From 9181ce19c976af2b8e15b257fdd521e355572692 Mon Sep 17 00:00:00 2001 From: "Zed A. Shaw" Date: Sat, 13 Dec 2025 22:44:13 -0500 Subject: [PATCH] Renamed the processes to more match what they do. --- .gitignore | 2 +- Makefile | 10 ++--- cmd/dblocker/main.go | 77 ++++++++++++++++++++++++++++++++++++++ cmd/dentata/main.go | 74 +++++++++++++++++++++--------------- cmd/landmine/main.go | 89 -------------------------------------------- 5 files changed, 126 insertions(+), 126 deletions(-) create mode 100644 cmd/dblocker/main.go delete mode 100644 cmd/landmine/main.go diff --git a/.gitignore b/.gitignore index 4e6c6d8..64d5b38 100644 --- a/.gitignore +++ b/.gitignore @@ -31,4 +31,4 @@ public ffmpeg* renders dentata -landmine +dblocker diff --git a/Makefile b/Makefile index 12fa2ee..88fe5f9 100644 --- a/Makefile +++ b/Makefile @@ -1,15 +1,15 @@ build: go build ./cmd/dentata - go build ./cmd/landmine + go build ./cmd/dblocker clean: - rm dentata landmine + rm -f dentata dblocker -run_server: build +run_dentata: build ./dentata -run_mine: build - ./landmine +run_blocker: build + ./dblocker docs: pkgsite -open diff --git a/cmd/dblocker/main.go b/cmd/dblocker/main.go new file mode 100644 index 0000000..aac9675 --- /dev/null +++ b/cmd/dblocker/main.go @@ -0,0 +1,77 @@ +package main + +import ( + "fmt" + "net" + "log" + "bufio" + "flag" + "os/exec" +) + +type Options struct { + Addr string +} + +func ParseOptions() Options { + var opts Options + + flag.StringVar(&opts.Addr, "addr", "127.0.0.1:9001", "address to bind to recv blocks") + flag.Parse() + + return opts +} + +func handleConnection(conn net.Conn) { + defer conn.Close() + + scan := bufio.NewScanner(conn) + + for scan.Scan() { + addr, _, err := net.SplitHostPort(scan.Text()) + if err != nil { + fmt.Println("Invalid host:port") + continue + } + + if addr == "127.0.0.1" { + fmt.Println("IGNORE", addr) + continue + } + + fmt.Println("BLOCK: ", addr) + + cmd := exec.Command("nft", + "add", "rule", "inet", + "dentata", "input", + "ip", "saddr", + addr, "drop") + + err = cmd.Run() + if err != nil { + panic(err) + } + } +} + +func listener(addr string) { + server, err := net.Listen("tcp", addr) + + if err != nil { panic(err) } + + for { + conn, err := server.Accept() + + if err != nil { + log.Println("ACCEPT ERROR", err) + } else { + go handleConnection(conn) + } + } +} + +func main() { + opts := ParseOptions() + + listener(opts.Addr) +} diff --git a/cmd/dentata/main.go b/cmd/dentata/main.go index aac9675..6393992 100644 --- a/cmd/dentata/main.go +++ b/cmd/dentata/main.go @@ -4,56 +4,42 @@ import ( "fmt" "net" "log" - "bufio" + "sync" + "syscall" "flag" - "os/exec" ) type Options struct { - Addr string + ConfigPath string + Jail bool } func ParseOptions() Options { var opts Options - flag.StringVar(&opts.Addr, "addr", "127.0.0.1:9001", "address to bind to recv blocks") + flag.StringVar(&opts.ConfigPath, "config", "dentata.json", "config.json to load") + flag.BoolVar(&opts.Jail, "jail", false, "drop to low priv jail") + flag.Parse() return opts } + func handleConnection(conn net.Conn) { defer conn.Close() + addr := conn.RemoteAddr() + fmt.Println("Connect from", addr.Network(), addr.String()) - scan := bufio.NewScanner(conn) - - for scan.Scan() { - addr, _, err := net.SplitHostPort(scan.Text()) - if err != nil { - fmt.Println("Invalid host:port") - continue - } - - if addr == "127.0.0.1" { - fmt.Println("IGNORE", addr) - continue - } - - fmt.Println("BLOCK: ", addr) - - cmd := exec.Command("nft", - "add", "rule", "inet", - "dentata", "input", - "ip", "saddr", - addr, "drop") + // send explosion notice to dentata + report, err := net.Dial("tcp","127.0.0.1:9001") + if err != nil { panic(err) } + defer report.Close() - err = cmd.Run() - if err != nil { - panic(err) - } - } + report.Write([]byte(addr.String())) } + func listener(addr string) { server, err := net.Listen("tcp", addr) @@ -70,8 +56,34 @@ func listener(addr string) { } } +func ChrootJailLOL() { + err := syscall.Chdir("tmp") + if err != nil { panic(err) } + + err = syscall.Chroot(".") + if err != nil { panic(err) } + + err = syscall.Setuid(1000) + if err != nil { panic(err) } + + syscall.Setgid(1000) + if err != nil { panic(err) } +} + func main() { opts := ParseOptions() - listener(opts.Addr) + var wg sync.WaitGroup + + for i := 0; i < 10; i++ { + wg.Go(func () { + listener(fmt.Sprintf("0.0.0.0:%d", 8000 + i)) + }) + } + + if opts.Jail { + ChrootJailLOL() + } + + wg.Wait() } diff --git a/cmd/landmine/main.go b/cmd/landmine/main.go deleted file mode 100644 index 6393992..0000000 --- a/cmd/landmine/main.go +++ /dev/null @@ -1,89 +0,0 @@ -package main - -import ( - "fmt" - "net" - "log" - "sync" - "syscall" - "flag" -) - -type Options struct { - ConfigPath string - Jail bool -} - -func ParseOptions() Options { - var opts Options - - flag.StringVar(&opts.ConfigPath, "config", "dentata.json", "config.json to load") - flag.BoolVar(&opts.Jail, "jail", false, "drop to low priv jail") - - flag.Parse() - - return opts -} - - -func handleConnection(conn net.Conn) { - defer conn.Close() - addr := conn.RemoteAddr() - fmt.Println("Connect from", addr.Network(), addr.String()) - - // send explosion notice to dentata - report, err := net.Dial("tcp","127.0.0.1:9001") - if err != nil { panic(err) } - defer report.Close() - - report.Write([]byte(addr.String())) -} - - -func listener(addr string) { - server, err := net.Listen("tcp", addr) - - if err != nil { panic(err) } - - for { - conn, err := server.Accept() - - if err != nil { - log.Println("ACCEPT ERROR", err) - } else { - go handleConnection(conn) - } - } -} - -func ChrootJailLOL() { - err := syscall.Chdir("tmp") - if err != nil { panic(err) } - - err = syscall.Chroot(".") - if err != nil { panic(err) } - - err = syscall.Setuid(1000) - if err != nil { panic(err) } - - syscall.Setgid(1000) - if err != nil { panic(err) } -} - -func main() { - opts := ParseOptions() - - var wg sync.WaitGroup - - for i := 0; i < 10; i++ { - wg.Go(func () { - listener(fmt.Sprintf("0.0.0.0:%d", 8000 + i)) - }) - } - - if opts.Jail { - ChrootJailLOL() - } - - wg.Wait() -}