ACL for TUN

cmd/client.go

@@ -20,6 +20,7 @@ import (
 	"io/ioutil"
 	"net"
 	"net/http"
+	"strings"
 	"time"
 )
 
@@ -191,11 +192,40 @@ func client(config *clientConfig) {
 
 	if len(config.TUN.Name) != 0 {
 		go func() {
-			tunServer, err := tun.NewServer(client, time.Duration(config.TUN.Timeout)*time.Second,
+			tunServer, err := tun.NewServer(client, transport.DefaultTransport,
+				time.Duration(config.TUN.Timeout)*time.Second,
 				config.TUN.Name, config.TUN.Address, config.TUN.Gateway, config.TUN.Mask, config.TUN.DNS, config.TUN.Persist)
 			if err != nil {
 				logrus.WithField("error", err).Fatal("Failed to initialize TUN server")
 			}
+			tunServer.RequestFunc = func(addr net.Addr, reqAddr string, action acl.Action, arg string) {
+				logrus.WithFields(logrus.Fields{
+					"action": actionToString(action, arg),
+					"src":    addr.String(),
+					"dst":    reqAddr,
+				}).Debugf("TUN %s request", strings.ToUpper(addr.Network()))
+			}
+			tunServer.ErrorFunc = func(addr net.Addr, reqAddr string, err error) {
+				if err != nil {
+					if err == io.EOF {
+						logrus.WithFields(logrus.Fields{
+							"src": addr.String(),
+							"dst": reqAddr,
+						}).Debugf("TUN %s EOF", strings.ToUpper(addr.Network()))
+					} else if err == core.ErrClosed && strings.HasPrefix(addr.Network(), "udp") {
+						logrus.WithFields(logrus.Fields{
+							"src": addr.String(),
+							"dst": reqAddr,
+						}).Debugf("TUN %s closed for timeout", strings.ToUpper(addr.Network()))
+					} else {
+						logrus.WithFields(logrus.Fields{
+							"error": err,
+							"src":   addr.String(),
+							"dst":   reqAddr,
+						}).Infof("TUN %s error", strings.ToUpper(addr.Network()))
+					}
+				}
+			}
 			errChan <- tunServer.ListenAndServe()
 		}()
 	}