diff --git a/bin/banforge b/bin/banforge new file mode 100755 index 0000000..3c15265 Binary files /dev/null and b/bin/banforge differ diff --git a/cmd/banforge/main.go b/cmd/banforge/main.go index a432b15..1c421a8 100644 --- a/cmd/banforge/main.go +++ b/cmd/banforge/main.go @@ -4,6 +4,7 @@ import ( "fmt" "os" + "github.com/d3m0k1d/BanForge/internal/config" "github.com/spf13/cobra" ) @@ -30,6 +31,16 @@ var initCmd = &cobra.Command{ fmt.Println(err) os.Exit(1) } + err = config.CreateConf() + if err != nil { + fmt.Println(err) + os.Exit(1) + } + err = config.FindFirewall() + if err != nil { + fmt.Println(err) + os.Exit(1) + } }, } diff --git a/go.mod b/go.mod index cc327c1..b7ec84e 100644 --- a/go.mod +++ b/go.mod @@ -2,7 +2,10 @@ module github.com/d3m0k1d/BanForge go 1.25.5 -require github.com/spf13/cobra v1.10.2 +require ( + github.com/BurntSushi/toml v1.6.0 + github.com/spf13/cobra v1.10.2 +) require ( github.com/inconshreveable/mousetrap v1.1.0 // indirect diff --git a/go.sum b/go.sum index ef5d78d..e5ddfcb 100644 --- a/go.sum +++ b/go.sum @@ -1,3 +1,5 @@ +github.com/BurntSushi/toml v1.6.0 h1:dRaEfpa2VI55EwlIW72hMRHdWouJeRF7TPYhI+AUQjk= +github.com/BurntSushi/toml v1.6.0/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2lLoLwho= github.com/cpuguy83/go-md2man/v2 v2.0.6/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= diff --git a/internal/blocker/nftables.go b/internal/blocker/nftables.go index 8688530..d4591ce 100644 --- a/internal/blocker/nftables.go +++ b/internal/blocker/nftables.go @@ -96,7 +96,7 @@ func (n *Nftables) Unban(ip string) error { return nil } -func SetupNftables(config string) error { +func (n *Nftables) Setup(config string) error { err := validateConfigPath(config) if err != nil { return fmt.Errorf("path error: %w", err) diff --git a/internal/config/sysconf.go b/internal/config/sysconf.go index e85e7cd..fcd75e6 100644 --- a/internal/config/sysconf.go +++ b/internal/config/sysconf.go @@ -5,6 +5,8 @@ import ( "os" "os/exec" "path/filepath" + + "github.com/BurntSushi/toml" ) var DetectedFirewall string @@ -39,31 +41,65 @@ func CreateConf() error { if err := os.Chmod(configPath, 0600); err != nil { return fmt.Errorf("failed to set permissions: %w", err) } - + err = os.WriteFile(configPath, []byte(Base_config), 0600) + if err != nil { + return fmt.Errorf("failed to write config file: %w", err) + } fmt.Printf(" Config file created: %s\n", configPath) return nil } func FindFirewall() error { - if os.Getegid() != 0 { fmt.Printf("Firewall settings needs sudo privileges\n") os.Exit(1) } - firewalls := []string{"iptables", "nft", "firewall-cmd", "ufw"} + + firewalls := []string{"nft", "firewall-cmd", "iptables", "ufw"} for _, firewall := range firewalls { _, err := exec.LookPath(firewall) if err == nil { - if firewall == "firewall-cmd" { + switch firewall { + case "firewall-cmd": DetectedFirewall = "firewalld" - } - if firewall == "nft" { + case "nft": DetectedFirewall = "nftables" + default: + DetectedFirewall = firewall } - DetectedFirewall = firewall - fmt.Printf("Detected firewall: %s\n", firewall) + + fmt.Printf("Detected firewall: %s\n", DetectedFirewall) + + cfg := &Config{} + _, err := toml.DecodeFile("/etc/banforge/config.toml", cfg) + if err != nil { + return fmt.Errorf("failed to decode config: %w", err) + } + + cfg.Firewall.Name = DetectedFirewall + + file, err := os.Create("/etc/banforge/config.toml") + if err != nil { + return fmt.Errorf("failed to create config file: %w", err) + } + + encoder := toml.NewEncoder(file) + if err := encoder.Encode(cfg); err != nil { + err = file.Close() + if err != nil { + return fmt.Errorf("failed to close file: %w", err) + } + return fmt.Errorf("failed to encode config: %w", err) + } + + if err := file.Close(); err != nil { + return fmt.Errorf("failed to close file: %w", err) + } + + fmt.Printf("Config updated with firewall: %s\n", DetectedFirewall) return nil } } - return fmt.Errorf("no firewall found (checked ufw, firewall-cmd, iptables, nft) please install one of them") + + return fmt.Errorf("firewall not found") } diff --git a/internal/config/template.go b/internal/config/template.go index 059aa5a..1e2ac46 100644 --- a/internal/config/template.go +++ b/internal/config/template.go @@ -1,14 +1,15 @@ package config -const Base_config = `# This is a TOML config file for BanForge it's a simple config file -# https://github.com/d3m0k1d/BanForge +const Base_config = ` +# This is a TOML config file for BanForge +# [https://github.com/d3m0k1d/BanForge](https://github.com/d3m0k1d/BanForge) -# Firewall settings block [firewall] -name = "iptables" # Name one of the support firewall(iptables, nftables, firewalld, ufw) +name = "" +config = "/etc/nftables.conf" ban_time = 1200 -[Service] +[service] name = "nginx" log_path = "/var/log/nginx/access.log" enabled = true diff --git a/internal/config/types.go b/internal/config/types.go index b12fa4d..df7f2fe 100644 --- a/internal/config/types.go +++ b/internal/config/types.go @@ -7,7 +7,12 @@ type Firewall struct { } type Service struct { - Name string `toml:"name"` - Log_path string `toml:"log_path"` - Enabled bool `toml:"enabled"` + Name string `toml:"name"` + LogPath string `toml:"log_path"` + Enabled bool `toml:"enabled"` +} + +type Config struct { + Firewall Firewall `toml:"firewall"` + Service Service `toml:"service"` }