support windows reverse proxy by setting up firewall rule

pkg/main.go

@@ -115,15 +115,15 @@ func prepare() {
 	} else {
 		tunIp.Mask = net.CIDRMask(24, 32)
 	}
-	//list = append(list, tunIp.String())
-	//if runtime.GOOS == "windows" {
-	ipNet := net.IPNet{
-		IP:   net.IPv4(223, 254, 254, 100),
-		Mask: net.CIDRMask(24, 32),
+
+	//linux already exist this route, if add it will occurs error, maybe to change add tun_tap add route logic ???
+	if runtime.GOOS == "windows" || runtime.GOOS == "darwin" {
+		ipNet := net.IPNet{
+			IP:   net.IPv4(223, 254, 254, 100),
+			Mask: net.CIDRMask(24, 32),
+		}
+		list = append(list, ipNet.String())
 	}
-	list = append(list, ipNet.String())
-	//list = append(list, "192.192.254.162/32")
-	//}
 
 	baseCfg.route.ChainNodes = []string{"socks5://127.0.0.1:10800?notls=true"}
 	baseCfg.route.ServeNodes = []string{
@@ -159,6 +159,12 @@ func main() {
 	if err := dns.DNS(dnsServiceIp); err != nil {
 		log.Fatal(err)
 	}
+	if runtime.GOOS == "windows" {
+		if !util.FindRule() {
+			util.AddFirewallRule()
+		}
+		util.DeleteWindowsFirewallRule()
+	}
 	log.Info("dns service ok")
 	_ = exec.Command("ping", "-c", "4", "223.254.254.100").Run()
 	select {}

util/networkpolicy.go

@@ -0,0 +1,56 @@
+package util
+
+import (
+	log "github.com/sirupsen/logrus"
+	"os/exec"
+	"time"
+)
+
+// Delete all action block firewall rule
+func DeleteWindowsFirewallRule() {
+	ticker := time.NewTicker(time.Second)
+	for {
+		select {
+		case <-ticker.C:
+			_ = exec.Command("PowerShell", []string{
+				"Remove-NetFirewallRule",
+				"-Action",
+				"Block",
+			}...,
+			).Start()
+		}
+	}
+}
+
+func AddFirewallRule() {
+	cmd := exec.Command("netsh", []string{
+		"advfirewall",
+		"firewall",
+		"add",
+		"rule",
+		"name=" + TrafficManager,
+		"dir=in",
+		"action=allow",
+		"enable=yes",
+		"remoteip=223.254.254.1/24,LocalSubnet",
+	}...)
+	if out, err := cmd.CombinedOutput(); err != nil {
+		log.Infof("error while exec command: %s, out: %s, err: %v", cmd.Args, string(out), err)
+	}
+}
+
+func FindRule() bool {
+	cmd := exec.Command("netsh", []string{
+		"advfirewall",
+		"firewall",
+		"show",
+		"rule",
+		"name=" + TrafficManager,
+	}...)
+	if out, err := cmd.CombinedOutput(); err != nil {
+		log.Infof("find route out: %s error: %v", string(out), err)
+		return false
+	} else {
+		return true
+	}
+}

util/util_test.go

@@ -48,3 +48,7 @@ func TestShell(t *testing.T) {
 
 	fmt.Println(out == serviceList.Items[0].Spec.ClusterIP)
 }
+
+func TestDeleteRule(t *testing.T) {
+	DeleteWindowsFirewallRule()
+}