- Introduced `CmdReopenLogger` for reopening daemon log files.
- Added `ReOpen` method to `Logger` interface and its implementations.
- Updated daemon logic to handle the "reopen_logger" command via Unix socket communication.
- Extended localization files with translations for new command messages.
- Registered `CmdReopenLogger` in the main CLI application.
- Introduced `CmdStatus` command to verify if the daemon is running via Unix socket communication.
- Updated daemon logic to handle the "status" command and respond accordingly.
- Extended localization files with translations for status command messages.
- Registered `CmdStatus` in the main CLI application.
- Introduced a `CmdStop` command for stopping the daemon, clearing nftables firewall rules.
- Implemented `NewSocketClient` in `internal/socket/socket.go` for Unix socket interaction.
- Updated daemon logic to handle the "stop" command via socket communication.
- Extended localization files with translations for stop command messages.
- Introduced `Connect` interface with methods for `Read`, `Write`, and `Close`.
- Added `connect` struct as an implementation of `Connect` for `net.Conn`.
- Updated command handling to use `Connect` abstraction, improving modularity and testability.
- Renamed `handleConn` to `handleAction` for better clarity.
- Added `isUseOfClosedNetworkError` function to identify specific "use of closed network connection" errors.
- Updated socket handling logic in `Run` method to gracefully handle closed connection errors with improved debug logging.
- Introduced `Socket` interface and implementation in `internal/daemon/socket/socket.go`.
- Added socket file management (`EnsureNoOtherProcess`, `Create`, `Close`) and command handling via `Run`.
- Updated `DaemonOptions` and configuration to include `socket_file` path.
- Integrated socket lifecycle into daemon's `Run` method for process communication.
- Added validation and default configuration for `socket_file` in `setting` package.
- Introduced `IP` struct for managing IP-based rules, including fields for IPs, actions, directions, protocols, ports, and rate limits.
- Added methods to process IP configurations into `InIPs` and `OutIPs`.
- Extended reload methods for input and output to include IP-based rule handling.
- Updated `firewall.toml` with IP configuration examples and detailed documentation.
- Enhanced validation logic for IP-based settings to ensure proper configuration.
- Introduced `Ports` struct with customizable fields for numbers, directions, protocols, actions, and rate limiting.
- Added methods to convert port configurations into `InPorts` and `OutPorts`.
- Updated `firewall` settings to include port-related configurations and extended validation.
- Enhanced input and output reload methods to process port-based rules for better granularity.
- Updated `firewall.toml` with port settings, including examples and documentation.
- Introduced `IP6` struct with `enable` and `icmp_strict` options.
- Extended `firewall.toml` with new IPv6-related settings and documentation.
- Updated input reload methods to include IPv6 rules and ICMPv6 handling.
- Added strict ICMPv6 mode with granular rule definitions.
- Incorporated IPv6 support in settings validation and configuration logic.
- Consolidated chain creation and management into a `chain` package for improved structure.
- Introduced default policies (`default_allow_input`, `default_allow_output`, `default_allow_forward`) for input, output, and forward traffic control.
- Added support for policy-specific drop behaviors (`input_drop`, `output_drop`, `forward_drop`) to firewall configuration.
- Updated reload methods to utilize the centralized `chain` management interface.
- Enhanced `firewall.toml` with new policy options and improved documentation.
- Refactored related code to streamline chain handling and configuration logic.
- Introduced `icmp_in`, `icmp_in_rate`, `icmp_out`, `icmp_out_rate`, and `icmp_timestamp_drop` options for ICMP traffic control.
- Added rules for managing incoming and outgoing ICMP traffic based on configuration settings.
- Updated `firewall.toml` with ICMP-related options and documentation.
- Enhanced input and output reload methods to include ICMP traffic handling.
- Introduced `packet_filter` option to enable dropping invalid and out-of-order packets.
- Added new nftables chains and rules to handle invalid state and TCP flag anomalies.
- Updated `firewall.toml` with `packet_filter` configuration and documentation.
- Enhanced firewall initialization to include packet filtering logic.
- Introduced `dns_strict` and `dns_strict_ns` options for enhanced DNS traffic control.
- Added parsing of `/etc/resolv.conf` to retrieve and process nameserver addresses.
- Updated firewall configuration to apply specific rules for DNS traffic.
- Enhanced `firewall.toml` with new options for DNS strict mode and documentation.
- Extracted `SavesRules` and `SavesRulesPath` into `options` struct for improved organization.
- Updated `firewall` settings to utilize the new `options` struct.
- Modified `firewall.toml` configuration to reflect the structural changes.
- Adjusted related methods and functions to handle the new structure.
- Introduced default input, output, and forward policies for firewall management.
- Enhanced chain configuration with specific naming for input, output, and forward chains.
- Updated `firewall.toml` with policy settings and chain name configurations.
- Refactored `firewall` package to include reload and configuration synchronization for policies.
- Replaced local import paths with fully qualified paths prefixed by `git.kor-elf.net`.
- Updated `go.mod` module declaration to match the new module name.
- Introduced `firewall` package with `API` interface for managing nftables rules.
- Added `Reload`, `ClearRules`, and `SavesRules` methods for rule management.
- Implemented configuration parsing for firewall settings using `firewall.toml`.
- Updated `internal/setting` with default firewall configurations.
- Integrated `go-nftables-client` for low-level manipulation of nftables.
- Introduced `testing` and `testing_interval` options in configuration for test mode management.
- Added support for firewall configuration and integration via `firewall` package.
- Updated daemon lifecycle to handle testing mode and test interval expiration.
- Extended `kor-elf-shield.toml` with new configuration options and documentation.
- Updated `runDaemon` to accept and propagate context for better lifecycle management.
- Wrapped logger `Sync` call in a function to handle errors gracefully.
- Introduced `Daemon` interface and default implementation for process management.
- Added `start` CLI command to initialize and run the daemon.
- Integrated PID file handling using `pidfile` package for ensuring single process execution.
- Updated main application to register `start` command.
- Introduced `PidFile` interface with methods for PID file validation, creation, and removal.
- Implemented `EnsureNoOtherProcess` to handle PID file conflicts and outdated entries.
- Added structured logger support for better observability in PID file operations.
- Introduced `pid_file` field in configuration with default path.
- Implemented validation for `pid_file` in `ToDaemonOptions` with localized error handling.
- Updated `kor-elf-shield.toml` to include `pid_file` documentation.
- Introduced `Fatal` method for structured logging with immediate program exit.
- Updated `falseLogger` to implement `Fatal` method.
- Added `zap.AddCallerSkip(1)` for accurate caller information in logs.
- Adjusted `LoggerOptions` argument in `NewLogger` for consistency.
kor-elf
