Implement start/stop commands

fix #41
update README and configuration files accordingly

app/daemon.go

@@ -39,6 +39,15 @@ func cmdStdout(commandline []string) chan *string {
 	return lines
 }
 
+func runCommands(commands [][]string, moment string) {
+	for _, command := range commands {
+		cmd := exec.Command(command[0], command[1:]...)
+		if err := cmd.Start(); err != nil {
+			logger.Printf(logger.ERROR, "couldn't execute %v command: %v", moment, err)
+		}
+	}
+}
+
 func (p *Pattern) notAnIgnore(match *string) bool {
 	for _, ignore := range p.Ignore {
 		if ignore == *match {
@@ -323,6 +332,8 @@ func Daemon(confFilename string) {
 	actions = make(ActionsMap)
 	matches = make(MatchesMap)
 
+	runCommands(conf.Start, "start")
+
 	go DatabaseManager(conf)
 	go MatchesManager()
 	go ActionsManager()
@@ -348,16 +359,16 @@ func Daemon(confFilename string) {
 			logger.Printf(logger.ERROR, "%s stream finished", finishedStream.name)
 			nbStreamsInExecution--
 			if nbStreamsInExecution == 0 {
-				quit()
+				quit(conf)
 			}
 		case <-sigs:
 			logger.Printf(logger.INFO, "Received SIGINT/SIGTERM, exiting")
-			quit()
+			quit(conf)
 		}
 	}
 }
 
-func quit() {
+func quit(conf *Conf) {
 	// send stop to StreamManager·s
 	close(stopStreams)
 	logger.Println(logger.INFO, "Waiting for Streams to finish...")
@@ -369,6 +380,8 @@ func quit() {
 	// stop all actions
 	logger.Println(logger.INFO, "Waiting for Actions to finish...")
 	wgActions.Wait()
+	// run stop commands
+	runCommands(conf.Stop, "stop")
 	// delete pipe
 	err := os.Remove(*SocketPath)
 	if err != nil {

app/example.yml

@@ -3,8 +3,8 @@
 # using YAML anchors `&name` and pointers `*name`
 # definitions are not readed by reaction
 definitions:
-  - &iptablesban [ "ip46tables" "-w" "-A" "reaction" "1" "-s" "<ip>" "-j" "DROP" ]
-  - &iptablesunban [ "ip46tables" "-w" "-D" "reaction" "1" "-s" "<ip>" "-j" "DROP" ]
+  - &iptablesban [ "ip46tables", "-w", "-A", "reaction", "1", "-s", "<ip>", "-j", "DROP" ]
+  - &iptablesunban [ "ip46tables", "-w", "-D", "reaction", "1", "-s", "<ip>", "-j", "DROP" ]
 # ip46tables is a minimal C program (only POSIX dependencies) present as a subdirectory.
 # it permits to handle both ipv4/iptables and ipv6/ip6tables commands
 
@@ -18,6 +18,20 @@ patterns:
       - 127.0.0.1
       - ::1
 
+# Those commands will be executed in order at start, before everything else
+start:
+  - [ "ip46tables", "-w", "-N", "reaction" ]
+  - [ "ip46tables", "-w", "-A", "reaction", "-j", "ACCEPT" ]
+  - [ "ip46tables", "-w", "-I", "reaction", "1", "-s", "127.0.0.1", "-j", "ACCEPT" ]
+  - [ "ip46tables", "-w", "-I", "INPUT", "-p", "all", "-j", "reaction" ]
+
+# Those commands will be executed in order at stop, after everything else
+stop:
+  - [ "ip46tables", "-w,", "-D", "INPUT", "-p", "all", "-j", "reaction" ]
+  - [ "ip46tables", "-w", "-F", "reaction" ]
+  - [ "ip46tables", "-w", "-X", "reaction" ]
+
+
 # streams are commands
 # they're run and their ouptut is captured
 # *example:* `tail -f /var/log/nginx/access.log`
@@ -27,7 +41,7 @@ streams:
   ssh:
     # note that if the command is not in environment's `PATH`
     # its full path must be given.
-    cmd: [ "journalctl" "-n0" "-fu" "sshd.service" ]
+    cmd: [ "journalctl", "-n0", "-fu", "sshd.service" ]
     # filters run actions when they match regexes on a stream
     filters:
       # filters have a user-defined name

app/types.go

@@ -10,6 +10,8 @@ import (
 type Conf struct {
 	Patterns map[string]*Pattern `json:"patterns"`
 	Streams  map[string]*Stream  `json:"streams"`
+	Start    [][]string          `json:"start"`
+	Stop     [][]string          `json:"stop"`
 }
 
 type Pattern struct {