From 00f2ee34a05d6f3797aaeee7f9dc603b8bebe933 Mon Sep 17 00:00:00 2001 From: Steffen Vogel Date: Tue, 15 Jun 2021 11:03:43 +0200 Subject: [PATCH] remove dead code --- iface/nat_linux.go | 85 ---------------------------------------------- 1 file changed, 85 deletions(-) delete mode 100644 iface/nat_linux.go diff --git a/iface/nat_linux.go b/iface/nat_linux.go deleted file mode 100644 index 22ebd64e026..00000000000 --- a/iface/nat_linux.go +++ /dev/null @@ -1,85 +0,0 @@ -package iface - -import ( - "github.com/google/nftables" - "github.com/google/nftables/expr" - log "github.com/sirupsen/logrus" - "github.com/vishvananda/netns" - "io/ioutil" -) - -// Configure routing and IP masquerading -//todo more docs on what exactly happens here and why it is needed -func ConfigureNAT(primaryIface string) error { - log.Debugf("adding NAT / IP masquerading using nftables") - ns, err := netns.Get() - if err != nil { - return err - } - - conn := nftables.Conn{NetNS: int(ns)} - - log.Debugf("flushing nftable rulesets") - conn.FlushRuleset() - - log.Debugf("setting up nftable rules for ip masquerading") - - nat := conn.AddTable(&nftables.Table{ - Family: nftables.TableFamilyIPv4, - Name: "nat", - }) - - conn.AddChain(&nftables.Chain{ - Name: "prerouting", - Table: nat, - Type: nftables.ChainTypeNAT, - Hooknum: nftables.ChainHookPrerouting, - Priority: nftables.ChainPriorityFilter, - }) - - post := conn.AddChain(&nftables.Chain{ - Name: "postrouting", - Table: nat, - Type: nftables.ChainTypeNAT, - Hooknum: nftables.ChainHookPostrouting, - Priority: nftables.ChainPriorityNATSource, - }) - - conn.AddRule(&nftables.Rule{ - Table: nat, - Chain: post, - Exprs: []expr.Any{ - &expr.Meta{Key: expr.MetaKeyOIFNAME, Register: 1}, - &expr.Cmp{ - Op: expr.CmpOpEq, - Register: 1, - Data: ifname(primaryIface), - }, - &expr.Masq{}, - }, - }) - - if err := conn.Flush(); err != nil { - return err - } - - return nil -} - -// Enables IP forwarding system property. -// Mostly used when you setup one peer as a VPN server. -func EnableIPForward() error { - f := "/proc/sys/net/ipv4/ip_forward" - - content, err := ioutil.ReadFile(f) - if err != nil { - return err - } - - if string(content) == "0\n" { - log.Info("enabling IP Forward") - return ioutil.WriteFile(f, []byte("1"), 0600) - } - - return nil -}