refactor: implement full BlockerEngine interface for UFW

internal/blocker/ufw.go

@@ -1,7 +1,9 @@
 package blocker
 
 import (
+	"fmt"
 	"os/exec"
+	"strings"
 
 	"github.com/d3m0k1d/BanForge/internal/logger"
 )
@@ -16,32 +18,119 @@ func NewUfw(logger *logger.Logger) *Ufw {
 	}
 }
 
-func (ufw *Ufw) Ban(ip string) error {
+// Name returns the blocker engine name
-	err := validateIP(ip)
+func (u *Ufw) Name() string {
-	if err != nil {
+	return "ufw"
-		return err
+}
-	}
+
-	cmd := exec.Command("sudo", "ufw", "--force", "deny", "from", ip)
+// IsAvailable checks if ufw is available in the system
+func (u *Ufw) IsAvailable() bool {
+	cmd := exec.Command("which", "ufw")
+	return cmd.Run() == nil
+}
+
+// Setup initializes UFW (if not already enabled)
+func (u *Ufw) Setup() error {
+	// Check if UFW is enabled
+	cmd := exec.Command("sudo", "ufw", "status")
 	output, err := cmd.CombinedOutput()
-	if err != nil {
+
-		ufw.logger.Error(err.Error())
+	if err != nil || !strings.Contains(string(output), "active") {
-		return err
+		u.logger.Warn("UFW is not active, attempting to enable...")
+		cmd := exec.Command("sudo", "ufw", "--force", "enable")
+		output, err := cmd.CombinedOutput()
+		if err != nil {
+			u.logger.Error("failed to enable UFW",
+				"error", err.Error(),
+				"output", string(output))
+			return fmt.Errorf("failed to enable UFW: %w", err)
+		}
+		u.logger.Info("UFW enabled successfully")
 	}
-	ufw.logger.Info("Banning " + ip + " " + string(output))
+
+	u.logger.Info("UFW setup completed")
 	return nil
 }
 
-func (ufw *Ufw) Unban(ip string) error {
+// Ban adds an IP to the deny list
+func (u *Ufw) Ban(ip string) error {
 	err := validateIP(ip)
 	if err != nil {
 		return err
 	}
+
+	cmd := exec.Command("sudo", "ufw", "--force", "deny", "from", ip)
+	output, err := cmd.CombinedOutput()
+	if err != nil {
+		u.logger.Error("failed to ban IP",
+			"ip", ip,
+			"error", err.Error(),
+			"output", string(output))
+		return fmt.Errorf("failed to ban IP %s: %w", ip, err)
+	}
+
+	u.logger.Info("IP banned", "ip", ip, "output", string(output))
+	return nil
+}
+
+// Unban removes an IP from the deny list
+func (u *Ufw) Unban(ip string) error {
+	err := validateIP(ip)
+	if err != nil {
+		return err
+	}
+
 	cmd := exec.Command("sudo", "ufw", "--force", "delete", "deny", "from", ip)
 	output, err := cmd.CombinedOutput()
 	if err != nil {
-		ufw.logger.Error(err.Error())
+		u.logger.Error("failed to unban IP",
-		return err
+			"ip", ip,
+			"error", err.Error(),
+			"output", string(output))
+		return fmt.Errorf("failed to unban IP %s: %w", ip, err)
 	}
-	ufw.logger.Info("Unbanning " + ip + " " + string(output))
+
+	u.logger.Info("IP unbanned", "ip", ip, "output", string(output))
+	return nil
+}
+
+// List returns all currently denied IPs
+func (u *Ufw) List() ([]string, error) {
+	cmd := exec.Command("sudo", "ufw", "status", "numbered")
+	output, err := cmd.CombinedOutput()
+	if err != nil {
+		u.logger.Error("failed to list UFW rules",
+			"error", err.Error(),
+			"output", string(output))
+		return nil, fmt.Errorf("failed to list UFW rules: %w", err)
+	}
+
+	var deniedIPs []string
+	lines := strings.Split(string(output), "\n")
+	for _, line := range lines {
+		// Looking for lines with "Deny" and "From"
+		if strings.Contains(line, "Deny") && strings.Contains(line, "Anywhere on") {
+			// Parse UFW status output format
+			parts := strings.Fields(line)
+			for i, part := range parts {
+				// Extract IP that comes after "from"
+				if part == "from" && i+1 < len(parts) {
+					ip := parts[i+1]
+					if validateIP(ip) == nil {
+						deniedIPs = append(deniedIPs, ip)
+					}
+					break
+				}
+			}
+		}
+	}
+
+	return deniedIPs, nil
+}
+
+// Close performs cleanup operations (placeholder for future use)
+func (u *Ufw) Close() error {
+	// No cleanup needed for UFW
+	u.logger.Info("UFW blocker closed")
 	return nil
 }