mirror of
https://github.com/luscis/openlan.git
synced 2025-10-08 01:50:12 +08:00
fea: support share network to a port.
This commit is contained in:
Daniel Ding
@@ -2,7 +2,7 @@ package config
|
||||
|
||||
type Bridge struct {
|
||||
Network string `json:"-" yaml:"-"`
|
||||
Peer string `json:"peer,omitempty" yaml:"peer,omitempty"`
|
||||
Share string `json:"share,omitempty" yaml:"share,omitempty"`
|
||||
Name string `json:"name,omitempty" yaml:"name,omitempty"`
|
||||
IPMtu int `json:"mtu,omitempty" yaml:"mtu,omitempty"`
|
||||
Address string `json:"address,omitempty" yaml:"address,omitempty"`
|
||||
|
||||
@@ -74,21 +74,6 @@ func (w *WorkerImpl) Provider() string {
|
||||
return w.cfg.Provider
|
||||
}
|
||||
|
||||
func (w *WorkerImpl) newRoute(rt *co.PrefixRoute) *models.Route {
|
||||
if rt.NextHop == "" {
|
||||
w.out.Warn("WorkerImpl.NewRoute: %s noNextHop", rt.Prefix)
|
||||
return nil
|
||||
}
|
||||
rte := models.NewRoute(rt.Prefix, w.IfAddr())
|
||||
if rt.Metric > 0 {
|
||||
rte.Metric = rt.Metric
|
||||
}
|
||||
if rt.NextHop != "" {
|
||||
rte.Origin = rt.NextHop
|
||||
}
|
||||
return rte
|
||||
}
|
||||
|
||||
func (w *WorkerImpl) Initialize() {
|
||||
cfg := w.cfg
|
||||
|
||||
@@ -119,12 +104,8 @@ func (w *WorkerImpl) Initialize() {
|
||||
w.fire = cn.NewFireWallTable(cfg.Name)
|
||||
w.snat = cn.NewFireWallChain("XTT_"+cfg.Name+"_SNAT", cn.TNat, "")
|
||||
|
||||
if out, err := w.setV.Clear(); err != nil {
|
||||
w.out.Error("WorkerImpl.Initialize: create ipset: %s %s", out, err)
|
||||
}
|
||||
if out, err := w.setR.Clear(); err != nil {
|
||||
w.out.Error("WorkerImpl.Initialize: create ipset: %s %s", out, err)
|
||||
}
|
||||
w.setV.Clear()
|
||||
w.setR.Clear()
|
||||
|
||||
w.ztrust = NewZTrust(cfg.Name, 30)
|
||||
w.ztrust.Initialize()
|
||||
@@ -946,6 +927,7 @@ func (w *WorkerImpl) forwardSubnet() {
|
||||
input = w.br.L3Name()
|
||||
w.forwardZone(input)
|
||||
}
|
||||
share := cfg.Bridge.Share
|
||||
|
||||
ifAddr := strings.SplitN(cfg.Bridge.Address, "/", 2)[0]
|
||||
if ifAddr == "" {
|
||||
@@ -954,6 +936,9 @@ func (w *WorkerImpl) forwardSubnet() {
|
||||
|
||||
// Enable MASQUERADE, and FORWARD it.
|
||||
w.toRelated(input, "Accept related")
|
||||
if share != "" {
|
||||
w.toRelated(share, "Accept related")
|
||||
}
|
||||
for _, rt := range cfg.Routes {
|
||||
if !w.addIpSet(rt) {
|
||||
break
|
||||
@@ -963,12 +948,18 @@ func (w *WorkerImpl) forwardSubnet() {
|
||||
if w.vrf != nil {
|
||||
w.toForward_i(w.vrf.Name(), w.setR.Name, "To route")
|
||||
} else {
|
||||
if share != "" {
|
||||
w.toForward_i(share, w.setR.Name, "To route")
|
||||
}
|
||||
w.toForward_i(input, w.setR.Name, "To route")
|
||||
}
|
||||
|
||||
if vpn != nil {
|
||||
w.toMasq_s(w.setR.Name, vpn.Subnet, "To VPN")
|
||||
}
|
||||
if share != "" {
|
||||
w.toMasq_i(share, w.setR.Name, "To Masq")
|
||||
}
|
||||
w.toMasq_i(input, w.setR.Name, "To Masq")
|
||||
}
|
||||
|
||||
|
||||
@@ -6,9 +6,7 @@ import (
|
||||
"github.com/luscis/openlan/pkg/api"
|
||||
"github.com/luscis/openlan/pkg/cache"
|
||||
co "github.com/luscis/openlan/pkg/config"
|
||||
"github.com/luscis/openlan/pkg/libol"
|
||||
cn "github.com/luscis/openlan/pkg/network"
|
||||
nl "github.com/vishvananda/netlink"
|
||||
)
|
||||
|
||||
func PeerName(name, prefix string) (string, string) {
|
||||
@@ -83,49 +81,11 @@ func (w *OpenLANWorker) UpBridge(cfg *co.Bridge) {
|
||||
if err := master.Delay(cfg.Delay); err != nil {
|
||||
w.out.Warn("OpenLANWorker.UpBridge: Delay %s", err)
|
||||
}
|
||||
w.connectPeer(cfg)
|
||||
if err := master.CallIptables(0); err != nil {
|
||||
w.out.Warn("OpenLANWorker.Start: CallIptables %s", err)
|
||||
}
|
||||
}
|
||||
|
||||
func (w *OpenLANWorker) connectPeer(cfg *co.Bridge) {
|
||||
if cfg.Peer == "" {
|
||||
return
|
||||
}
|
||||
in, ex := PeerName(cfg.Network, "-e")
|
||||
link := &nl.Veth{
|
||||
LinkAttrs: nl.LinkAttrs{Name: in},
|
||||
PeerName: ex,
|
||||
}
|
||||
br := cn.NewBrCtl(cfg.Peer, cfg.IPMtu)
|
||||
promise := &libol.Promise{
|
||||
First: time.Second * 2,
|
||||
MaxInt: time.Minute,
|
||||
MinInt: time.Second * 10,
|
||||
}
|
||||
promise.Go(func() error {
|
||||
if !br.Has() {
|
||||
w.out.Warn("%s notFound", br.Name)
|
||||
return libol.NewErr("%s notFound", br.Name)
|
||||
}
|
||||
err := nl.LinkAdd(link)
|
||||
if err != nil {
|
||||
w.out.Error("OpenLANWorker.connectPeer: %s", err)
|
||||
return nil
|
||||
}
|
||||
br0 := cn.NewBrCtl(cfg.Name, cfg.IPMtu)
|
||||
if err := br0.AddPort(in); err != nil {
|
||||
w.out.Error("OpenLANWorker.connectPeer: %s", err)
|
||||
}
|
||||
br1 := cn.NewBrCtl(cfg.Peer, cfg.IPMtu)
|
||||
if err := br1.AddPort(ex); err != nil {
|
||||
w.out.Error("OpenLANWorker.connectPeer: %s", err)
|
||||
}
|
||||
return nil
|
||||
})
|
||||
}
|
||||
|
||||
func (w *OpenLANWorker) Start(v api.Switcher) {
|
||||
w.uuid = v.UUID()
|
||||
w.startTime = time.Now().Unix()
|
||||
@@ -138,33 +98,16 @@ func (w *OpenLANWorker) Start(v api.Switcher) {
|
||||
w.WorkerImpl.Start(v)
|
||||
}
|
||||
|
||||
func (w *OpenLANWorker) downBridge(cfg *co.Bridge) {
|
||||
w.closePeer(cfg)
|
||||
func (w *OpenLANWorker) downBridge() {
|
||||
_ = w.br.Close()
|
||||
}
|
||||
|
||||
func (w *OpenLANWorker) closePeer(cfg *co.Bridge) {
|
||||
if cfg.Peer == "" {
|
||||
return
|
||||
}
|
||||
in, ex := PeerName(cfg.Network, "-e")
|
||||
link := &nl.Veth{
|
||||
LinkAttrs: nl.LinkAttrs{Name: in},
|
||||
PeerName: ex,
|
||||
}
|
||||
err := nl.LinkDel(link)
|
||||
if err != nil {
|
||||
w.out.Error("OpenLANWorker.closePeer: %s", err)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
func (w *OpenLANWorker) Stop() {
|
||||
w.out.Info("OpenLANWorker.Close")
|
||||
w.WorkerImpl.Stop()
|
||||
w.UnLoadLinks()
|
||||
w.startTime = 0
|
||||
w.downBridge(w.cfg.Bridge)
|
||||
w.downBridge()
|
||||
}
|
||||
|
||||
func (w *OpenLANWorker) UpTime() int64 {
|
||||
|
||||
Reference in New Issue
Block a user