added logic to check peers

2025-10-16 13:51:42 +08:00 · 2022-02-02 22:00:59 -05:00
parent e336d62321
commit 284283c130
5 changed files with 39 additions and 122 deletions
--- a/netclient/local/routes_linux.go
+++ b/netclient/local/routes_linux.go
@@ -6,113 +6,20 @@ package local
 import (
 	//"github.com/davecgh/go-spew/spew"
 	"fmt"
 	"net"
 	"github.com/gravitl/netmaker/netclient/ncutils"
 	"golang.zx2c4.com/wireguard/wgctrl"
 	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
 )
-func routeExists(iface, address, mask string) bool {
+func setRoute(iface string, addr *net.IPNet) error {
 	return false
 }
 func setRoute(iface, address, mask string) error {
 	_, err := ncutils.RunCmd("ip route add", true)
 	return err
 }
 func DeleteRoute(iface, address string) error {
 	var err error
 	_, err = ncutils.RunCmd(fmt.Sprintf("ip route add %s dev %s", addr.String(), iface), true)
 	return err
 }
-func ApplyRoutesFromConf(confPath string) error {
+func deleteRoute(iface string, addr *net.IPNet) error {
 	var err error
 	_, err = ncutils.RunCmd(fmt.Sprintf("ip route del %s dev %s", addr.String(), iface), true)
 	return err
 }
 //func SetLinuxPeerRoutes(currentPeers []wgtypes.PeerConfig, newPeers []wgtypes.PeerConfig) {
 func SetLinuxPeerRoutes(iface string, oldPeers map[string][]net.IP, newPeers []wgtypes.PeerConfig) {
 	// traverse through all recieved peers
 	for _, peer := range newPeers {
 		// if pubkey found in existing peers, check against existing peer
 		currPeerAllowedIPs := oldPeers[peer.PublicKey.String()]
 		if currPeerAllowedIPs != nil {
 			// traverse IPs, check to see if old peer contains each IP
 			for _, allowedIP := range peer.AllowedIPs {
 				if !ncutils.StringSliceContains(currPeerAllowedIPs, allowedIP.IP.String()) {
 					if err := setRoute(iface, allowedIP.IP.String(), allowedIP.Mask.String()); err != nil {
 						ncutils.PrintLog(err.Error(), 1)
 					}
 				}
 			}
 			for _, allowedIP := range currPeerAllowedIPs {
 				if !ncutils.StringSliceContains(currPeerAllowedIPs, allowedIP) {
 					if err := setRoute(iface, allowedIP.IP.String(), allowedIP.Mask.String()); err != nil {
 						ncutils.PrintLog(err.Error(), 1)
 					}
 				}
 			}
 			delete(oldPeers, peer.PublicKey.String())
 		} else {
 			for _, allowedIP := range peer.AllowedIPs {
 				if err := setRoute(iface, allowedIP.IP.String(), allowedIP.Mask.String()); err != nil {
 					ncutils.PrintLog(err.Error(), 1)
 				}
 			}
 		}
 	}
 	// traverse through all existing peers
 	for _, peer := range oldPeers {
 		// if pubkey found in existing peers, check against existing peer
 		currPeerAllowedIPs := oldPeers[peer.PublicKey.String()]
 		if currPeerAllowedIPs != nil {
 			// traverse IPs, check to see if old peer contains each IP
 			for _, allowedIP := range peer.AllowedIPs {
 				if !ncutils.StringSliceContains(currPeerAllowedIPs, allowedIP.IP.String()) {
 					if err := setRoute(iface, allowedIP.IP.String(), allowedIP.Mask.String()); err != nil {
 						ncutils.PrintLog(err.Error(), 1)
 					}
 				}
 			}
 		} else {
 			for _, allowedIP := range peer.AllowedIPs {
 				if err := setRoute(iface, allowedIP.IP.String(), allowedIP.Mask.String()); err != nil {
 					ncutils.PrintLog(err.Error(), 1)
 				}
 			}
 		}
 	}
 	// delete removed AllowedIPs
 	/*
 		for _, currentPeer := range currentPeers {
 			for _, oldIP := range currentPeer.AllowedIPs {
 				found := true
 				for _, newPeer := range newPeers {
 					for _, newIP := range newPeer.AllowedIPs {
 						if
 					}
 				}
 			}
 		}
 	*/
 }
 func GetCurrentIPs() []string {
 	client, err := wgctrl.New()
 	if err != nil {
 		ncutils.PrintLog("failed to start wgctrl", 0)
 		return err
 	}
 	defer client.Close()
 	device, err := client.Device(iface)
 	if err != nil {
 		ncutils.PrintLog("failed to parse interface", 0)
 		return err
 	}
 	devicePeers = device.Peers
 }
--- a/netclient/local/routes_other.go
+++ b/netclient/local/routes_other.go
@@ -3,6 +3,15 @@
 package local
 import (
 	//"github.com/davecgh/go-spew/spew"
 	"fmt"
 	"net"
 	"github.com/gravitl/netmaker/netclient/ncutils"
 )
 //"github.com/davecgh/go-spew/spew"
 /*
@@ -11,14 +20,14 @@ These functions are not used. These should only be called by Linux (see routes_l
 */
-func routeExists(iface, address, mask string) bool {
+func setRoute(iface string, addr *net.IPNet) error {
-	return false
+	var err error
 	_, err = ncutils.RunCmd(fmt.Sprintf("ip route add %s dev %s", addr.String(), iface), true)
 	return err
 }
-func SetRoute(iface, newAddress, oldAddress, mask string) error {
+func deleteRoute(iface string, addr *net.IPNet) error {
-	return nil
+	var err error
-}
+	_, err = ncutils.RunCmd(fmt.Sprintf("ip route del %s dev %s", addr.String(), iface), true)
-
+	return err
 func DeleteRoute(iface, address) error {
 	return nil
 }
--- a/netclient/ncutils/iface.go
+++ b/netclient/ncutils/iface.go
@@ -70,6 +70,16 @@ func StringSliceContains(slice []string, item string) bool {
 	return false
 }
 // IPNetSliceContains - sees if a string slice contains a string element
 func IPNetSliceContains(slice []net.IPNet, item net.IPNet) bool {
 	for _, s := range slice {
 		if s.String() == item.String() {
 			return true
 		}
 	}
 	return false
 }
 // IfaceExists - return true if you can find the iface
 func IfaceExists(ifacename string) bool {
 	localnets, err := net.Interfaces()
--- a/netclient/wireguard/common.go
+++ b/netclient/wireguard/common.go
@@ -3,6 +3,7 @@ package wireguard
 import (
 	"errors"
 	"log"
 	"net"
 	"runtime"
 	"strconv"
 	"strings"
@@ -25,9 +26,8 @@ const (
 // SetPeers - sets peers on a given WireGuard interface
 func SetPeers(iface string, keepalive int32, peers []wgtypes.PeerConfig) error {
 	var oldIPList []string
 	var newIPList []string
 	var devicePeers []wgtypes.Peer
 	var oldPeerAllowedIps = make(map[string][]net.IPNet, len(peers))
 	var err error
 	if ncutils.IsFreeBSD() {
 		if devicePeers, err = ncutils.GetPeers(iface); err != nil {
@@ -59,12 +59,6 @@ func SetPeers(iface string, keepalive int32, peers []wgtypes.PeerConfig) error {
 				_, err := ncutils.RunCmd("wg set "+iface+" peer "+currentPeer.PublicKey.String()+" remove", true)
 				if err != nil {
 					log.Println("error removing peer", peer.Endpoint.String())
 				} else {
 					for _, address := range currentPeer.AllowedIPs {
 						if err = local.DeleteRoute(iface, address.String()); err != nil {
 							ncutils.PrintLog(err.Error(), 1)
 						}
 					}
 				}
 			}
 		}
@@ -109,12 +103,13 @@ func SetPeers(iface string, keepalive int32, peers []wgtypes.PeerConfig) error {
 				log.Println(output, "error removing peer", currentPeer.PublicKey.String())
 			}
 		}
 		oldPeerAllowedIps[currentPeer.PublicKey.String()] = currentPeer.AllowedIPs
 	}
 	if ncutils.IsMac() {
 		err = SetMacPeerRoutes(iface)
 		return err
 	} else if ncutils.IsLinux() {
-		err = local.SetLinuxPeerRoutes(devicePeers, peers)
+		local.SetPeerRoutes(iface, oldPeerAllowedIps, peers)
 	}
 	return nil
--- a/netclient/wireguard/unix.go
+++ b/netclient/wireguard/unix.go
@@ -8,7 +8,6 @@ import (
 	"github.com/gravitl/netmaker/models"
 	"github.com/gravitl/netmaker/netclient/config"
 	"github.com/gravitl/netmaker/netclient/local"
 	"github.com/gravitl/netmaker/netclient/ncutils"
 	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
 )
@@ -66,12 +65,9 @@ func ApplyWGQuickConf(confPath string, ifacename string) error {
 			ncutils.RunCmd("wg-quick down "+confPath, true)
 		}
 		_, err = ncutils.RunCmd("wg-quick up "+confPath, true)
-		if err != nil {
+		// if err != nil {
-			return err
+		// 	return err
-		}
+		// }
 		if ncutils.IsLinux() {
 			err = local.ApplyRoutesFromConf(confPath)
 		}
 		return err
 	}
 }