added panic handler

agent.go

@@ -18,6 +18,11 @@ const (
 	EgressPolicyBlock                = "block"
 )
 
+var (
+	dnsConfig *DnsConfig = nil
+	sudo      *Sudo      = nil
+)
+
 type DNSServer interface {
 	ListenAndServe() error
 }
@@ -56,6 +61,8 @@ func Run(ctx context.Context, configFilePath string, hostDNSServer DNSServer,
 	dockerDNSServer DNSServer, iptables *Firewall, nflog AgentNflogger,
 	cmd Command, resolvdConfigPath, dockerDaemonConfigPath, tempDir string) error {
 
+	defer panicHandler()
+
 	// Passed to each go routine, if anyone fails, the program fails
 	errc := make(chan error)
 
@@ -115,8 +122,8 @@ func Run(ctx context.Context, configFilePath string, hostDNSServer DNSServer,
 		WriteLog("started process monitor")
 	}
 
-	dnsConfig := DnsConfig{}
-	sudo := Sudo{}
+	dnsConfig = &DnsConfig{}
+	sudo = &Sudo{}
 	var ipAddressEndpoints []ipAddressEndpoint
 
 	// hydrate dns cache
@@ -323,23 +330,30 @@ func addImplicitEndpoints(endpoints map[string][]Endpoint, disableTelemetry bool
 }
 
 func RevertChanges(iptables *Firewall, nflog AgentNflogger,
-	cmd Command, resolvdConfigPath, dockerDaemonConfigPath string, dnsConfig DnsConfig, sudo Sudo) {
+	cmd Command, resolvdConfigPath, dockerDaemonConfigPath string, dnsConfig *DnsConfig, sudo *Sudo) {
 	err := RevertFirewallChanges(iptables)
 	if err != nil {
 		WriteLog(fmt.Sprintf("Error in RevertChanges %v", err))
 	}
-	err = dnsConfig.RevertDNSServer(cmd, resolvdConfigPath)
-	if err != nil {
-		WriteLog(fmt.Sprintf("Error in reverting DNS server changes %v", err))
-	}
-	err = dnsConfig.RevertDockerDNSServer(cmd, dockerDaemonConfigPath)
-	if err != nil {
-		WriteLog(fmt.Sprintf("Error in reverting docker DNS server changes %v", err))
+
+	if dnsConfig != nil {
+		err = dnsConfig.RevertDNSServer(cmd, resolvdConfigPath)
+		if err != nil {
+			WriteLog(fmt.Sprintf("Error in reverting DNS server changes %v", err))
+		}
+		err = dnsConfig.RevertDockerDNSServer(cmd, dockerDaemonConfigPath)
+		if err != nil {
+			WriteLog(fmt.Sprintf("Error in reverting docker DNS server changes %v", err))
+		}
 	}
-	err = sudo.revertDisableSudo()
-	if err != nil {
-		WriteLog(fmt.Sprintf("Error in reverting sudo changes %v", err))
+
+	if sudo != nil {
+		err = sudo.revertDisableSudo()
+		if err != nil {
+			WriteLog(fmt.Sprintf("Error in reverting sudo changes %v", err))
+		}
 	}
+
 	WriteLog("Reverted changes")
 }
 

dnsproxy.go

@@ -297,6 +297,8 @@ func (proxy *DNSProxy) processTypeA(q *dns.Question, requestMsg *dns.Msg) (*dns.
 }
 
 func startDNSServer(dnsProxy *DNSProxy, server DNSServer, errc chan error) {
+	defer panicHandler()
+
 	dns.HandleFunc(".", func(w dns.ResponseWriter, r *dns.Msg) {
 		switch r.Opcode {
 		case dns.OpcodeQuery:

eventhandler.go

@@ -202,6 +202,8 @@ func (eventHandler *EventHandler) handleNetworkEvent(event *Event) {
 }
 
 func (eventHandler *EventHandler) HandleEvent(event *Event) {
+	defer panicHandler()
+
 	switch event.EventType {
 	case netMonitorTag:
 		eventHandler.handleNetworkEvent(event)

main.go

@@ -5,6 +5,7 @@ import (
 	"fmt"
 	"os"
 	"os/signal"
+	"runtime/debug"
 	"syscall"
 
 	"github.com/miekg/dns"
@@ -42,3 +43,11 @@ func main() {
 		os.Exit(1)
 	}
 }
+
+func panicHandler() {
+	if r := recover(); r != nil {
+		RevertChanges(nil, nil, nil, resolvedConfigPath, dockerDaemonConfigPath, dnsConfig, sudo)
+		WriteLog(fmt.Sprintf("[agent] panic: %v; \n %s", r, debug.Stack()))
+		os.Exit(1)
+	}
+}

netmon.go

@@ -25,6 +25,7 @@ type NetworkMonitor struct {
 var ipAddresses = make(map[string]int)
 
 func (netMonitor *NetworkMonitor) MonitorNetwork(ctx context.Context, nflogger AgentNflogger, errc chan error) []string {
+	defer panicHandler()
 
 	//sysLogger, err := syslog.NewLogger(syslog.LOG_INFO|syslog.LOG_USER, 1)
 	var err error
@@ -66,6 +67,8 @@ func (netMonitor *NetworkMonitor) MonitorNetwork(ctx context.Context, nflogger A
 }
 
 func (netMonitor *NetworkMonitor) handlePacket(attrs nflog.Attribute) {
+	defer panicHandler()
+
 	timestamp := time.Now().UTC() // *attrs.Timestamp
 	data := *attrs.Payload
 	packet := gopacket.NewPacket(data, layers.LayerTypeIPv4, gopacket.Default)