Some operating systems (including Linux) need to check/prepare the tu…

…nnel device So restore that behavior of `reason=pre-init` by creating a new `TunnelPrepProvider` class.
dlenski · May 26, 2019 · b6bea08 · b6bea08
1 parent ca0e574
commit b6bea08
Show file tree

Hide file tree

Showing 4 changed files with 25 additions and 4 deletions.
diff --git a/vpn_slice/generic.py b/vpn_slice/generic.py
@@ -7,3 +7,8 @@ def configure_firewall(self, device):
 
     def deconfigure_firewall(self, device):
         pass
+
+
+class NoTunnelCheckProvider(FirewallProvider):
+    def prepare_tunnel(self):
+        pass
diff --git a/vpn_slice/linux.py b/vpn_slice/linux.py
@@ -1,7 +1,7 @@
 import os
 import subprocess
 
-from .provider import FirewallProvider, ProcessProvider, RouteProvider
+from .provider import FirewallProvider, ProcessProvider, RouteProvider, TunnelPrepProvider
 from .util import get_executable
 
 
@@ -84,3 +84,9 @@ def configure_firewall(self, device):
     def deconfigure_firewall(self, device):
         self._iptables('-D', 'INPUT', '-i', device, '-j', 'DROP')
         self._iptables('-D', 'INPUT', '-i', device, '-m', 'state', '--state', 'RELATED,ESTABLISHED', '-j', 'ACCEPT')
+
+
+class CheckTunDevProvider(TunnelPrepProvider):
+    def prepare_tunnel(self):
+        if not os.access('/dev/net/tun', os.R_OK | os.W_OK):
+            raise OSError("can't read and write /dev/net/tun")
diff --git a/vpn_slice/main.py b/vpn_slice/main.py
@@ -15,25 +15,27 @@
 
 def get_default_providers():
     if platform.startswith('linux'):
-        from .linux import ProcfsProvider, Iproute2Provider, IptablesProvider
+        from .linux import ProcfsProvider, Iproute2Provider, IptablesProvider, CheckTunDevProvider
         from .posix import DigProvider, PosixHostsFileProvider
         return {
             'process': ProcfsProvider(),
             'route': Iproute2Provider(),
             'firewall': IptablesProvider(),
             'dns': DigProvider(),
             'hosts': PosixHostsFileProvider(),
+            'prep': CheckTunDevProvider(),
         }
     elif platform.startswith('darwin'):
         from .mac import PsProvider, BSDRouteProvider
-        from .generic import NoFirewallProvider
+        from .generic import NoFirewallProvider, NoTunnelPrepProvider
         from .posix import DigProvider, PosixHostsFileProvider
         return {
             'process': PsProvider(),
             'route': BSDRouteProvider(),
             'firewall': NoFirewallProvider(),
             'dns': DigProvider(),
             'hosts': PosixHostsFileProvider(),
+            'prep': NoTunnelPrepProvider(),
         }
     else:
         raise OSError('Your platform, {}, is unsupported'.format(platform))
@@ -68,7 +70,7 @@ def names_for(host, domains, short=True, long=True):
 ########################################
 
 def do_pre_init(env, args, providers):
-    pass
+    providers['prep'].prepare_tunnel()
 
 def do_disconnect(env, args, providers):
     for pidfile in args.kill:

diff --git a/vpn_slice/provider.py b/vpn_slice/provider.py
@@ -108,3 +108,11 @@ def write_hosts(self, host_map, name):
         host_map maps IP addresses to host names, like the hosts file expects.
 
         """
+
+class TunnelPrepProvider:
+    def prepare_tunnel(self):
+        """Prepare operating system to create tunnel devices.
+
+        Base class behavior is to do nothing.
+
+        """