Init to write go netfilter queue to increase performance

2022-07-13 16:57:39 +02:00
parent d25c8d9df6
commit 6858184fc6
4 changed files with 140 additions and 0 deletions
--- a/backend/nfqueue/go.mod
+++ b/backend/nfqueue/go.mod
@@ -0,0 +1,7 @@
+module main
+
+go 1.18
+
+require github.com/DomySh/go-netfilter-queue v0.0.0-20220713124014-7261f0df2c15
+
+require github.com/google/gopacket v1.1.19 // indirect
--- a/backend/nfqueue/go.sum
+++ b/backend/nfqueue/go.sum
@@ -0,0 +1,16 @@
+github.com/DomySh/go-netfilter-queue v0.0.0-20220713124014-7261f0df2c15 h1:6v9D8bG3oR0dJFMuEeEAg8Xwn436Ziv+P7QWS04wAG8=
+github.com/DomySh/go-netfilter-queue v0.0.0-20220713124014-7261f0df2c15/go.mod h1:VdJ6kqHln0XlrhuxQM6eBjRIHCzvAMgcZDAtyD/GU5s=
+github.com/google/gopacket v1.1.19 h1:ves8RnFZPGiFnTS0uPQStjwru6uO6h+nlr9j6fL7kF8=
+github.com/google/gopacket v1.1.19/go.mod h1:iJ8V8n6KS+z2U1A8pUwu8bW5SyEMkXJB8Yo/Vo+TKTo=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
+golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
+golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
+golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
--- a/backend/nfqueue/main
+++ b/backend/nfqueue/main
--- a/backend/nfqueue/main.go
+++ b/backend/nfqueue/main.go
@@ -0,0 +1,117 @@
+package main
+
+import (
+	"bufio"
+	"fmt"
+	"log"
+	"os"
+	"os/user"
+	"strconv"
+
+	"github.com/DomySh/go-netfilter-queue"
+)
+
+const QUEUE_BASE_NUM = 1000
+const MAX_PACKET_IN_QUEUE = 100
+
+func handle_packets(packets <-chan netfilter.NFPacket) {
+	for true {
+		select {
+		case p := <-packets:
+			//fmt.Println(p.Packet)
+			p.SetVerdict(netfilter.NF_ACCEPT)
+		}
+	}
+}
+
+func isRoot() bool {
+	currentUser, err := user.Current()
+	if err != nil {
+		log.Fatalf("[isRoot] Unable to get current user: %s", err)
+	}
+	return currentUser.Username == "root"
+}
+
+/*
+
+starts = QUEUE_BASE_NUM
+while True:
+        if starts >= 65536:
+        raise Exception("Netfilter queue is full!")
+        queue_ids = list(range(starts,starts+n_threads))
+        try:
+        ictor.start(func_wrap, queue_ids=queue_ids)
+        break
+        except interceptor.UnableToBindException as e:
+        starts = e.queue_id + 1
+return ictor, (starts, starts+n_threads-1)
+
+*/
+func create_queue_seq(num int) ([]*netfilter.NFQueue, int, int) {
+	var queue_list = make([]*netfilter.NFQueue, num)
+	var err error
+	starts := QUEUE_BASE_NUM
+	for queue_list[0] == nil {
+		if starts+num-1 >= 65536 {
+			log.Fatalf("Netfilter queue is full!")
+			os.Exit(1)
+		}
+		for i := 0; i < len(queue_list); i++ {
+			queue_list[i], err = netfilter.NewNFQueue(uint16(starts+num-1-i), MAX_PACKET_IN_QUEUE, netfilter.NF_DEFAULT_PACKET_SIZE)
+			if err != nil {
+				for j := 0; j < i; j++ {
+					queue_list[j].Close()
+					queue_list[j] = nil
+				}
+				starts = starts + num - i
+				break
+			}
+		}
+
+	}
+	return queue_list, starts, starts + num - 1
+}
+
+func main() {
+	if !isRoot() {
+		log.Fatalf("[main] You must be root to run this program")
+		os.Exit(1)
+	}
+
+	number_of_queues := 1
+
+	if len(os.Args) >= 2 {
+		var err error
+		number_of_queues, err = strconv.Atoi(os.Args[1])
+		if err != nil {
+			log.Fatalf("[main] Invalid number of queues: %s", err)
+			os.Exit(1)
+		}
+	}
+
+	// Start the queue list
+	queue_list, starts_input, end_input := create_queue_seq(number_of_queues)
+	for _, queue := range queue_list {
+		defer queue.Close()
+		go handle_packets(queue.GetPackets())
+	}
+
+	queue_list, starts_output, end_output := create_queue_seq(number_of_queues)
+	for _, queue := range queue_list {
+		defer queue.Close()
+		go handle_packets(queue.GetPackets())
+	}
+
+	fmt.Println("QUEUE INPUT", starts_input, end_input, "OUTPUT", starts_output, end_output)
+
+	//Reading for new configuration
+	reader := bufio.NewReader(os.Stdin)
+	for true {
+		text, err := reader.ReadString('\n')
+		if err != nil {
+			log.Fatalf("[main] Unable to read from stdin: %s", err)
+			os.Exit(1)
+		}
+		fmt.Print(text)
+	}
+}