks::ansicolor_stderr_sink_mt>();
				43	}
				44
Tomáš Pecka	c50ec9e	2021-01-27 12:22:42 +0100	[diff] [blame]	45	auto args = docopt::docopt(usage, {argv + 1, argv + argc}, true, "veliad-firewall " VELIA_VERSION, true);
Václav Kubernát	d386aba	2021-01-19 10:03:28 +0100	[diff] [blame]	46
				47	velia::utils::initLogs(loggingSink);
				48	spdlog::set_level(spdlog::level::info);
				49
				50	try {
				51	spdlog::get("firewall")->set_level(parseLogLevel("Firewall logging", args["--firewall-log-level"]));
				52	spdlog::get("sysrepo")->set_level(parseLogLevel("Sysrepo library", args["--sysrepo-log-level"]));
				53
				54	spdlog::get("main")->debug("Opening Sysrepo connection");
				55	auto srConn = std::make_shared<sysrepo::Connection>();
				56	auto srSess = std::make_shared<sysrepo::Session>(srConn);
				57	velia::firewall::SysrepoFirewall firewall(srSess, [] (const auto& config) {
				58	spdlog::get("firewall")->debug("running nft...");
Václav Kubernát	de0e4e6	2021-02-08 17:46:14 +0100	[diff] [blame]	59	velia::utils::execAndWait(spdlog::get("firewall"), NFT_EXECUTABLE, {"-f", "-"}, config);
Václav Kubernát	d386aba	2021-01-19 10:03:28 +0100	[diff] [blame]	60
Václav Kubernát	d386aba	2021-01-19 10:03:28 +0100	[diff] [blame]	61	spdlog::get("firewall")->debug("nft config applied.");
				62	});
				63
				64	waitUntilSignaled();
				65
				66	spdlog::get("main")->info("Exiting.");
				67
				68	return 0;
				69	} catch (std::exception& e) {
				70	velia::utils::fatalException(spdlog::get("main"), e, "main");
				71	}
				72	}