added ui ping/pong

2025-03-04 08:34:40 +01:00 · 2018-04-02 18:26:04 +02:00 · 2018-04-02 18:26:04 +02:00 · b5b4a56a45
commit b5b4a56a45
parent 36c9b515f1
4 changed files with 153 additions and 36 deletions
--- a/daemon/main.go
+++ b/daemon/main.go
@ -100,9 +100,11 @@ func onPacket(packet netfilter.NFPacket) {
 		return
 	}

+	// search a match in preloaded rules
 	r := rules.FindFirstMatch(con)
-	// no rule matched, prompt the user
 	if r == nil {
+		// no rule matched, send a request to the
+		// UI client if connected and running
 		r = uiClient.Ask(con)
 	}

--- a/daemon/ui/client.go
+++ b/daemon/ui/client.go
@ -1,6 +1,7 @@
 package ui

 import (
+	"fmt"
 	"net"
 	"sync"
 	"time"
@ -44,10 +45,20 @@ func NewClient(path string) *Client {
 func (c *Client) poller() {
 	log.Debug("UI service poller started for socket %s", c.socketPath)
 	t := time.NewTicker(time.Second * 1)
-	for _ = range t.C {
-		err := c.connect()
-		if err != nil {
+	for ts := range t.C {
+		if err := c.connect(); err != nil {
 			log.Warning("Error while connecting to UI service: %s", err)
+			continue
+		}
+
+		if c.con.GetState() == connectivity.Ready {
+			if err := c.ping(ts); err != nil {
+				log.Warning("Error while pinging UI service: %s", err)
+			} else {
+				log.Debug("Got pong")
+			}
+		} else {
+			log.Debug("Skipped ping/pong, connection not ready.")
 		}
 	}
 }
@ -73,6 +84,29 @@ func (c *Client) connect() (err error) {
 	return nil
 }

+func (c *Client) ping(ts time.Time) (err error) {
+	c.Lock()
+	defer c.Unlock()
+
+	if c.con == nil || c.client == nil {
+		return fmt.Errorf("service is not connected.")
+	}
+
+	ctx, cancel := context.WithTimeout(context.Background(), time.Second)
+	defer cancel()
+	reqId := uint64(ts.UnixNano())
+	pong, err := c.client.Ping(ctx, &protocol.PingRequest{Id: reqId})
+	if err != nil {
+		return err
+	}
+
+	if pong.Id != reqId {
+		return fmt.Errorf("Expected pong with id 0x%x, got 0x%x", reqId, pong.Id)
+	}
+
+	return nil
+}
+
 func (c *Client) Ask(con *conman.Connection) *rule.Rule {
 	c.Lock()
 	defer c.Unlock()
--- a/ui.proto/ui.pb.go
+++ b/ui.proto/ui.pb.go
@ -8,6 +8,8 @@ It is generated from these files:
 	ui.proto

 It has these top-level messages:
+	PingRequest
+	PingReply
 	RuleRequest
 	RuleReply
 */
@ -33,6 +35,38 @@ var _ = math.Inf
 // proto package needs to be updated.
 const _ = proto.ProtoPackageIsVersion2 // please upgrade the proto package

+type PingRequest struct {
+	Id uint64 `protobuf:"varint,1,opt,name=id" json:"id,omitempty"`
+}
+
+func (m *PingRequest) Reset()                    { *m = PingRequest{} }
+func (m *PingRequest) String() string            { return proto.CompactTextString(m) }
+func (*PingRequest) ProtoMessage()               {}
+func (*PingRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{0} }
+
+func (m *PingRequest) GetId() uint64 {
+	if m != nil {
+		return m.Id
+	}
+	return 0
+}
+
+type PingReply struct {
+	Id uint64 `protobuf:"varint,1,opt,name=id" json:"id,omitempty"`
+}
+
+func (m *PingReply) Reset()                    { *m = PingReply{} }
+func (m *PingReply) String() string            { return proto.CompactTextString(m) }
+func (*PingReply) ProtoMessage()               {}
+func (*PingReply) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{1} }
+
+func (m *PingReply) GetId() uint64 {
+	if m != nil {
+		return m.Id
+	}
+	return 0
+}
+
 type RuleRequest struct {
 	Protocol    string   `protobuf:"bytes,1,opt,name=protocol" json:"protocol,omitempty"`
 	SrcIp       string   `protobuf:"bytes,2,opt,name=src_ip,json=srcIp" json:"src_ip,omitempty"`
@ -48,7 +82,7 @@ type RuleRequest struct {
 func (m *RuleRequest) Reset()                    { *m = RuleRequest{} }
 func (m *RuleRequest) String() string            { return proto.CompactTextString(m) }
 func (*RuleRequest) ProtoMessage()               {}
-func (*RuleRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{0} }
+func (*RuleRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{2} }

 func (m *RuleRequest) GetProtocol() string {
 	if m != nil {
@ -124,7 +158,7 @@ type RuleReply struct {
 func (m *RuleReply) Reset()                    { *m = RuleReply{} }
 func (m *RuleReply) String() string            { return proto.CompactTextString(m) }
 func (*RuleReply) ProtoMessage()               {}
-func (*RuleReply) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{1} }
+func (*RuleReply) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{3} }

 func (m *RuleReply) GetName() string {
 	if m != nil {
@ -162,6 +196,8 @@ func (m *RuleReply) GetWith() string {
 }

 func init() {
+	proto.RegisterType((*PingRequest)(nil), "ui.PingRequest")
+	proto.RegisterType((*PingReply)(nil), "ui.PingReply")
 	proto.RegisterType((*RuleRequest)(nil), "ui.RuleRequest")
 	proto.RegisterType((*RuleReply)(nil), "ui.RuleReply")
 }
@ -177,6 +213,7 @@ const _ = grpc.SupportPackageIsVersion4
 // Client API for UI service

 type UIClient interface {
+	Ping(ctx context.Context, in *PingRequest, opts ...grpc.CallOption) (*PingReply, error)
 	AskRule(ctx context.Context, in *RuleRequest, opts ...grpc.CallOption) (*RuleReply, error)
 }

@ -188,6 +225,15 @@ func NewUIClient(cc *grpc.ClientConn) UIClient {
 	return &uIClient{cc}
 }

+func (c *uIClient) Ping(ctx context.Context, in *PingRequest, opts ...grpc.CallOption) (*PingReply, error) {
+	out := new(PingReply)
+	err := grpc.Invoke(ctx, "/ui.UI/Ping", in, out, c.cc, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
 func (c *uIClient) AskRule(ctx context.Context, in *RuleRequest, opts ...grpc.CallOption) (*RuleReply, error) {
 	out := new(RuleReply)
 	err := grpc.Invoke(ctx, "/ui.UI/AskRule", in, out, c.cc, opts...)
@ -200,6 +246,7 @@ func (c *uIClient) AskRule(ctx context.Context, in *RuleRequest, opts ...grpc.Ca
 // Server API for UI service

 type UIServer interface {
+	Ping(context.Context, *PingRequest) (*PingReply, error)
 	AskRule(context.Context, *RuleRequest) (*RuleReply, error)
 }

@ -207,6 +254,24 @@ func RegisterUIServer(s *grpc.Server, srv UIServer) {
 	s.RegisterService(&_UI_serviceDesc, srv)
 }

+func _UI_Ping_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(PingRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(UIServer).Ping(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: "/ui.UI/Ping",
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(UIServer).Ping(ctx, req.(*PingRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
 func _UI_AskRule_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
 	in := new(RuleRequest)
 	if err := dec(in); err != nil {
@ -229,6 +294,10 @@ var _UI_serviceDesc = grpc.ServiceDesc{
 	ServiceName: "ui.UI",
 	HandlerType: (*UIServer)(nil),
 	Methods: []grpc.MethodDesc{
+		{
+			MethodName: "Ping",
+			Handler:    _UI_Ping_Handler,
+		},
 		{
 			MethodName: "AskRule",
 			Handler:    _UI_AskRule_Handler,
@ -241,24 +310,27 @@ var _UI_serviceDesc = grpc.ServiceDesc{
 func init() { proto.RegisterFile("ui.proto", fileDescriptor0) }

 var fileDescriptor0 = []byte{
-	// 300 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x4c, 0x91, 0x4f, 0x4b, 0xc3, 0x40,
-	0x10, 0xc5, 0x6d, 0xda, 0xe6, 0xcf, 0xd4, 0x22, 0x2c, 0x28, 0x6b, 0x41, 0xa8, 0x3d, 0x15, 0x84,
-	0x82, 0xfa, 0x09, 0x7a, 0xb3, 0xb7, 0x12, 0xf0, 0x5c, 0xd6, 0x6c, 0x68, 0x16, 0x63, 0x77, 0xdd,
-	0x99, 0x20, 0xc5, 0xcf, 0xe0, 0x77, 0x96, 0x9d, 0x6c, 0xb5, 0xb7, 0x99, 0xf7, 0xdb, 0xf7, 0x48,
-	0xde, 0x40, 0xde, 0x99, 0x95, 0xf3, 0x96, 0xac, 0x48, 0x3a, 0xb3, 0xf8, 0x49, 0x60, 0x52, 0x76,
-	0x6d, 0x5d, 0xd6, 0x9f, 0x5d, 0x8d, 0x24, 0x66, 0x90, 0x33, 0xac, 0x6c, 0x2b, 0x07, 0xf3, 0xc1,
-	0xb2, 0x28, 0xff, 0x76, 0x71, 0x0d, 0x29, 0xfa, 0x6a, 0x67, 0x9c, 0x4c, 0x98, 0x8c, 0xd1, 0x57,
-	0x1b, 0x27, 0x6e, 0x21, 0x0f, 0xb2, 0xb3, 0x9e, 0xe4, 0x70, 0x3e, 0x58, 0x4e, 0xcb, 0x0c, 0x7d,
-	0xb5, 0xb5, 0x9e, 0x82, 0x43, 0x23, 0x05, 0xc7, 0xa8, 0x77, 0x68, 0xa4, 0xde, 0x11, 0xe4, 0xc6,
-	0x22, 0xc9, 0x31, 0x83, 0x4c, 0x23, 0xbd, 0x58, 0xa4, 0x13, 0xe2, 0xb0, 0xb4, 0x0f, 0xd3, 0x48,
-	0x1c, 0x76, 0x07, 0xe0, 0xbc, 0xad, 0x6a, 0xc4, 0x9d, 0xd1, 0x32, 0x63, 0x58, 0x44, 0x65, 0xa3,
-	0xc5, 0x3d, 0x5c, 0x9e, 0xb0, 0x53, 0xd4, 0xc8, 0x9c, 0x83, 0x27, 0x51, 0xdb, 0x2a, 0x6a, 0xce,
-	0x9f, 0x28, 0xbf, 0x47, 0x59, 0xcc, 0x87, 0x67, 0x4f, 0xd6, 0x7e, 0x8f, 0x8b, 0x6f, 0x28, 0xfa,
-	0x3a, 0x5c, 0x7b, 0x14, 0x02, 0x46, 0x07, 0xf5, 0x51, 0xc7, 0x22, 0x78, 0x16, 0x37, 0x90, 0xaa,
-	0x8a, 0x8c, 0x3d, 0xc4, 0x12, 0xe2, 0x16, 0x8a, 0xd3, 0x9d, 0x57, 0x4c, 0x86, 0x7d, 0x71, 0xa7,
-	0x3d, 0xe4, 0x7c, 0x35, 0x8a, 0x62, 0x09, 0x3c, 0xb3, 0x66, 0xa8, 0x89, 0xff, 0xcf, 0xf3, 0xd3,
-	0x23, 0x24, 0xaf, 0x1b, 0xf1, 0x00, 0xd9, 0x1a, 0xdf, 0xc3, 0x57, 0x88, 0xab, 0x55, 0x67, 0x56,
-	0x67, 0xe7, 0x99, 0x4d, 0xff, 0x05, 0xd7, 0x1e, 0x17, 0x17, 0x6f, 0x29, 0x5f, 0xe7, 0xf9, 0x37,
-	0x00, 0x00, 0xff, 0xff, 0xb5, 0x2d, 0x32, 0xfb, 0xd6, 0x01, 0x00, 0x00,
+	// 341 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x64, 0x51, 0xcd, 0x4a, 0xeb, 0x40,
+	0x14, 0x6e, 0xd3, 0x34, 0x3f, 0xa7, 0xb7, 0xf7, 0xc2, 0xc0, 0x95, 0x58, 0x29, 0xd4, 0xac, 0x0a,
+	0x42, 0x17, 0xfa, 0x04, 0xdd, 0xd9, 0x5d, 0x09, 0xb8, 0x72, 0x51, 0x62, 0x26, 0x34, 0x83, 0xb1,
+	0x33, 0xce, 0x39, 0x41, 0x8a, 0xcf, 0xe0, 0x3b, 0xcb, 0xfc, 0xa4, 0x06, 0xdc, 0x9d, 0xf3, 0xfd,
+	0x31, 0xf3, 0x1d, 0x48, 0x3a, 0xb1, 0x51, 0x5a, 0x92, 0x64, 0x41, 0x27, 0xf2, 0x25, 0xcc, 0xf6,
+	0xe2, 0x74, 0x2c, 0xea, 0xf7, 0xae, 0x46, 0x62, 0x7f, 0x21, 0x10, 0x3c, 0x1b, 0xaf, 0xc6, 0xeb,
+	0xb0, 0x08, 0x04, 0xcf, 0x6f, 0x20, 0x75, 0xb4, 0x6a, 0xcf, 0xbf, 0xc8, 0xaf, 0x00, 0x66, 0x45,
+	0xd7, 0xd6, 0xbd, 0x79, 0x01, 0x89, 0x0d, 0xae, 0x64, 0x6b, 0x55, 0x69, 0x71, 0xd9, 0xd9, 0x7f,
+	0x88, 0x50, 0x57, 0x07, 0xa1, 0xb2, 0xc0, 0x32, 0x53, 0xd4, 0xd5, 0x4e, 0xb1, 0x6b, 0x48, 0x0c,
+	0xac, 0xa4, 0xa6, 0x6c, 0xb2, 0x1a, 0xaf, 0xe7, 0x45, 0x8c, 0xba, 0xda, 0x4b, 0x4d, 0xc6, 0xc1,
+	0x91, 0x8c, 0x23, 0x74, 0x0e, 0x8e, 0xe4, 0x1c, 0x06, 0x6e, 0x24, 0x52, 0x36, 0xb5, 0x44, 0xcc,
+	0x91, 0x1e, 0x25, 0x52, 0x4f, 0xd9, 0xb0, 0xc8, 0x85, 0x71, 0x24, 0x1b, 0xb6, 0x04, 0x50, 0x5a,
+	0x56, 0x35, 0xe2, 0x41, 0xf0, 0x2c, 0xb6, 0x64, 0xea, 0x91, 0x1d, 0x67, 0xb7, 0xf0, 0xa7, 0xa7,
+	0x55, 0x49, 0x4d, 0x96, 0xd8, 0xe0, 0x99, 0xc7, 0xf6, 0x25, 0x35, 0x43, 0x49, 0xa9, 0x8f, 0x98,
+	0xa5, 0xab, 0xc9, 0x40, 0xb2, 0xd5, 0x47, 0xcc, 0x3f, 0x21, 0x75, 0x75, 0x98, 0xb2, 0x18, 0x84,
+	0xa7, 0xf2, 0xad, 0xf6, 0x45, 0xd8, 0x99, 0x5d, 0x41, 0x54, 0x56, 0x24, 0xe4, 0xc9, 0x97, 0xe0,
+	0x37, 0x53, 0x1c, 0xef, 0x74, 0x69, 0x99, 0x89, 0x2b, 0xae, 0xdf, 0x4d, 0xce, 0x47, 0x53, 0x92,
+	0x2f, 0xc1, 0xce, 0x16, 0x13, 0xd4, 0xf8, 0xff, 0xdb, 0xf9, 0xfe, 0x19, 0x82, 0xa7, 0x1d, 0x5b,
+	0x43, 0x68, 0xee, 0xc5, 0xfe, 0x6d, 0x3a, 0xb1, 0x19, 0x1c, 0x76, 0x31, 0xff, 0x01, 0x54, 0x7b,
+	0xce, 0x47, 0xec, 0x0e, 0xe2, 0x2d, 0xbe, 0x9a, 0xf7, 0x3a, 0xf1, 0xe0, 0x90, 0x4e, 0x7c, 0xf9,
+	0x4a, 0x3e, 0x7a, 0x89, 0xec, 0x1d, 0x1f, 0xbe, 0x03, 0x00, 0x00, 0xff, 0xff, 0xd9, 0x36, 0xbf,
+	0xe7, 0x3c, 0x02, 0x00, 0x00,
 }
--- a/ui.proto/ui.proto
+++ b/ui.proto/ui.proto
@ -3,19 +3,28 @@ syntax = "proto3";
 package ui;

 service UI {
-  rpc AskRule (RuleRequest) returns (RuleReply) {}
+    rpc Ping(PingRequest) returns (PingReply) {}
+    rpc AskRule (RuleRequest) returns (RuleReply) {}
+}
+
+message PingRequest {
+    uint64 id = 1;
+}
+
+message PingReply {
+    uint64 id = 1;
 }

 message RuleRequest {
-  string protocol = 1;
-  string src_ip = 2;
-  uint32 src_port = 3;
-  string dst_ip = 4;
-  string dst_host = 5;
-  uint32 dst_port = 6;
-  uint32 process_id = 7;
-  string process_path = 8;
-  repeated string process_args = 9;
+    string protocol = 1;
+    string src_ip = 2;
+    uint32 src_port = 3;
+    string dst_ip = 4;
+    string dst_host = 5;
+    uint32 dst_port = 6;
+    uint32 process_id = 7;
+    string process_path = 8;
+    repeated string process_args = 9;
 }

 message RuleReply {