release: v1.3.12.1

Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.19.0 to 1.21.0.
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](https://github.com/spf13/viper/compare/v1.19.0...v1.21.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/viper
  dependency-version: 1.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

.github/dependabot.yml

@@ -0,0 +1,16 @@
+version: 2
+updates:
+- package-ecosystem: gomod
+  directory: "/frontend"
+  schedule:
+    interval: daily
+    time: "08:00"
+    timezone: Asia/Shanghai
+  open-pull-requests-limit: 10
+- package-ecosystem: gomod
+  directory: "/proxy"
+  schedule:
+    interval: daily
+    time: "08:00"
+    timezone: Asia/Shanghai
+  open-pull-requests-limit: 10

.github/workflows/auto-merge.yml

@@ -0,0 +1,16 @@
+name: auto-merge
+
+on:
+  pull_request_target:
+
+jobs:
+  auto-merge:
+    name: Dependabot Auto Merge
+    runs-on: ubuntu-latest
+    if: github.actor == 'dependabot[bot]' || github.actor == 'dependabot-preview[bot]'
+    steps:
+      - uses: actions/checkout@v2
+      - uses: ahmadnassri/action-dependabot-auto-merge@v2
+        with:
+          target: minor
+          github-token: ${{ secrets.AUTOMERGE_TOKEN }}

.github/workflows/develop.yaml

@@ -0,0 +1,127 @@
+on:
+  push:
+    branches:
+      - 'master'
+  pull_request:
+    branches:
+      - 'master'
+
+jobs:
+  go-test:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Setup Golang
+        uses: actions/setup-go@v4
+
+      - name: Run frontend unit test
+        run: |
+          export GO111MODULE=on
+          cd frontend
+          go get -v -t -d ./...
+          go test -v ./...
+          cd ..
+
+      - name: Run proxy unit test
+        run: |
+          export GO111MODULE=on
+          cd proxy
+          go get -v -t -d ./...
+          go test -v ./...
+          cd ..
+
+  docker-test:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Test whois binary in frontend image
+        run: |
+          docker build -t local/frontend frontend/
+          docker run --rm --net host --entrypoint whois local/frontend -I github.com || exit 1
+          docker run --rm --net host --entrypoint whois local/frontend -h whois.ripe.net github.com || exit 1
+          docker run --rm --net host --entrypoint whois local/frontend -h whois.ripe.net:43 github.com || exit 1
+
+      - name: Test traceroute binary in proxy image
+        run: |
+          docker build -t local/proxy proxy/
+          docker run --rm --net host --entrypoint traceroute local/proxy 127.0.0.1 || exit 1
+          docker run --rm --net host --entrypoint traceroute local/proxy ::1 || exit 1
+
+      - name: Test mtr binary in proxy image
+        run: |
+          docker build -t local/proxy:mtr -f proxy/Dockerfile.mtr proxy/
+          docker run --rm --net host --entrypoint mtr local/proxy:mtr -w -c1 -Z1 -G1 -b 127.0.0.1 || exit 1
+          docker run --rm --net host --entrypoint mtr local/proxy:mtr -w -c1 -Z1 -G1 -b ::1 || exit 1
+
+  docker-develop:
+    runs-on: ubuntu-latest
+    needs:
+      - go-test
+      - docker-test
+    if: github.event_name != 'pull_request'
+    steps:
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build frontend docker image
+        uses: docker/build-push-action@v4
+        with:
+          context: '{{defaultContext}}:frontend'
+          platforms: linux/amd64,linux/arm64,linux/386,linux/arm/v7
+          push: true
+          tags: |
+            xddxdd/bird-lg-go:develop
+            xddxdd/bird-lg-go:develop-${{ github.sha }}
+            ghcr.io/xddxdd/bird-lg-go:frontend-develop
+            ghcr.io/xddxdd/bird-lg-go:frontend-develop-${{ github.sha }}
+
+      - name: Build proxy docker image
+        uses: docker/build-push-action@v4
+        with:
+          context: '{{defaultContext}}:proxy'
+          platforms: linux/amd64,linux/arm64,linux/386,linux/arm/v7
+          push: true
+          tags: |
+            xddxdd/bird-lgproxy-go:develop
+            xddxdd/bird-lgproxy-go:develop-${{ github.sha }}
+            ghcr.io/xddxdd/bird-lg-go:proxy-develop
+            ghcr.io/xddxdd/bird-lg-go:proxy-develop-${{ github.sha }}
+
+      - name: Build proxy docker image
+        uses: docker/build-push-action@v4
+        with:
+          context: '{{defaultContext}}:proxy'
+          file: 'Dockerfile.mtr'
+          platforms: linux/amd64,linux/arm64,linux/386,linux/arm/v7
+          push: true
+          tags: |
+            xddxdd/bird-lgproxy-go:develop-mtr
+            xddxdd/bird-lgproxy-go:develop-${{ github.sha }}-mtr
+            ghcr.io/xddxdd/bird-lg-go:proxy-develop-mtr
+            ghcr.io/xddxdd/bird-lg-go:proxy-develop-${{ github.sha }}-mtr

.github/workflows/release.yaml

@@ -0,0 +1,104 @@
+on:
+  release:
+    types: [created]
+
+jobs:
+  go-release:
+    name: Release Go Binary
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        goos: [linux, windows, darwin]
+        goarch: ["386", amd64, "arm", arm64]
+        exclude:
+          - goarch: "386"
+            goos: darwin
+          - goarch: "arm"
+            goos: darwin
+          - goarch: "arm"
+            goos: windows
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v3
+
+    - name: Release frontend
+      uses: wangyoucao577/go-release-action@v1.53
+      with:
+        github_token: ${{ secrets.GITHUB_TOKEN }}
+        goos: ${{ matrix.goos }}
+        goarch: ${{ matrix.goarch }}
+        project_path: "./frontend"
+        binary_name: "bird-lg-go"
+        pre_command: |
+          export CGO_ENABLED=0
+
+    - name: Release proxy
+      uses: wangyoucao577/go-release-action@v1.53
+      with:
+        github_token: ${{ secrets.GITHUB_TOKEN }}
+        goos: ${{ matrix.goos }}
+        goarch: ${{ matrix.goarch }}
+        project_path: "./proxy"
+        binary_name: "bird-lgproxy-go"
+        pre_command: |
+          export CGO_ENABLED=0
+
+  docker-release:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build frontend docker image
+        uses: docker/build-push-action@v4
+        with:
+          context: '{{defaultContext}}:frontend'
+          platforms: linux/amd64,linux/arm64,linux/386,linux/arm/v7
+          push: true
+          tags: |
+            xddxdd/bird-lg-go:latest
+            xddxdd/bird-lg-go:${{ github.event.release.tag_name }}
+            ghcr.io/xddxdd/bird-lg-go:frontend
+            ghcr.io/xddxdd/bird-lg-go:frontend-${{ github.event.release.tag_name }}
+
+      - name: Build proxy docker image
+        uses: docker/build-push-action@v4
+        with:
+          context: '{{defaultContext}}:proxy'
+          platforms: linux/amd64,linux/arm64,linux/386,linux/arm/v7
+          push: true
+          tags: |
+            xddxdd/bird-lgproxy-go:latest
+            xddxdd/bird-lgproxy-go:${{ github.event.release.tag_name }}
+            ghcr.io/xddxdd/bird-lg-go:proxy
+            ghcr.io/xddxdd/bird-lg-go:proxy-${{ github.event.release.tag_name }}
+
+      - name: Build proxy docker image
+        uses: docker/build-push-action@v4
+        with:
+          context: '{{defaultContext}}:proxy'
+          file: 'Dockerfile.mtr'
+          platforms: linux/amd64,linux/arm64,linux/386,linux/arm/v7
+          push: true
+          tags: |
+            xddxdd/bird-lgproxy-go:latest-mtr
+            xddxdd/bird-lgproxy-go:${{ github.event.release.tag_name }}-mtr
+            ghcr.io/xddxdd/bird-lg-go:proxy-mtr
+            ghcr.io/xddxdd/bird-lg-go:proxy-${{ github.event.release.tag_name }}-mtr

.gitignore

@@ -16,4 +16,7 @@
 
 .DS_Store
 frontend/frontend
-proxy/proxy
+proxy/proxy
+
+# don't include generated bindata file
+frontend/bindata.go

.travis.yml

@@ -1,35 +0,0 @@
-language: minimal
-os: linux
-dist: focal
-services:
-  - docker
-env:
-  - PROGRAM=frontend    IMAGE_NAME=bird-lg-go       IMAGE_ARCH=i386
-  - PROGRAM=frontend    IMAGE_NAME=bird-lg-go       IMAGE_ARCH=amd64
-  - PROGRAM=frontend    IMAGE_NAME=bird-lg-go       IMAGE_ARCH=arm32v7
-  - PROGRAM=frontend    IMAGE_NAME=bird-lg-go       IMAGE_ARCH=arm64v8
-  - PROGRAM=proxy       IMAGE_NAME=bird-lgproxy-go  IMAGE_ARCH=i386
-  - PROGRAM=proxy       IMAGE_NAME=bird-lgproxy-go  IMAGE_ARCH=amd64
-  - PROGRAM=proxy       IMAGE_NAME=bird-lgproxy-go  IMAGE_ARCH=arm32v7
-  - PROGRAM=proxy       IMAGE_NAME=bird-lgproxy-go  IMAGE_ARCH=arm64v8
-
-install:
-  - docker run --rm --privileged multiarch/qemu-user-static:register --reset
-  - echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin
-
-script:
-  - |
-    # Build image
-    docker build \
-      -t $DOCKER_USERNAME/$IMAGE_NAME:$IMAGE_ARCH \
-      -f $PROGRAM/Dockerfile.$IMAGE_ARCH \
-      $PROGRAM
-
-    # Tag image :{arch} and :{arch}-build{build number}
-    docker tag $DOCKER_USERNAME/$IMAGE_NAME:$IMAGE_ARCH $DOCKER_USERNAME/$IMAGE_NAME:$IMAGE_ARCH-build$TRAVIS_BUILD_NUMBER
-    if [ "$IMAGE_ARCH" = "amd64" ]; then
-      # Tag as latest for amd64 images
-      docker tag $DOCKER_USERNAME/$IMAGE_NAME:$IMAGE_ARCH $DOCKER_USERNAME/$IMAGE_NAME:latest
-      docker tag $DOCKER_USERNAME/$IMAGE_NAME:$IMAGE_ARCH $DOCKER_USERNAME/$IMAGE_NAME:build$TRAVIS_BUILD_NUMBER
-    fi
-  - docker push $DOCKER_USERNAME/$IMAGE_NAME

Makefile

@@ -0,0 +1,13 @@
+frontend:
+	$(MAKE) -C frontend all
+
+proxy:
+	$(MAKE) -C proxy all
+
+.DEFAULT_GOAL := all
+.PHONY: all frontend proxy
+all: frontend proxy
+
+install:
+	install -m 755 frontend/frontend /usr/local/bin/bird-lg-go
+	install -m 755 proxy/proxy /usr/local/bin/bird-lgproxy-go

README.md

@@ -1,10 +1,43 @@
-Bird-lg-go
-==========
+# Bird-lg-go
 
 An alternative implementation for [bird-lg](https://github.com/sileht/bird-lg) written in Go. Both frontend and backend (proxy) are implemented, and can work with either the original Python implementation or the Go implementation.
 
-Frontend
---------
+> The code on master branch no longer support BIRDv1. Branch "bird1" is the last version that supports BIRDv1.
+
+## Table of Contents
+
+- [Bird-lg-go](#bird-lg-go)
+  - [Table of Contents](#table-of-contents)
+  - [Build Instructions](#build-instructions)
+    - [Build Docker Images](#build-docker-images)
+  - [Frontend](#frontend)
+  - [Proxy](#proxy)
+  - [Advanced Features](#advanced-features)
+    - [Display names](#display-names)
+    - [IP addresses](#ip-addresses)
+    - [API](#api)
+    - [Telegram Bot Webhook](#telegram-bot-webhook)
+  - [Credits](#credits)
+  - [License](#license)
+
+## Build Instructions
+
+You need to have **Go 1.16 or newer** installed on your machine.
+
+Run `make` to build binaries for both the frontend and the proxy.
+
+Optionally run `make install` to install them to `/usr/local/bin` (`bird-lg-go` and `bird-lgproxy-go`).
+
+### Build Docker Images
+
+Use the Dockerfiles in `frontend` and `proxy` directory.
+
+Ready-to-use images are available at:
+
+- Frontend: <https://hub.docker.com/r/xddxdd/bird-lg-go>
+- Proxy: <https://hub.docker.com/r/xddxdd/bird-lgproxy-go>
+
+## Frontend
 
 The frontend directory contains the code for the web frontend, where users see BGP states, do traceroutes and whois, etc. It's a replacement for "lg.py" in original bird-lg project.
 
@@ -16,83 +49,178 @@ Features implemented:
 - Work with both Python proxy (lgproxy.py) and Go proxy (proxy dir of this project)
 - Visualize AS paths as picture (bgpmap feature)
 
-Usage: all configuration is done via commandline parameters or environment variables, no config file.
+Configuration can be set in:
 
-- --servers / BIRDLG_SERVERS: server name prefixes, separated by comma
-- --domain / BIRDLG_DOMAIN: server name domain suffixes
-- --listen / BIRDLG_LISTEN: address bird-lg is listening on (default ":5000")
-- --proxy-port / BIRDLG_PROXY_PORT: port bird-lgproxy is running on (default 8000)
-- --whois / BIRDLG_WHOIS: whois server for queries (default "whois.verisign-grs.com")
+- `bird-lg.[json/yaml/etc]` in current directory
+- `/etc/bird-lg/bird-lg.[json/yaml/etc]`
+- Commandline parameter
+- Environment variables
+
+Configuration is handled by [viper](https://github.com/spf13/viper), any config format supported by it can be used.
+
+| Config Key | Parameter | Environment Variable | Description |
+| ---------- | --------- | -------------------- | ----------- |
+| servers | --servers | BIRDLG_SERVERS | server name prefixes, separated by comma |
+| domain | --domain | BIRDLG_DOMAIN | server name domain suffixes |
+| listen | --listen | BIRDLG_LISTEN | address bird-lg is listening on (default "5000") |
+| proxy_port | --proxy-port | BIRDLG_PROXY_PORT | port bird-lgproxy is running on (default 8000) |
+| whois | --whois | BIRDLG_WHOIS | whois server for queries (default "whois.verisign-grs.com"). Start with "/" to spacify local whois binary("/usr/local/whois"). |
+| dns_interface | --dns-interface | BIRDLG_DNS_INTERFACE | dns zone to query ASN information (default "asn.cymru.com") |
+| bgpmap_info | --bgpmap-info | BIRDLG_BGPMAP_INFO | the infos displayed in bgpmap, separated by comma, start with `:` means allow multiline (default "asn,as-name,ASName,descr") |
+| title_brand | --title-brand | BIRDLG_TITLE_BRAND | prefix of page titles in browser tabs (default "Bird-lg Go") |
+| navbar_brand | --navbar-brand | BIRDLG_NAVBAR_BRAND | brand to show in the navigation bar (default "Bird-lg Go") |
+| navbar_brand_url | --navbar-brand-url | BIRDLG_NAVBAR_BRAND_URL | the url of the brand to show in the navigation bar (default "/") |
+| navbar_all_servers | --navbar-all-servers | BIRDLG_NAVBAR_ALL_SERVERS | the text of "All servers" button in the navigation bar (default "ALL Servers") |
+| navbar_all_url | --navbar-all-url | BIRDLG_NAVBAR_ALL_URL | the URL of "All servers" button (default "all") |
+| net_specific_mode | --net-specific-mode | BIRDLG_NET_SPECIFIC_MODE | apply network-specific changes for some networks, use "dn42" for BIRD in dn42 network |
+| protocol_filter | --protocol-filter | BIRDLG_PROTOCOL_FILTER | protocol types to show in summary tables (comma separated list); defaults to all if not set |
+| name_filter | --name-filter | BIRDLG_NAME_FILTER | protocol names to hide in summary tables (RE2 syntax); defaults to none if not set |
+| timeout | --time-out | BIRDLG_TIMEOUT | time before request timed out, in seconds; defaults to 120 if not set |
+
+### Examples
 
 Example: the following command starts the frontend with 2 BIRD nodes, with domain name "gigsgigscloud.dn42.lantian.pub" and "hostdare.dn42.lantian.pub", and proxies are running on port 8000 on both nodes.
 
-    ./frontend --servers=gigsgigscloud,hostdare --domain=dn42.lantian.pub --proxy-port=8000
+```bash
+./frontend --servers=gigsgigscloud,hostdare --domain=dn42.lantian.pub --proxy-port=8000
+```
 
 Example: the following docker-compose.yml entry does the same as above, but by starting a Docker container:
 
-    services:
-      bird-lg:
-        image: xddxdd/bird-lg-go
-        container_name: bird-lg
-        restart: always
-        environment:
-          - BIRDLG_SERVERS=gigsgigscloud,hostdare
-          - BIRDLG_DOMAIN=dn42.lantian.pub
-        ports:
-          - "5000:5000"
+```yaml
+services:
+  bird-lg:
+    # Use xddxdd/bird-lg-go:develop for the latest build from master branch
+    image: xddxdd/bird-lg-go:latest
+    container_name: bird-lg
+    restart: always
+    environment:
+      - BIRDLG_SERVERS=gigsgigscloud,hostdare
+      - BIRDLG_DOMAIN=dn42.lantian.pub
+    ports:
+      - "5000:5000"
+```
 
-Demo: https://lg.lantian.pub
+Demo: <https://lg.lantian.pub>
 
-Proxy
------
+## Proxy
 
 The proxy directory contains the code for the "proxy" for bird commands and traceroutes. It's a replacement for "lgproxy.py" in original bird-lg project.
 
 Features implemented:
 
-- Sending queries to BIRD and BIRD6
-  - If you are using BIRDv2, simply point both `--bird` and `--bird6` to the only socket file of BIRDv2
+- Sending queries to BIRD
 - Sending "restrict" command to BIRD to prevent unauthorized changes
 - Executing traceroute command on Linux, FreeBSD and OpenBSD
 - Source IP restriction
 
-Usage: all configuration is done via commandline parameters or environment variables, no config file.
+Configuration can be set in:
 
-- --allowed / ALLOWED_IPS: IPs allowed to access this proxy, separated by commas. Don't set to allow all IPs. (default "")
-- --bird / BIRD_SOCKET: socket file for bird, set either in parameter or environment variable BIRD_SOCKET (default "/var/run/bird/bird.ctl")
-- --bird6 / BIRD6_SOCKET: socket file for bird6, set either in parameter or environment variable BIRD6_SOCKET (default "/var/run/bird/bird6.ctl")
-- --listen / BIRDLG_LISTEN: listen address, set either in parameter or environment variable BIRDLG_LISTEN (default ":8000")
+- `bird-lgproxy.[json/yaml/etc]` in current directory
+- `/etc/bird-lg/bird-lgproxy.[json/yaml/etc]`
+- Commandline parameter
+- Environment variables
+
+Configuration is handled by [viper](https://github.com/spf13/viper), any config format supported by it can be used.
+
+| Config Key | Parameter | Environment Variable | Description |
+| ---------- | --------- | -------------------- | ----------- |
+| allowed_ips | --allowed | ALLOWED_IPS | IPs or networks allowed to access this proxy, separated by commas. Don't set to allow all IPs. (default "") |
+| bird_socket | --bird | BIRD_SOCKET | socket file for bird, set either in parameter or environment variable BIRD_SOCKET (default "/var/run/bird/bird.ctl") |
+| listen | --listen | BIRDLG_PROXY_PORT | listen address, set either in parameter or environment variable  BIRDLG_PROXY_PORT(default "8000") |
+| traceroute_bin | --traceroute_bin | BIRDLG_TRACEROUTE_BIN | traceroute binary file, set either in parameter or environment variable  BIRDLG_TRACEROUTE_BIN |
+| traceroute_flags | --traceroute_flags | BIRDLG_TRACEROUTE_FLAGS | traceroute flags, supports multiple flags separated with space. |
+| traceroute_raw | --traceroute_raw | BIRDLG_TRACEROUTE_RAW | whether to display traceroute outputs raw (default false) |
+
+### Traceroute Binary Autodetection
+
+If `traceroute_bin` or `traceroute_flags` is not set, then on startup, the proxy will try to `traceroute 127.0.0.1` with different traceroute binaries and arguments, in order to use the most optimized setting available, while maintaining compatibility with multiple variants of traceroute binaries.
+
+Traceroute binaries will be autodetected in the following order:
+
+1. If `traceroute_bin` is set:
+   1. `[traceroute_bin] -q1 -N32 -w1 127.0.0.1` (Corresponds to Traceroute on Debian)
+   2. `[traceroute_bin] -q1 -w1 127.0.0.1` (Corresponds to Traceroute on FreeBSD)
+   3. `[traceroute_bin] 127.0.0.1` (Corresponds to Busybox Traceroute)
+2. `mtr -w -c1 -Z1 -G1 -b 127.0.0.1` (MTR)
+3. `traceroute -q1 -N32 -w1 127.0.0.1` (Corresponds to Traceroute on Debian)
+4. `traceroute -q1 -w1 127.0.0.1` (Corresponds to Traceroute on FreeBSD)
+5. `traceroute 127.0.0.1` (Corresponds to Busybox Traceroute)
+
+### Examples
 
 Example: start proxy with default configuration, should work "out of the box" on Debian 9 with BIRDv1:
 
-    ./proxy
+```bash
+./proxy
+```
 
 Example: start proxy with custom bird socket location:
 
-    ./proxy --bird /run/bird.ctl --bird6 /run/bird6.ctl
+```bash
+./proxy --bird /run/bird.ctl
+```
 
 Example: the following docker-compose.yml entry does the same as above, but by starting a Docker container:
 
-    bird-lgproxy:
-      image: xddxdd/bird-lgproxy-go
-      container_name: bird-lgproxy
-      restart: always
-      volumes:
-        - "/run/bird.ctl:/var/run/bird/bird.ctl"
-        - "/run/bird6.ctl:/var/run/bird/bird6.ctl"
-      ports:
-        - "192.168.0.1:8000:8000"
+```yaml
+services:
+  bird-lgproxy:
+    # Use xddxdd/bird-lgproxy-go:develop for the latest build from master branch
+    # Use xddxdd/bird-lgproxy-go:latest-mtr to use MTR instead of Traceroute
+    image: xddxdd/bird-lgproxy-go:latest
+    container_name: bird-lgproxy
+    restart: always
+    volumes:
+      - "/run/bird.ctl:/var/run/bird/bird.ctl"
+    ports:
+      - "192.168.0.1:8000:8000"
+```
 
 You can use source IP restriction to increase security. You should also bind the proxy to a specific interface and use an external firewall/iptables for added security.
 
-Credits
--------
+## Advanced Features
 
+### Display names
+
+The server parameter is composed of server name prefixes, separated by comma. It also supports an extended syntax: It allows to define display names for the user interface that are different from the actual server names.
+
+For instance, the two servers from the basic example can be displayed as "Gigs" and "Hostdare" using the following syntax (as known from email addresses):
+
+```bash
+./frontend --servers="Gigs<gigsgigscloud>,Hostdare<hostdare>" --domain=dn42.lantian.pub
+```
+
+### IP addresses
+
+You may also specify IP addresses as server names when no domain is specified. IPv6 link local addresses are supported, too.
+
+For example:
+
+```bash
+./frontend --servers="Prod<prod.mydomain.local>,Test1<fd88:dead:beef::1>,Test2<fe80::c%wg0>" --domain=
+```
+
+These three servers are displayed as "Prod", "Test1" and "Test2" in the user interface.
+
+### API
+
+The frontend provides an API for running BIRD/traceroute/whois queries.
+
+See [API docs](docs/API.md) for detailed information.
+
+### Telegram Bot Webhook
+
+The frontend can act as a Telegram Bot webhook endpoint, to add BGP route/traceroute/whois lookup functionality to your tech group.
+
+See [Telegram docs](docs/Telegram.md) for detailed information.
+
+## Credits
+
+- Everyone who contributed to this project (see Contributors section on the right)
 - Mehdi Abaakouk for creating [the original bird-lg project](https://github.com/sileht/bird-lg)
 - [Bootstrap](https://getbootstrap.com/) as web UI framework
 
-License
--------
+## License
 
 GPL 3.0
-

RELEASE

@@ -0,0 +1 @@
+v1.3.12.1

docs/API.md

@@ -0,0 +1,202 @@
+# Bird-lg-go API documentation
+
+The frontend provides an API for running BIRD/traceroute/whois queries.
+
+API Endpoint: `https://your.frontend.com/api/` (the last slash must not be omitted!)
+
+Requests are sent as POSTS with JSON bodies.
+
+## Table of Contents
+
+   * [Bird-lg-go API documentation](#bird-lg-go-api-documentation)
+      * [Table of Contents](#table-of-contents)
+      * [Request fields](#request-fields)
+         * [Example request of type bird](#example-request-of-type-bird)
+         * [Example request of type server_list](#example-request-of-type-server_list)
+      * [Response fields (when type is summary)](#response-fields-when-type-is-summary)
+         * [Fields for apiSummaryResultPair](#fields-for-apisummaryresultpair)
+         * [Fields for SummaryRowData](#fields-for-summaryrowdata)
+         * [Example response](#example-response)
+      * [Response fields (when type is bird, traceroute, whois or server_list)](#response-fields-when-type-is-bird-traceroute-whois-or-server_list)
+         * [Fields for apiGenericResultPair](#fields-for-apigenericresultpair)
+         * [Example response of type bird](#example-response-of-type-bird)
+         * [Example response of type server_list](#example-response-of-type-server_list)
+
+Created by [gh-md-toc](https://github.com/ekalinin/github-markdown-toc)
+
+## Request fields
+
+| Name | Type | Value |
+| ---- | ---- | -------- |
+| `servers` | array of `string` | List of servers to be queried |
+| `type` | `string` | Can be `summary`, `bird`, `traceroute`, `whois` or `server_list` |
+| `args` | `string` | Arguments to be passed, see below |
+
+Argument examples for each type:
+
+- `summary`: `args` is ignored. Recommended to set to empty string.
+- `bird`: `args` is the command to be passed to bird, e.g. `show route for 8.8.8.8`
+- `traceroute`: `args` is the traceroute target, e.g. `8.8.8.8` or `google.com`
+- `whois`: `args` is the whois target, e.g. `8.8.8.8` or `google.com`
+- `server_list`: `args` is ignored. In addition, `servers` is also ignored.
+
+### Example request of type `bird`
+
+```json
+{
+    "servers": [
+        "alpha"
+    ],
+    "type": "bird",
+    "args": "show route for 8.8.8.8"
+}
+```
+
+### Example request of type `server_list`
+
+```json
+{
+    "servers": [],
+    "type": "server_list",
+    "args": ""
+}
+```
+
+## Response fields (when `type` is `summary`)
+
+| Name | Type | Value |
+| ---- | ---- | -------- |
+| `error` | `string` | Error message when something is wrong. Empty when everything is good |
+| `result` | array of `apiSummaryResultPair` | See below |
+
+### Fields for `apiSummaryResultPair`
+
+| Name | Type | Value |
+| ---- | ---- | -------- |
+| `server` | `string` | Name of the server |
+| `data` | array of `SummaryRowData` | Summaries of the server, see below |
+
+### Fields for `SummaryRowData`
+
+All fields below is 1:1 correspondent to the output of `birdc show protocols`.
+
+| Name | Type |
+| ---- | ---- |
+| `name` | `string` |
+| `proto` | `string` |
+| `table` | `string` |
+| `state` | `string` |
+| `since` | `string` |
+| `info` | `string` |
+
+### Example response
+
+Request:
+```json
+{
+    "servers": [
+        "alpha"
+    ],
+    "type": "summary",
+    "args": ""
+}
+```
+
+Response:
+
+```json
+{
+    "error": "",
+    "result": [
+        {
+            "server": "alpha",
+            "data": [
+                {
+                    "name": "bgp1",
+                    "proto": "BGP",
+                    "table": "---",
+                    "state": "start",
+                    "since": "2021-01-15 22:40:01",
+                    "info": "Active        Socket: Operation timed out"
+                },
+                {
+                    "name": "bgp2",
+                    "proto": "BGP",
+                    "table": "---",
+                    "state": "start",
+                    "since": "2021-01-03 08:15:48",
+                    "info": "Established"
+                }
+            ]
+        }
+    ]
+}
+```
+
+## Response fields (when `type` is `bird`, `traceroute`, `whois` or `server_list`)
+
+| Name | Type | Value |
+| ---- | ---- | -------- |
+| `error` | `string` | Error message, empty when everything is good |
+| `result` | array of `apiGenericResultPair` | See below |
+
+### Fields for `apiGenericResultPair`
+
+| Name | Type | Value |
+| ---- | ---- | -------- |
+| `server` | `string` | Name of the server; is empty when type is `whois` |
+| `data` | `string` | Result from the server; is empty when type is `server_list` |
+
+### Example response of type `bird`
+
+Request:
+
+```json
+{
+    "servers": [
+        "alpha"
+    ],
+    "type": "bird",
+    "args": "show status"
+}
+```
+
+Response:
+
+```json
+{
+    "error": "",
+    "result": [
+        {
+            "server": "alpha",
+            "data": "BIRD v2.0.7-137-g61dae32b\nRouter ID is 1.2.3.4\nCurrent server time is 2021-01-17 04:21:14.792\nLast reboot on 2021-01-03 08:15:48.494\nLast reconfiguration on 2021-01-17 00:49:10.573\nDaemon is up and running\n"
+        }
+    ]
+}
+```
+
+### Example response of type `server_list`
+
+Request:
+
+```json
+{
+    "servers": [],
+    "type": "server_list",
+    "args": ""
+}
+```
+
+Response:
+
+```json
+{
+    "error": "",
+    "result": [
+        {
+            "server": "gigsgigscloud",
+            "data": ""
+        }
+    ]
+}
+```

docs/Telegram.md

@@ -0,0 +1,22 @@
+# Telegram Bot Webhook
+
+The frontend can act as a Telegram Bot webhook endpoint, to add BGP route/traceroute/whois lookup functionality to your tech group.
+
+There is no configuration necessary on the frontend, just start it up normally.
+
+Set your Telegram Bot webhook URL to `https://your.frontend.com/telegram/alpha+beta+gamma`, where `alpha+beta+gamma` is the list of servers to be queried on Telegram commands, separated by `+`.
+
+You may omit `alpha+beta+gamma` to use all your servers, but it is not recommended when you have lots of servers, or the message would be too long and hard to read.
+
+## Example of setting the webhook
+
+```bash
+curl "https://api.telegram.org/bot${BOT_TOKEN}/setWebhook?url=https://your.frontend.com:5000/telegram/alpha+beta+gamma"
+```
+
+## Supported commands
+
+- `path`: Show bird's ASN path to target IP
+- `route`: Show bird's preferred route to target IP
+- `trace`: Traceroute to target IP/domain
+- `whois`: Whois query

frontend/Dockerfile

@@ -0,0 +1,33 @@
+FROM golang AS step_0
+ENV CGO_ENABLED=0 GO111MODULE=on
+WORKDIR /root
+COPY . .
+RUN go build -ldflags "-w -s" -o /frontend
+
+################################################################################
+
+FROM alpine:edge AS step_1
+
+WORKDIR /root
+RUN apk add --no-cache build-base pkgconf perl gettext \
+    libidn2-dev libidn2-static libunistring-dev libunistring-static gnu-libiconv-dev
+
+RUN wget https://github.com/rfc1036/whois/archive/refs/tags/v5.5.18.tar.gz \
+    -O whois-5.5.18.tar.gz
+
+RUN tar xvf whois-5.5.18.tar.gz \
+    && cd whois-5.5.18 \
+    && sed -i "s/#if defined _POSIX_C_SOURCE && _POSIX_C_SOURCE >= 200112L/#if 1/g" config.h \
+    && make whois -j4 \
+      LDFLAGS="-static" CONFIG_FILE="/etc/whois.conf" PKG_CONFIG="pkg-config --static" HAVE_ICONV=1 \
+    && strip /root/whois-5.5.18/whois
+
+################################################################################
+
+FROM scratch AS step_2
+ENV PATH=/
+ENV BIRDLG_WHOIS=/whois
+COPY --from=step_0 /frontend /
+COPY --from=step_1 /root/whois-5.5.18/whois /
+COPY --from=step_1 /etc/services /etc/services
+ENTRYPOINT ["/frontend"]

frontend/Dockerfile.amd64

@@ -1,13 +0,0 @@
-FROM amd64/debian:buster
-
-LABEL Lan Tian "lantian@lantian.pub"
-ENV GOOS=linux GOARCH=amd64
-WORKDIR /root
-COPY . .
-RUN apt-get -qq update && DEBIAN_FRONTEND=noninteractive apt-get -qq install -y golang git \
-  && cd /root && go get github.com/gorilla/handlers && go build -o /frontend \
-  && cd / && rm -rf /root/* \
-  && apt-get -qq purge -y golang git \
-  && apt-get -qq autoremove --purge -y && apt-get clean && rm -rf /var/lib/apt/lists
-
-ENTRYPOINT ["/frontend"]

frontend/Dockerfile.arm32v7

@@ -1,13 +0,0 @@
-FROM multiarch/debian-debootstrap:armhf-buster
-
-LABEL Lan Tian "lantian@lantian.pub"
-ENV GOOS=linux GOARCH=arm
-WORKDIR /root
-COPY . .
-RUN apt-get -qq update && DEBIAN_FRONTEND=noninteractive apt-get -qq install -y golang git \
-  && cd /root && go get github.com/gorilla/handlers && go build -o /frontend \
-  && cd / && rm -rf /root/* \
-  && apt-get -qq purge -y golang git \
-  && apt-get -qq autoremove --purge -y && apt-get clean && rm -rf /var/lib/apt/lists
-
-ENTRYPOINT ["/frontend"]

frontend/Dockerfile.arm64v8

@@ -1,13 +0,0 @@
-FROM multiarch/debian-debootstrap:arm64-buster
-
-LABEL Lan Tian "lantian@lantian.pub"
-ENV GOOS=linux GOARCH=arm64
-WORKDIR /root
-COPY . .
-RUN apt-get -qq update && DEBIAN_FRONTEND=noninteractive apt-get -qq install -y golang git \
-  && cd /root && go get github.com/gorilla/handlers && go build -o /frontend \
-  && cd / && rm -rf /root/* \
-  && apt-get -qq purge -y golang git \
-  && apt-get -qq autoremove --purge -y && apt-get clean && rm -rf /var/lib/apt/lists
-
-ENTRYPOINT ["/frontend"]

frontend/Dockerfile.i386

@@ -1,13 +0,0 @@
-FROM i386/debian:buster
-
-LABEL Lan Tian "lantian@lantian.pub"
-ENV GOOS=linux GOARCH=386
-WORKDIR /root
-COPY . .
-RUN apt-get -qq update && DEBIAN_FRONTEND=noninteractive apt-get -qq install -y golang git \
-  && cd /root && go get github.com/gorilla/handlers && go build -o /frontend \
-  && cd / && rm -rf /root/* \
-  && apt-get -qq purge -y golang git \
-  && apt-get -qq autoremove --purge -y && apt-get clean && rm -rf /var/lib/apt/lists
-
-ENTRYPOINT ["/frontend"]

frontend/Makefile

@@ -0,0 +1,3 @@
+.PHONY: all
+all:
+	go build -ldflags "-w -s" -o frontend

frontend/api.go

@@ -0,0 +1,134 @@
+package main
+
+import (
+	"encoding/json"
+	"errors"
+	"net/http"
+)
+
+type apiRequest struct {
+	Servers []string `json:"servers"`
+	Type    string   `json:"type"`
+	Args    string   `json:"args"`
+}
+
+type apiGenericResultPair struct {
+	Server string `json:"server"`
+	Data   string `json:"data"`
+}
+
+type apiSummaryResultPair struct {
+	Server string           `json:"server"`
+	Data   []SummaryRowData `json:"data"`
+	Error  string           `json:"error,omitempty"`
+}
+
+type apiResponse struct {
+	Error  string        `json:"error"`
+	Result []interface{} `json:"result"`
+}
+
+var apiHandlerMap = map[string](func(request apiRequest) apiResponse){
+	"summary":     apiSummaryHandler,
+	"bird":        apiGenericHandlerFactory("bird"),
+	"traceroute":  apiGenericHandlerFactory("traceroute"),
+	"whois":       apiWhoisHandler,
+	"server_list": apiServerListHandler,
+}
+
+func apiGenericHandlerFactory(endpoint string) func(request apiRequest) apiResponse {
+	return func(request apiRequest) apiResponse {
+		results := batchRequest(request.Servers, endpoint, request.Args)
+		var response apiResponse
+
+		for i, result := range results {
+			response.Result = append(response.Result, &apiGenericResultPair{
+				Server: request.Servers[i],
+				Data:   result,
+			})
+		}
+
+		return response
+	}
+}
+
+func apiServerListHandler(request apiRequest) apiResponse {
+	var response apiResponse
+
+	for _, server := range setting.servers {
+		response.Result = append(response.Result, apiGenericResultPair{
+			Server: server,
+		})
+	}
+
+	return response
+}
+
+func apiSummaryHandler(request apiRequest) apiResponse {
+	results := batchRequest(request.Servers, "bird", "show protocols")
+	var response apiResponse
+
+	for i, result := range results {
+		parsedSummary, err := summaryParse(result, request.Servers[i])
+		if err != nil {
+			response.Result = append(response.Result, &apiSummaryResultPair{
+				Server: request.Servers[i],
+				Data:   []SummaryRowData{},
+				Error:  err.Error(),
+			})
+			continue
+		}
+
+		response.Result = append(response.Result, &apiSummaryResultPair{
+			Server: request.Servers[i],
+			Data:   parsedSummary.Rows,
+		})
+	}
+
+	return response
+}
+
+func apiWhoisHandler(request apiRequest) apiResponse {
+	return apiResponse{
+		Error: "",
+		Result: []interface{}{
+			apiGenericResultPair{
+				Server: "",
+				Data:   whois(request.Args),
+			},
+		},
+	}
+}
+
+func apiErrorHandler(err error) apiResponse {
+	return apiResponse{
+		Error: err.Error(),
+	}
+}
+
+func apiHandler(w http.ResponseWriter, r *http.Request) {
+	var request apiRequest
+	var response apiResponse
+	err := json.NewDecoder(r.Body).Decode(&request)
+	if err != nil {
+		response = apiResponse{
+			Error: err.Error(),
+		}
+	} else {
+		handler := apiHandlerMap[request.Type]
+		if handler == nil {
+			response = apiErrorHandler(errors.New("invalid request type"))
+		} else {
+			response = handler(request)
+		}
+	}
+
+	w.Header().Add("Content-Type", "application/json")
+	w.Header().Add("Access-Control-Allow-Origin", "*")
+	bytes, err := json.Marshal(response)
+	if err != nil {
+		println(err.Error())
+		return
+	}
+	w.Write(bytes)
+}

frontend/api_test.go

@@ -0,0 +1,211 @@
+package main
+
+import (
+	"bytes"
+	"encoding/json"
+	"errors"
+	"net/http"
+	"net/http/httptest"
+	"net/url"
+	"strings"
+	"testing"
+
+	"github.com/jarcoal/httpmock"
+	"github.com/magiconair/properties/assert"
+)
+
+func TestApiServerListHandler(t *testing.T) {
+	setting.servers = []string{"alpha", "beta", "gamma"}
+	response := apiServerListHandler(apiRequest{})
+
+	assert.Equal(t, len(response.Result), 3)
+	assert.Equal(t, response.Result[0].(apiGenericResultPair).Server, "alpha")
+	assert.Equal(t, response.Result[1].(apiGenericResultPair).Server, "beta")
+	assert.Equal(t, response.Result[2].(apiGenericResultPair).Server, "gamma")
+}
+
+func TestApiGenericHandlerFactory(t *testing.T) {
+	httpmock.Activate()
+	defer httpmock.DeactivateAndReset()
+
+	httpResponse := httpmock.NewStringResponder(200, BirdSummaryData)
+	httpmock.RegisterResponder("GET", "http://alpha:8000/bird?q="+url.QueryEscape("show protocols"), httpResponse)
+
+	setting.servers = []string{"alpha"}
+	setting.domain = ""
+	setting.proxyPort = 8000
+
+	request := apiRequest{
+		Servers: setting.servers,
+		Type:    "bird",
+		Args:    "show protocols",
+	}
+
+	handler := apiGenericHandlerFactory("bird")
+	response := handler(request)
+
+	assert.Equal(t, response.Error, "")
+
+	result := response.Result[0].(*apiGenericResultPair)
+	assert.Equal(t, result.Server, "alpha")
+	assert.Equal(t, result.Data, BirdSummaryData)
+}
+
+func TestApiSummaryHandler(t *testing.T) {
+	httpmock.Activate()
+	defer httpmock.DeactivateAndReset()
+
+	httpResponse := httpmock.NewStringResponder(200, BirdSummaryData)
+	httpmock.RegisterResponder("GET", "http://alpha:8000/bird?q="+url.QueryEscape("show protocols"), httpResponse)
+
+	setting.servers = []string{"alpha"}
+	setting.domain = ""
+	setting.proxyPort = 8000
+
+	request := apiRequest{
+		Servers: setting.servers,
+		Type:    "summary",
+		Args:    "",
+	}
+	response := apiSummaryHandler(request)
+
+	assert.Equal(t, response.Error, "")
+
+	summary := response.Result[0].(*apiSummaryResultPair)
+	assert.Equal(t, summary.Server, "alpha")
+	assert.Equal(t, len(summary.Data), 7)
+	// Protocol list will be sorted
+	assert.Equal(t, summary.Data[0].Name, "device1")
+	assert.Equal(t, summary.Data[0].Proto, "Device")
+	assert.Equal(t, summary.Data[0].Table, "---")
+	assert.Equal(t, summary.Data[0].State, "up")
+	assert.Equal(t, summary.Data[0].Since, "2021-08-27")
+	assert.Equal(t, summary.Data[0].Info, "")
+}
+
+func TestApiSummaryHandlerError(t *testing.T) {
+	httpmock.Activate()
+	defer httpmock.DeactivateAndReset()
+
+	httpResponse := httpmock.NewStringResponder(200, "Mock backend error")
+	httpmock.RegisterResponder("GET", "http://alpha:8000/bird?q="+url.QueryEscape("show protocols"), httpResponse)
+
+	setting.servers = []string{"alpha"}
+	setting.domain = ""
+	setting.proxyPort = 8000
+
+	request := apiRequest{
+		Servers: setting.servers,
+		Type:    "summary",
+		Args:    "",
+	}
+	response := apiSummaryHandler(request)
+
+	assert.Equal(t, response.Error, "")
+
+	summary := response.Result[0].(*apiSummaryResultPair)
+	assert.Equal(t, summary.Error, "Mock backend error")
+}
+
+func TestApiWhoisHandler(t *testing.T) {
+	expectedData := "Mock Data"
+	server := WhoisServer{
+		t:             t,
+		expectedQuery: "AS6939",
+		response:      expectedData,
+	}
+
+	server.Listen()
+	go server.Run()
+	defer server.Close()
+
+	setting.whoisServer = server.server.Addr().String()
+
+	request := apiRequest{
+		Servers: []string{},
+		Type:    "",
+		Args:    "AS6939",
+	}
+	response := apiWhoisHandler(request)
+
+	assert.Equal(t, response.Error, "")
+
+	whoisResult := response.Result[0].(apiGenericResultPair)
+	assert.Equal(t, whoisResult.Server, "")
+	assert.Equal(t, whoisResult.Data, expectedData)
+}
+
+func TestApiErrorHandler(t *testing.T) {
+	err := errors.New("Mock Error")
+	response := apiErrorHandler(err)
+	assert.Equal(t, response.Error, "Mock Error")
+}
+
+func TestApiHandler(t *testing.T) {
+	setting.servers = []string{"alpha", "beta", "gamma"}
+
+	request := apiRequest{
+		Servers: []string{},
+		Type:    "server_list",
+		Args:    "",
+	}
+	requestJson, err := json.Marshal(request)
+	if err != nil {
+		t.Error(err)
+	}
+
+	r := httptest.NewRequest(http.MethodGet, "/api", bytes.NewReader(requestJson))
+	w := httptest.NewRecorder()
+	apiHandler(w, r)
+
+	var response apiResponse
+	err = json.Unmarshal(w.Body.Bytes(), &response)
+	if err != nil {
+		t.Error(err)
+	}
+
+	assert.Equal(t, len(response.Result), 3)
+	// Hard to unmarshal JSON into apiGenericResultPair objects, won't check here
+}
+
+func TestApiHandlerBadJSON(t *testing.T) {
+	setting.servers = []string{"alpha", "beta", "gamma"}
+
+	r := httptest.NewRequest(http.MethodGet, "/api", strings.NewReader("{bad json}"))
+	w := httptest.NewRecorder()
+	apiHandler(w, r)
+
+	var response apiResponse
+	err := json.Unmarshal(w.Body.Bytes(), &response)
+	if err != nil {
+		t.Error(err)
+	}
+
+	assert.Equal(t, len(response.Result), 0)
+}
+
+func TestApiHandlerInvalidType(t *testing.T) {
+	setting.servers = []string{"alpha", "beta", "gamma"}
+
+	request := apiRequest{
+		Servers: setting.servers,
+		Type:    "invalid_type",
+		Args:    "",
+	}
+	requestJson, err := json.Marshal(request)
+	if err != nil {
+		t.Error(err)
+	}
+
+	r := httptest.NewRequest(http.MethodGet, "/api", bytes.NewReader(requestJson))
+	w := httptest.NewRecorder()
+	apiHandler(w, r)
+
+	var response apiResponse
+	err = json.Unmarshal(w.Body.Bytes(), &response)
+	if err != nil {
+		t.Error(err)
+	}
+
+	assert.Equal(t, len(response.Result), 0)
+}

frontend/asn_cache.go

@@ -0,0 +1,83 @@
+package main
+
+import (
+	"fmt"
+	"net"
+	"strings"
+)
+
+type ASNCache map[string]string
+
+func (cache ASNCache) _lookup(asn string) string {
+	// Try to get ASN representation using DNS
+	if setting.dnsInterface != "" {
+		records, err := net.LookupTXT(fmt.Sprintf("AS%s.%s", asn, setting.dnsInterface))
+		if err == nil {
+			result := strings.Join(records, " ")
+			if resultSplit := strings.Split(result, " | "); len(resultSplit) > 1 {
+				result = strings.Join(resultSplit[1:], "\n")
+			}
+			return fmt.Sprintf("AS%s\n%s", asn, result)
+		}
+	}
+
+	// Try to get ASN representation using WHOIS
+	if setting.whoisServer != "" {
+		if setting.bgpmapInfo == "" {
+			setting.bgpmapInfo = "asn,as-name,ASName,descr"
+		}
+		records := whois(fmt.Sprintf("AS%s", asn))
+		if records != "" {
+			recordsSplit := strings.Split(records, "\n")
+			var result []string
+			for _, title := range strings.Split(setting.bgpmapInfo, ",") {
+				if title == "asn" {
+					result = append(result, "AS"+asn)
+				}
+			}
+			for _, title := range strings.Split(setting.bgpmapInfo, ",") {
+				allow_multiline := false
+				if title[0] == ':' && len(title) >= 2 {
+					title = title[1:]
+					allow_multiline = true
+				}
+				for _, line := range recordsSplit {
+					if len(line) == 0 || line[0] == '%' || !strings.Contains(line, ":") {
+						continue
+					}
+					linearr := strings.SplitN(line, ":", 2)
+					line_title := linearr[0]
+					content := strings.TrimSpace(linearr[1])
+					if line_title != title {
+						continue
+					}
+					result = append(result, content)
+					if !allow_multiline {
+						break
+					}
+
+				}
+			}
+			if len(result) > 0 {
+				return strings.Join(result, "\n")
+			}
+		}
+	}
+
+	return ""
+}
+
+func (cache ASNCache) Lookup(asn string) string {
+	cachedValue, cacheOk := cache[asn]
+	if cacheOk {
+		return cachedValue
+	}
+
+	result := cache._lookup(asn)
+	if len(result) == 0 {
+		result = fmt.Sprintf("AS%s", asn)
+	}
+
+	cache[asn] = result
+	return result
+}

frontend/asn_cache_test.go

@@ -0,0 +1,52 @@
+package main
+
+import (
+	"strings"
+	"testing"
+
+	"github.com/magiconair/properties/assert"
+)
+
+func TestGetASNRepresentationDNS(t *testing.T) {
+	checkNetwork(t)
+
+	setting.dnsInterface = "asn.cymru.com"
+	setting.whoisServer = ""
+	cache := make(ASNCache)
+	result := cache.Lookup("6939")
+	if !strings.Contains(result, "HURRICANE") {
+		t.Errorf("Lookup AS6939 failed, got %s", result)
+	}
+}
+
+func TestGetASNRepresentationDNSFallback(t *testing.T) {
+	checkNetwork(t)
+
+	setting.dnsInterface = "invalid.example.com"
+	setting.whoisServer = "whois.arin.net"
+	cache := make(ASNCache)
+	result := cache.Lookup("6939")
+	if !strings.Contains(result, "HURRICANE") {
+		t.Errorf("Lookup AS6939 failed, got %s", result)
+	}
+}
+
+func TestGetASNRepresentationWhois(t *testing.T) {
+	checkNetwork(t)
+
+	setting.dnsInterface = ""
+	setting.whoisServer = "whois.arin.net"
+	cache := make(ASNCache)
+	result := cache.Lookup("6939")
+	if !strings.Contains(result, "HURRICANE") {
+		t.Errorf("Lookup AS6939 failed, got %s", result)
+	}
+}
+
+func TestGetASNRepresentationFallback(t *testing.T) {
+	setting.dnsInterface = ""
+	setting.whoisServer = ""
+	cache := make(ASNCache)
+	result := cache.Lookup("6939")
+	assert.Equal(t, result, "AS6939")
+}

frontend/assets/robots.txt

@@ -0,0 +1,2 @@
+User-agent: *
+Disallow: /

frontend/assets/static/sortTable.js

@@ -0,0 +1,73 @@
+// adapted from https://stackoverflow.com/a/57080195
+
+document.querySelectorAll('table.sortable')
+    .forEach((table)=> {
+        table.querySelectorAll('th')
+            .forEach((element, columnNo) => {
+                element.addEventListener('click', event => {
+                    if(element.classList.contains('ascSorted')) {
+                        dir = -1;
+                        element.classList.remove('ascSorted');
+                        element.classList.add('descSorted');
+                        element.innerText = element.innerText.slice(0,-2) + " ↓";
+                    } else if(element.classList.contains('descSorted')) {
+                        dir = 1;
+                        element.classList.remove('descSorted');
+                        element.classList.add('ascSorted');
+                        element.innerText = element.innerText.slice(0,-2) + " ↑";
+                    } else {
+                        dir = 1;
+                        element.classList.add('ascSorted');
+                        element.innerText += " ↑";
+                    }
+                    sortTable(table, columnNo, 0, dir, 1);
+                });
+            });
+    });
+
+function sortTable(table, priCol, secCol, priDir, secDir) {
+    const tableBody = table.querySelector('tbody');
+    const tableData = table2data(tableBody);
+    tableData.sort((a, b) => {
+        if(a[priCol] === b[priCol]) {
+            if(a[secCol] > b[secCol]) {
+                return secDir;
+            } else {
+                return -secDir;
+            }
+        } else if(a[priCol] > b[priCol]) {
+            return priDir;
+        } else {
+            return -priDir;
+        }
+    });
+    data2table(tableBody, tableData);
+}
+
+function table2data(tableBody) {
+    const tableData = [];
+    tableBody.querySelectorAll('tr')
+        .forEach(row => {
+            const rowData = [];
+            row.querySelectorAll('td')
+                .forEach(cell => {
+                    rowData.push(cell.innerHTML);
+                });
+            rowData.classList = row.classList.toString();
+            tableData.push(rowData);
+        });
+    return tableData;
+}
+
+function data2table(tableBody, tableData) {
+    tableBody.querySelectorAll('tr')
+        .forEach((row, i) => {
+            const rowData = tableData[i];
+            row.classList = rowData.classList;
+            row.querySelectorAll('td')
+                .forEach((cell, j) => {
+                    cell.innerHTML = rowData[j];
+                });
+            tableData.push(rowData);
+        });
+}

frontend/assets/templates/bgpmap.tpl

@@ -0,0 +1,27 @@
+<h2>BGPmap: {{ html .Target }}</h2>
+<div id="bgpmap">
+</div>
+
+<script src="/static/jsdelivr/npm/viz.js@2.1.2/viz.min.js" crossorigin="anonymous"></script>
+<script src="/static/jsdelivr/npm/viz.js@2.1.2/lite.render.js" crossorigin="anonymous"></script>
+<script>
+  function decodeBase64(base64) {
+    const text = atob(base64);
+    const length = text.length;
+    const bytes = new Uint8Array(length);
+    for (let i = 0; i < length; i++) {
+        bytes[i] = text.charCodeAt(i);
+    }
+    const decoder = new TextDecoder();
+    return decoder.decode(bytes);
+  }
+
+  var viz = new Viz();
+  viz.renderSVGElement(decodeBase64({{ .Result }}))
+  .then(element => {
+    document.getElementById("bgpmap").appendChild(element);
+  })
+  .catch(error => {
+    document.getElementById("bgpmap").innerHTML = "<pre>"+error+"</pre>"
+  });
+</script>

frontend/assets/templates/bird.tpl

@@ -0,0 +1,2 @@
+<h2>{{ html .ServerName }}: {{ html .Target }}</h2>
+{{ .Result }}

frontend/assets/templates/page.tpl

@@ -0,0 +1,113 @@
+<!DOCTYPE html>
+<html lang="en-US">
+<head>
+<link rel="icon" href="/favicon.ico" type="image/x-icon" />
+<meta http-equiv="Content-Type" content="text/html;charset=UTF-8">
+<meta http-equiv="X-UA-Compatible" content="IE=edge">
+<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no">
+<meta name="renderer" content="webkit">
+<title>{{ html .Title }}</title>
+<link rel="stylesheet" href="/static/jsdelivr/npm/bootstrap@4.5.1/dist/css/bootstrap.min.css" crossorigin="anonymous">
+<style>
+.navbar-nav {
+	flex-wrap: wrap;
+}
+@media (min-width: 768px) {
+	.navbar form {
+		min-width: 400px;
+	}
+	.nav-link {
+		padding: 0.2rem 0.5rem !important;
+	}
+}
+</style>
+<meta name="robots" content="noindex, nofollow">
+</head>
+<body>
+
+<nav class="navbar navbar-expand-lg navbar-light bg-light">
+	<a class="navbar-brand" href="{{ .BrandURL }}">{{ .Brand }}</a>
+	<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarSupportedContent" aria-controls="navbarSupportedContent" aria-expanded="false" aria-label="Toggle navigation">
+		<span class="navbar-toggler-icon"></span>
+	</button>
+
+	<div class="collapse navbar-collapse" id="navbarSupportedContent">
+		{{ $option := .URLOption }}
+		{{ $server := .URLServer }}
+		{{ $target := .URLCommand }}
+		{{ if .IsWhois }}
+			{{ $option = "summary" }}
+			{{ $server = .AllServersURL }}
+			{{ $target = "" }}
+		{{ end }}
+		<ul class="navbar-nav mr-auto">
+			<li class="nav-item">
+				{{ if eq .AllServersURLCustom "all" }}
+				<a class="nav-link{{ if .AllServersLinkActive }} active{{ end }}"
+					href="/{{ $option }}/{{ .AllServersURL }}/{{ $target }}"> {{ .AllServerTitle }} </a>
+				{{ else }}
+				<a class="nav-link active"
+					href="{{ .AllServersURLCustom }}"> {{ .AllServerTitle }} </a>
+				{{ end }}
+			</li>
+			{{ $length := len .Servers }} 
+			{{ range $k, $v := .Servers }}
+			<li class="nav-item">
+				{{ if gt $length 1 }}
+				<a class="nav-link{{ if eq $server $v }} active{{ end }}"
+					href="/{{ $option }}/{{ $v }}/{{ $target }}">{{ html (index $.ServersDisplay $k) }}</a>
+				{{ else }}
+				<a class="nav-link{{ if eq $server $v }} active{{ end }}"
+					href="/">{{ html (index $.ServersDisplay $k) }}</a>
+				{{ end }}
+			</li>
+			{{ end }}
+		</ul>
+		{{ if .IsWhois }}
+			{{ $target = .WhoisTarget }}
+		{{ end }}
+		<form name="goto" class="form-inline" action="javascript:goto();">
+			<div class="input-group">
+				<select name="action" class="form-control">
+					{{ range $k, $v := .Options }}
+					<option value="{{ html $k }}"{{ if eq $k $.URLOption }} selected{{end}}>{{ html $v }}</option>
+					{{ end }}
+				</select>
+				<input name="server" class="d-none" value="{{ html ($server | pathescape) }}">
+				<input name="target" class="form-control" placeholder="Target" aria-label="Target" value="{{ html $target }}">
+				<div class="input-group-append">
+					<button class="btn btn-outline-success" type="submit">&raquo;</button>
+				</div>
+			</div>
+		</form>
+	</div>
+</nav>
+
+<div class="container">
+	{{ .Content }}
+</div>
+
+<script src="/static/jsdelivr/npm/jquery@3.5.1/dist/jquery.min.js" crossorigin="anonymous"></script>
+<script src="/static/jsdelivr/npm/bootstrap@4.5.1/dist/js/bootstrap.min.js" crossorigin="anonymous"></script>
+<script src="/static/sortTable.js"></script>
+
+<script>
+function goto() {
+	let action = $('[name="action"]').val();
+	let server = $('[name="server"]').val();
+	let target = $('[name="target"]').val();
+	let url = "";
+
+	if (action == "whois") {
+		url = "/" + action + "/" + target;
+	} else if (action == "summary") {
+		url = "/" + action + "/" + server + "/";
+	} else {
+		url = "/" + action + "/" + server + "/" + target;
+	}
+
+	window.location.href = url;
+}
+</script>
+</body>
+</html>

frontend/assets/templates/summary.tpl

@@ -0,0 +1,21 @@
+{{ $ServerName := urlquery .ServerName }}
+
+<table class="table table-striped table-bordered table-sm sortable">
+  <thead>
+{{ range .Header }}
+    <th scope="col">{{ html . }}</th>
+{{ end }}
+  </thead>
+  <tbody>
+{{ range .Rows }}
+    <tr class="table-{{ .MappedState }}">
+      <td><a href="/detail/{{ $ServerName }}/{{ urlquery .Name }}">{{ html .Name }}</a></td>
+      <td>{{ html .Proto }}</td>
+      <td>{{ html .Table }}</td>
+      <td>{{ html .State }}</td>
+      <td>{{ html .Since }}</td>
+      <td>{{ html .Info  }}</td>
+    </tr>
+{{ end }}
+  </tbody>
+</table>

frontend/assets/templates/whois.tpl

@@ -0,0 +1,2 @@
+<h2>whois {{ html .Target }}</h2>
+{{ .Result }}

frontend/bgpmap.go

@@ -1,121 +1,121 @@
 package main
 
 import (
-	"fmt"
-	"net"
+	"regexp"
 	"strings"
 )
 
-func getASNRepresentation(asn string) string {
-	records, err := net.LookupTXT(fmt.Sprintf("AS%s.%s", asn, setting.dnsInterface))
-	if err != nil {
-		// DNS query failed, only use ASN as output
-		return fmt.Sprintf("AS%s", asn)
-	}
+// The protocol name for each route (e.g. "ibgp_sea02") is encoded in the form:
+//
+//	unicast [ibgp_sea02 2021-08-27 from fd86:bad:11b7:1::1] * (100/1015) [i]
+var protocolNameRe = regexp.MustCompile(`\[(.*?) .*\]`)
 
-	result := strings.Join(records, " ")
-	if resultSplit := strings.Split(result, " | "); len(resultSplit) > 1 {
-		result = strings.Join(resultSplit[1:], "\\n")
+// Try to split the output into one chunk for each route.
+// Possible values are defined at https://gitlab.nic.cz/labs/bird/-/blob/v2.0.8/nest/rt-attr.c#L81-87
+var routeSplitRe = regexp.MustCompile("(unicast|blackhole|unreachable|prohibited)")
+
+var routeViaRe = regexp.MustCompile(`(?m)^\t(via .*?)$`)
+var routeASPathRe = regexp.MustCompile(`(?m)^\tBGP\.as_path: (.*?)$`)
+
+func makeEdgeAttrs(preferred bool) RouteAttrs {
+	result := RouteAttrs{
+		"fontsize": "12.0",
 	}
-	return fmt.Sprintf("AS%s\\n%s", asn, result)
+	if preferred {
+		result["color"] = "red"
+	}
+	return result
 }
 
-func birdRouteToGraphviz(servers []string, responses []string, target string) string {
-	graph := make(map[string]string)
-	// Helper to add an edge
-	addEdge := func(src string, dest string, attr string) {
-		key := "\"" + src + "\" -> \"" + dest + "\""
-		_, present := graph[key]
-		// Do not remove edge's attributes if it's already present
-		if present && len(attr) == 0 {
-			return
-		}
-		graph[key] = attr
-	}
-	// Helper to set attribute for a point in graph
-	addPoint := func(name string, attr string) {
-		key := "\"" + name + "\""
-		_, present := graph[key]
-		// Do not remove point's attributes if it's already present
-		if present && len(attr) == 0 {
-			return
-		}
-		graph[key] = attr
+func makePointAttrs(preferred bool) RouteAttrs {
+	result := RouteAttrs{}
+	if preferred {
+		result["color"] = "red"
 	}
+	return result
+}
+
+func birdRouteToGraph(servers []string, responses []string, target string) RouteGraph {
+	graph := makeRouteGraph()
+
+	graph.AddPoint(target, false, RouteAttrs{"color": "red", "shape": "diamond"})
 
-	addPoint("Target: "+target, "[color=red,shape=diamond]")
 	for serverID, server := range servers {
 		response := responses[serverID]
 		if len(response) == 0 {
 			continue
 		}
-		addPoint(server, "[color=blue,shape=box]")
-		// This is the best split point I can find for bird2
-		routes := strings.Split(response, "\tvia ")
-		routeFound := false
-		for routeIndex, route := range routes {
-			var routeNexthop string
-			var routeASPath string
-			var routePreferred bool = routeIndex > 0 && strings.Contains(routes[routeIndex-1], "*")
-			// Have to look at previous slice to determine if route is preferred, due to bad split point selection
+		graph.AddPoint(server, false, RouteAttrs{"color": "blue", "shape": "box"})
+		routes := routeSplitRe.Split(response, -1)
 
-			for _, routeParameter := range strings.Split(route, "\n") {
-				if strings.HasPrefix(routeParameter, "\tBGP.next_hop: ") {
-					routeNexthop = strings.TrimPrefix(routeParameter, "\tBGP.next_hop: ")
-				} else if strings.HasPrefix(routeParameter, "\tBGP.as_path: ") {
-					routeASPath = strings.TrimPrefix(routeParameter, "\tBGP.as_path: ")
-				}
-			}
-			if len(routeASPath) == 0 {
-				// Either this is not a BGP route, or the information is incomplete
+		for routeIndex, route := range routes {
+			if routeIndex == 0 {
 				continue
 			}
 
-			// Connect each node on AS path
-			paths := strings.Split(strings.TrimSpace(routeASPath), " ")
+			var via string
+			var paths []string
+			var routePreferred bool = strings.Contains(route, "*")
+			// Track non-BGP routes in the output by their protocol name, but draw them altogether in one line
+			// so that there are no conflicts in the edge label
+			var protocolName string
 
-			for pathIndex := range paths {
-				paths[pathIndex] = strings.TrimPrefix(paths[pathIndex], "(")
-				paths[pathIndex] = strings.TrimSuffix(paths[pathIndex], ")")
+			if match := routeViaRe.FindStringSubmatch(route); len(match) >= 2 {
+				via = strings.TrimSpace(match[1])
 			}
 
-			// First step starting from originating server
-			if len(paths) > 0 {
-				if len(routeNexthop) > 0 {
-					// Edge from originating server to nexthop
-					addEdge(server, "Nexthop:\\n"+routeNexthop, (map[bool]string{true: "[color=red]"})[routePreferred])
-					// and from nexthop to AS
-					addEdge("Nexthop:\\n"+routeNexthop, getASNRepresentation(paths[0]), (map[bool]string{true: "[color=red]"})[routePreferred])
-					addPoint("Nexthop:\\n"+routeNexthop, "[shape=diamond]")
-					routeFound = true
+			if match := routeASPathRe.FindStringSubmatch(route); len(match) >= 2 {
+				pathString := strings.TrimSpace(match[1])
+				if len(pathString) > 0 {
+					paths = strings.Split(strings.TrimSpace(match[1]), " ")
+					for i := range paths {
+						paths[i] = strings.TrimPrefix(paths[i], "(")
+						paths[i] = strings.TrimSuffix(paths[i], ")")
+					}
+				}
+			}
+
+			if match := protocolNameRe.FindStringSubmatch(route); len(match) >= 2 {
+				protocolName = strings.TrimSpace(match[1])
+				if routePreferred {
+					protocolName = protocolName + "*"
+				}
+			}
+
+			if len(paths) == 0 {
+				graph.AddEdge(server, target, strings.TrimSpace(protocolName+"\n"+via), makeEdgeAttrs(routePreferred))
+				continue
+			}
+
+			// Edges between AS
+			for i := range paths {
+				var src string
+				var label string
+				// Only show nexthop information on the first hop
+				if i == 0 {
+					src = server
+					label = strings.TrimSpace(protocolName + "\n" + via)
 				} else {
-					// Edge from originating server to AS
-					addEdge(server, getASNRepresentation(paths[0]), (map[bool]string{true: "[color=red]"})[routePreferred])
-					routeFound = true
+					src = paths[i-1]
+					label = ""
 				}
+				dst := paths[i]
+
+				graph.AddEdge(src, dst, label, makeEdgeAttrs(routePreferred))
+				// Only set color for next step, origin color is set to blue above
+				graph.AddPoint(dst, true, makePointAttrs(routePreferred))
 			}
 
-			// Following steps, edges between AS
-			for pathIndex := range paths {
-				if pathIndex == 0 {
-					continue
-				}
-				addEdge(getASNRepresentation(paths[pathIndex-1]), getASNRepresentation(paths[pathIndex]), (map[bool]string{true: "[color=red]"})[routePreferred])
-			}
 			// Last AS to destination
-			addEdge(getASNRepresentation(paths[len(paths)-1]), "Target: "+target, (map[bool]string{true: "[color=red]"})[routePreferred])
-		}
-
-		if !routeFound {
-			// Cannot find a path starting from this server
-			addEdge(server, "Target: "+target, "[color=gray,label=\"?\"]")
+			src := paths[len(paths)-1]
+			graph.AddEdge(src, target, "", makeEdgeAttrs(routePreferred))
 		}
 	}
 
-	// Combine all graphviz commands
-	var result string
-	for edge, attr := range graph {
-		result += edge + " " + attr + ";\n"
-	}
-	return "digraph {\n" + result + "}\n"
+	return graph
+}
+
+func birdRouteToGraphviz(servers []string, responses []string, targetName string) string {
+	graph := birdRouteToGraph(servers, responses, targetName)
+	return graph.ToGraphviz()
 }

frontend/bgpmap_graph.go

@@ -0,0 +1,178 @@
+package main
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"strings"
+)
+
+type RouteAttrs map[string]string
+
+type RoutePoint struct {
+	performLookup bool
+	attrs         RouteAttrs
+}
+
+type RouteEdgeKey struct {
+	src  string
+	dest string
+}
+
+type RouteEdgeValue struct {
+	label []string
+	attrs RouteAttrs
+}
+
+type RouteGraph struct {
+	points map[string]RoutePoint
+	edges  map[RouteEdgeKey]RouteEdgeValue
+}
+
+func makeRouteGraph() RouteGraph {
+	return RouteGraph{
+		points: make(map[string]RoutePoint),
+		edges:  make(map[RouteEdgeKey]RouteEdgeValue),
+	}
+}
+
+func makeRoutePoint() RoutePoint {
+	return RoutePoint{
+		performLookup: false,
+		attrs:         make(RouteAttrs),
+	}
+}
+
+func makeRouteEdgeValue() RouteEdgeValue {
+	return RouteEdgeValue{
+		label: []string{},
+		attrs: make(RouteAttrs),
+	}
+}
+
+func (graph *RouteGraph) attrsToString(attrs RouteAttrs) string {
+	if len(attrs) == 0 {
+		return ""
+	}
+
+	result := ""
+	isFirst := true
+	for k, v := range attrs {
+		if isFirst {
+			isFirst = false
+		} else {
+			result += ","
+		}
+		result += graph.escape(k) + "=" + graph.escape(v) + ""
+	}
+
+	return "[" + result + "]"
+}
+
+func (graph *RouteGraph) escape(s string) string {
+	buffer := &bytes.Buffer{}
+	encoder := json.NewEncoder(buffer)
+	encoder.SetEscapeHTML(false)
+	err := encoder.Encode(s)
+
+	if err != nil {
+		return err.Error()
+	} else {
+		return string(buffer.Bytes())
+	}
+}
+
+func (graph *RouteGraph) AddEdge(src string, dest string, label string, attrs RouteAttrs) {
+	// Add edges with same src/dest separately, multiple edges with same src/dest could exist
+	edge := RouteEdgeKey{
+		src:  src,
+		dest: dest,
+	}
+
+	newValue, exists := graph.edges[edge]
+	if !exists {
+		newValue = makeRouteEdgeValue()
+	}
+
+	if len(label) != 0 {
+		newValue.label = append(newValue.label, label)
+	}
+	for k, v := range attrs {
+		newValue.attrs[k] = v
+	}
+
+	graph.edges[edge] = newValue
+}
+
+func (graph *RouteGraph) AddPoint(name string, performLookup bool, attrs RouteAttrs) {
+	newValue, exists := graph.points[name]
+	if !exists {
+		newValue = makeRoutePoint()
+	}
+
+	newValue.performLookup = performLookup
+	for k, v := range attrs {
+		newValue.attrs[k] = v
+	}
+
+	graph.points[name] = newValue
+}
+
+func (graph *RouteGraph) GetEdge(src string, dest string) *RouteEdgeValue {
+	key := RouteEdgeKey{
+		src:  src,
+		dest: dest,
+	}
+	value, ok := graph.edges[key]
+	if ok {
+		return &value
+	} else {
+		return nil
+	}
+}
+
+func (graph *RouteGraph) GetPoint(name string) *RoutePoint {
+	value, ok := graph.points[name]
+	if ok {
+		return &value
+	} else {
+		return nil
+	}
+}
+
+func (graph *RouteGraph) ToGraphviz() string {
+	var result string
+
+	asnCache := make(ASNCache)
+
+	for name, value := range graph.points {
+		var representation string
+
+		if value.performLookup {
+			representation = asnCache.Lookup(name)
+		} else {
+			representation = name
+		}
+
+		attrsCopy := value.attrs
+		if attrsCopy == nil {
+			attrsCopy = make(RouteAttrs)
+		}
+		attrsCopy["label"] = representation
+
+		result += fmt.Sprintf("%s %s;\n", graph.escape(name), graph.attrsToString(value.attrs))
+	}
+
+	for key, value := range graph.edges {
+		attrsCopy := value.attrs
+		if attrsCopy == nil {
+			attrsCopy = make(RouteAttrs)
+		}
+		if len(value.label) > 0 {
+			attrsCopy["label"] = strings.Join(value.label, "\n")
+		}
+		result += fmt.Sprintf("%s -> %s %s;\n", graph.escape(key.src), graph.escape(key.dest), graph.attrsToString(attrsCopy))
+	}
+
+	return "digraph {\n" + result + "}\n"
+}

frontend/bgpmap_test.go

@@ -0,0 +1,84 @@
+package main
+
+import (
+	"io/ioutil"
+	"path"
+	"runtime"
+	"strings"
+	"testing"
+)
+
+func readDataFile(t *testing.T, filename string) string {
+	_, sourceName, _, _ := runtime.Caller(0)
+	projectRoot := path.Join(path.Dir(sourceName), "..")
+	dir := path.Join(projectRoot, filename)
+
+	data, err := ioutil.ReadFile(dir)
+	if err != nil {
+		t.Fatal(err)
+	}
+	return string(data)
+}
+
+func TestBirdRouteToGraphvizXSS(t *testing.T) {
+	setting.dnsInterface = ""
+
+	// Don't change formatting of the following strings!
+
+	fakeResult := `<script>alert("evil!")</script>`
+
+	result := birdRouteToGraphviz([]string{
+		"alpha",
+	}, []string{
+		fakeResult,
+	}, fakeResult)
+
+	if strings.Contains(result, fakeResult) {
+		t.Errorf("XSS injection succeeded: %s", result)
+	}
+}
+
+func TestBirdRouteToGraph(t *testing.T) {
+	setting.dnsInterface = ""
+
+	input := readDataFile(t, "frontend/test_data/bgpmap_case1.txt")
+	result := birdRouteToGraph([]string{"node"}, []string{input}, "target")
+
+	// Source node must exist
+	if result.GetPoint("node") == nil {
+		t.Error("Result doesn't contain point node")
+	}
+	// Last hop must exist
+	if result.GetPoint("4242423914") == nil {
+		t.Error("Result doesn't contain point 4242423914")
+	}
+	// Destination must exist
+	if result.GetPoint("target") == nil {
+		t.Error("Result doesn't contain point target")
+	}
+
+	// Verify that a few paths exist
+	if result.GetEdge("node", "4242423914") == nil {
+		t.Error("Result doesn't contain edge from node to 4242423914")
+	}
+	if result.GetEdge("node", "4242422688") == nil {
+		t.Error("Result doesn't contain edge from node to 4242422688")
+	}
+	if result.GetEdge("4242422688", "4242423914") == nil {
+		t.Error("Result doesn't contain edge from 4242422688 to 4242423914")
+	}
+	if result.GetEdge("4242423914", "target") == nil {
+		t.Error("Result doesn't contain edge from 4242423914 to target")
+	}
+}
+
+func TestBirdRouteToGraphviz(t *testing.T) {
+	setting.dnsInterface = ""
+
+	input := readDataFile(t, "frontend/test_data/bgpmap_case1.txt")
+	result := birdRouteToGraphviz([]string{"node"}, []string{input}, "target")
+
+	if !strings.Contains(result, "digraph {") {
+		t.Error("Response is not Graphviz data")
+	}
+}

frontend/dn42.go

@@ -49,3 +49,53 @@ func dn42WhoisFilter(whois string) string {
 		return commandResult
 	}
 }
+
+/* experimental, behavior may change */
+func shortenWhoisFilter(whois string) string {
+	commandResult := ""
+	commandResultLonger := ""
+	lines := 0
+	linesLonger := 0
+	skippedLines := 0
+	skippedLinesLonger := 0
+
+	for _, s := range strings.Split(whois, "\n") {
+		s = strings.TrimSpace(s)
+
+		shouldSkip := false
+		shouldSkip = shouldSkip || len(s) == 0
+		shouldSkip = shouldSkip || len(s) > 0 && s[0] == '#'
+		shouldSkip = shouldSkip || strings.Contains(strings.ToUpper(s), "REDACTED")
+
+		if shouldSkip {
+			skippedLinesLonger++
+			continue
+		}
+
+		commandResultLonger += s + "\n"
+		linesLonger++
+
+		shouldSkip = shouldSkip || len(s) > 80
+		shouldSkip = shouldSkip || !strings.Contains(s, ":")
+		shouldSkip = shouldSkip || strings.Index(s, ":") > 20
+
+		if shouldSkip {
+			skippedLines++
+			continue
+		}
+
+		commandResult += s + "\n"
+		lines++
+	}
+
+	if lines < 5 {
+		commandResult = commandResultLonger
+		skippedLines = skippedLinesLonger
+	}
+
+	if skippedLines > 0 {
+		return commandResult + fmt.Sprintf("\n%d line(s) skipped.\n", skippedLines)
+	} else {
+		return commandResult
+	}
+}

frontend/dn42_test.go

@@ -0,0 +1,106 @@
+package main
+
+import (
+	"testing"
+)
+
+func TestDN42WhoisFilter(t *testing.T) {
+	input := "name: Testing\ndescr: Description"
+
+	result := dn42WhoisFilter(input)
+
+	expectedResult := `name: Testing
+
+1 line(s) skipped.
+`
+
+	if result != expectedResult {
+		t.Errorf("Output doesn't match expected: %s", result)
+	}
+}
+
+func TestDN42WhoisFilterUnneeded(t *testing.T) {
+	input := "name: Testing\nwhatever: Description"
+
+	result := dn42WhoisFilter(input)
+
+	if result != input+"\n" {
+		t.Errorf("Output doesn't match expected: %s", result)
+	}
+}
+
+func TestShortenWhoisFilterShorterMode(t *testing.T) {
+	input := `
+Information line that will be removed
+
+# Comment that will be removed
+Name: Redacted for privacy
+Descr: This is a vvvvvvvvvvvvvvvvvvvvvvveeeeeeeeeeeeeeeeeeeerrrrrrrrrrrrrrrrrrrrrrrryyyyyyyyyyyyyyyyyyy long line that will be skipped.
+Looooooooooooooooooooooong key: this line will be skipped.
+
+Preserved1: this line isn't removed.
+Preserved2: this line isn't removed.
+Preserved3: this line isn't removed.
+Preserved4: this line isn't removed.
+Preserved5: this line isn't removed.
+
+`
+
+	result := shortenWhoisFilter(input)
+
+	expectedResult := `Preserved1: this line isn't removed.
+Preserved2: this line isn't removed.
+Preserved3: this line isn't removed.
+Preserved4: this line isn't removed.
+Preserved5: this line isn't removed.
+
+3 line(s) skipped.
+`
+
+	if result != expectedResult {
+		t.Errorf("Output doesn't match expected: %s", result)
+	}
+}
+
+func TestShortenWhoisFilterLongerMode(t *testing.T) {
+	input := `
+Information line that will be removed
+
+# Comment that will be removed
+Name: Redacted for privacy
+Descr: This is a vvvvvvvvvvvvvvvvvvvvvvveeeeeeeeeeeeeeeeeeeerrrrrrrrrrrrrrrrrrrrrrrryyyyyyyyyyyyyyyyyyy long line that will be skipped.
+Looooooooooooooooooooooong key: this line will be skipped.
+
+Preserved1: this line isn't removed.
+
+`
+
+	result := shortenWhoisFilter(input)
+
+	expectedResult := `Information line that will be removed
+Descr: This is a vvvvvvvvvvvvvvvvvvvvvvveeeeeeeeeeeeeeeeeeeerrrrrrrrrrrrrrrrrrrrrrrryyyyyyyyyyyyyyyyyyy long line that will be skipped.
+Looooooooooooooooooooooong key: this line will be skipped.
+Preserved1: this line isn't removed.
+
+7 line(s) skipped.
+`
+
+	if result != expectedResult {
+		t.Errorf("Output doesn't match expected: %s", result)
+	}
+}
+
+func TestShortenWhoisFilterSkipNothing(t *testing.T) {
+	input := `Preserved1: this line isn't removed.
+Preserved2: this line isn't removed.
+Preserved3: this line isn't removed.
+Preserved4: this line isn't removed.
+Preserved5: this line isn't removed.
+`
+
+	result := shortenWhoisFilter(input)
+
+	if result != input {
+		t.Errorf("Output doesn't match expected: %s", result)
+	}
+}

frontend/go.mod

@@ -0,0 +1,27 @@
+module github.com/xddxdd/bird-lg-go/frontend
+
+go 1.23.0
+
+require (
+	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510
+	github.com/gorilla/handlers v1.5.2
+	github.com/jarcoal/httpmock v1.4.1
+	github.com/magiconair/properties v1.8.10
+	github.com/spf13/pflag v1.0.10
+	github.com/spf13/viper v1.21.0
+)
+
+require (
+	github.com/felixge/httpsnoop v1.0.4 // indirect
+	github.com/fsnotify/fsnotify v1.9.0 // indirect
+	github.com/go-viper/mapstructure/v2 v2.4.0 // indirect
+	github.com/pelletier/go-toml/v2 v2.2.4 // indirect
+	github.com/sagikazarmark/locafero v0.11.0 // indirect
+	github.com/sourcegraph/conc v0.3.1-0.20240121214520-5f936abd7ae8 // indirect
+	github.com/spf13/afero v1.15.0 // indirect
+	github.com/spf13/cast v1.10.0 // indirect
+	github.com/subosito/gotenv v1.6.0 // indirect
+	go.yaml.in/yaml/v3 v3.0.4 // indirect
+	golang.org/x/sys v0.29.0 // indirect
+	golang.org/x/text v0.28.0 // indirect
+)

frontend/go.sum

@@ -0,0 +1,59 @@
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg=
+github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
+github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8=
+github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0=
+github.com/fsnotify/fsnotify v1.9.0 h1:2Ml+OJNzbYCTzsxtv8vKSFD9PbJjmhYF14k/jKC7S9k=
+github.com/fsnotify/fsnotify v1.9.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0=
+github.com/go-viper/mapstructure/v2 v2.4.0 h1:EBsztssimR/CONLSZZ04E8qAkxNYq4Qp9LvH92wZUgs=
+github.com/go-viper/mapstructure/v2 v2.4.0/go.mod h1:oJDH3BJKyqBA2TXFhDsKDGDTlndYOZ6rGS0BRZIxGhM=
+github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
+github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
+github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4=
+github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ=
+github.com/gorilla/handlers v1.5.2 h1:cLTUSsNkgcwhgRqvCNmdbRWG0A3N4F+M2nWKdScwyEE=
+github.com/gorilla/handlers v1.5.2/go.mod h1:dX+xVpaxdSw+q0Qek8SSsl3dfMk3jNddUkMzo0GtH0w=
+github.com/jarcoal/httpmock v1.4.1 h1:0Ju+VCFuARfFlhVXFc2HxlcQkfB+Xq12/EotHko+x2A=
+github.com/jarcoal/httpmock v1.4.1/go.mod h1:ftW1xULwo+j0R0JJkJIIi7UKigZUXCLLanykgjwBXL0=
+github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
+github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
+github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
+github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
+github.com/magiconair/properties v1.8.10 h1:s31yESBquKXCV9a/ScB3ESkOjUYYv+X0rg8SYxI99mE=
+github.com/magiconair/properties v1.8.10/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0=
+github.com/maxatome/go-testdeep v1.14.0 h1:rRlLv1+kI8eOI3OaBXZwb3O7xY3exRzdW5QyX48g9wI=
+github.com/maxatome/go-testdeep v1.14.0/go.mod h1:lPZc/HAcJMP92l7yI6TRz1aZN5URwUBUAfUNvrclaNM=
+github.com/pelletier/go-toml/v2 v2.2.4 h1:mye9XuhQ6gvn5h28+VilKrrPoQVanw5PMw/TB0t5Ec4=
+github.com/pelletier/go-toml/v2 v2.2.4/go.mod h1:2gIqNv+qfxSVS7cM2xJQKtLSTLUE9V8t9Stt+h56mCY=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8=
+github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs=
+github.com/sagikazarmark/locafero v0.11.0 h1:1iurJgmM9G3PA/I+wWYIOw/5SyBtxapeHDcg+AAIFXc=
+github.com/sagikazarmark/locafero v0.11.0/go.mod h1:nVIGvgyzw595SUSUE6tvCp3YYTeHs15MvlmU87WwIik=
+github.com/sourcegraph/conc v0.3.1-0.20240121214520-5f936abd7ae8 h1:+jumHNA0Wrelhe64i8F6HNlS8pkoyMv5sreGx2Ry5Rw=
+github.com/sourcegraph/conc v0.3.1-0.20240121214520-5f936abd7ae8/go.mod h1:3n1Cwaq1E1/1lhQhtRK2ts/ZwZEhjcQeJQ1RuC6Q/8U=
+github.com/spf13/afero v1.15.0 h1:b/YBCLWAJdFWJTN9cLhiXXcD7mzKn9Dm86dNnfyQw1I=
+github.com/spf13/afero v1.15.0/go.mod h1:NC2ByUVxtQs4b3sIUphxK0NioZnmxgyCrfzeuq8lxMg=
+github.com/spf13/cast v1.10.0 h1:h2x0u2shc1QuLHfxi+cTJvs30+ZAHOGRic8uyGTDWxY=
+github.com/spf13/cast v1.10.0/go.mod h1:jNfB8QC9IA6ZuY2ZjDp0KtFO2LZZlg4S/7bzP6qqeHo=
+github.com/spf13/pflag v1.0.10 h1:4EBh2KAYBwaONj6b2Ye1GiHfwjqyROoF4RwYO+vPwFk=
+github.com/spf13/pflag v1.0.10/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
+github.com/spf13/viper v1.21.0 h1:x5S+0EU27Lbphp4UKm1C+1oQO+rKx36vfCoaVebLFSU=
+github.com/spf13/viper v1.21.0/go.mod h1:P0lhsswPGWD/1lZJ9ny3fYnVqxiegrlNrEmgLjbTCAY=
+github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U=
+github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U=
+github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8=
+github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU=
+go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc=
+go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg=
+golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU=
+golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/text v0.28.0 h1:rhazDwis8INMIwQ4tpjLDzUhx6RlXqZNPEM0huQojng=
+golang.org/x/text v0.28.0/go.mod h1:U8nCwOR8jO/marOQ0QbDiOngZVEBB7MAiitBuMjXiNU=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo=
+gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

frontend/lgproxy.go

@@ -1,10 +1,15 @@
 package main
 
 import (
-	"io/ioutil"
+	"io"
+	"net"
 	"net/http"
 	"net/url"
 	"strconv"
+	"strings"
+	"time"
+
+	"github.com/jarcoal/httpmock"
 )
 
 type channelData struct {
@@ -12,6 +17,29 @@ type channelData struct {
 	data string
 }
 
+func createConnectionTimeoutRoundTripper(timeout int) http.RoundTripper {
+	context := net.Dialer{
+		Timeout: time.Duration(timeout) * time.Second,
+	}
+
+	// Prefer httpmock's transport if activated, so unit tests can work
+	if http.DefaultTransport == httpmock.DefaultTransport {
+		return httpmock.DefaultTransport
+	}
+
+	return &http.Transport{
+		DialContext: context.DialContext,
+
+		// Default options from transport.go
+		Proxy:                 http.ProxyFromEnvironment,
+		ForceAttemptHTTP2:     true,
+		MaxIdleConns:          100,
+		IdleConnTimeout:       90 * time.Second,
+		TLSHandshakeTimeout:   10 * time.Second,
+		ExpectContinueTimeout: 1 * time.Second,
+	}
+}
+
 // Send commands to lgproxy instances in parallel, and retrieve their responses
 func batchRequest(servers []string, endpoint string, command string) []string {
 	// Channel and array for storing responses
@@ -35,15 +63,33 @@ func batchRequest(servers []string, endpoint string, command string) []string {
 			}(i)
 		} else {
 			// Compose URL and send the request
-			url := "http://" + server + "." + setting.domain + ":" + strconv.Itoa(setting.proxyPort) + "/" + url.PathEscape(endpoint) + "?q=" + url.QueryEscape(command)
+			hostname := server
+			hostname = url.PathEscape(hostname)
+			if strings.Contains(hostname, ":") {
+				hostname = "[" + hostname + "]"
+			}
+			if setting.domain != "" {
+				hostname += "." + setting.domain
+			}
+			url := "http://" + hostname + ":" + strconv.Itoa(setting.proxyPort) + "/" + url.PathEscape(endpoint) + "?q=" + url.QueryEscape(command)
 			go func(url string, i int) {
-				response, err := http.Get(url)
+				client := http.Client{
+					Transport: createConnectionTimeoutRoundTripper(setting.connectionTimeOut),
+					Timeout:   time.Duration(setting.timeOut) * time.Second,
+				}
+				response, err := client.Get(url)
 				if err != nil {
 					ch <- channelData{i, "request failed: " + err.Error() + "\n"}
 					return
 				}
-				text, _ := ioutil.ReadAll(response.Body)
-				ch <- channelData{i, string(text)}
+
+				buf := make([]byte, 65536)
+				n, err := io.ReadFull(response.Body, buf)
+				if err != nil && err != io.EOF && err != io.ErrUnexpectedEOF {
+					ch <- channelData{i, "request failed: " + err.Error()}
+				} else {
+					ch <- channelData{i, string(buf[:n])}
+				}
 			}(url, i)
 		}
 	}

frontend/lgproxy_test.go

@@ -0,0 +1,163 @@
+package main
+
+import (
+	"errors"
+	"strings"
+	"testing"
+
+	"github.com/jarcoal/httpmock"
+)
+
+func TestBatchRequestIPv4(t *testing.T) {
+	httpmock.Activate()
+	defer httpmock.DeactivateAndReset()
+
+	httpResponse := httpmock.NewStringResponder(200, "Mock Result")
+	httpmock.RegisterResponder("GET", "http://1.1.1.1:8000/mock?q=cmd", httpResponse)
+	httpmock.RegisterResponder("GET", "http://2.2.2.2:8000/mock?q=cmd", httpResponse)
+	httpmock.RegisterResponder("GET", "http://3.3.3.3:8000/mock?q=cmd", httpResponse)
+
+	setting.servers = []string{
+		"1.1.1.1",
+		"2.2.2.2",
+		"3.3.3.3",
+	}
+	setting.domain = ""
+	setting.proxyPort = 8000
+	response := batchRequest(setting.servers, "mock", "cmd")
+
+	if len(response) != 3 {
+		t.Error("Did not get response of all three mock servers")
+	}
+	for i := 0; i < len(response); i++ {
+		if response[i] != "Mock Result" {
+			t.Error("HTTP response mismatch")
+		}
+	}
+}
+
+func TestBatchRequestIPv6(t *testing.T) {
+	httpmock.Activate()
+	defer httpmock.DeactivateAndReset()
+
+	httpResponse := httpmock.NewStringResponder(200, "Mock Result")
+	httpmock.RegisterResponder("GET", "http://[2001:db8::1]:8000/mock?q=cmd", httpResponse)
+	httpmock.RegisterResponder("GET", "http://[2001:db8::2]:8000/mock?q=cmd", httpResponse)
+	httpmock.RegisterResponder("GET", "http://[2001:db8::3]:8000/mock?q=cmd", httpResponse)
+
+	setting.servers = []string{
+		"2001:db8::1",
+		"2001:db8::2",
+		"2001:db8::3",
+	}
+	setting.domain = ""
+	setting.proxyPort = 8000
+	response := batchRequest(setting.servers, "mock", "cmd")
+
+	if len(response) != 3 {
+		t.Error("Did not get response of all three mock servers")
+	}
+	for i := 0; i < len(response); i++ {
+		if response[i] != "Mock Result" {
+			t.Error("HTTP response mismatch")
+		}
+	}
+}
+
+func TestBatchRequestEmptyResponse(t *testing.T) {
+	httpmock.Activate()
+	defer httpmock.DeactivateAndReset()
+
+	httpResponse := httpmock.NewStringResponder(200, "")
+	httpmock.RegisterResponder("GET", "http://alpha:8000/mock?q=cmd", httpResponse)
+	httpmock.RegisterResponder("GET", "http://beta:8000/mock?q=cmd", httpResponse)
+	httpmock.RegisterResponder("GET", "http://gamma:8000/mock?q=cmd", httpResponse)
+
+	setting.servers = []string{
+		"alpha",
+		"beta",
+		"gamma",
+	}
+	setting.domain = ""
+	setting.proxyPort = 8000
+	response := batchRequest(setting.servers, "mock", "cmd")
+
+	if len(response) != 3 {
+		t.Error("Did not get response of all three mock servers")
+	}
+	for i := 0; i < len(response); i++ {
+		if !strings.Contains(response[i], "node returned empty response") {
+			t.Error("Did not produce error for empty response")
+		}
+	}
+}
+
+func TestBatchRequestDomainSuffix(t *testing.T) {
+	httpmock.Activate()
+	defer httpmock.DeactivateAndReset()
+
+	httpResponse := httpmock.NewStringResponder(200, "Mock Result")
+	httpmock.RegisterResponder("GET", "http://alpha.suffix:8000/mock?q=cmd", httpResponse)
+	httpmock.RegisterResponder("GET", "http://beta.suffix:8000/mock?q=cmd", httpResponse)
+	httpmock.RegisterResponder("GET", "http://gamma.suffix:8000/mock?q=cmd", httpResponse)
+
+	setting.servers = []string{
+		"alpha",
+		"beta",
+		"gamma",
+	}
+	setting.domain = "suffix"
+	setting.proxyPort = 8000
+	response := batchRequest(setting.servers, "mock", "cmd")
+
+	if len(response) != 3 {
+		t.Error("Did not get response of all three mock servers")
+	}
+	for i := 0; i < len(response); i++ {
+		if response[i] != "Mock Result" {
+			t.Error("HTTP response mismatch")
+		}
+	}
+}
+
+func TestBatchRequestHTTPError(t *testing.T) {
+	httpmock.Activate()
+	defer httpmock.DeactivateAndReset()
+
+	httpError := httpmock.NewErrorResponder(errors.New("Oops!"))
+	httpmock.RegisterResponder("GET", "http://alpha:8000/mock?q=cmd", httpError)
+	httpmock.RegisterResponder("GET", "http://beta:8000/mock?q=cmd", httpError)
+	httpmock.RegisterResponder("GET", "http://gamma:8000/mock?q=cmd", httpError)
+
+	setting.servers = []string{
+		"alpha",
+		"beta",
+		"gamma",
+	}
+	setting.domain = ""
+	setting.proxyPort = 8000
+	response := batchRequest(setting.servers, "mock", "cmd")
+
+	if len(response) != 3 {
+		t.Error("Did not get response of all three mock servers")
+	}
+	for i := 0; i < len(response); i++ {
+		if !strings.Contains(response[i], "request failed") {
+			t.Error("Did not produce HTTP error")
+		}
+	}
+}
+
+func TestBatchRequestInvalidServer(t *testing.T) {
+	setting.servers = []string{}
+	setting.domain = ""
+	setting.proxyPort = 8000
+	response := batchRequest([]string{"invalid"}, "mock", "cmd")
+
+	if len(response) != 1 {
+		t.Error("Did not get response of all mock servers")
+	}
+	if !strings.Contains(response[0], "invalid server") {
+		t.Error("Did not produce invalid server error")
+	}
+}

frontend/main.go

@@ -1,97 +1,63 @@
 package main
 
 import (
-	"flag"
+	"net"
 	"os"
-	"strconv"
 	"strings"
 )
 
 type settingType struct {
-	servers         []string
-	domain          string
-	proxyPort       int
-	whoisServer     string
-	listen          string
-	dnsInterface    string
-	netSpecificMode string
-	titleBrand      string
-	navBarBrand     string
+	servers           []string
+	serversDisplay    []string
+	domain            string
+	proxyPort         int
+	whoisServer       string
+	listen            []string
+	dnsInterface      string
+	netSpecificMode   string
+	titleBrand        string
+	navBarBrand       string
+	navBarBrandURL    string
+	navBarAllServer   string
+	navBarAllURL      string
+	bgpmapInfo        string
+	telegramBotName   string
+	protocolFilter    []string
+	nameFilter        string
+	timeOut           int
+	connectionTimeOut int
+	trustProxyHeaders bool
 }
 
 var setting settingType
 
 func main() {
-	var settingDefault = settingType{
-		servers:      []string{""},
-		proxyPort:    8000,
-		whoisServer:  "whois.verisign-grs.com",
-		listen:       ":5000",
-		dnsInterface: "asn.cymru.com",
-		titleBrand:   "Bird-lg Go",
-		navBarBrand:  "Bird-lg Go",
+	parseSettings()
+	ImportTemplates()
+
+	for _, listenAddr := range setting.listen {
+		go func(listenAddr string) {
+			var l net.Listener
+			var err error
+
+			if strings.HasPrefix(listenAddr, "/") {
+				// Delete existing socket file, ignore errors (will fail later anyway)
+				os.Remove(listenAddr)
+				l, err = net.Listen("unix", listenAddr)
+			} else {
+				if !strings.Contains(listenAddr, ":") {
+					listenAddr = ":" + listenAddr
+				}
+				l, err = net.Listen("tcp", listenAddr)
+			}
+
+			if err != nil {
+				panic(err)
+			}
+
+			webServerStart(l)
+		}(listenAddr)
 	}
 
-	if env := os.Getenv("BIRDLG_SERVERS"); env != "" {
-		settingDefault.servers = strings.Split(env, ",")
-	}
-	if env := os.Getenv("BIRDLG_DOMAIN"); env != "" {
-		settingDefault.domain = env
-	}
-	if env := os.Getenv("BIRDLG_PROXY_PORT"); env != "" {
-		var err error
-		if settingDefault.proxyPort, err = strconv.Atoi(env); err != nil {
-			panic(err)
-		}
-	}
-	if env := os.Getenv("BIRDLG_WHOIS"); env != "" {
-		settingDefault.whoisServer = env
-	}
-	if env := os.Getenv("BIRDLG_LISTEN"); env != "" {
-		settingDefault.listen = env
-	}
-	if env := os.Getenv("BIRDLG_DNS_INTERFACE"); env != "" {
-		settingDefault.dnsInterface = env
-	}
-	if env := os.Getenv("BIRDLG_NET_SPECIFIC_MODE"); env != "" {
-		settingDefault.netSpecificMode = env
-	}
-	if env := os.Getenv("BIRDLG_TITLE_BRAND"); env != "" {
-		settingDefault.titleBrand = env
-		settingDefault.navBarBrand = env
-	}
-	if env := os.Getenv("BIRDLG_NAVBAR_BRAND"); env != "" {
-		settingDefault.navBarBrand = env
-	}
-
-	serversPtr := flag.String("servers", strings.Join(settingDefault.servers, ","), "server name prefixes, separated by comma")
-	domainPtr := flag.String("domain", settingDefault.domain, "server name domain suffixes")
-	proxyPortPtr := flag.Int("proxy-port", settingDefault.proxyPort, "port bird-lgproxy is running on")
-	whoisPtr := flag.String("whois", settingDefault.whoisServer, "whois server for queries")
-	listenPtr := flag.String("listen", settingDefault.listen, "address bird-lg is listening on")
-	dnsInterfacePtr := flag.String("dns-interface", settingDefault.dnsInterface, "dns zone to query ASN information")
-	netSpecificModePtr := flag.String("net-specific-mode", settingDefault.netSpecificMode, "network specific operation mode, [(none)|dn42]")
-	titleBrandPtr := flag.String("title-brand", settingDefault.titleBrand, "prefix of page titles in browser tabs")
-	navBarBrandPtr := flag.String("navbar-brand", settingDefault.navBarBrand, "brand to show in the navigation bar")
-	flag.Parse()
-
-	if *serversPtr == "" {
-		panic("no server set")
-	} else if *domainPtr == "" {
-		panic("no base domain set")
-	}
-
-	setting = settingType{
-		strings.Split(*serversPtr, ","),
-		*domainPtr,
-		*proxyPortPtr,
-		*whoisPtr,
-		*listenPtr,
-		*dnsInterfacePtr,
-		strings.ToLower(*netSpecificModePtr),
-		*titleBrandPtr,
-		*navBarBrandPtr,
-	}
-
-	webServerStart()
+	select {}
 }

frontend/network_test.go

@@ -0,0 +1,30 @@
+package main
+
+import (
+	"net"
+	"testing"
+	"time"
+)
+
+const (
+	NETWORK_UNKNOWN = 0
+	NETWORK_DOWN = 1
+	NETWORK_UP = 2
+)
+
+var networkState int = NETWORK_UNKNOWN
+func checkNetwork(t *testing.T) {
+	if networkState == NETWORK_UNKNOWN {
+		conn, err := net.DialTimeout("tcp", "8.8.8.8:53", 1*time.Second)
+		if err != nil {
+			networkState = NETWORK_DOWN
+		} else {
+			networkState = NETWORK_UP
+			conn.Close()
+		}
+	}
+
+	if networkState == NETWORK_DOWN {
+		t.Skipf("Test skipped for network error")
+	}
+}

frontend/render.go

@@ -1,70 +1,92 @@
 package main
 
 import (
+	"bytes"
+	"errors"
+	"fmt"
+	"html/template"
 	"net/http"
 	"regexp"
 	"sort"
 	"strings"
 )
 
-func renderTemplate(w http.ResponseWriter, r *http.Request, title string, content string) {
+// static options map
+var optionsMap = map[string]string{
+	"summary":                          "show protocols",
+	"detail":                           "show protocols all ...",
+	"route_from_protocol":              "show route protocol ...",
+	"route_from_protocol_all":          "show route protocol ... all",
+	"route_from_protocol_all_primary":  "show route protocol ... all primary",
+	"route_filtered_from_protocol":     "show route filtered protocol ...",
+	"route_filtered_from_protocol_all": "show route filtered protocol ... all",
+	"route_from_origin":                "show route where bgp_path.last = ...",
+	"route_from_origin_all":            "show route where bgp_path.last = ... all",
+	"route_from_origin_all_primary":    "show route where bgp_path.last = ... all primary",
+	"route":                            "show route for ...",
+	"route_all":                        "show route for ... all",
+	"route_bgpmap":                     "show route for ... (bgpmap)",
+	"route_where":                      "show route where net ~ [ ... ]",
+	"route_where_all":                  "show route where net ~ [ ... ] all",
+	"route_where_bgpmap":               "show route where net ~ [ ... ] (bgpmap)",
+	"route_generic":                    "show route ...",
+	"generic":                          "show ...",
+	"whois":                            "whois ...",
+	"traceroute":                       "traceroute ...",
+}
+
+// render the page template
+func renderPageTemplate(w http.ResponseWriter, r *http.Request, title string, content template.HTML) {
 	path := r.URL.Path[1:]
-	split := strings.SplitN(path, "/", 4)
+	split := strings.SplitN(path, "/", 3)
 
 	isWhois := strings.ToLower(split[0]) == "whois"
 	whoisTarget := strings.Join(split[1:], "/")
 
 	// Use a default URL if the request URL is too short
-	// The URL is for return to IPv4 summary page
-	if len(split) < 3 {
-		path = "ipv4/summary/" + strings.Join(setting.servers, "+") + "/"
-	} else if len(split) == 3 {
+	// The URL is for return to summary page
+	if len(split) < 2 {
+		path = "summary/" + strings.Join(setting.servers, "+") + "/"
+	} else if len(split) == 2 {
 		path += "/"
 	}
 
-	split = strings.SplitN(path, "/", 4)
+	split = strings.SplitN(path, "/", 3)
 
-	var args tmplArguments
-	args.Options = map[string]string{
-		"summary":            "show protocols",
-		"detail":             "show protocols all",
-		"route":              "show route for ...",
-		"route_all":          "show route for ... all",
-		"route_bgpmap":       "show route for ... (bgpmap)",
-		"route_where":        "show route where net ~ [ ... ]",
-		"route_where_all":    "show route where net ~ [ ... ] all",
-		"route_where_bgpmap": "show route where net ~ [ ... ] (bgpmap)",
-		"route_generic":      "show route ...",
-		"generic":            "show ...",
-		"whois":              "whois ...",
-		"traceroute":         "traceroute ...",
+	args := TemplatePage{
+		Options:              optionsMap,
+		Servers:              setting.servers,
+		ServersDisplay:       setting.serversDisplay,
+		AllServersLinkActive: strings.EqualFold(split[1], strings.Join(setting.servers, "+")),
+		AllServersURL:        strings.Join(setting.servers, "+"),
+		AllServerTitle:       setting.navBarAllServer,
+		AllServersURLCustom:  setting.navBarAllURL,
+		IsWhois:              isWhois,
+		WhoisTarget:          whoisTarget,
+
+		URLOption:  strings.ToLower(split[0]),
+		URLServer:  strings.ToLower(split[1]),
+		URLCommand: split[2],
+		Title:      setting.titleBrand + title,
+		Brand:      setting.navBarBrand,
+		BrandURL:   setting.navBarBrandURL,
+		Content:    content,
 	}
-	args.Servers = setting.servers
-	args.AllServersLinkActive = strings.ToLower(split[2]) == strings.ToLower(strings.Join(setting.servers, "+"))
-	args.AllServersURL = strings.Join(setting.servers, "+")
-	args.IsWhois = isWhois
-	args.WhoisTarget = whoisTarget
-
-	args.URLProto = strings.ToLower(split[0])
-	args.URLOption = strings.ToLower(split[1])
-	args.URLServer = strings.ToLower(split[2])
-	args.URLCommand = split[3]
-
-	args.Title = setting.titleBrand + title
-	args.Brand = setting.navBarBrand
-	args.Content = content
 
+	tmpl := TemplateLibrary["page"]
 	err := tmpl.Execute(w, args)
 	if err != nil {
-		panic(err)
+		fmt.Println("Error rendering page:", err.Error())
 	}
+
 }
 
 // Write the given text to http response, and add whois links for
 // ASNs and IP addresses
-func smartFormatter(s string) string {
+func smartFormatter(s string) template.HTML {
 	var result string
 	result += "<pre>"
+	s = template.HTMLEscapeString(s)
 	for _, line := range strings.Split(s, "\n") {
 		var lineFormatted string
 		if strings.HasPrefix(strings.TrimSpace(line), "BGP.as_path:") || strings.HasPrefix(strings.TrimSpace(line), "Neighbor AS:") || strings.HasPrefix(strings.TrimSpace(line), "Local AS:") {
@@ -78,94 +100,77 @@ func smartFormatter(s string) string {
 		result += lineFormatted + "\n"
 	}
 	result += "</pre>"
-	return result
+	return template.HTML(result)
 }
 
-type summaryTableArguments struct {
-	Headers []string
-	Lines   [][]string
+// Parse bird show protocols result
+func summaryParse(data string, serverName string) (TemplateSummary, error) {
+	args := TemplateSummary{
+		ServerName: serverName,
+		Raw:        data,
+	}
+
+	lines := strings.Split(strings.TrimSpace(data), "\n")
+	if len(lines) <= 1 {
+		// Likely backend returned an error message
+		return args, errors.New(strings.TrimSpace(data))
+	}
+
+	// extract the table header
+	for _, col := range strings.Split(lines[0], " ") {
+		colTrimmed := strings.TrimSpace(col)
+		if len(colTrimmed) == 0 {
+			continue
+		}
+		args.Header = append(args.Header, col)
+	}
+
+	// Build regexp for nameFilter
+	nameFilterRegexp := regexp.MustCompile(setting.nameFilter)
+
+	// sort the remaining rows
+	rows := lines[1:]
+	sort.Strings(rows)
+
+	// parse each line
+	for _, line := range rows {
+		row := SummaryRowDataFromLine(line)
+		if row == nil {
+			continue
+		}
+
+		// Filter row name
+		if setting.nameFilter != "" && nameFilterRegexp.MatchString(row.Name) {
+			continue
+		}
+
+		// Filter away unwanted protocol types, if setting.protocolFilter is non-empty
+		if len(setting.protocolFilter) > 0 && !row.ProtocolMatches(setting.protocolFilter) {
+			continue
+		}
+
+		// add to the result
+		args.Rows = append(args.Rows, *row)
+	}
+
+	return args, nil
 }
 
 // Output a table for the summary page
-func summaryTable(isIPv6 bool, data string, serverName string) string {
-	var result string
+func summaryTable(data string, serverName string) template.HTML {
+	result, err := summaryParse(data, serverName)
 
-	// Sort the table, excluding title row
-	stringsSplitted := strings.Split(strings.TrimSpace(data), "\n")
-	if len(stringsSplitted) <= 1 {
-		// Likely backend returned an error message
-		result = "<pre>" + strings.TrimSpace(data) + "</pre>"
-	} else {
-		// Draw the table head
-		result += `<table class="table table-striped table-bordered table-sm">`
-		result += `<thead>`
-		for _, col := range strings.Split(stringsSplitted[0], " ") {
-			colTrimmed := strings.TrimSpace(col)
-			if len(colTrimmed) == 0 {
-				continue
-			}
-			result += `<th scope="col">` + colTrimmed + `</th>`
-		}
-		result += `</thead><tbody>`
-
-		stringsWithoutTitle := stringsSplitted[1:]
-		sort.Strings(stringsWithoutTitle)
-
-		for _, line := range stringsWithoutTitle {
-			// Ignore empty lines
-			line = strings.TrimSpace(line)
-			if len(line) == 0 {
-				continue
-			}
-
-			// Parse a total of 6 columns from bird summary
-			lineSplitted := regexp.MustCompile(`(\w+)(\s+)(\w+)(\s+)([\w-]+)(\s+)(\w+)(\s+)([0-9\-\. :]+)(.*)`).FindStringSubmatch(line)
-			if lineSplitted == nil {
-				continue
-			}
-
-			var row [6]string
-			if len(lineSplitted) >= 2 {
-				row[0] = strings.TrimSpace(lineSplitted[1])
-			}
-			if len(lineSplitted) >= 4 {
-				row[1] = strings.TrimSpace(lineSplitted[3])
-			}
-			if len(lineSplitted) >= 6 {
-				row[2] = strings.TrimSpace(lineSplitted[5])
-			}
-			if len(lineSplitted) >= 8 {
-				row[3] = strings.TrimSpace(lineSplitted[7])
-			}
-			if len(lineSplitted) >= 10 {
-				row[4] = strings.TrimSpace(lineSplitted[9])
-			}
-			if len(lineSplitted) >= 11 {
-				row[5] = strings.TrimSpace(lineSplitted[10])
-			}
-
-			// Draw the row in red if the link isn't up
-			result += `<tr class="` + (map[string]string{
-				"up":      "table-success",
-				"down":    "table-secondary",
-				"start":   "table-danger",
-				"passive": "table-info",
-			})[row[3]] + `">`
-			// Add link to detail for first column
-			if isIPv6 {
-				result += `<td><a href="/ipv6/detail/` + serverName + `/` + row[0] + `">` + row[0] + `</a></td>`
-			} else {
-				result += `<td><a href="/ipv4/detail/` + serverName + `/` + row[0] + `">` + row[0] + `</a></td>`
-			}
-			// Draw the other cells
-			for i := 1; i < 6; i++ {
-				result += "<td>" + row[i] + "</td>"
-			}
-			result += "</tr>"
-		}
-		result += "</tbody></table>"
-		result += "<!--" + data + "-->"
+	if err != nil {
+		return template.HTML("<pre>" + template.HTMLEscapeString(err.Error()) + "</pre>")
 	}
 
-	return result
+	// render the summary template
+	tmpl := TemplateLibrary["summary"]
+	var buffer bytes.Buffer
+	err = tmpl.Execute(&buffer, result)
+	if err != nil {
+		fmt.Println("Error rendering summary:", err.Error())
+	}
+
+	return template.HTML(buffer.String())
 }

frontend/render_test.go

@@ -0,0 +1,157 @@
+package main
+
+import (
+	"html/template"
+	"io/ioutil"
+	"net/http/httptest"
+	"strings"
+	"testing"
+)
+
+const BirdSummaryData = `Name       Proto      Table      State  Since         Info
+static1    Static     master4    up     2021-08-27
+static2    Static     master6    up     2021-08-27
+device1    Device     ---        up     2021-08-27
+kernel1    Kernel     master6    up     2021-08-27
+kernel2    Kernel     master4    up     2021-08-27
+direct1    Direct     ---        up     2021-08-27
+int_babel  Babel      ---        up     2021-08-27
+`
+
+func initSettings() {
+	setting.servers = []string{"alpha"}
+	setting.serversDisplay = []string{"alpha"}
+	setting.titleBrand = "Bird-lg Go"
+	setting.navBarBrand = "Bird-lg Go"
+
+	ImportTemplates()
+}
+
+func TestRenderPageTemplate(t *testing.T) {
+	initSettings()
+
+	title := "Test Title"
+	content := "Test Content"
+
+	r := httptest.NewRequest("GET", "/route/alpha/192.168.0.1/", nil)
+	w := httptest.NewRecorder()
+	renderPageTemplate(w, r, title, template.HTML(content))
+
+	resultBytes, _ := ioutil.ReadAll(w.Result().Body)
+	result := string(resultBytes)
+
+	if !strings.Contains(result, title) {
+		t.Error("Title not found in output")
+	}
+	if !strings.Contains(result, content) {
+		t.Error("Content not found in output")
+	}
+}
+
+func TestRenderPageTemplateXSS(t *testing.T) {
+	initSettings()
+
+	evil := "<script>alert('evil');</script>"
+
+	r := httptest.NewRequest("GET", "/whois/"+evil, nil)
+	w := httptest.NewRecorder()
+
+	// renderPageTemplate doesn't escape content, filter is done beforehand
+	renderPageTemplate(w, r, evil, "Test Content")
+
+	resultBytes, _ := ioutil.ReadAll(w.Result().Body)
+	result := string(resultBytes)
+
+	if strings.Contains(result, evil) {
+		t.Errorf("XSS injection succeeded: %s", result)
+	}
+}
+
+// https://github.com/xddxdd/bird-lg-go/issues/57
+func TestRenderPageTemplateXSS_2(t *testing.T) {
+	initSettings()
+
+	evil := "<script>alert('evil');</script>"
+
+	r := httptest.NewRequest("GET", "/generic/dummy_server/"+evil, nil)
+	w := httptest.NewRecorder()
+
+	// renderPageTemplate doesn't escape content, filter is done beforehand
+	renderPageTemplate(w, r, evil, "Test Content")
+
+	resultBytes, _ := ioutil.ReadAll(w.Result().Body)
+	result := string(resultBytes)
+
+	if strings.Contains(result, evil) {
+		t.Errorf("XSS injection succeeded: %s", result)
+	}
+}
+
+func TestSmartFormatterXSS(t *testing.T) {
+	evil := "<script>alert('evil');</script>"
+	result := string(smartFormatter(evil))
+
+	if strings.Contains(result, evil) {
+		t.Errorf("XSS injection succeeded: %s", result)
+	}
+}
+
+func TestSummaryTableXSS(t *testing.T) {
+	evil := "<script>alert('evil');</script>"
+	evilData := `Name       Proto      Table      State  Since         Info
+` + evil + ` ` + evil + `       ---        up     2021-01-04 17:21:44  ` + evil
+
+	result := string(summaryTable(evilData, evil))
+
+	if strings.Contains(result, evil) {
+		t.Errorf("XSS injection succeeded: %s", result)
+	}
+}
+
+func TestSummaryTableProtocolFilter(t *testing.T) {
+	initSettings()
+	setting.protocolFilter = []string{"Static", "Direct", "Babel"}
+
+	result := string(summaryTable(BirdSummaryData, "testserver"))
+	expectedInclude := []string{"static1", "static2", "int_babel", "direct1"}
+	expectedExclude := []string{"device1", "kernel1", "kernel2"}
+
+	for _, item := range expectedInclude {
+		if !strings.Contains(result, item) {
+			t.Errorf("Did not find expected %s in summary table output", result)
+		}
+	}
+	for _, item := range expectedExclude {
+		if strings.Contains(result, item) {
+			t.Errorf("Found unexpected %s in summary table output", result)
+		}
+	}
+
+	t.Cleanup(func() {
+		setting.protocolFilter = []string{}
+	})
+}
+
+func TestSummaryTableNameFilter(t *testing.T) {
+	initSettings()
+	setting.nameFilter = "^static"
+
+	result := string(summaryTable(BirdSummaryData, "testserver"))
+	expectedInclude := []string{"device1", "kernel1", "kernel2", "direct1", "int_babel"}
+	expectedExclude := []string{"static1", "static2"}
+
+	for _, item := range expectedInclude {
+		if !strings.Contains(result, item) {
+			t.Errorf("Did not find expected %s in summary table output", result)
+		}
+	}
+	for _, item := range expectedExclude {
+		if strings.Contains(result, item) {
+			t.Errorf("Found unexpected %s in summary table output", result)
+		}
+	}
+
+	t.Cleanup(func() {
+		setting.nameFilter = ""
+	})
+}

frontend/settings.go

@@ -0,0 +1,154 @@
+package main
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/spf13/pflag"
+	"github.com/spf13/viper"
+)
+
+type viperSettingType struct {
+	Servers           string   `mapstructure:"servers"`
+	Domain            string   `mapstructure:"domain"`
+	ProxyPort         int      `mapstructure:"proxy_port"`
+	WhoisServer       string   `mapstructure:"whois"`
+	Listen            []string `mapstructure:"listen"`
+	DNSInterface      string   `mapstructure:"dns_interface"`
+	NetSpecificMode   string   `mapstructure:"net_specific_mode"`
+	TitleBrand        string   `mapstructure:"title_brand"`
+	NavBarBrand       string   `mapstructure:"navbar_brand"`
+	NavBarBrandURL    string   `mapstructure:"navbar_brand_url"`
+	NavBarAllServer   string   `mapstructure:"navbar_all_servers"`
+	NavBarAllURL      string   `mapstructure:"navbar_all_url"`
+	BgpmapInfo        string   `mapstructure:"bgpmap_info"`
+	TelegramBotName   string   `mapstructure:"telegram_bot_name"`
+	ProtocolFilter    string   `mapstructure:"protocol_filter"`
+	NameFilter        string   `mapstructure:"name_filter"`
+	TimeOut           int      `mapstructure:"timeout"`
+	ConnectionTimeOut int      `mapstructure:"connection_timeout"`
+	TrustProxyHeaders bool     `mapstructure:"trust_proxy_headers"`
+}
+
+// Parse settings with viper, and convert to legacy setting format
+func parseSettings() {
+	viper.AddConfigPath(".")
+	viper.AddConfigPath("/etc/bird-lg")
+	viper.SetConfigName("bird-lg")
+	viper.AllowEmptyEnv(true)
+	viper.AutomaticEnv()
+	viper.SetEnvPrefix("birdlg")
+	viper.SetEnvKeyReplacer(strings.NewReplacer("-", "_", ".", "_"))
+
+	pflag.String("servers", "", "server name prefixes, separated by comma")
+	viper.BindPFlag("servers", pflag.Lookup("servers"))
+
+	pflag.String("domain", "", "server name domain suffixes")
+	viper.BindPFlag("domain", pflag.Lookup("domain"))
+
+	pflag.Int("proxy-port", 8000, "port bird-lgproxy is running on")
+	viper.BindPFlag("proxy_port", pflag.Lookup("proxy-port"))
+
+	pflag.String("whois", "whois.verisign-grs.com", "whois server for queries")
+	viper.BindPFlag("whois", pflag.Lookup("whois"))
+
+	pflag.StringSlice("listen", []string{"5000"}, "address or unix socket bird-lg is listening on")
+	viper.BindPFlag("listen", pflag.Lookup("listen"))
+
+	pflag.String("dns-interface", "asn.cymru.com", "dns zone to query ASN information")
+	viper.BindPFlag("dns_interface", pflag.Lookup("dns-interface"))
+
+	pflag.String("net-specific-mode", "", "network specific operation mode, [(none)|dn42]")
+	viper.BindPFlag("net_specific-mode", pflag.Lookup("net-specific-mode"))
+
+	pflag.String("title-brand", "Bird-lg Go", "prefix of page titles in browser tabs")
+	viper.BindPFlag("title_brand", pflag.Lookup("title-brand"))
+
+	pflag.String("navbar-brand", "", "brand to show in the navigation bar")
+	viper.BindPFlag("navbar_brand", pflag.Lookup("navbar-brand"))
+
+	pflag.String("navbar-brand-url", "/", "the url of the brand to show in the navigation bar")
+	viper.BindPFlag("navbar_brand_url", pflag.Lookup("navbar-brand-url"))
+
+	pflag.String("navbar-all-servers", "All Servers", "the text of \"All servers\" button in the navigation bar")
+	viper.BindPFlag("navbar_all_servers", pflag.Lookup("navbar-all-servers"))
+
+	pflag.String("navbar-all-url", "all", "the URL of \"All servers\" button")
+	viper.BindPFlag("navbar_all_url", pflag.Lookup("navbar-all-url"))
+
+	pflag.String("bgpmap-info", "asn,as-name,ASName,descr", "the infos displayed in bgpmap, separated by comma, start with \":\" means allow multiline")
+	viper.BindPFlag("bgpmap_info", pflag.Lookup("bgpmap-info"))
+
+	pflag.String("telegram-bot-name", "", "telegram bot name (used to filter @bot commands)")
+	viper.BindPFlag("telegram_bot_name", pflag.Lookup("telegram-bot-name"))
+
+	pflag.String("protocol-filter", "",
+		"protocol types to show in summary tables (comma separated list); defaults to all if not set")
+	viper.BindPFlag("protocol_filter", pflag.Lookup("protocol-filter"))
+
+	pflag.String("name-filter", "", "protocol name regex to hide in summary tables (RE2 syntax); defaults to none if not set")
+	viper.BindPFlag("name_filter", pflag.Lookup("name-filter"))
+
+	pflag.Int("time-out", 120, "time before backend HTTP request times out, in seconds; defaults to 120 if not set")
+	viper.BindPFlag("timeout", pflag.Lookup("time-out"))
+
+	pflag.Int("connection-time-out", 5, "time before backend TCP connection times out, in seconds; defaults to 5 if not set")
+	viper.BindPFlag("connection_timeout", pflag.Lookup("connection-time-out"))
+
+	pflag.Bool("trust-proxy-headers", false, "Trust X-Forwared-For, X-Real-IP, X-Forwarded-Proto, X-Forwarded-Scheme and X-Forwarded-Host sent by the client")
+	viper.BindPFlag("trust_proxy_headers", pflag.Lookup("trust-proxy-headers"))
+
+	pflag.Parse()
+
+	if err := viper.ReadInConfig(); err != nil {
+		println("Warning on reading config: " + err.Error())
+	}
+
+	viperSettings := viperSettingType{}
+	if err := viper.Unmarshal(&viperSettings); err != nil {
+		panic(err)
+	}
+
+	setting.servers = strings.Split(viperSettings.Servers, ",")
+	setting.serversDisplay = strings.Split(viperSettings.Servers, ",")
+	// Split server names of the form "DisplayName<Hostname>"
+	for i, server := range setting.servers {
+		pos := strings.Index(server, "<")
+		if pos != -1 {
+			setting.serversDisplay[i] = server[0:pos]
+			setting.servers[i] = server[pos+1 : len(server)-1]
+		}
+	}
+
+	setting.domain = viperSettings.Domain
+	setting.proxyPort = viperSettings.ProxyPort
+	setting.whoisServer = viperSettings.WhoisServer
+	setting.listen = viperSettings.Listen
+	setting.dnsInterface = viperSettings.DNSInterface
+	setting.netSpecificMode = viperSettings.NetSpecificMode
+	setting.titleBrand = viperSettings.TitleBrand
+
+	setting.navBarBrand = viperSettings.NavBarBrand
+	if setting.navBarBrand == "" {
+		setting.navBarBrand = setting.titleBrand
+	}
+
+	setting.navBarBrandURL = viperSettings.NavBarBrandURL
+	setting.navBarAllServer = viperSettings.NavBarAllServer
+	setting.navBarAllURL = viperSettings.NavBarAllURL
+	setting.bgpmapInfo = viperSettings.BgpmapInfo
+	setting.telegramBotName = viperSettings.TelegramBotName
+
+	if viperSettings.ProtocolFilter != "" {
+		setting.protocolFilter = strings.Split(viperSettings.ProtocolFilter, ",")
+	} else {
+		setting.protocolFilter = []string{}
+	}
+
+	setting.nameFilter = viperSettings.NameFilter
+	setting.timeOut = viperSettings.TimeOut
+	setting.connectionTimeOut = viperSettings.ConnectionTimeOut
+	setting.trustProxyHeaders = viperSettings.TrustProxyHeaders
+
+	fmt.Printf("%#v\n", setting)
+}

frontend/settings_test.go

@@ -0,0 +1,8 @@
+package main
+
+import "testing"
+
+func TestParseSettings(t *testing.T) {
+	parseSettings()
+	// Good as long as it doesn't panic
+}

frontend/telegram_bot.go

@@ -31,7 +31,8 @@ type tgWebhookResponse struct {
 
 func telegramIsCommand(message string, command string) bool {
 	b := false
-	b = b || strings.HasPrefix(message, "/"+command+"@")
+	b = b || strings.HasPrefix(message, "/"+command+"@"+setting.telegramBotName+" ")
+	b = b || message == "/"+command+"@"+setting.telegramBotName
 	b = b || strings.HasPrefix(message, "/"+command+" ")
 	b = b || message == "/"+command
 	return b
@@ -87,17 +88,13 @@ func webHandlerTelegramBot(w http.ResponseWriter, r *http.Request) {
 	commandResult := ""
 
 	// - traceroute
-	if telegramIsCommand(request.Message.Text, "trace") || telegramIsCommand(request.Message.Text, "trace4") {
+	if telegramIsCommand(request.Message.Text, "trace") {
 		commandResult = telegramBatchRequestFormat(servers, "traceroute", target, telegramDefaultPostProcess)
-	} else if telegramIsCommand(request.Message.Text, "trace6") {
-		commandResult = telegramBatchRequestFormat(servers, "traceroute6", target, telegramDefaultPostProcess)
 
-	} else if telegramIsCommand(request.Message.Text, "route") || telegramIsCommand(request.Message.Text, "route4") {
+	} else if telegramIsCommand(request.Message.Text, "route") {
 		commandResult = telegramBatchRequestFormat(servers, "bird", "show route for "+target+" primary", telegramDefaultPostProcess)
-	} else if telegramIsCommand(request.Message.Text, "route6") {
-		commandResult = telegramBatchRequestFormat(servers, "bird6", "show route for "+target+" primary", telegramDefaultPostProcess)
 
-	} else if telegramIsCommand(request.Message.Text, "path") || telegramIsCommand(request.Message.Text, "path4") {
+	} else if telegramIsCommand(request.Message.Text, "path") {
 		commandResult = telegramBatchRequestFormat(servers, "bird", "show route for "+target+" all primary", func(result string) string {
 			for _, s := range strings.Split(result, "\n") {
 				if strings.Contains(s, "BGP.as_path: ") {
@@ -106,18 +103,9 @@ func webHandlerTelegramBot(w http.ResponseWriter, r *http.Request) {
 			}
 			return ""
 		})
-	} else if telegramIsCommand(request.Message.Text, "path6") {
-		commandResult = telegramBatchRequestFormat(servers, "bird6", "show route for "+target+" all primary", func(result string) string {
-			for _, s := range strings.Split(result, "\n") {
-				if strings.Contains(s, "BGP.as_path: ") {
-					return strings.TrimSpace(strings.Split(s, ":")[1])
-				}
-			}
-			return ""
-		})
 
 	} else if telegramIsCommand(request.Message.Text, "whois") {
-		if setting.netSpecificMode == "dn42" {
+		if setting.netSpecificMode == "dn42" || setting.netSpecificMode == "dn42_generic" {
 			targetNumber, err := strconv.ParseUint(target, 10, 64)
 			if err == nil {
 				if targetNumber < 10000 {
@@ -131,15 +119,17 @@ func webHandlerTelegramBot(w http.ResponseWriter, r *http.Request) {
 		tempResult := whois(target)
 		if setting.netSpecificMode == "dn42" {
 			commandResult = dn42WhoisFilter(tempResult)
+		} else if setting.netSpecificMode == "dn42_shorten" || setting.netSpecificMode == "shorten" {
+			commandResult = shortenWhoisFilter(tempResult)
 		} else {
 			commandResult = tempResult
 		}
 
 	} else if telegramIsCommand(request.Message.Text, "help") {
 		commandResult = `
-/[path|path6] <IP>
-/[route|route6] <IP>
-/[trace|trace6] <IP>
+/path <IP>
+/route <IP>
+/trace <IP>
 /whois <Target>
 		`
 	} else {
@@ -151,6 +141,10 @@ func webHandlerTelegramBot(w http.ResponseWriter, r *http.Request) {
 		commandResult = "empty result"
 	}
 
+	if len(commandResult) > 4096 {
+		commandResult = commandResult[0:4096]
+	}
+
 	// Create a JSON response
 	w.Header().Add("Content-Type", "application/json")
 	response := &tgWebhookResponse{

frontend/telegram_bot_test.go

@@ -0,0 +1,367 @@
+package main
+
+import (
+	"bytes"
+	"encoding/json"
+	"net/http"
+	"net/http/httptest"
+	"net/url"
+	"strings"
+	"testing"
+
+	"github.com/jarcoal/httpmock"
+	"github.com/magiconair/properties/assert"
+)
+
+func doTestTelegramIsCommand(t *testing.T, message string, command string, expected bool) {
+	result := telegramIsCommand(message, command)
+	assert.Equal(t, result, expected)
+}
+
+func mockTelegramCall(t *testing.T, msg string, raw bool) string {
+	return mockTelegramEndpointCall(t, "/telegram/", msg, raw)
+}
+
+func mockTelegramEndpointCall(t *testing.T, endpoint string, msg string, raw bool) string {
+	request := tgWebhookRequest{
+		Message: tgMessage{
+			MessageID: 123,
+			Chat: tgChat{
+				ID: 456,
+			},
+			Text: msg,
+		},
+	}
+	requestJson, err := json.Marshal(request)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	requestBody := bytes.NewReader(requestJson)
+
+	r := httptest.NewRequest(http.MethodGet, endpoint, requestBody)
+	w := httptest.NewRecorder()
+	webHandlerTelegramBot(w, r)
+
+	if raw {
+		return w.Body.String()
+	} else {
+		var response tgWebhookResponse
+		if err := json.Unmarshal(w.Body.Bytes(), &response); err != nil {
+			t.Error(err)
+		}
+
+		assert.Equal(t, response.ChatID, request.Message.Chat.ID)
+		assert.Equal(t, response.ReplyToMessageID, request.Message.MessageID)
+		return response.Text
+	}
+}
+
+func TestTelegramIsCommand(t *testing.T) {
+	setting.telegramBotName = "test_bot"
+
+	// Recognize command
+	doTestTelegramIsCommand(t, "/trace", "trace", true)
+	doTestTelegramIsCommand(t, "/trace", "trace1234", false)
+	doTestTelegramIsCommand(t, "/trace", "tra", false)
+	doTestTelegramIsCommand(t, "/trace", "abcdefg", false)
+
+	// Recognize command with parameters
+	doTestTelegramIsCommand(t, "/trace google.com", "trace", true)
+	doTestTelegramIsCommand(t, "/trace google.com", "trace1234", false)
+	doTestTelegramIsCommand(t, "/trace google.com", "tra", false)
+	doTestTelegramIsCommand(t, "/trace google.com", "abcdefg", false)
+
+	// Recognize command with bot name
+	doTestTelegramIsCommand(t, "/trace@test_bot", "trace", true)
+	doTestTelegramIsCommand(t, "/trace@test_bot", "trace1234", false)
+	doTestTelegramIsCommand(t, "/trace@test_bot", "tra", false)
+	doTestTelegramIsCommand(t, "/trace@test_bot", "abcdefg", false)
+	doTestTelegramIsCommand(t, "/trace@test_bot_123", "trace", false)
+	doTestTelegramIsCommand(t, "/trace@test_", "trace", false)
+
+	// Recognize command with bot name and parameters
+	doTestTelegramIsCommand(t, "/trace@test_bot google.com", "trace", true)
+	doTestTelegramIsCommand(t, "/trace@test_bot google.com", "trace1234", false)
+	doTestTelegramIsCommand(t, "/trace@test_bot google.com", "tra", false)
+	doTestTelegramIsCommand(t, "/trace@test_bot google.com", "abcdefg", false)
+	doTestTelegramIsCommand(t, "/trace@test_bot_123 google.com", "trace", false)
+	doTestTelegramIsCommand(t, "/trace@test google.com", "trace", false)
+}
+
+func TestTelegramBatchRequestFormatSingleServer(t *testing.T) {
+	httpmock.Activate()
+	defer httpmock.DeactivateAndReset()
+
+	httpResponse := httpmock.NewStringResponder(200, "Mock")
+	httpmock.RegisterResponder("GET", "http://alpha:8000/mock?q=cmd", httpResponse)
+
+	setting.servers = []string{"alpha"}
+	setting.domain = ""
+	setting.proxyPort = 8000
+
+	result := telegramBatchRequestFormat(setting.servers, "mock", "cmd", telegramDefaultPostProcess)
+	expected := "Mock\n\n"
+	assert.Equal(t, result, expected)
+}
+
+func TestTelegramBatchRequestFormatMultipleServers(t *testing.T) {
+	httpmock.Activate()
+	defer httpmock.DeactivateAndReset()
+
+	httpResponse := httpmock.NewStringResponder(200, "Mock")
+	httpmock.RegisterResponder("GET", "http://alpha:8000/mock?q=cmd", httpResponse)
+	httpmock.RegisterResponder("GET", "http://beta:8000/mock?q=cmd", httpResponse)
+	httpmock.RegisterResponder("GET", "http://gamma:8000/mock?q=cmd", httpResponse)
+
+	setting.servers = []string{
+		"alpha",
+		"beta",
+		"gamma",
+	}
+	setting.domain = ""
+	setting.proxyPort = 8000
+
+	result := telegramBatchRequestFormat(setting.servers, "mock", "cmd", telegramDefaultPostProcess)
+	expected := "alpha\nMock\n\nbeta\nMock\n\ngamma\nMock\n\n"
+	assert.Equal(t, result, expected)
+}
+
+func TestWebHandlerTelegramBotBadJSON(t *testing.T) {
+	requestBody := strings.NewReader("{bad json}")
+
+	r := httptest.NewRequest(http.MethodGet, "/telegram/", requestBody)
+	w := httptest.NewRecorder()
+	webHandlerTelegramBot(w, r)
+
+	response := w.Body.String()
+	assert.Equal(t, response, "")
+}
+
+func TestWebHandlerTelegramBotTrace(t *testing.T) {
+	httpmock.Activate()
+	defer httpmock.DeactivateAndReset()
+
+	httpResponse := httpmock.NewStringResponder(200, "Mock Response")
+	httpmock.RegisterResponder("GET", "http://alpha:8000/traceroute?q=1.1.1.1", httpResponse)
+
+	setting.servers = []string{"alpha"}
+	setting.domain = ""
+	setting.proxyPort = 8000
+
+	response := mockTelegramCall(t, "/trace 1.1.1.1", false)
+	assert.Equal(t, response, "```\nMock Response\n```")
+}
+
+func TestWebHandlerTelegramBotTraceWithServerList(t *testing.T) {
+	httpmock.Activate()
+	defer httpmock.DeactivateAndReset()
+
+	httpResponse := httpmock.NewStringResponder(200, "Mock Response")
+	httpmock.RegisterResponder("GET", "http://alpha:8000/traceroute?q=1.1.1.1", httpResponse)
+
+	setting.servers = []string{"alpha"}
+	setting.domain = ""
+	setting.proxyPort = 8000
+
+	response := mockTelegramEndpointCall(t, "/telegram/alpha", "/trace 1.1.1.1", false)
+	assert.Equal(t, response, "```\nMock Response\n```")
+}
+
+func TestWebHandlerTelegramBotRoute(t *testing.T) {
+	httpmock.Activate()
+	defer httpmock.DeactivateAndReset()
+
+	httpResponse := httpmock.NewStringResponder(200, "Mock Response")
+	httpmock.RegisterResponder("GET", "http://alpha:8000/bird?q="+url.QueryEscape("show route for 1.1.1.1 primary"), httpResponse)
+
+	setting.servers = []string{"alpha"}
+	setting.domain = ""
+	setting.proxyPort = 8000
+
+	response := mockTelegramCall(t, "/route 1.1.1.1", false)
+	assert.Equal(t, response, "```\nMock Response\n```")
+}
+
+func TestWebHandlerTelegramBotPath(t *testing.T) {
+	httpmock.Activate()
+	defer httpmock.DeactivateAndReset()
+
+	httpResponse := httpmock.NewStringResponder(200, `
+BGP.as_path: 123 456
+`)
+	httpmock.RegisterResponder("GET", "http://alpha:8000/bird?q="+url.QueryEscape("show route for 1.1.1.1 all primary"), httpResponse)
+
+	setting.servers = []string{"alpha"}
+	setting.domain = ""
+	setting.proxyPort = 8000
+
+	response := mockTelegramCall(t, "/path 1.1.1.1", false)
+	assert.Equal(t, response, "```\n123 456\n```")
+}
+
+func TestWebHandlerTelegramBotPathMissing(t *testing.T) {
+	httpmock.Activate()
+	defer httpmock.DeactivateAndReset()
+
+	httpResponse := httpmock.NewStringResponder(200, "No path in this response")
+	httpmock.RegisterResponder("GET", "http://alpha:8000/bird?q="+url.QueryEscape("show route for 1.1.1.1 all primary"), httpResponse)
+
+	setting.servers = []string{"alpha"}
+	setting.domain = ""
+	setting.proxyPort = 8000
+
+	response := mockTelegramCall(t, "/path 1.1.1.1", false)
+	assert.Equal(t, response, "```\nempty result\n```")
+}
+
+func TestWebHandlerTelegramBotWhois(t *testing.T) {
+	server := WhoisServer{
+		t:             t,
+		expectedQuery: "AS6939",
+		response:      AS6939Response,
+	}
+
+	server.Listen()
+	go server.Run()
+	defer server.Close()
+
+	setting.netSpecificMode = ""
+	setting.whoisServer = server.server.Addr().String()
+
+	response := mockTelegramCall(t, "/whois AS6939", false)
+	assert.Equal(t, response, "```"+server.response+"```")
+}
+
+func TestWebHandlerTelegramBotWhoisDN42Mode(t *testing.T) {
+	server := WhoisServer{
+		t:             t,
+		expectedQuery: "AS4242422547",
+		response: `
+Query for AS4242422547
+`,
+	}
+
+	server.Listen()
+	go server.Run()
+	defer server.Close()
+
+	setting.netSpecificMode = "dn42"
+	setting.whoisServer = server.server.Addr().String()
+
+	response := mockTelegramCall(t, "/whois 2547", false)
+	assert.Equal(t, response, "```"+server.response+"```")
+}
+
+func TestWebHandlerTelegramBotWhoisDN42ModeFullASN(t *testing.T) {
+	server := WhoisServer{
+		t:             t,
+		expectedQuery: "AS4242422547",
+		response: `
+Query for AS4242422547
+`,
+	}
+
+	server.Listen()
+	go server.Run()
+	defer server.Close()
+
+	setting.netSpecificMode = "dn42"
+	setting.whoisServer = server.server.Addr().String()
+
+	response := mockTelegramCall(t, "/whois 4242422547", false)
+	assert.Equal(t, response, "```"+server.response+"```")
+}
+
+func TestWebHandlerTelegramBotWhoisShortenMode(t *testing.T) {
+	server := WhoisServer{
+		t:             t,
+		expectedQuery: "AS6939",
+		response: `
+Information line that will be removed
+
+# Comment that will be removed
+Name: Redacted for privacy
+Descr: This is a vvvvvvvvvvvvvvvvvvvvvvveeeeeeeeeeeeeeeeeeeerrrrrrrrrrrrrrrrrrrrrrrryyyyyyyyyyyyyyyyyyy long line that will be skipped.
+Looooooooooooooooooooooong key: this line will be skipped.
+
+Preserved1: this line isn't removed.
+Preserved2: this line isn't removed.
+Preserved3: this line isn't removed.
+Preserved4: this line isn't removed.
+Preserved5: this line isn't removed.
+
+`,
+	}
+
+	expectedResult := `Preserved1: this line isn't removed.
+Preserved2: this line isn't removed.
+Preserved3: this line isn't removed.
+Preserved4: this line isn't removed.
+Preserved5: this line isn't removed.
+
+3 line(s) skipped.`
+
+	server.Listen()
+	go server.Run()
+	defer server.Close()
+
+	setting.netSpecificMode = "shorten"
+	setting.whoisServer = server.server.Addr().String()
+
+	response := mockTelegramCall(t, "/whois AS6939", false)
+	assert.Equal(t, response, "```\n"+expectedResult+"\n```")
+}
+
+func TestWebHandlerTelegramBotHelp(t *testing.T) {
+	response := mockTelegramCall(t, "/help", false)
+	if !strings.Contains(response, "/trace") {
+		t.Error("Did not get help message")
+	}
+}
+
+func TestWebHandlerTelegramBotUnknownCommand(t *testing.T) {
+	response := mockTelegramCall(t, "/nonexistent", true)
+	assert.Equal(t, response, "")
+}
+
+func TestWebHandlerTelegramBotNotCommand(t *testing.T) {
+	response := mockTelegramCall(t, "random chat message", true)
+	assert.Equal(t, response, "")
+}
+
+func TestWebHandlerTelegramBotEmptyResponse(t *testing.T) {
+	server := WhoisServer{
+		t:             t,
+		expectedQuery: "AS6939",
+		response:      "",
+	}
+
+	server.Listen()
+	go server.Run()
+	defer server.Close()
+
+	setting.netSpecificMode = ""
+	setting.whoisServer = server.server.Addr().String()
+
+	response := mockTelegramCall(t, "/whois AS6939", false)
+	assert.Equal(t, response, "```\nempty result\n```")
+}
+
+func TestWebHandlerTelegramBotTruncateLongResponse(t *testing.T) {
+	server := WhoisServer{
+		t:             t,
+		expectedQuery: "AS6939",
+		response:      strings.Repeat("A", 65536),
+	}
+
+	server.Listen()
+	go server.Run()
+	defer server.Close()
+
+	setting.netSpecificMode = ""
+	setting.whoisServer = server.server.Addr().String()
+
+	response := mockTelegramCall(t, "/whois AS6939", false)
+	assert.Equal(t, response, "```\n"+strings.Repeat("A", 4096)+"\n```")
+}

frontend/template.go

@@ -1,97 +1,183 @@
 package main
 
 import (
-	"text/template"
+	"embed"
+	"html/template"
+	"net/url"
+	"regexp"
+	"strings"
 )
 
-type tmplArguments struct {
+// import templates and other assets
+//
+//go:embed assets
+var assets embed.FS
+
+const TEMPLATE_PATH = "assets/templates/"
+
+// template argument structures
+
+// page
+type TemplatePage struct {
 	// Global options
-	Options map[string]string
-	Servers []string
+	Options        map[string]string
+	Servers        []string
+	ServersDisplay []string
 
 	// Parameters related to current request
 	AllServersLinkActive bool
+	AllServerTitle       string
 	AllServersURL        string
+	AllServersURLCustom  string
 
 	// Whois specific handling (for its unique URL)
 	IsWhois     bool
 	WhoisTarget string
 
-	URLProto   string
 	URLOption  string
 	URLServer  string
 	URLCommand string
 
 	// Generated content to be displayed
-	Title   string
-	Brand   string
-	Content string
+	Title    string
+	Brand    string
+	BrandURL string
+	Content  template.HTML
 }
 
-var tmpl = template.Must(template.New("tmpl").Parse(`
-<!DOCTYPE html>
-<html lang="en-US">
-<head>
-<meta http-equiv="Content-Type" content="text/html;charset=UTF-8">
-<meta http-equiv="X-UA-Compatible" content="IE=edge">
-<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no">
-<meta name="renderer" content="webkit">
-<title>{{ .Title }}</title>
-<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap@4.5.1/dist/css/bootstrap.min.css" integrity="sha256-VoFZSlmyTXsegReQCNmbXrS4hBBUl/cexZvPmPWoJsY=" crossorigin="anonymous">
-<meta name="robots" content="noindex, nofollow">
-</head>
-<body>
+// summary
+type SummaryRowData struct {
+	Name        string `json:"name"`
+	Proto       string `json:"proto"`
+	Table       string `json:"table"`
+	State       string `json:"state"`
+	MappedState string `json:"-"`
+	Since       string `json:"since"`
+	Info        string `json:"info"`
+}
 
-<nav class="navbar navbar-expand-lg navbar-light bg-light">
-	<a class="navbar-brand" href="/">{{ .Brand }}</a>
-	<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarSupportedContent" aria-controls="navbarSupportedContent" aria-expanded="false" aria-label="Toggle navigation">
-		<span class="navbar-toggler-icon"></span>
-	</button>
+// utility functions to allow filtering of results in the template
 
-	<div class="collapse navbar-collapse" id="navbarSupportedContent">
-		<ul class="navbar-nav mr-auto">
-			<li class="nav-item"><a class="nav-link{{ if eq "ipv4" .URLProto }} active{{ end }}" href="/ipv4/{{ .URLOption }}/{{ .URLServer }}/{{ .URLCommand }}"> IPv4 </a></li>
-			<li class="nav-item"><a class="nav-link{{ if eq "ipv6" .URLProto }} active{{ end }}" href="/ipv6/{{ .URLOption }}/{{ .URLServer }}/{{ .URLCommand }}"> IPv6 </a></li>
-			<span class="navbar-text">|</span>
-			<li class="nav-item">
-				<a class="nav-link{{ if .AllServersLinkActive }} active{{ end }}" href="/{{ .URLProto }}/{{ .URLOption }}/{{ .AllServersURL }}/{{ .URLCommand }}"> All Servers </a>
-			</li>
-			{{ range $k, $v := .Servers }}
-			<li class="nav-item">
-				<a class="nav-link{{ if eq $.URLServer $v }} active{{ end }}" href="/{{ $.URLProto }}/{{ $.URLOption }}/{{ $v }}/{{ $.URLCommand }}">{{ $v }}</a>
-			</li>
-			{{ end }}
-		</ul>
-		{{ $option := .URLOption }}
-		{{ $target := .URLCommand }}
-		{{ if .IsWhois }}
-			{{ $option = "whois" }}
-			{{ $target = .WhoisTarget }}
-		{{ end }}
-		<form class="form-inline" action="/redir" method="GET">
-			<div class="input-group">
-				<select name="action" class="form-control">
-					{{ range $k, $v := .Options }}
-					<option value="{{ $k }}"{{ if eq $k $option }} selected{{end}}>{{ $v }}</option>
-					{{ end }}
-				</select>
-				<input name="proto" class="d-none" value="{{ .URLProto }}">
-				<input name="server" class="d-none" value="{{ .URLServer }}">
-				<input name="target" class="form-control" placeholder="Target" aria-label="Target" value="{{ $target }}">
-				<div class="input-group-append">
-					<button class="btn btn-outline-success" type="submit">&raquo;</button>
-				</div>
-			</div>
-		</form>
-	</div>
-</nav>
+func (r SummaryRowData) NameHasPrefix(prefix string) bool {
+	return strings.HasPrefix(r.Name, prefix)
+}
 
-<div class="container">
-	{{ .Content }}
-</div>
+func (r SummaryRowData) NameContains(prefix string) bool {
+	return strings.Contains(r.Name, prefix)
+}
 
-<script src="https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js" integrity="sha256-9/aliU8dGd2tb6OSsuzixeV4y/faTqgFtohetphbbj0=" crossorigin="anonymous"></script>
-<script src="https://cdn.jsdelivr.net/npm/bootstrap@4.5.1/dist/js/bootstrap.min.js" integrity="sha256-0IiaoZCI++9oAAvmCb5Y0r93XkuhvJpRalZLffQXLok=" crossorigin="anonymous"></script>
-</body>
-</html>
-`))
+func (r SummaryRowData) ProtocolMatches(protocols []string) bool {
+	for _, protocol := range protocols {
+		if strings.EqualFold(r.Proto, protocol) {
+			return true
+		}
+	}
+	return false
+}
+
+// pre-compiled regexp and constant statemap for summary rendering
+var splitSummaryLine = regexp.MustCompile(`^([\w-]+)\s+(\w+)\s+([\w-]+)\s+(\w+)\s+([0-9\-\. :]+)(.*)$`)
+var summaryStateMap = map[string]string{
+	"up":      "success",
+	"down":    "secondary",
+	"start":   "danger",
+	"passive": "info",
+}
+
+func SummaryRowDataFromLine(line string) *SummaryRowData {
+	lineSplitted := splitSummaryLine.FindStringSubmatch(line)
+	if lineSplitted == nil {
+		return nil
+	}
+
+	var row SummaryRowData
+	row.Name = strings.TrimSpace(lineSplitted[1])
+	row.Proto = strings.TrimSpace(lineSplitted[2])
+	row.Table = strings.TrimSpace(lineSplitted[3])
+	row.State = strings.TrimSpace(lineSplitted[4])
+	row.Since = strings.TrimSpace(lineSplitted[5])
+	row.Info = strings.TrimSpace(lineSplitted[6])
+
+	if strings.Contains(row.Info, "Passive") {
+		row.MappedState = summaryStateMap["passive"]
+	} else {
+		row.MappedState = summaryStateMap[row.State]
+	}
+
+	return &row
+}
+
+type TemplateSummary struct {
+	ServerName string
+	Raw        string
+	Header     []string
+	Rows       []SummaryRowData
+}
+
+// whois
+type TemplateWhois struct {
+	Target string
+	Result template.HTML
+}
+
+// bgpmap
+type TemplateBGPmap struct {
+	Servers []string
+	Target  string
+	Result  string
+}
+
+// bird
+type TemplateBird struct {
+	ServerName string
+	Target     string
+	Result     template.HTML
+}
+
+// global variable to hold the templates
+
+var TemplateLibrary map[string]*template.Template
+
+// list of required templates
+
+var requiredTemplates = [...]string{
+	"page",
+	"summary",
+	"whois",
+	"bgpmap",
+	"bird",
+}
+
+// define functions to be made available in templates
+
+var funcMap = template.FuncMap{
+	"pathescape": url.PathEscape,
+}
+
+// import templates from embedded assets
+
+func ImportTemplates() {
+
+	// create a new (blank) initial template
+	TemplateLibrary = make(map[string]*template.Template)
+
+	// for each template that is needed
+	for _, tmpl := range requiredTemplates {
+
+		// extract the template definition from the embedded assets
+		def, err := assets.ReadFile(TEMPLATE_PATH + tmpl + ".tpl")
+		if err != nil {
+			panic("Unable to read template (" + TEMPLATE_PATH + tmpl + ": " + err.Error())
+		}
+
+		// and add it to the template library
+		template, err := template.New(tmpl).Funcs(funcMap).Parse(string(def))
+		if err != nil {
+			panic("Unable to parse template (" + TEMPLATE_PATH + tmpl + ": " + err.Error())
+		}
+
+		// store in the library
+		TemplateLibrary[tmpl] = template
+	}
+
+}

frontend/template_test.go

@@ -0,0 +1,89 @@
+package main
+
+import (
+	"testing"
+
+	"github.com/magiconair/properties/assert"
+)
+
+func TestSummaryRowDataNameHasPrefix(t *testing.T) {
+	data := SummaryRowData{
+		Name: "mock",
+	}
+
+	assert.Equal(t, data.NameHasPrefix("m"), true)
+	assert.Equal(t, data.NameHasPrefix("n"), false)
+}
+
+func TestSummaryRowDataNameContains(t *testing.T) {
+	data := SummaryRowData{
+		Name: "mock",
+	}
+
+	assert.Equal(t, data.NameContains("oc"), true)
+	assert.Equal(t, data.NameContains("no"), false)
+}
+
+func TestSummaryRowDataFromLine(t *testing.T) {
+	data := SummaryRowDataFromLine("sys_device Device     ---        up     2025-06-27 21:23:08")
+
+	assert.Equal(t, data.Name, "sys_device")
+	assert.Equal(t, data.Proto, "Device")
+	assert.Equal(t, data.Table, "---")
+	assert.Equal(t, data.State, "up")
+	assert.Equal(t, data.Since, "2025-06-27 21:23:08")
+}
+
+func TestSummaryRowDataFromLineNumeric(t *testing.T) {
+	data := SummaryRowDataFromLine("12345 Device     ---        up     2025-06-27 21:23:08")
+
+	assert.Equal(t, data.Name, "12345")
+	assert.Equal(t, data.Proto, "Device")
+	assert.Equal(t, data.Table, "---")
+	assert.Equal(t, data.State, "up")
+	assert.Equal(t, data.Since, "2025-06-27 21:23:08")
+}
+
+func TestSummaryRowDataFromLinePipe(t *testing.T) {
+	data := SummaryRowDataFromLine("pipe Pipe       ---        up     2025-06-27 21:23:08  master4 <=> pipe_v4")
+
+	assert.Equal(t, data.Name, "pipe")
+	assert.Equal(t, data.Proto, "Pipe")
+	assert.Equal(t, data.Table, "---")
+	assert.Equal(t, data.State, "up")
+	assert.Equal(t, data.Since, "2025-06-27 21:23:08")
+	assert.Equal(t, data.Info, "master4 <=> pipe_v4")
+}
+
+func TestSummaryRowDataFromLineBGP(t *testing.T) {
+	data := SummaryRowDataFromLine("bgp BGP        ---        up     2025-06-30 20:45:33  Established")
+
+	assert.Equal(t, data.Name, "bgp")
+	assert.Equal(t, data.Proto, "BGP")
+	assert.Equal(t, data.Table, "---")
+	assert.Equal(t, data.State, "up")
+	assert.Equal(t, data.Since, "2025-06-30 20:45:33")
+	assert.Equal(t, data.Info, "Established")
+}
+
+func TestSummaryRowDataFromLineBGPPassive(t *testing.T) {
+	data := SummaryRowDataFromLine("passive   BGP        ---        start  2025-06-27 21:23:08  Passive")
+
+	assert.Equal(t, data.Name, "passive")
+	assert.Equal(t, data.Proto, "BGP")
+	assert.Equal(t, data.Table, "---")
+	assert.Equal(t, data.State, "start")
+	assert.Equal(t, data.Since, "2025-06-27 21:23:08")
+	assert.Equal(t, data.Info, "Passive")
+}
+
+func TestSummaryRowDataFromLineWithDash(t *testing.T) {
+	data := SummaryRowDataFromLine("ibgp_test-01 BGP        ---        up     07:16:51.656  Established")
+
+	assert.Equal(t, data.Name, "ibgp_test-01")
+	assert.Equal(t, data.Proto, "BGP")
+	assert.Equal(t, data.Table, "---")
+	assert.Equal(t, data.State, "up")
+	assert.Equal(t, data.Since, "07:16:51.656")
+	assert.Equal(t, data.Info, "Established")
+}

frontend/test_data/bgpmap_case1.txt

@@ -0,0 +1,151 @@
+Table master4:
+172.20.0.53/32       unicast [ibgp_sjc2 2023-04-29 from fd86:bad:11b7:22::1] * (100/38) [AS4242423914i]
+	via 169.254.108.122 on igp-sjc2
+	Type: BGP univ
+	BGP.origin: IGP
+	BGP.as_path: 4242423914
+	BGP.next_hop: 172.20.229.122
+	BGP.med: 50
+	BGP.local_pref: 100
+	BGP.community: (64511,1) (64511,24) (64511,34)
+	BGP.large_community: (4242421080, 101, 44) (4242421080, 103, 122) (4242421080, 104, 1)
+                     unicast [miaotony_2688 2023-04-29 from fe80::2688] (100) [AS4242423914i]
+	via 172.23.6.6 on dn42las-miaoton
+	Type: BGP univ
+	BGP.origin: IGP
+	BGP.as_path: 4242422688 4242423914
+	BGP.next_hop: 172.23.6.6
+	BGP.med: 50
+	BGP.local_pref: 100
+	BGP.community: (64511,3) (64511,24) (64511,34)
+	BGP.large_community: (4242421080, 104, 1) (4242421080, 101, 44) (4242421080, 103, 126)
+                     unicast [imlonghao_1888 2023-04-17] (100) [AS4242423914i]
+	via fe80::1888 on dn42-imlonghao
+	Type: BGP univ
+	BGP.origin: IGP
+	BGP.as_path: 4242421888 4242423914
+	BGP.next_hop: :: fe80::1888
+	BGP.med: 50
+	BGP.local_pref: 100
+	BGP.community: (64511,1) (64511,24) (64511,34)
+	BGP.large_community: (4242421080, 104, 1) (4242421080, 101, 44) (4242421080, 103, 126)
+                     unicast [ciplc_3021 2023-04-29 from fe80::943e] (100) [AS4242423914i]
+	via 172.23.33.161 on dn42-ciplc
+	Type: BGP univ
+	BGP.origin: IGP
+	BGP.as_path: 4242423021 4242423914
+	BGP.next_hop: 172.23.33.161
+	BGP.med: 50
+	BGP.local_pref: 100
+	BGP.community: (64511,1) (64511,24) (64511,34)
+	BGP.large_community: (4242421080, 104, 1) (4242421080, 101, 44) (4242421080, 103, 126)
+                     unicast [iedon_2189 2023-04-29 from fe80::2189:ef] (100) [AS4242423914i]
+	via 172.23.91.114 on dn42-iedon
+	Type: BGP univ
+	BGP.origin: IGP
+	BGP.as_path: 4242422189 4242423914
+	BGP.next_hop: 172.23.91.114
+	BGP.med: 65
+	BGP.local_pref: 100
+	BGP.community: (64511,24) (64511,33) (64511,3)
+	BGP.large_community: (4242422189, 1, 4) (4242421080, 104, 1) (4242421080, 101, 44) (4242421080, 103, 126)
+                     unicast [prevarinite_2475 2023-04-19] (100) [AS4242423914i]
+	via fe80::7072:6576:6172:1 on dn42-prevarinit
+	Type: BGP univ
+	BGP.origin: IGP
+	BGP.as_path: 4242422475 4242423192 4242423914
+	BGP.next_hop: :: fe80::7072:6576:6172:1
+	BGP.med: 50
+	BGP.local_pref: 100
+	BGP.community: (64511,1) (64511,24) (64511,34)
+	BGP.large_community: (4242421080, 104, 1) (4242421080, 101, 44) (4242421080, 103, 126)
+                     unicast [lare_3035 2023-04-29] (100) [AS4242423914i]
+	via fe80::3035:132 on dn42-lare
+	Type: BGP univ
+	BGP.origin: IGP
+	BGP.as_path: 4242423035 4242423914
+	BGP.next_hop: :: fe80::3035:132
+	BGP.med: 50
+	BGP.local_pref: 100
+	BGP.community: (64511,3) (64511,34) (64511,24)
+	BGP.large_community: (4242421080, 104, 1) (4242421080, 101, 44) (4242421080, 103, 126)
+                     unicast [hinata_3724 2023-04-29 from fe80::3724] (100) [AS4242423914i]
+	via 172.23.215.228 on dn42las-hinata
+	Type: BGP univ
+	BGP.origin: IGP
+	BGP.as_path: 4242423724 4201271111 4242423914
+	BGP.next_hop: 172.23.215.228
+	BGP.med: 70
+	BGP.local_pref: 100
+	BGP.community: (64511,22) (64511,1) (64511,34)
+	BGP.large_community: (4242421080, 104, 1) (4242421080, 101, 44) (4242421080, 103, 126)
+                     unicast [liki4_0927 2023-04-21] (100) [AS4242423914i]
+	via fe80::927 on dn42-liki4
+	Type: BGP univ
+	BGP.origin: IGP
+	BGP.as_path: 4242420927 4242421888 4242423914
+	BGP.next_hop: :: fe80::927
+	BGP.med: 50
+	BGP.local_pref: 100
+	BGP.community: (64511,2) (64511,24) (64511,34)
+	BGP.large_community: (4242421080, 104, 1) (4242421080, 101, 44) (4242421080, 103, 126)
+                     unicast [eastbound_2633 2023-04-29 from fe80::2633] (100) [AS4242423914i]
+	via 172.23.250.42 on dn42las-eastbnd
+	Type: BGP univ
+	BGP.origin: IGP
+	BGP.as_path: 4242422633 4242423914
+	BGP.next_hop: 172.23.250.42
+	BGP.med: 50
+	BGP.local_pref: 100
+	BGP.community: (64511,24) (64511,34) (64511,3)
+	BGP.large_community: (4242422633, 101, 44) (4242422633, 103, 36) (4242421080, 104, 1) (4242421080, 101, 44) (4242421080, 103, 126)
+                     unicast [yura_2464 2023-04-29] (100) [AS4242423914i]
+	via fe80::2464 on dn42las-yura
+	Type: BGP univ
+	BGP.origin: IGP
+	BGP.as_path: 4242422464 4242423914
+	BGP.next_hop: :: fe80::2464
+	BGP.med: 50
+	BGP.local_pref: 100
+	BGP.community: (64511,1) (64511,24) (64511,34)
+	BGP.large_community: (4242422464, 2, 4242423914) (4242422464, 64511, 44) (4242422464, 64511, 1840) (4242421080, 104, 1) (4242421080, 101, 44) (4242421080, 103, 126)
+                     unicast [ibgp_fra 2023-04-29 from fd86:bad:11b7:117::1] (100/186) [AS4242423914i]
+	via 169.254.108.113 on igp-chi
+	Type: BGP univ
+	BGP.origin: IGP
+	BGP.as_path: 4242423914
+	BGP.next_hop: 172.20.229.117
+	BGP.med: 50
+	BGP.local_pref: 100
+	BGP.community: (64511,1) (64511,24) (64511,34)
+	BGP.large_community: (4242421080, 101, 41) (4242421080, 103, 117) (4242421080, 104, 3)
+                     unicast [ibgp_sgp 2023-04-29 from fd86:bad:11b7:239::1] (100/200) [AS4242423914i]
+	via 169.254.108.39 on igp-sgp
+	Type: BGP univ
+	BGP.origin: IGP
+	BGP.as_path: 4242423914
+	BGP.next_hop: 172.22.108.39
+	BGP.med: 50
+	BGP.local_pref: 100
+	BGP.community: (64511,4) (64511,24) (64511,34)
+	BGP.large_community: (4242421080, 101, 51) (4242421080, 103, 39) (4242421080, 104, 4)
+                     unicast [ibgp_ymq 2023-04-30 from fd86:bad:11b7:23::1] (100/105) [AS4242423914i]
+	via 169.254.108.113 on igp-chi
+	Type: BGP univ
+	BGP.origin: IGP
+	BGP.as_path: 4242423914
+	BGP.next_hop: 172.20.229.123
+	BGP.med: 50
+	BGP.local_pref: 100
+	BGP.community: (64511,3) (64511,24) (64511,34)
+	BGP.large_community: (4242421080, 101, 42) (4242421080, 103, 123) (4242421080, 104, 2)
+                     unicast [cola_3391 18:41:16.608 from fe80::3391] (100) [AS4242423914i]
+	via 172.22.96.65 on dn42-cola
+	Type: BGP univ
+	BGP.origin: IGP
+	BGP.as_path: 4242423391 4242420604 4242423914
+	BGP.next_hop: 172.22.96.65
+	BGP.med: 50
+	BGP.local_pref: 100
+	BGP.community: (64511,4) (64511,34) (64511,24)
+	BGP.large_community: (4242420604, 2, 50) (4242420604, 501, 4242423914) (4242420604, 502, 44) (4242420604, 504, 4) (4242421080, 104, 1) (4242421080, 101, 44) (4242421080, 103, 126)

frontend/webserver.go

@@ -1,47 +1,93 @@
 package main
 
 import (
+	"bytes"
+	"encoding/base64"
 	"fmt"
 	"html"
+	"html/template"
+	"io/fs"
+	"net"
 	"net/http"
+	"net/url"
 	"os"
 	"strings"
+	"sync/atomic"
 
 	"github.com/gorilla/handlers"
 )
 
-func webHandlerWhois(w http.ResponseWriter, r *http.Request) {
-	var target string = r.URL.Path[len("/whois/"):]
+var primitiveMap = map[string]string{
+	"summary":                          "show protocols",
+	"detail":                           "show protocols all '%s'",
+	"route_from_protocol":              "show route protocol '%s'",
+	"route_from_protocol_all":          "show route protocol '%s' all",
+	"route_from_protocol_primary":      "show route protocol '%s' primary",
+	"route_from_protocol_all_primary":  "show route protocol '%s' all primary",
+	"route_filtered_from_protocol":     "show route filtered protocol '%s'",
+	"route_filtered_from_protocol_all": "show route filtered protocol '%s' all",
+	"route_from_origin":                "show route where bgp_path.last = %s",
+	"route_from_origin_all":            "show route where bgp_path.last = %s all",
+	"route_from_origin_primary":        "show route where bgp_path.last = %s primary",
+	"route_from_origin_all_primary":    "show route where bgp_path.last = %s all primary",
+	"route":                            "show route for %s",
+	"route_all":                        "show route for %s all",
+	"route_where":                      "show route where net ~ [ %s ]",
+	"route_where_all":                  "show route where net ~ [ %s ] all",
+	"route_generic":                    "show route %s",
+	"generic":                          "show %s",
+	"whois":                            "%s",
+	"traceroute":                       "%s",
+}
 
-	renderTemplate(
+var webServerPrepared uint32 = 0
+
+// serve up a generic error
+func serverError(w http.ResponseWriter, _ *http.Request) {
+	w.WriteHeader(http.StatusInternalServerError)
+	w.Write([]byte("500 Internal Server Error"))
+}
+
+// WHOIS pages
+func webHandlerWhois(w http.ResponseWriter, r *http.Request) {
+	target, err := url.PathUnescape(r.URL.Path[len("/whois/"):])
+	if err != nil {
+		serverError(w, r)
+		return
+	}
+
+	// render the whois template
+	args := TemplateWhois{
+		Target: target,
+		Result: smartFormatter(whois(target)),
+	}
+
+	tmpl := TemplateLibrary["whois"]
+	var buffer bytes.Buffer
+	err = tmpl.Execute(&buffer, args)
+	if err != nil {
+		fmt.Println("Error rendering whois template:", err.Error())
+	}
+
+	renderPageTemplate(
 		w, r,
 		" - whois "+html.EscapeString(target),
-		"<h2>whois "+html.EscapeString(target)+"</h2>"+smartFormatter(whois(target)),
+		template.HTML(buffer.String()),
 	)
 }
 
+// serve up results from bird
 func webBackendCommunicator(endpoint string, command string) func(w http.ResponseWriter, r *http.Request) {
-	backendCommandPrimitive, commandPresent := (map[string]string{
-		"summary":         "show protocols",
-		"detail":          "show protocols all %s",
-		"route":           "show route for %s",
-		"route_all":       "show route for %s all",
-		"route_where":     "show route where net ~ [ %s ]",
-		"route_where_all": "show route where net ~ [ %s ] all",
-		"route_generic":   "show route %s",
-		"generic":         "show %s",
-		"traceroute":      "%s",
-	})[command]
-
+	backendCommandPrimitive, commandPresent := primitiveMap[command]
 	if !commandPresent {
 		panic("invalid command: " + command)
 	}
 
 	return func(w http.ResponseWriter, r *http.Request) {
-		split := strings.SplitN(r.URL.Path[1:], "/", 4)
+		split := strings.SplitN(r.URL.Path[1:], "/", 3)
 		var urlCommands string
-		if len(split) >= 4 {
-			urlCommands = split[3]
+		if len(split) >= 3 {
+			urlCommands = split[2]
 		}
 
 		var backendCommand string
@@ -52,27 +98,53 @@ func webBackendCommunicator(endpoint string, command string) func(w http.Respons
 		}
 		backendCommand = strings.TrimSpace(backendCommand)
 
-		var servers []string = strings.Split(split[2], "+")
+		servers := strings.Split(split[1], "+")
+
 		var responses []string = batchRequest(servers, endpoint, backendCommand)
-		var result string
+		var content string
 		for i, response := range responses {
-			result += "<h2>" + html.EscapeString(servers[i]) + ": " + html.EscapeString(backendCommand) + "</h2>"
-			if (endpoint == "bird" || endpoint == "bird6") && backendCommand == "show protocols" && len(response) > 4 && strings.ToLower(response[0:4]) == "name" {
-				var isIPv6 bool = endpoint[len(endpoint)-1] == '6'
-				result += summaryTable(isIPv6, response, servers[i])
+
+			var result template.HTML
+			if (endpoint == "bird") && backendCommand == "show protocols" && len(response) > 4 && strings.ToLower(response[0:4]) == "name" {
+				result = summaryTable(response, servers[i])
 			} else {
-				result += smartFormatter(response)
+				result = smartFormatter(response)
 			}
+
+			serverDisplay := servers[i]
+			for k, v := range setting.servers {
+				if servers[i] == v {
+					serverDisplay = setting.serversDisplay[k]
+					break
+				}
+			}
+
+			// render the bird result template
+			args := TemplateBird{
+				ServerName: serverDisplay,
+				Target:     backendCommand,
+				Result:     result,
+			}
+
+			tmpl := TemplateLibrary["bird"]
+			var buffer bytes.Buffer
+			err := tmpl.Execute(&buffer, args)
+			if err != nil {
+				fmt.Println("Error rendering bird template:", err.Error())
+			}
+
+			content += buffer.String()
 		}
 
-		renderTemplate(
+		renderPageTemplate(
 			w, r,
-			" - "+html.EscapeString(endpoint+" "+backendCommand),
-			result,
+			" - "+endpoint+" "+backendCommand,
+			template.HTML(content),
 		)
 	}
 }
 
+// bgpmap result
 func webHandlerBGPMap(endpoint string, command string) func(w http.ResponseWriter, r *http.Request) {
 	backendCommandPrimitive, commandPresent := (map[string]string{
 		"route_bgpmap":       "show route for %s all",
@@ -85,7 +157,7 @@ func webHandlerBGPMap(endpoint string, command string) func(w http.ResponseWrite
 
 	return func(w http.ResponseWriter, r *http.Request) {
 		split := strings.Split(r.URL.Path[1:], "/")
-		urlCommands := strings.Join(split[3:], "/")
+		urlCommands := strings.Join(split[2:], "/")
 
 		var backendCommand string
 		if strings.Contains(backendCommandPrimitive, "%") {
@@ -94,68 +166,91 @@ func webHandlerBGPMap(endpoint string, command string) func(w http.ResponseWrite
 			backendCommand = backendCommandPrimitive
 		}
 
-		var servers []string = strings.Split(split[2], "+")
+		var servers []string = strings.Split(split[1], "+")
 		var responses []string = batchRequest(servers, endpoint, backendCommand)
-		renderTemplate(
+
+		// encode result with base64 to prevent xss
+		result := birdRouteToGraphviz(servers, responses, urlCommands)
+		result = base64.StdEncoding.EncodeToString([]byte(result))
+
+		// render the bgpmap result template
+		args := TemplateBGPmap{
+			Servers: servers,
+			Target:  backendCommand,
+			Result:  result,
+		}
+
+		tmpl := TemplateLibrary["bgpmap"]
+		var buffer bytes.Buffer
+		err := tmpl.Execute(&buffer, args)
+		if err != nil {
+			fmt.Println("Error rendering bgpmap template:", err.Error())
+		}
+
+		renderPageTemplate(
 			w, r,
 			" - "+html.EscapeString(endpoint+" "+backendCommand),
-			`
-			<script src="https://cdn.jsdelivr.net/npm/viz.js@2.1.2/viz.min.js" crossorigin="anonymous"></script>
-			<script src="https://cdn.jsdelivr.net/npm/viz.js@2.1.2/lite.render.js" crossorigin="anonymous"></script>
-			<script>
-			var viz = new Viz();
-			viz.renderSVGElement(`+"`"+birdRouteToGraphviz(servers, responses, urlCommands)+"`"+`)
-			.then(element => {
-				document.body.appendChild(element);
-			})
-			.catch(error => {
-				document.body.innerHTML = "<pre>"+error+"</pre>"
-			});
-			</script>`,
+			template.HTML(buffer.String()),
 		)
 	}
 }
 
-func webHandlerNavbarFormRedirect(w http.ResponseWriter, r *http.Request) {
-	query := r.URL.Query()
-	if query.Get("action") == "whois" {
-		http.Redirect(w, r, "/"+query.Get("action")+"/"+query.Get("target"), 302)
-	} else if query.Get("action") == "summary" {
-		http.Redirect(w, r, "/"+query.Get("proto")+"/"+query.Get("action")+"/"+query.Get("server"), 302)
-	} else {
-		http.Redirect(w, r, "/"+query.Get("proto")+"/"+query.Get("action")+"/"+query.Get("server")+"/"+query.Get("target"), 302)
+// set up routing paths
+func webServerPrepare() {
+	// redirect main page to all server summary
+	http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
+		http.Redirect(w, r, "/summary/"+url.PathEscape(strings.Join(setting.servers, "+")), http.StatusFound)
+	})
+
+	// serve static pages using embedded assets from template.go
+	subfs, err := fs.Sub(assets, "assets")
+	if err != nil {
+		panic("Webserver fs.sub failed: " + err.Error())
 	}
+	fs := http.FileServer(http.FS(subfs))
+
+	http.Handle("/static/", fs)
+	http.Handle("/robots.txt", fs)
+	http.Handle("/favicon.ico", fs)
+
+	// backend routes
+	http.HandleFunc("/summary/", webBackendCommunicator("bird", "summary"))
+	http.HandleFunc("/detail/", webBackendCommunicator("bird", "detail"))
+	http.HandleFunc("/route_filtered_from_protocol/", webBackendCommunicator("bird", "route_filtered_from_protocol"))
+	http.HandleFunc("/route_filtered_from_protocol_all/", webBackendCommunicator("bird", "route_filtered_from_protocol_all"))
+	http.HandleFunc("/route_from_protocol/", webBackendCommunicator("bird", "route_from_protocol"))
+	http.HandleFunc("/route_from_protocol_all/", webBackendCommunicator("bird", "route_from_protocol_all"))
+	http.HandleFunc("/route_from_protocol_primary/", webBackendCommunicator("bird", "route_from_protocol_primary"))
+	http.HandleFunc("/route_from_protocol_all_primary/", webBackendCommunicator("bird", "route_from_protocol_all_primary"))
+	http.HandleFunc("/route_from_origin/", webBackendCommunicator("bird", "route_from_origin"))
+	http.HandleFunc("/route_from_origin_all/", webBackendCommunicator("bird", "route_from_origin_all"))
+	http.HandleFunc("/route_from_origin_primary/", webBackendCommunicator("bird", "route_from_origin_primary"))
+	http.HandleFunc("/route_from_origin_all_primary/", webBackendCommunicator("bird", "route_from_origin_all_primary"))
+	http.HandleFunc("/route/", webBackendCommunicator("bird", "route"))
+	http.HandleFunc("/route_all/", webBackendCommunicator("bird", "route_all"))
+	http.HandleFunc("/route_bgpmap/", webHandlerBGPMap("bird", "route_bgpmap"))
+	http.HandleFunc("/route_where/", webBackendCommunicator("bird", "route_where"))
+	http.HandleFunc("/route_where_all/", webBackendCommunicator("bird", "route_where_all"))
+	http.HandleFunc("/route_where_bgpmap/", webHandlerBGPMap("bird", "route_where_bgpmap"))
+	http.HandleFunc("/route_generic/", webBackendCommunicator("bird", "route_generic"))
+	http.HandleFunc("/generic/", webBackendCommunicator("bird", "generic"))
+	http.HandleFunc("/traceroute/", webBackendCommunicator("traceroute", "traceroute"))
+	http.HandleFunc("/whois/", webHandlerWhois)
+	http.HandleFunc("/api/", apiHandler)
+	http.HandleFunc("/telegram/", webHandlerTelegramBot)
 }
 
-func webServerStart() {
-	// Start HTTP server
-	http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
-		http.Redirect(w, r, "/ipv4/summary/"+strings.Join(setting.servers, "+"), 302)
-	})
-	http.HandleFunc("/ipv4/summary/", webBackendCommunicator("bird", "summary"))
-	http.HandleFunc("/ipv6/summary/", webBackendCommunicator("bird6", "summary"))
-	http.HandleFunc("/ipv4/detail/", webBackendCommunicator("bird", "detail"))
-	http.HandleFunc("/ipv6/detail/", webBackendCommunicator("bird6", "detail"))
-	http.HandleFunc("/ipv4/route/", webBackendCommunicator("bird", "route"))
-	http.HandleFunc("/ipv6/route/", webBackendCommunicator("bird6", "route"))
-	http.HandleFunc("/ipv4/route_all/", webBackendCommunicator("bird", "route_all"))
-	http.HandleFunc("/ipv6/route_all/", webBackendCommunicator("bird6", "route_all"))
-	http.HandleFunc("/ipv4/route_bgpmap/", webHandlerBGPMap("bird", "route_bgpmap"))
-	http.HandleFunc("/ipv6/route_bgpmap/", webHandlerBGPMap("bird6", "route_bgpmap"))
-	http.HandleFunc("/ipv4/route_where/", webBackendCommunicator("bird", "route_where"))
-	http.HandleFunc("/ipv6/route_where/", webBackendCommunicator("bird6", "route_where"))
-	http.HandleFunc("/ipv4/route_where_all/", webBackendCommunicator("bird", "route_where_all"))
-	http.HandleFunc("/ipv6/route_where_all/", webBackendCommunicator("bird6", "route_where_all"))
-	http.HandleFunc("/ipv4/route_where_bgpmap/", webHandlerBGPMap("bird", "route_where_bgpmap"))
-	http.HandleFunc("/ipv6/route_where_bgpmap/", webHandlerBGPMap("bird6", "route_where_bgpmap"))
-	http.HandleFunc("/ipv4/route_generic/", webBackendCommunicator("bird", "route_generic"))
-	http.HandleFunc("/ipv6/route_generic/", webBackendCommunicator("bird6", "route_generic"))
-	http.HandleFunc("/ipv4/generic/", webBackendCommunicator("bird", "generic"))
-	http.HandleFunc("/ipv6/generic/", webBackendCommunicator("bird6", "generic"))
-	http.HandleFunc("/ipv4/traceroute/", webBackendCommunicator("traceroute", "traceroute"))
-	http.HandleFunc("/ipv6/traceroute/", webBackendCommunicator("traceroute6", "traceroute"))
-	http.HandleFunc("/whois/", webHandlerWhois)
-	http.HandleFunc("/redir", webHandlerNavbarFormRedirect)
-	http.HandleFunc("/telegram/", webHandlerTelegramBot)
-	http.ListenAndServe(setting.listen, handlers.LoggingHandler(os.Stdout, http.DefaultServeMux))
+// start webserver
+func webServerStart(l net.Listener) {
+	if atomic.SwapUint32(&webServerPrepared, 1) == 0 {
+		webServerPrepare()
+	}
+
+	var handler http.Handler
+	handler = http.DefaultServeMux
+	if setting.trustProxyHeaders {
+		handler = handlers.ProxyHeaders(handler)
+	}
+	handler = handlers.LoggingHandler(os.Stdout, handler)
+	http.Serve(l, handler)
 }

frontend/webserver_test.go

@@ -0,0 +1,89 @@
+package main
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"net/url"
+	"strings"
+	"testing"
+
+	"github.com/jarcoal/httpmock"
+	"github.com/magiconair/properties/assert"
+)
+
+func TestServerError(t *testing.T) {
+	r := httptest.NewRequest(http.MethodGet, "/error", nil)
+	w := httptest.NewRecorder()
+	serverError(w, r)
+	assert.Equal(t, w.Code, http.StatusInternalServerError)
+}
+
+func TestWebHandlerWhois(t *testing.T) {
+	server := WhoisServer{
+		t:             t,
+		expectedQuery: "AS6939",
+		response:      AS6939Response,
+	}
+
+	server.Listen()
+	go server.Run()
+	defer server.Close()
+
+	setting.netSpecificMode = ""
+	setting.whoisServer = server.server.Addr().String()
+
+	r := httptest.NewRequest(http.MethodGet, "/whois/AS6939", nil)
+	w := httptest.NewRecorder()
+	webHandlerWhois(w, r)
+
+	assert.Equal(t, w.Code, http.StatusOK)
+	if !strings.Contains(w.Body.String(), "HURRICANE") {
+		t.Error("Body does not contain whois result")
+	}
+}
+
+func TestWebBackendCommunicator(t *testing.T) {
+	httpmock.Activate()
+	defer httpmock.DeactivateAndReset()
+
+	input := readDataFile(t, "frontend/test_data/bgpmap_case1.txt")
+	httpResponse := httpmock.NewStringResponder(200, input)
+	httpmock.RegisterResponder("GET", "http://alpha:8000/bird?q="+url.QueryEscape("show route for 1.1.1.1 all"), httpResponse)
+
+	setting.servers = []string{"alpha"}
+	setting.domain = ""
+	setting.proxyPort = 8000
+	setting.dnsInterface = ""
+	setting.whoisServer = ""
+
+	r := httptest.NewRequest(http.MethodGet, "/route_bgpmap/alpha/1.1.1.1", nil)
+	w := httptest.NewRecorder()
+
+	handler := webBackendCommunicator("bird", "route_all")
+	handler(w, r)
+
+	assert.Equal(t, w.Code, http.StatusOK)
+}
+
+func TestWebHandlerBGPMap(t *testing.T) {
+	httpmock.Activate()
+	defer httpmock.DeactivateAndReset()
+
+	input := readDataFile(t, "frontend/test_data/bgpmap_case1.txt")
+	httpResponse := httpmock.NewStringResponder(200, input)
+	httpmock.RegisterResponder("GET", "http://alpha:8000/bird?q="+url.QueryEscape("show route for 1.1.1.1 all"), httpResponse)
+
+	setting.servers = []string{"alpha"}
+	setting.domain = ""
+	setting.proxyPort = 8000
+	setting.dnsInterface = ""
+	setting.whoisServer = ""
+
+	r := httptest.NewRequest(http.MethodGet, "/route_bgpmap/alpha/1.1.1.1", nil)
+	w := httptest.NewRecorder()
+
+	handler := webHandlerBGPMap("bird", "route_bgpmap")
+	handler(w, r)
+
+	assert.Equal(t, w.Code, http.StatusOK)
+}

frontend/whois.go

@@ -1,22 +1,59 @@
 package main
 
 import (
-	"io/ioutil"
+	"io"
 	"net"
+	"os/exec"
+	"strings"
+	"time"
+
+	"github.com/google/shlex"
 )
 
 // Send a whois request
 func whois(s string) string {
-	conn, err := net.Dial("tcp", setting.whoisServer+":43")
-	if err != nil {
-		return err.Error()
+	if setting.whoisServer == "" {
+		return ""
 	}
-	defer conn.Close()
 
-	conn.Write([]byte(s + "\r\n"))
-	result, err := ioutil.ReadAll(conn)
-	if err != nil {
-		return err.Error()
+	if strings.HasPrefix(setting.whoisServer, "/") {
+		args, err := shlex.Split(setting.whoisServer)
+		if err != nil {
+			return err.Error()
+		}
+		args = append(args, s)
+
+		cmd := exec.Command(args[0], args[1:]...)
+		output, err := cmd.CombinedOutput()
+		if len(output) > 65535 {
+			output = output[:65535]
+		}
+		if err != nil {
+			return err.Error() + "\n" + string(output)
+		} else {
+			return string(output)
+		}
+	} else {
+		buf := make([]byte, 65536)
+
+		whoisServer := setting.whoisServer
+		if !strings.Contains(whoisServer, ":") {
+			whoisServer = whoisServer + ":43"
+		}
+
+		conn, err := net.DialTimeout("tcp", whoisServer, 5*time.Second)
+		if err != nil {
+			return err.Error()
+		}
+		defer conn.Close()
+
+		conn.Write([]byte(s + "\r\n"))
+
+		n, err := io.ReadFull(conn, buf)
+		if err != nil && err != io.EOF && err != io.ErrUnexpectedEOF {
+			return err.Error() + "\n" + string(buf[:n])
+		}
+		return string(buf[:n])
 	}
-	return string(result)
+
 }

frontend/whois_test.go

@@ -0,0 +1,128 @@
+package main
+
+import (
+	"bufio"
+	"net"
+	"strings"
+	"testing"
+)
+
+type WhoisServer struct {
+	t             *testing.T
+	expectedQuery string
+	response      string
+	server        net.Listener
+}
+
+const AS6939Response = `
+ASNumber:       6939
+ASName:         HURRICANE
+ASHandle:       AS6939
+RegDate:        1996-06-28
+Updated:        2003-11-04
+Ref:            https://rdap.arin.net/registry/autnum/6939
+`
+
+func (s *WhoisServer) Listen() {
+	var err error
+	s.server, err = net.Listen("tcp", "127.0.0.1:0")
+	if err != nil {
+		s.t.Error(err)
+	}
+}
+
+func (s *WhoisServer) Run() {
+	for {
+		conn, err := s.server.Accept()
+		if err != nil {
+			break
+		}
+		if conn == nil {
+			break
+		}
+
+		reader := bufio.NewReader(conn)
+		query, err := reader.ReadBytes('\n')
+		if err != nil {
+			break
+		}
+		if strings.TrimSpace(string(query)) != s.expectedQuery {
+			s.t.Errorf("Query %s doesn't match expectation %s", string(query), s.expectedQuery)
+		}
+		conn.Write([]byte(s.response))
+		conn.Close()
+	}
+}
+
+func (s *WhoisServer) Close() {
+	if s.server == nil {
+		return
+	}
+	s.server.Close()
+}
+
+func TestWhois(t *testing.T) {
+	server := WhoisServer{
+		t:             t,
+		expectedQuery: "AS6939",
+		response:      AS6939Response,
+	}
+
+	server.Listen()
+	go server.Run()
+	defer server.Close()
+
+	setting.whoisServer = server.server.Addr().String()
+	result := whois("AS6939")
+	if !strings.Contains(result, "HURRICANE") {
+		t.Errorf("Whois AS6939 failed, got %s", result)
+	}
+}
+
+func TestWhoisWithoutServer(t *testing.T) {
+	setting.whoisServer = ""
+	result := whois("AS6939")
+	if result != "" {
+		t.Errorf("Whois AS6939 without server produced output, got %s", result)
+	}
+}
+
+func TestWhoisConnectionError(t *testing.T) {
+	setting.whoisServer = "127.0.0.1:1"
+	result := whois("AS6939")
+	if !strings.Contains(result, "connect: connection refused") {
+		t.Errorf("Whois AS6939 without server produced output, got %s", result)
+	}
+}
+
+func TestWhoisHostProcess(t *testing.T) {
+	setting.whoisServer = "/bin/sh -c \"echo Mock Result\""
+	result := whois("AS6939")
+	if result != "Mock Result\n" {
+		t.Errorf("Whois didn't produce expected result, got %s", result)
+	}
+}
+
+func TestWhoisHostProcessMalformedCommand(t *testing.T) {
+	setting.whoisServer = "/bin/sh -c \"mock"
+	result := whois("AS6939")
+	if result != "EOF found when expecting closing quote" {
+		t.Errorf("Whois didn't produce expected result, got %s", result)
+	}
+}
+
+func TestWhoisHostProcessError(t *testing.T) {
+	setting.whoisServer = "/nonexistent"
+	result := whois("AS6939")
+	if !strings.Contains(result, "no such file or directory") {
+		t.Errorf("Whois didn't produce expected result, got %s", result)
+	}
+}
+
+func TestWhoisHostProcessVeryLong(t *testing.T) {
+	setting.whoisServer = "/bin/sh -c \"for i in $(seq 1 131072); do printf 'A'; done\""
+	result := whois("AS6939")
+	if len(result) != 65535 {
+		t.Errorf("Whois result incorrectly truncated, actual len %d", len(result))
+	}
+}

proxy/Dockerfile

@@ -0,0 +1,28 @@
+FROM golang AS step_0
+
+ENV CGO_ENABLED=0 GO111MODULE=on
+WORKDIR /root
+COPY . .
+RUN go build -ldflags "-w -s" -o /proxy
+
+################################################################################
+
+FROM alpine:edge AS step_1
+
+WORKDIR /root
+RUN apk add --no-cache build-base linux-headers
+
+RUN wget https://sourceforge.net/projects/traceroute/files/traceroute/traceroute-2.1.3/traceroute-2.1.3.tar.gz/download \
+    -O traceroute-2.1.3.tar.gz
+RUN tar xvf traceroute-2.1.3.tar.gz \
+    && cd traceroute-2.1.3 \
+    && make -j4 LDFLAGS="-static" \
+    && strip /root/traceroute-2.1.3/traceroute/traceroute
+
+################################################################################
+
+FROM scratch AS step_2
+ENV PATH=/
+COPY --from=step_0 /proxy /
+COPY --from=step_1 /root/traceroute-2.1.3/traceroute/traceroute /
+ENTRYPOINT ["/proxy"]

proxy/Dockerfile.amd64

@@ -1,15 +0,0 @@
-FROM amd64/debian:buster
-
-LABEL Lan Tian "lantian@lantian.pub"
-ENV GOOS=linux GOARCH=amd64
-WORKDIR /root
-COPY . .
-RUN apt-get -qq update && DEBIAN_FRONTEND=noninteractive apt-get -qq install -y golang git traceroute locales busybox \
-  && cd /root && go get github.com/gorilla/handlers && go build -o /proxy \
-  && cd / && rm -rf /root/* \
-  && printf "en_US.UTF-8 UTF-8\nzh_CN.UTF-8 UTF-8\n" > /etc/locale.gen \
-  && locale-gen \
-  && apt-get -qq purge -y golang git \
-  && apt-get -qq autoremove --purge -y && apt-get clean && rm -rf /var/lib/apt/lists
-
-ENTRYPOINT ["/proxy"]

proxy/Dockerfile.arm32v7

@@ -1,15 +0,0 @@
-FROM multiarch/debian-debootstrap:armhf-buster
-
-LABEL Lan Tian "lantian@lantian.pub"
-ENV GOOS=linux GOARCH=arm
-WORKDIR /root
-COPY . .
-RUN apt-get -qq update && DEBIAN_FRONTEND=noninteractive apt-get -qq install -y golang git traceroute locales busybox \
-  && cd /root && go get github.com/gorilla/handlers && go build -o /proxy \
-  && cd / && rm -rf /root/* \
-  && printf "en_US.UTF-8 UTF-8\nzh_CN.UTF-8 UTF-8\n" > /etc/locale.gen \
-  && locale-gen \
-  && apt-get -qq purge -y golang git \
-  && apt-get -qq autoremove --purge -y && apt-get clean && rm -rf /var/lib/apt/lists
-
-ENTRYPOINT ["/proxy"]

proxy/Dockerfile.arm64v8

@@ -1,15 +0,0 @@
-FROM multiarch/debian-debootstrap:arm64-buster
-
-LABEL Lan Tian "lantian@lantian.pub"
-ENV GOOS=linux GOARCH=arm64
-WORKDIR /root
-COPY . .
-RUN apt-get -qq update && DEBIAN_FRONTEND=noninteractive apt-get -qq install -y golang git traceroute locales busybox \
-  && cd /root && go get github.com/gorilla/handlers && go build -o /proxy \
-  && cd / && rm -rf /root/* \
-  && printf "en_US.UTF-8 UTF-8\nzh_CN.UTF-8 UTF-8\n" > /etc/locale.gen \
-  && locale-gen \
-  && apt-get -qq purge -y golang git \
-  && apt-get -qq autoremove --purge -y && apt-get clean && rm -rf /var/lib/apt/lists
-
-ENTRYPOINT ["/proxy"]

proxy/Dockerfile.i386

@@ -1,15 +0,0 @@
-FROM i386/debian:buster
-
-LABEL Lan Tian "lantian@lantian.pub"
-ENV GOOS=linux GOARCH=386
-WORKDIR /root
-COPY . .
-RUN apt-get -qq update && DEBIAN_FRONTEND=noninteractive apt-get -qq install -y golang git traceroute locales busybox \
-  && cd /root && go get github.com/gorilla/handlers && go build -o /proxy \
-  && cd / && rm -rf /root/* \
-  && printf "en_US.UTF-8 UTF-8\nzh_CN.UTF-8 UTF-8\n" > /etc/locale.gen \
-  && locale-gen \
-  && apt-get -qq purge -y golang git \
-  && apt-get -qq autoremove --purge -y && apt-get clean && rm -rf /var/lib/apt/lists
-
-ENTRYPOINT ["/proxy"]

proxy/Dockerfile.mtr

@@ -0,0 +1,31 @@
+FROM golang AS step_0
+
+ENV CGO_ENABLED=0 GO111MODULE=on
+WORKDIR /root
+COPY . .
+RUN go build -ldflags "-w -s" -o /proxy
+
+################################################################################
+
+FROM alpine:edge AS step_1
+
+WORKDIR /root
+RUN apk add --no-cache build-base linux-headers
+
+RUN wget https://www.bitwizard.nl/mtr/files/mtr-0.94.tar.gz \
+    -O mtr-0.94.tar.gz
+RUN tar xvf mtr-0.94.tar.gz \
+    && cd mtr-0.94 \
+    && ./configure --without-gtk --without-ncurses --without-jansson --without-ipinfo --disable-bash-completion \
+    && make -j4 LDFLAGS="-static" \
+    && strip /root/mtr-0.94/mtr \
+    && strip /root/mtr-0.94/mtr-packet
+
+################################################################################
+
+FROM scratch AS step_2
+ENV PATH=/
+COPY --from=step_0 /proxy /
+COPY --from=step_1 /root/mtr-0.94/mtr /
+COPY --from=step_1 /root/mtr-0.94/mtr-packet /
+ENTRYPOINT ["/proxy"]

proxy/Makefile

@@ -0,0 +1,3 @@
+.PHONY: all
+all: $(shell find . -name \*.go -type f)
+	go build -ldflags "-w -s" -o proxy

proxy/bird.go

@@ -1,24 +1,30 @@
 package main
 
 import (
+	"bytes"
 	"io"
 	"net"
 	"net/http"
+	"strings"
 )
 
+const MAX_LINE_SIZE = 1024
+
 // Read a line from bird socket, removing preceding status number, output it.
 // Returns if there are more lines.
 func birdReadln(bird io.Reader, w io.Writer) bool {
 	// Read from socket byte by byte, until reaching newline character
-	c := make([]byte, 1024, 1024)
+	c := make([]byte, MAX_LINE_SIZE)
 	pos := 0
 	for {
-		if pos >= 1024 {
+		// Leave one byte for newline character
+		if pos >= MAX_LINE_SIZE-1 {
 			break
 		}
 		_, err := bird.Read(c[pos : pos+1])
 		if err != nil {
-			panic(err)
+			w.Write([]byte(err.Error()))
+			return false
 		}
 		if c[pos] == byte('\n') {
 			break
@@ -27,37 +33,20 @@ func birdReadln(bird io.Reader, w io.Writer) bool {
 	}
 
 	c = c[:pos+1]
+	c[pos] = '\n'
 	// print(string(c[:]))
 
 	// Remove preceding status number, different situations
-	if pos < 4 {
-		// Line is too short to have a status number
-		if w != nil {
-			pos = 0
-			for c[pos] == byte(' ') {
-				pos++
-			}
-			w.Write(c[pos:])
-		}
-		return true
-	} else if isNumeric(c[0]) && isNumeric(c[1]) && isNumeric(c[2]) && isNumeric(c[3]) {
+	if pos > 4 && isNumeric(c[0]) && isNumeric(c[1]) && isNumeric(c[2]) && isNumeric(c[3]) {
 		// There is a status number at beginning, remove first 5 bytes
 		if w != nil && pos > 6 {
 			pos = 5
-			for c[pos] == byte(' ') {
-				pos++
-			}
 			w.Write(c[pos:])
 		}
 		return c[0] != byte('0') && c[0] != byte('8') && c[0] != byte('9')
 	} else {
-		// There is no status number, only remove preceding spaces
 		if w != nil {
-			pos = 0
-			for c[pos] == byte(' ') {
-				pos++
-			}
-			w.Write(c[pos:])
+			w.Write(c[1:])
 		}
 		return true
 	}
@@ -77,37 +66,23 @@ func birdHandler(httpW http.ResponseWriter, httpR *http.Request) {
 		// Initialize BIRDv4 socket
 		bird, err := net.Dial("unix", setting.birdSocket)
 		if err != nil {
-			panic(err)
+			httpW.WriteHeader(http.StatusInternalServerError)
+			httpW.Write([]byte(err.Error()))
+			return
 		}
 		defer bird.Close()
 
 		birdReadln(bird, nil)
 		birdWriteln(bird, "restrict")
-		birdReadln(bird, nil)
+		var restrictedConfirmation bytes.Buffer
+		birdReadln(bird, &restrictedConfirmation)
+		if !strings.Contains(restrictedConfirmation.String(), "Access restricted") {
+			httpW.WriteHeader(http.StatusInternalServerError)
+			httpW.Write([]byte("could not verify that bird access was restricted"))
+			return
+		}
 		birdWriteln(bird, query)
 		for birdReadln(bird, httpW) {
 		}
 	}
 }
-
-// Handles BIRDv6 queries
-func bird6Handler(httpW http.ResponseWriter, httpR *http.Request) {
-	query := string(httpR.URL.Query().Get("q"))
-	if query == "" {
-		invalidHandler(httpW, httpR)
-	} else {
-		// Initialize BIRDv6 socket
-		bird6, err := net.Dial("unix", setting.bird6Socket)
-		if err != nil {
-			panic(err)
-		}
-		defer bird6.Close()
-
-		birdReadln(bird6, nil)
-		birdWriteln(bird6, "restrict")
-		birdReadln(bird6, nil)
-		birdWriteln(bird6, query)
-		for birdReadln(bird6, httpW) {
-		}
-	}
-}

proxy/bird_test.go

@@ -0,0 +1,213 @@
+package main
+
+import (
+	"bufio"
+	"bytes"
+	"io/ioutil"
+	"net"
+	"net/http"
+	"net/http/httptest"
+	"net/url"
+	"path"
+	"strings"
+	"testing"
+
+	"github.com/magiconair/properties/assert"
+)
+
+type BirdServer struct {
+	t             *testing.T
+	expectedQuery string
+	response      string
+	server        net.Listener
+	socket        string
+	injectError   string
+}
+
+func (s *BirdServer) initSocket() {
+	tmpDir, err := ioutil.TempDir("", "bird-lgproxy-go-mock")
+	if err != nil {
+		s.t.Fatal(err)
+	}
+	s.socket = path.Join(tmpDir, "mock.socket")
+}
+
+func (s *BirdServer) Listen() {
+	s.initSocket()
+
+	var err error
+	s.server, err = net.Listen("unix", s.socket)
+	if err != nil {
+		s.t.Error(err)
+	}
+}
+
+func (s *BirdServer) Run() {
+	for {
+		conn, err := s.server.Accept()
+		if err != nil {
+			break
+		}
+		if conn == nil {
+			break
+		}
+
+		reader := bufio.NewReader(conn)
+
+		conn.Write([]byte("1234 Hello from mock bird\n"))
+
+		query, err := reader.ReadBytes('\n')
+		if err != nil {
+			break
+		}
+		if strings.TrimSpace(string(query)) != "restrict" {
+			s.t.Errorf("Did not restrict bird permissions")
+		}
+		if s.injectError == "restriction" {
+			conn.Write([]byte("1234 Restriction is disabled!\n"))
+		} else {
+			conn.Write([]byte("1234 Access restricted\n"))
+		}
+
+		query, err = reader.ReadBytes('\n')
+		if err != nil {
+			break
+		}
+		if strings.TrimSpace(string(query)) != s.expectedQuery {
+			s.t.Errorf("Query %s doesn't match expectation %s", string(query), s.expectedQuery)
+		}
+
+		responseList := strings.Split(s.response, "\n")
+		for i := range responseList {
+			if i == len(responseList)-1 {
+				if s.injectError == "eof" {
+					conn.Write([]byte("0000 " + responseList[i]))
+				} else {
+					conn.Write([]byte("0000 " + responseList[i] + "\n"))
+				}
+			} else {
+				conn.Write([]byte("1234 " + responseList[i] + "\n"))
+			}
+		}
+
+		conn.Close()
+	}
+}
+
+func (s *BirdServer) Close() {
+	if s.server == nil {
+		return
+	}
+	s.server.Close()
+}
+
+func TestBirdReadln(t *testing.T) {
+	input := strings.NewReader("1234 Bird Message\n")
+	var output bytes.Buffer
+	birdReadln(input, &output)
+
+	assert.Equal(t, output.String(), "Bird Message\n")
+}
+
+func TestBirdReadlnNoPrefix(t *testing.T) {
+	input := strings.NewReader(" Message without prefix\n")
+	var output bytes.Buffer
+	birdReadln(input, &output)
+
+	assert.Equal(t, output.String(), "Message without prefix\n")
+}
+
+func TestBirdReadlnVeryLongLine(t *testing.T) {
+	input := strings.NewReader(strings.Repeat("A", 4096))
+	var output bytes.Buffer
+	birdReadln(input, &output)
+
+	assert.Equal(t, output.String(), strings.Repeat("A", 1022)+"\n")
+}
+
+func TestBirdWriteln(t *testing.T) {
+	var output bytes.Buffer
+	birdWriteln(&output, "Test command")
+	assert.Equal(t, output.String(), "Test command\n")
+}
+
+func TestBirdHandlerWithoutQuery(t *testing.T) {
+	r := httptest.NewRequest(http.MethodGet, "/bird", nil)
+	w := httptest.NewRecorder()
+	birdHandler(w, r)
+}
+
+func TestBirdHandlerWithQuery(t *testing.T) {
+	server := BirdServer{
+		t:             t,
+		expectedQuery: "show protocols",
+		response:      "Mock Response\nSecond Line",
+		injectError:   "",
+	}
+
+	server.Listen()
+	go server.Run()
+	defer server.Close()
+
+	setting.birdSocket = server.socket
+
+	r := httptest.NewRequest(http.MethodGet, "/bird?q="+url.QueryEscape(server.expectedQuery), nil)
+	w := httptest.NewRecorder()
+	birdHandler(w, r)
+
+	assert.Equal(t, w.Code, http.StatusOK)
+	assert.Equal(t, w.Body.String(), server.response+"\n")
+}
+
+func TestBirdHandlerWithBadSocket(t *testing.T) {
+	setting.birdSocket = "/nonexistent.sock"
+
+	r := httptest.NewRequest(http.MethodGet, "/bird?q="+url.QueryEscape("mock"), nil)
+	w := httptest.NewRecorder()
+	birdHandler(w, r)
+
+	assert.Equal(t, w.Code, http.StatusInternalServerError)
+}
+
+func TestBirdHandlerWithoutRestriction(t *testing.T) {
+	server := BirdServer{
+		t:             t,
+		expectedQuery: "show protocols",
+		response:      "Mock Response",
+		injectError:   "restriction",
+	}
+
+	server.Listen()
+	go server.Run()
+	defer server.Close()
+
+	setting.birdSocket = server.socket
+
+	r := httptest.NewRequest(http.MethodGet, "/bird?q="+url.QueryEscape("mock"), nil)
+	w := httptest.NewRecorder()
+	birdHandler(w, r)
+
+	assert.Equal(t, w.Code, http.StatusInternalServerError)
+}
+
+func TestBirdHandlerEOF(t *testing.T) {
+	server := BirdServer{
+		t:             t,
+		expectedQuery: "show protocols",
+		response:      "Mock Response\nSecond Line",
+		injectError:   "eof",
+	}
+
+	server.Listen()
+	go server.Run()
+	defer server.Close()
+
+	setting.birdSocket = server.socket
+
+	r := httptest.NewRequest(http.MethodGet, "/bird?q="+url.QueryEscape("show protocols"), nil)
+	w := httptest.NewRecorder()
+	birdHandler(w, r)
+
+	assert.Equal(t, w.Code, http.StatusOK)
+	assert.Equal(t, w.Body.String(), "Mock Response\nEOF")
+}

proxy/go.mod

@@ -0,0 +1,26 @@
+module github.com/xddxdd/bird-lg-go/proxy
+
+go 1.23.0
+
+require (
+	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510
+	github.com/gorilla/handlers v1.5.2
+	github.com/magiconair/properties v1.8.10
+	github.com/spf13/pflag v1.0.10
+	github.com/spf13/viper v1.21.0
+)
+
+require (
+	github.com/felixge/httpsnoop v1.0.4 // indirect
+	github.com/fsnotify/fsnotify v1.9.0 // indirect
+	github.com/go-viper/mapstructure/v2 v2.4.0 // indirect
+	github.com/pelletier/go-toml/v2 v2.2.4 // indirect
+	github.com/sagikazarmark/locafero v0.11.0 // indirect
+	github.com/sourcegraph/conc v0.3.1-0.20240121214520-5f936abd7ae8 // indirect
+	github.com/spf13/afero v1.15.0 // indirect
+	github.com/spf13/cast v1.10.0 // indirect
+	github.com/subosito/gotenv v1.6.0 // indirect
+	go.yaml.in/yaml/v3 v3.0.4 // indirect
+	golang.org/x/sys v0.29.0 // indirect
+	golang.org/x/text v0.28.0 // indirect
+)

proxy/go.sum

@@ -0,0 +1,55 @@
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg=
+github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
+github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8=
+github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0=
+github.com/fsnotify/fsnotify v1.9.0 h1:2Ml+OJNzbYCTzsxtv8vKSFD9PbJjmhYF14k/jKC7S9k=
+github.com/fsnotify/fsnotify v1.9.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0=
+github.com/go-viper/mapstructure/v2 v2.4.0 h1:EBsztssimR/CONLSZZ04E8qAkxNYq4Qp9LvH92wZUgs=
+github.com/go-viper/mapstructure/v2 v2.4.0/go.mod h1:oJDH3BJKyqBA2TXFhDsKDGDTlndYOZ6rGS0BRZIxGhM=
+github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
+github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
+github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4=
+github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ=
+github.com/gorilla/handlers v1.5.2 h1:cLTUSsNkgcwhgRqvCNmdbRWG0A3N4F+M2nWKdScwyEE=
+github.com/gorilla/handlers v1.5.2/go.mod h1:dX+xVpaxdSw+q0Qek8SSsl3dfMk3jNddUkMzo0GtH0w=
+github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
+github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
+github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
+github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
+github.com/magiconair/properties v1.8.10 h1:s31yESBquKXCV9a/ScB3ESkOjUYYv+X0rg8SYxI99mE=
+github.com/magiconair/properties v1.8.10/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0=
+github.com/pelletier/go-toml/v2 v2.2.4 h1:mye9XuhQ6gvn5h28+VilKrrPoQVanw5PMw/TB0t5Ec4=
+github.com/pelletier/go-toml/v2 v2.2.4/go.mod h1:2gIqNv+qfxSVS7cM2xJQKtLSTLUE9V8t9Stt+h56mCY=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8=
+github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs=
+github.com/sagikazarmark/locafero v0.11.0 h1:1iurJgmM9G3PA/I+wWYIOw/5SyBtxapeHDcg+AAIFXc=
+github.com/sagikazarmark/locafero v0.11.0/go.mod h1:nVIGvgyzw595SUSUE6tvCp3YYTeHs15MvlmU87WwIik=
+github.com/sourcegraph/conc v0.3.1-0.20240121214520-5f936abd7ae8 h1:+jumHNA0Wrelhe64i8F6HNlS8pkoyMv5sreGx2Ry5Rw=
+github.com/sourcegraph/conc v0.3.1-0.20240121214520-5f936abd7ae8/go.mod h1:3n1Cwaq1E1/1lhQhtRK2ts/ZwZEhjcQeJQ1RuC6Q/8U=
+github.com/spf13/afero v1.15.0 h1:b/YBCLWAJdFWJTN9cLhiXXcD7mzKn9Dm86dNnfyQw1I=
+github.com/spf13/afero v1.15.0/go.mod h1:NC2ByUVxtQs4b3sIUphxK0NioZnmxgyCrfzeuq8lxMg=
+github.com/spf13/cast v1.10.0 h1:h2x0u2shc1QuLHfxi+cTJvs30+ZAHOGRic8uyGTDWxY=
+github.com/spf13/cast v1.10.0/go.mod h1:jNfB8QC9IA6ZuY2ZjDp0KtFO2LZZlg4S/7bzP6qqeHo=
+github.com/spf13/pflag v1.0.10 h1:4EBh2KAYBwaONj6b2Ye1GiHfwjqyROoF4RwYO+vPwFk=
+github.com/spf13/pflag v1.0.10/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
+github.com/spf13/viper v1.21.0 h1:x5S+0EU27Lbphp4UKm1C+1oQO+rKx36vfCoaVebLFSU=
+github.com/spf13/viper v1.21.0/go.mod h1:P0lhsswPGWD/1lZJ9ny3fYnVqxiegrlNrEmgLjbTCAY=
+github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U=
+github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U=
+github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8=
+github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU=
+go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc=
+go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg=
+golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU=
+golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/text v0.28.0 h1:rhazDwis8INMIwQ4tpjLDzUhx6RlXqZNPEM0huQojng=
+golang.org/x/text v0.28.0/go.mod h1:U8nCwOR8jO/marOQ0QbDiOngZVEBB7MAiitBuMjXiNU=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo=
+gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

proxy/main.go

@@ -1,7 +1,8 @@
 package main
 
 import (
-	"flag"
+	"fmt"
+	"net"
 	"net/http"
 	"os"
 	"strings"
@@ -20,84 +21,95 @@ func invalidHandler(httpW http.ResponseWriter, httpR *http.Request) {
 	httpW.Write([]byte("Invalid Request\n"))
 }
 
-// Access handler, check to see if client IP in allowed IPs, continue if it is, send to invalidHandler if not
+func hasAccess(remoteAddr string) bool {
+	// setting.allowedNets will always have at least one element because of how it's defined
+	if len(setting.allowedNets) == 0 {
+		return true
+	}
+
+	if !strings.Contains(remoteAddr, ":") {
+		return false
+	}
+
+	// Remove port from IP and remove brackets that are around IPv6 addresses
+	remoteAddr = remoteAddr[0:strings.LastIndex(remoteAddr, ":")]
+	remoteAddr = strings.Trim(remoteAddr, "[]")
+
+	ipObject := net.ParseIP(remoteAddr)
+	if ipObject == nil {
+		return false
+	}
+
+	for _, net := range setting.allowedNets {
+		if net.Contains(ipObject) {
+			return true
+		}
+	}
+
+	return false
+}
+
+// Access handler, check to see if client IP in allowed nets, continue if it is, send to invalidHandler if not
 func accessHandler(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(httpW http.ResponseWriter, httpR *http.Request) {
-
-		// setting.allowedIPs will always have at least one element because of how it's defined
-		if setting.allowedIPs[0] == "" {
+		if hasAccess(httpR.RemoteAddr) {
 			next.ServeHTTP(httpW, httpR)
-			return
+		} else {
+			invalidHandler(httpW, httpR)
 		}
-
-		IPPort := httpR.RemoteAddr
-
-		// Remove port from IP and remove brackets that are around IPv6 addresses
-		requestIp := IPPort[0:strings.LastIndex(IPPort, ":")]
-		requestIp = strings.Replace(requestIp, "[", "", -1)
-		requestIp = strings.Replace(requestIp, "]", "", -1)
-
-		for _, allowedIP := range setting.allowedIPs {
-			if requestIp == allowedIP {
-				next.ServeHTTP(httpW, httpR)
-				return
-			}
-		}
-
-		invalidHandler(httpW, httpR)
-		return
 	})
 }
 
 type settingType struct {
 	birdSocket  string
-	bird6Socket string
-	listen      string
-	allowedIPs  []string
+	listen      []string
+	allowedNets []*net.IPNet
+	tr_bin      string
+	tr_flags    []string
+	tr_raw      bool
 }
 
 var setting settingType
 
 // Wrapper of tracer
 func main() {
-	// Prepare default socket paths, use environment variable if possible
-	var settingDefault = settingType{
-		"/var/run/bird/bird.ctl",
-		"/var/run/bird/bird6.ctl",
-		":8000",
-		[]string{""},
+	parseSettings()
+	tracerouteAutodetect()
+
+	mux := http.NewServeMux()
+
+	// Prepare HTTP server
+	mux.HandleFunc("/", invalidHandler)
+	mux.HandleFunc("/bird", birdHandler)
+	mux.HandleFunc("/bird6", birdHandler)
+	mux.HandleFunc("/traceroute", tracerouteHandler)
+	mux.HandleFunc("/traceroute6", tracerouteHandler)
+
+	for _, listenAddr := range setting.listen {
+		go func(addr string) {
+			fmt.Printf("Listening on %s...\n", addr)
+
+			var l net.Listener
+			var err error
+
+			if strings.HasPrefix(addr, "/") {
+				// Delete existing socket file, ignore errors (will fail later anyway)
+				os.Remove(addr)
+				l, err = net.Listen("unix", addr)
+			} else {
+				if !strings.Contains(addr, ":") {
+					addr = ":" + addr
+				}
+				l, err = net.Listen("tcp", addr)
+			}
+
+			if err != nil {
+				panic(err)
+			}
+
+			http.Serve(l, handlers.LoggingHandler(os.Stdout, accessHandler(mux)))
+		}(listenAddr)
 	}
 
-	if birdSocketEnv := os.Getenv("BIRD_SOCKET"); birdSocketEnv != "" {
-		settingDefault.birdSocket = birdSocketEnv
-	}
-	if bird6SocketEnv := os.Getenv("BIRD6_SOCKET"); bird6SocketEnv != "" {
-		settingDefault.bird6Socket = bird6SocketEnv
-	}
-	if listenEnv := os.Getenv("BIRDLG_LISTEN"); listenEnv != "" {
-		settingDefault.listen = listenEnv
-	}
-	if AllowedIPsEnv := os.Getenv("ALLOWED_IPS"); AllowedIPsEnv != "" {
-		settingDefault.allowedIPs = strings.Split(AllowedIPsEnv, ",")
-	}
-
-	// Allow parameters to override environment variables
-	birdParam := flag.String("bird", settingDefault.birdSocket, "socket file for bird, set either in parameter or environment variable BIRD_SOCKET")
-	bird6Param := flag.String("bird6", settingDefault.bird6Socket, "socket file for bird6, set either in parameter or environment variable BIRD6_SOCKET")
-	listenParam := flag.String("listen", settingDefault.listen, "listen address, set either in parameter or environment variable BIRDLG_LISTEN")
-	AllowedIPsParam := flag.String("allowed", strings.Join(settingDefault.allowedIPs, ","), "IPs allowed to access this proxy, separated by commas. Don't set to allow all IPs.")
-	flag.Parse()
-
-	setting.birdSocket = *birdParam
-	setting.bird6Socket = *bird6Param
-	setting.listen = *listenParam
-	setting.allowedIPs = strings.Split(*AllowedIPsParam, ",")
-
-	// Start HTTP server
-	http.HandleFunc("/", invalidHandler)
-	http.HandleFunc("/bird", birdHandler)
-	http.HandleFunc("/bird6", bird6Handler)
-	http.HandleFunc("/traceroute", tracerouteIPv4Wrapper)
-	http.HandleFunc("/traceroute6", tracerouteIPv6Wrapper)
-	http.ListenAndServe(*listenParam, handlers.LoggingHandler(os.Stdout, accessHandler(http.DefaultServeMux)))
+	select {}
 }

proxy/main_test.go

@@ -0,0 +1,99 @@
+package main
+
+import (
+	"net"
+	"net/http"
+	"net/http/httptest"
+	"testing"
+
+	"github.com/magiconair/properties/assert"
+)
+
+func TestHasAccessNotConfigured(t *testing.T) {
+	setting.allowedNets = []*net.IPNet{}
+	assert.Equal(t, hasAccess("whatever"), true)
+}
+
+func TestHasAccessAllowIPv4(t *testing.T) {
+	_, netip, _ := net.ParseCIDR("1.2.3.4/32")
+	setting.allowedNets = []*net.IPNet{netip}
+	assert.Equal(t, hasAccess("1.2.3.4:4321"), true)
+}
+
+func TestHasAccessAllowIPv4Net(t *testing.T) {
+	_, netip, _ := net.ParseCIDR("1.2.3.0/24")
+	setting.allowedNets = []*net.IPNet{netip}
+	assert.Equal(t, hasAccess("1.2.3.4:4321"), true)
+}
+
+func TestHasAccessDenyIPv4(t *testing.T) {
+	_, netip, _ := net.ParseCIDR("4.3.2.1/32")
+	setting.allowedNets = []*net.IPNet{netip}
+	assert.Equal(t, hasAccess("1.2.3.4:4321"), false)
+}
+
+func TestHasAccessAllowIPv6(t *testing.T) {
+	_, netip, _ := net.ParseCIDR("2001:db8::1/128")
+	setting.allowedNets = []*net.IPNet{netip}
+	assert.Equal(t, hasAccess("[2001:db8::1]:4321"), true)
+}
+
+func TestHasAccessAllowIPv6Net(t *testing.T) {
+	_, netip, _ := net.ParseCIDR("2001:db8::/64")
+	setting.allowedNets = []*net.IPNet{netip}
+	assert.Equal(t, hasAccess("[2001:db8::1]:4321"), true)
+}
+
+func TestHasAccessAllowIPv6DifferentForm(t *testing.T) {
+	_, netip, _ := net.ParseCIDR("2001:db8::1/128")
+	setting.allowedNets = []*net.IPNet{netip}
+	assert.Equal(t, hasAccess("[2001:db8::1]:4321"), true)
+}
+
+func TestHasAccessDenyIPv6(t *testing.T) {
+	_, netip, _ := net.ParseCIDR("2001:db8::2/128")
+	setting.allowedNets = []*net.IPNet{netip}
+	assert.Equal(t, hasAccess("[2001:db8::1]:4321"), false)
+}
+
+func TestHasAccessBadClientIP(t *testing.T) {
+	_, netip, _ := net.ParseCIDR("1.2.3.4/32")
+	setting.allowedNets = []*net.IPNet{netip}
+	assert.Equal(t, hasAccess("not an IP"), false)
+}
+
+func TestHasAccessBadClientIPPort(t *testing.T) {
+	_, netip, _ := net.ParseCIDR("1.2.3.4/32")
+	setting.allowedNets = []*net.IPNet{netip}
+	assert.Equal(t, hasAccess("not an IP:not a port"), false)
+}
+
+func TestAccessHandlerAllow(t *testing.T) {
+	baseHandler := http.NotFoundHandler()
+	wrappedHandler := accessHandler(baseHandler)
+
+	r := httptest.NewRequest(http.MethodGet, "/mock", nil)
+	r.RemoteAddr = "1.2.3.4:4321"
+	w := httptest.NewRecorder()
+
+	_, netip, _ := net.ParseCIDR("1.2.3.4/32")
+	setting.allowedNets = []*net.IPNet{netip}
+
+	wrappedHandler.ServeHTTP(w, r)
+	assert.Equal(t, w.Code, http.StatusNotFound)
+}
+
+func TestAccessHandlerDeny(t *testing.T) {
+	baseHandler := http.NotFoundHandler()
+	wrappedHandler := accessHandler(baseHandler)
+
+	r := httptest.NewRequest(http.MethodGet, "/mock", nil)
+	r.RemoteAddr = "1.2.3.4:4321"
+	w := httptest.NewRecorder()
+
+	_, netip, _ := net.ParseCIDR("4.3.2.1/32")
+	setting.allowedNets = []*net.IPNet{netip}
+
+	wrappedHandler.ServeHTTP(w, r)
+	assert.Equal(t, w.Code, http.StatusInternalServerError)
+}

proxy/settings.go

@@ -0,0 +1,106 @@
+package main
+
+import (
+	"fmt"
+	"net"
+	"strings"
+
+	"github.com/google/shlex"
+	"github.com/spf13/pflag"
+	"github.com/spf13/viper"
+)
+
+type viperSettingType struct {
+	BirdSocket      string   `mapstructure:"bird_socket"`
+	Listen          []string `mapstructure:"listen"`
+	AllowedNets     string   `mapstructure:"allowed_ips"`
+	TracerouteBin   string   `mapstructure:"traceroute_bin"`
+	TracerouteFlags string   `mapstructure:"traceroute_flags"`
+	TracerouteRaw   bool     `mapstructure:"traceroute_raw"`
+}
+
+// Parse settings with viper, and convert to legacy setting format
+func parseSettings() {
+	viper.AddConfigPath(".")
+	viper.AddConfigPath("/etc/bird-lg")
+	viper.SetConfigName("bird-lgproxy")
+	viper.AllowEmptyEnv(true)
+	viper.AutomaticEnv()
+	viper.SetEnvPrefix("birdlg")
+	viper.SetEnvKeyReplacer(strings.NewReplacer("-", "_", ".", "_"))
+
+	// Legacy environment variables without prefixes
+	viper.BindEnv("bird_socket", "BIRD_SOCKET")
+	viper.BindEnv("listen", "BIRDLG_LISTEN", "BIRDLG_PROXY_PORT")
+	viper.BindEnv("allowed_ips", "ALLOWED_IPS")
+
+	pflag.String("bird", "/var/run/bird/bird.ctl", "socket file for bird, set either in parameter or environment variable BIRD_SOCKET")
+	viper.BindPFlag("bird_socket", pflag.Lookup("bird"))
+
+	pflag.StringSlice("listen", []string{"8000"}, "listen address, set either in parameter or environment variable BIRDLG_PROXY_PORT")
+	viper.BindPFlag("listen", pflag.Lookup("listen"))
+
+	pflag.String("allowed", "", "IPs or networks allowed to access this proxy, separated by commas. Don't set to allow all IPs.")
+	viper.BindPFlag("allowed_ips", pflag.Lookup("allowed"))
+
+	pflag.String("traceroute_bin", "", "traceroute binary file, set either in parameter or environment variable BIRDLG_TRACEROUTE_BIN")
+	viper.BindPFlag("traceroute_bin", pflag.Lookup("traceroute_bin"))
+
+	pflag.String("traceroute_flags", "", "traceroute flags, supports multiple flags separated with space.")
+	viper.BindPFlag("traceroute_flags", pflag.Lookup("traceroute_flags"))
+
+	pflag.Bool("traceroute_raw", false, "whether to display traceroute outputs raw; set via parameter or environment variable BIRDLG_TRACEROUTE_RAW")
+	viper.BindPFlag("traceroute_raw", pflag.Lookup("traceroute_raw"))
+
+	pflag.Parse()
+
+	if err := viper.ReadInConfig(); err != nil {
+		println("Warning on reading config: " + err.Error())
+	}
+
+	viperSettings := viperSettingType{}
+	if err := viper.Unmarshal(&viperSettings); err != nil {
+		panic(err)
+	}
+
+	setting.birdSocket = viperSettings.BirdSocket
+	setting.listen = viperSettings.Listen
+
+	if viperSettings.AllowedNets != "" {
+		for _, arg := range strings.Split(viperSettings.AllowedNets, ",") {
+
+			// if argument is an IP address, convert to CIDR by adding a suitable mask
+			if !strings.Contains(arg, "/") {
+				if strings.Contains(arg, ":") {
+					// IPv6 address with /128 mask
+					arg += "/128"
+				} else {
+					// IPv4 address with /32 mask
+					arg += "/32"
+				}
+			}
+
+			// parse the network
+			_, netip, err := net.ParseCIDR(arg)
+			if err != nil {
+				fmt.Printf("Failed to parse CIDR %s: %s\n", arg, err.Error())
+				continue
+			}
+			setting.allowedNets = append(setting.allowedNets, netip)
+
+		}
+	} else {
+		setting.allowedNets = []*net.IPNet{}
+	}
+
+	var err error
+	setting.tr_bin = viperSettings.TracerouteBin
+	setting.tr_flags, err = shlex.Split(viperSettings.TracerouteFlags)
+	if err != nil {
+		panic(err)
+	}
+
+	setting.tr_raw = viperSettings.TracerouteRaw
+
+	fmt.Printf("%#v\n", setting)
+}

proxy/settings_test.go

@@ -0,0 +1,8 @@
+package main
+
+import "testing"
+
+func TestParseSettings(t *testing.T) {
+	parseSettings()
+	// Good as long as it doesn't panic
+}

proxy/traceroute.go

@@ -4,139 +4,127 @@ import (
 	"fmt"
 	"net/http"
 	"os/exec"
-	"runtime"
+	"regexp"
+	"strconv"
 	"strings"
+
+	"github.com/google/shlex"
 )
 
-// Wrapper of traceroute, IPv4
-func tracerouteIPv4Wrapper(httpW http.ResponseWriter, httpR *http.Request) {
-	tracerouteRealHandler(false, httpW, httpR)
+func tracerouteArgsToString(cmd string, args []string, target []string) string {
+	var cmdCombined = append([]string{cmd}, args...)
+	cmdCombined = append(cmdCombined, target...)
+	return strings.Join(cmdCombined, " ")
 }
 
-// Wrapper of traceroute, IPv6
-func tracerouteIPv6Wrapper(httpW http.ResponseWriter, httpR *http.Request) {
-	tracerouteRealHandler(true, httpW, httpR)
-}
-
-func tracerouteTryExecute(cmd []string, args [][]string) ([]byte, string) {
-	var output []byte
-	var errString = ""
-	for i := range cmd {
-		var err error
-		var cmdCombined = cmd[i] + " " + strings.Join(args[i], " ")
-
-		instance := exec.Command(cmd[i], args[i]...)
-		output, err = instance.CombinedOutput()
-		if err == nil {
-			return output, ""
-		}
-		errString += fmt.Sprintf("+ (Try %d) %s\n%s\n\n", (i + 1), cmdCombined, output)
+func tracerouteTryExecute(cmd string, args []string, target []string) ([]byte, error) {
+	instance := exec.Command(cmd, append(args, target...)...)
+	output, err := instance.CombinedOutput()
+	if err == nil {
+		return output, nil
 	}
-	return nil, errString
+
+	return output, err
 }
 
-// Real handler of traceroute requests
-func tracerouteRealHandler(useIPv6 bool, httpW http.ResponseWriter, httpR *http.Request) {
+func tracerouteDetect(cmd string, args []string) bool {
+	target := []string{"127.0.0.1"}
+	success := false
+	if result, err := tracerouteTryExecute(cmd, args, target); err == nil {
+		setting.tr_bin = cmd
+		setting.tr_flags = args
+		success = true
+		fmt.Printf("Traceroute autodetect success: %s\n", tracerouteArgsToString(cmd, args, target))
+	} else {
+		fmt.Printf("Traceroute autodetect fail, continuing: %s (%s)\n%s", tracerouteArgsToString(cmd, args, target), err.Error(), result)
+	}
+
+	return success
+}
+
+func tracerouteAutodetect() {
+	if setting.tr_bin != "" && setting.tr_flags != nil {
+		return
+	}
+
+	// Traceroute (custom binary)
+	if setting.tr_bin != "" {
+		if tracerouteDetect(setting.tr_bin, []string{"-q1", "-N32", "-w1"}) {
+			return
+		}
+		if tracerouteDetect(setting.tr_bin, []string{"-q1", "-w1"}) {
+			return
+		}
+		if tracerouteDetect(setting.tr_bin, []string{}) {
+			return
+		}
+	}
+
+	// MTR
+	if tracerouteDetect("mtr", []string{"-w", "-c1", "-Z1", "-G1", "-b"}) {
+		return
+	}
+
+	// Traceroute
+	if tracerouteDetect("traceroute", []string{"-q1", "-N32", "-w1"}) {
+		return
+	}
+	if tracerouteDetect("traceroute", []string{"-q1", "-w1"}) {
+		return
+	}
+	if tracerouteDetect("traceroute", []string{}) {
+		return
+	}
+
+	// Unsupported
+	setting.tr_bin = ""
+	setting.tr_flags = nil
+	println("Traceroute autodetect failed! Traceroute will be disabled")
+}
+
+func tracerouteHandler(httpW http.ResponseWriter, httpR *http.Request) {
 	query := string(httpR.URL.Query().Get("q"))
 	query = strings.TrimSpace(query)
+
 	if query == "" {
 		invalidHandler(httpW, httpR)
 	} else {
+		args, err := shlex.Split(query)
+		if err != nil {
+			httpW.WriteHeader(http.StatusInternalServerError)
+			httpW.Write([]byte(fmt.Sprintf("failed to parse args: %s\n", err.Error())))
+			return
+		}
+
 		var result []byte
-		var errString string
-		if runtime.GOOS == "freebsd" || runtime.GOOS == "netbsd" {
-			if useIPv6 {
-				result, errString = tracerouteTryExecute(
-					[]string{
-						"traceroute6",
-						"traceroute",
-					},
-					[][]string{
-						{"-q1", "-w1", query},
-						{"-q1", "-w1", query},
-					},
-				)
-			} else {
-				result, errString = tracerouteTryExecute(
-					[]string{
-						"traceroute",
-						"traceroute6",
-					},
-					[][]string{
-						{"-q1", "-w1", query},
-						{"-q1", "-w1", query},
-					},
-				)
-			}
-		} else if runtime.GOOS == "openbsd" {
-			if useIPv6 {
-				result, errString = tracerouteTryExecute(
-					[]string{
-						"traceroute6",
-						"traceroute",
-					},
-					[][]string{
-						{"-q1", "-w1", query},
-						{"-q1", "-w1", query},
-					},
-				)
-			} else {
-				result, errString = tracerouteTryExecute(
-					[]string{
-						"traceroute",
-						"traceroute6",
-					},
-					[][]string{
-						{"-A", "-q1", "-w1", query},
-						{"-A", "-q1", "-w1", query},
-					},
-				)
-			}
-		} else if runtime.GOOS == "linux" {
-			if useIPv6 {
-				result, errString = tracerouteTryExecute(
-					[]string{
-						"traceroute",
-						"traceroute",
-						"traceroute",
-						"traceroute",
-					},
-					[][]string{
-						{"-6", "-q1", "-N32", "-w1", query},
-						{"-4", "-q1", "-N32", "-w1", query},
-						// For Busybox traceroute which doesn't support simultaneous requests
-						{"-6", "-q1", "-w1", query},
-						{"-4", "-q1", "-w1", query},
-					},
-				)
-			} else {
-				result, errString = tracerouteTryExecute(
-					[]string{
-						"traceroute",
-						"traceroute",
-						"traceroute",
-						"traceroute",
-					},
-					[][]string{
-						{"-4", "-q1", "-N32", "-w1", query},
-						{"-6", "-q1", "-N32", "-w1", query},
-						// For Busybox traceroute which doesn't support simultaneous requests
-						{"-4", "-q1", "-w1", query},
-						{"-6", "-q1", "-w1", query},
-					},
-				)
-			}
-		} else {
+		skippedCounter := 0
+
+		if setting.tr_bin == "" {
 			httpW.WriteHeader(http.StatusInternalServerError)
 			httpW.Write([]byte("traceroute not supported on this node.\n"))
 			return
 		}
-		if errString != "" {
+
+		result, err = tracerouteTryExecute(setting.tr_bin, setting.tr_flags, args)
+		if err != nil {
 			httpW.WriteHeader(http.StatusInternalServerError)
-			httpW.Write([]byte("traceroute returned error:\n\n" + errString))
+			httpW.Write([]byte(fmt.Sprintf("Error executing traceroute: %s\n\n", err.Error())))
 		}
+
 		if result != nil {
-			httpW.Write(result)
+			if setting.tr_raw {
+				httpW.Write(result)
+			} else {
+				resultString := string(result)
+				resultString = regexp.MustCompile(`(?m)^\s*(\d*)\s*\*\n`).ReplaceAllStringFunc(resultString, func(w string) string {
+					skippedCounter++
+					return ""
+				})
+				httpW.Write([]byte(strings.TrimSpace(resultString)))
+				if skippedCounter > 0 {
+					httpW.Write([]byte("\n\n" + strconv.Itoa(skippedCounter) + " hops not responding."))
+				}
+			}
 		}
 	}
 }

proxy/traceroute_test.go

@@ -0,0 +1,168 @@
+package main
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"net/url"
+	"os"
+	"strings"
+	"testing"
+
+	"github.com/magiconair/properties/assert"
+)
+
+func TestTracerouteArgsToString(t *testing.T) {
+	result := tracerouteArgsToString("traceroute", []string{
+		"-a",
+		"-b",
+		"-c",
+	}, []string{
+		"google.com",
+	})
+
+	assert.Equal(t, result, "traceroute -a -b -c google.com")
+}
+
+func TestTracerouteTryExecuteSuccess(t *testing.T) {
+	_, err := tracerouteTryExecute("sh", []string{
+		"-c",
+	}, []string{
+		"true",
+	})
+
+	if err != nil {
+		t.Error(err)
+	}
+}
+
+func TestTracerouteTryExecuteFail(t *testing.T) {
+	_, err := tracerouteTryExecute("sh", []string{
+		"-c",
+	}, []string{
+		"false",
+	})
+
+	if err == nil {
+		t.Error("Should trigger error, not triggered")
+	}
+}
+
+func TestTracerouteDetectSuccess(t *testing.T) {
+	result := tracerouteDetect("sh", []string{
+		"-c",
+		"true",
+	})
+
+	assert.Equal(t, result, true)
+}
+
+func TestTracerouteDetectFail(t *testing.T) {
+	result := tracerouteDetect("sh", []string{
+		"-c",
+		"false",
+	})
+
+	assert.Equal(t, result, false)
+}
+
+func TestTracerouteAutodetect(t *testing.T) {
+	pathBackup := os.Getenv("PATH")
+	os.Setenv("PATH", "")
+	defer os.Setenv("PATH", pathBackup)
+
+	setting.tr_bin = ""
+	setting.tr_flags = []string{}
+	tracerouteAutodetect()
+	// Should not panic
+}
+
+func TestTracerouteAutodetectExisting(t *testing.T) {
+	setting.tr_bin = "mock"
+	setting.tr_flags = []string{"mock"}
+	tracerouteAutodetect()
+	assert.Equal(t, setting.tr_bin, "mock")
+	assert.Equal(t, setting.tr_flags, []string{"mock"})
+}
+
+func TestTracerouteAutodetectFlagsOnly(t *testing.T) {
+	pathBackup := os.Getenv("PATH")
+	os.Setenv("PATH", "")
+	defer os.Setenv("PATH", pathBackup)
+
+	setting.tr_bin = "mock"
+	setting.tr_flags = nil
+	tracerouteAutodetect()
+
+	// Should not panic
+}
+
+func TestTracerouteHandlerWithoutQuery(t *testing.T) {
+	r := httptest.NewRequest(http.MethodGet, "/traceroute", nil)
+	w := httptest.NewRecorder()
+	tracerouteHandler(w, r)
+	assert.Equal(t, w.Code, http.StatusInternalServerError)
+	if !strings.Contains(w.Body.String(), "Invalid Request") {
+		t.Error("Did not get invalid request")
+	}
+}
+
+func TestTracerouteHandlerShlexError(t *testing.T) {
+	r := httptest.NewRequest(http.MethodGet, "/traceroute?q="+url.QueryEscape("\"1.1.1.1"), nil)
+	w := httptest.NewRecorder()
+	tracerouteHandler(w, r)
+	assert.Equal(t, w.Code, http.StatusInternalServerError)
+	if !strings.Contains(w.Body.String(), "parse") {
+		t.Error("Did not get parsing error message")
+	}
+}
+
+func TestTracerouteHandlerNoTracerouteFound(t *testing.T) {
+	setting.tr_bin = ""
+	setting.tr_flags = nil
+
+	r := httptest.NewRequest(http.MethodGet, "/traceroute?q="+url.QueryEscape("1.1.1.1"), nil)
+	w := httptest.NewRecorder()
+	tracerouteHandler(w, r)
+	assert.Equal(t, w.Code, http.StatusInternalServerError)
+	if !strings.Contains(w.Body.String(), "not supported") {
+		t.Error("Did not get not supported error message")
+	}
+}
+
+func TestTracerouteHandlerExecuteError(t *testing.T) {
+	setting.tr_bin = "sh"
+	setting.tr_flags = []string{"-c", "false"}
+	setting.tr_raw = true
+
+	r := httptest.NewRequest(http.MethodGet, "/traceroute?q="+url.QueryEscape("1.1.1.1"), nil)
+	w := httptest.NewRecorder()
+	tracerouteHandler(w, r)
+	assert.Equal(t, w.Code, http.StatusInternalServerError)
+	if !strings.Contains(w.Body.String(), "Error executing traceroute") {
+		t.Error("Did not get not execute error message")
+	}
+}
+
+func TestTracerouteHandlerRaw(t *testing.T) {
+	setting.tr_bin = "sh"
+	setting.tr_flags = []string{"-c", "echo Mock"}
+	setting.tr_raw = true
+
+	r := httptest.NewRequest(http.MethodGet, "/traceroute?q="+url.QueryEscape("1.1.1.1"), nil)
+	w := httptest.NewRecorder()
+	tracerouteHandler(w, r)
+	assert.Equal(t, w.Code, http.StatusOK)
+	assert.Equal(t, w.Body.String(), "Mock\n")
+}
+
+func TestTracerouteHandlerPostprocess(t *testing.T) {
+	setting.tr_bin = "sh"
+	setting.tr_flags = []string{"-c", "echo \"first line\n 2 *\nthird line\""}
+	setting.tr_raw = false
+
+	r := httptest.NewRequest(http.MethodGet, "/traceroute?q="+url.QueryEscape("1.1.1.1"), nil)
+	w := httptest.NewRecorder()
+	tracerouteHandler(w, r)
+	assert.Equal(t, w.Code, http.StatusOK)
+	assert.Equal(t, w.Body.String(), "first line\nthird line\n\n1 hops not responding.")
+}