Firewall added & some fixes

2026-04-13 12:40:49 +03:00
parent 7eaa9750b0
commit 8c35022483
22 changed files with 1659 additions and 134 deletions
--- a/config/config.go
+++ b/config/config.go
@@ -10,6 +10,7 @@ import (
 )

 type InterfaceConfig struct {
+	Label   string            `yaml:"label,omitempty"`
 	Auto    bool              `yaml:"auto"`
 	Mode    string            `yaml:"mode"`
 	Address string            `yaml:"address,omitempty"`
@@ -52,12 +53,32 @@ type MihomoConfig struct {
 	Enabled bool `yaml:"enabled"`
 }

+type FirewallRule struct {
+	ID       string `yaml:"id"        json:"id"`
+	Enabled  bool   `yaml:"enabled"   json:"enabled"`
+	Action   string `yaml:"action"    json:"action"`
+	Protocol string `yaml:"protocol"  json:"protocol"`
+	SrcAddr  string `yaml:"src_addr"  json:"src_addr"`
+	SrcPort  string `yaml:"src_port"  json:"src_port"`
+	DstAddr  string `yaml:"dst_addr"  json:"dst_addr"`
+	DstPort  string `yaml:"dst_port"  json:"dst_port"`
+	InIface  string `yaml:"in_iface"  json:"in_iface"`
+	OutIface string `yaml:"out_iface" json:"out_iface"`
+	Comment  string `yaml:"comment"   json:"comment"`
+}
+
+type FirewallConfig struct {
+	Rules         []FirewallRule `yaml:"rules"          json:"rules"`
+	VLANIsolation bool           `yaml:"vlan_isolation" json:"vlan_isolation"`
+}
+
 type AppConfig struct {
-	Interfaces    map[string]*InterfaceConfig `yaml:"interfaces"`
-	DHCP          DHCPConfig                  `yaml:"dhcp"`
-	NAT           NATConfig                   `yaml:"nat"`
-	KnownDevices  []KnownDevice               `yaml:"known_devices"`
-	Mihomo        MihomoConfig                `yaml:"mihomo"`
+	Interfaces   map[string]*InterfaceConfig `yaml:"interfaces"`
+	DHCP         DHCPConfig                  `yaml:"dhcp"`
+	NAT          NATConfig                   `yaml:"nat"`
+	Firewall     FirewallConfig              `yaml:"firewall"`
+	KnownDevices []KnownDevice               `yaml:"known_devices"`
+	Mihomo       MihomoConfig                `yaml:"mihomo"`
 }

 var (
@@ -176,6 +197,9 @@ func EnsureDefaults(cfg *AppConfig) {
 	if cfg.NAT.Interfaces == nil {
 		cfg.NAT.Interfaces = []string{}
 	}
+	if cfg.Firewall.Rules == nil {
+		cfg.Firewall.Rules = []FirewallRule{}
+	}
 	if cfg.KnownDevices == nil {
 		cfg.KnownDevices = []KnownDevice{}
 	}