duckai 0.1.7

DuckDuckGo AI to OpenAI API
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170

use futures_util::TryStreamExt;
use netlink_packet_route::{
    route::{RouteAddress, RouteAttribute, RouteProtocol, RouteScope, RouteType},
    AddressFamily,
};
use rtnetlink::{new_connection, Error, Handle, IpVersion};

/// Attempts to add a route to the given subnet on the loopback interface.
///
/// This function uses the `ip` command to add a route to the loopback
/// interface. It checks if the current user has root privileges before
/// attempting to add the route. If the user does not have root privileges, the
/// function returns immediately. If the `ip` command fails, it prints an error
/// message to the console.
///
/// # Arguments
///
/// * `subnet` - The subnet for which to add a route.
///
/// # Example
///
/// ```
/// let subnet = cidr::IpCidr::from_str("192.168.1.0/24").unwrap();
/// sysctl_route_add_cidr(&subnet);
/// ```
pub async fn sysctl_route_add_cidr(subnet: &cidr::IpCidr) {
    if !nix::unistd::Uid::effective().is_root() {
        return;
    }

    let (connection, handle) = match new_connection() {
        Ok((connection, handle, _)) => (connection, handle),
        Err(e) => {
            tracing::error!("Failed to establish a connection: {e}");
            return;
        }
    };

    tokio::spawn(connection);

    if let Err(e) = add_route(handle.clone(), subnet).await {
        tracing::error!("{e}");
    }
}

async fn add_route(handle: Handle, cidr: &cidr::IpCidr) -> Result<(), Error> {
    let route = handle.route();
    let iface_idx = handle
        .link()
        .get()
        .match_name("lo".to_owned())
        .execute()
        .try_next()
        .await?
        .unwrap()
        .header
        .index;

    // Check if the route already exists
    let route_check = |ip_version: IpVersion,
                       address_family: AddressFamily,
                       destination_prefix_length: u8,
                       route_address: RouteAddress| async move {
        let mut routes = handle.route().get(ip_version).execute();
        while let Some(route) = routes.try_next().await? {
            let header = route.header;
            if header.address_family == address_family
                && header.destination_prefix_length == destination_prefix_length
            {
                for attr in route.attributes.iter() {
                    if let RouteAttribute::Destination(dest) = attr {
                        if dest == &route_address {
                            return Ok(true);
                        }
                    }
                }
            }
        }
        Ok(false)
    };

    // Add a route to the loopback interface.
    match cidr {
        cidr::IpCidr::V4(v4) => {
            if route_check(
                IpVersion::V4,
                AddressFamily::Inet,
                v4.network_length(),
                RouteAddress::Inet(v4.first_address()),
            )
            .await?
            {
                return Ok(());
            }
            route
                .add()
                .v4()
                .destination_prefix(v4.first_address(), v4.network_length())
                .kind(RouteType::Local)
                .protocol(RouteProtocol::Boot)
                .scope(RouteScope::Universe)
                .output_interface(iface_idx)
                .priority(1024)
                .execute()
                .await?
        }
        cidr::IpCidr::V6(v6) => {
            if route_check(
                IpVersion::V6,
                AddressFamily::Inet6,
                v6.network_length(),
                RouteAddress::Inet6(v6.first_address()),
            )
            .await?
            {
                return Ok(());
            }
            route
                .add()
                .v6()
                .destination_prefix(v6.first_address(), v6.network_length())
                .kind(RouteType::Local)
                .protocol(RouteProtocol::Boot)
                .scope(RouteScope::Universe)
                .output_interface(iface_idx)
                .priority(1024)
                .execute()
                .await?
        }
    }

    Ok(())
}

/// Tries to disable local binding for IPv6.
///
/// This function uses the `sysctl` command to disable local binding for IPv6.
/// It checks if the current user has root privileges before attempting to
/// change the setting. If the user does not have root privileges, the function
/// returns immediately. If the `sysctl` command fails, it prints an error
/// message to the console.
///
/// # Example
///
/// ```
/// sysctl_ipv6_no_local_bind();
/// ```
pub fn sysctl_ipv6_no_local_bind() {
    if !nix::unistd::Uid::effective().is_root() {
        return;
    }

    use sysctl::Sysctl;
    const CTLNAME: &str = "net.ipv6.ip_nonlocal_bind";

    let ctl = <sysctl::Ctl as Sysctl>::new(CTLNAME)
        .expect(&format!("could not get sysctl '{}'", CTLNAME));
    let _ = ctl.name().expect("could not get sysctl name");

    let old_value = ctl.value_string().expect("could not get sysctl value");

    let target_value = match old_value.as_ref() {
        "0" => "1",
        "1" | _ => &old_value,
    };

    if let Err(e) = ctl.set_value_string(target_value) {
        tracing::error!("Failed to set sysctl: {e}");
    }
}