added udp holepunching

This commit is contained in:
afeiszli
2021-07-25 14:22:20 -04:00
parent fd223e3d4a
commit 4a6ebfc108
10 changed files with 2813 additions and 2154 deletions

View File

@@ -3,12 +3,16 @@ package controller
import ( import (
"encoding/json" "encoding/json"
"fmt" "fmt"
"log"
"strconv"
"strings"
"time" "time"
"github.com/gravitl/netmaker/database" "github.com/gravitl/netmaker/database"
"github.com/gravitl/netmaker/functions" "github.com/gravitl/netmaker/functions"
"github.com/gravitl/netmaker/models" "github.com/gravitl/netmaker/models"
"github.com/gravitl/netmaker/servercfg" "github.com/gravitl/netmaker/servercfg"
"github.com/gravitl/netmaker/serverctl"
"golang.org/x/crypto/bcrypt" "golang.org/x/crypto/bcrypt"
) )
@@ -16,11 +20,10 @@ func GetPeersList(networkName string) ([]models.PeersResponse, error) {
var peers []models.PeersResponse var peers []models.PeersResponse
collection, err := database.FetchRecords(database.NODES_TABLE_NAME) collection, err := database.FetchRecords(database.NODES_TABLE_NAME)
udppeers, errN := serverctl.GetPeers(networkName)
if err != nil { if errN != nil {
return peers, err log.Println(errN)
} }
for _, value := range collection { for _, value := range collection {
var node models.Node var node models.Node
var peer models.PeersResponse var peer models.PeersResponse
@@ -33,9 +36,23 @@ func GetPeersList(networkName string) ([]models.PeersResponse, error) {
continue continue
} }
if node.Network == networkName && !node.IsPending { if node.Network == networkName && !node.IsPending {
if node.UDPHolePunch == "yes" && errN == nil {
endpointstring := udppeers[peer.PublicKey]
endpointarr := strings.Split(endpointstring, ":")
if len(endpointarr) == 2 {
port, err := strconv.Atoi(endpointarr[1])
if err == nil {
peer.Endpoint = endpointarr[0]
peer.ListenPort = int32(port)
}
}
}
peers = append(peers, peer) peers = append(peers, peer)
} }
} }
if err != nil {
return peers, err
}
return peers, err return peers, err
} }

View File

@@ -59,63 +59,12 @@ func (s *NodeServiceServer) ReadNode(ctx context.Context, req *nodepb.ReadNodeRe
Islocal: network.IsLocal == "yes", Islocal: network.IsLocal == "yes",
Isdualstack: network.IsDualStack == "yes", Isdualstack: network.IsDualStack == "yes",
Localrange: network.LocalRange, Localrange: network.LocalRange,
Udpholepunch: node.UDPHolePunch,
}, },
} }
return response, nil return response, nil
} }
/*
func (s *NodeServiceServer) GetConn(ctx context.Context, data *nodepb.Client) (*nodepb.Client, error) {
// Get the protobuf node type from the protobuf request type
// Essentially doing req.Node to access the struct with a nil check
// Now we have to convert this into a NodeItem type to convert into BSON
clientreq := models.IntClient{
// ID: primitive.NilObjectID,
Address: data.GetAddress(),
Address6: data.GetAddress6(),
AccessKey: data.GetAccesskey(),
PublicKey: data.GetPublickey(),
PrivateKey: data.GetPrivatekey(),
ServerPort: data.GetServerport(),
ServerKey: data.GetServerkey(),
ServerWGEndpoint: data.GetServerwgendpoint(),
}
//Check to see if key is valid
//TODO: Triple inefficient!!! This is the third call to the DB we make for networks
if servercfg.IsRegisterKeyRequired() {
validKey := functions.IsKeyValidGlobal(clientreq.AccessKey)
if !validKey {
return nil, status.Errorf(
codes.Internal,
fmt.Sprintf("Invalid key, and server does not allow no-key signups"),
)
}
}
client, err := RegisterIntClient(clientreq)
if err != nil {
// return internal gRPC error to be handled later
return nil, status.Errorf(
codes.Internal,
fmt.Sprintf("Internal error: %v", err),
)
}
// return the node in a CreateNodeRes type
response := &nodepb.Client{
Privatekey: client.PrivateKey,
Publickey: client.PublicKey,
Accesskey: client.AccessKey,
Address: client.Address,
Address6: client.Address6,
Serverwgendpoint: client.ServerWGEndpoint,
Serverport: client.ServerPort,
Serverkey: client.ServerKey,
}
return response, nil
}
*/
func (s *NodeServiceServer) CreateNode(ctx context.Context, req *nodepb.CreateNodeReq) (*nodepb.CreateNodeRes, error) { func (s *NodeServiceServer) CreateNode(ctx context.Context, req *nodepb.CreateNodeReq) (*nodepb.CreateNodeRes, error) {
// Get the protobuf node type from the protobuf request type // Get the protobuf node type from the protobuf request type
// Essentially doing req.Node to access the struct with a nil check // Essentially doing req.Node to access the struct with a nil check
@@ -137,6 +86,7 @@ func (s *NodeServiceServer) CreateNode(ctx context.Context, req *nodepb.CreateNo
IsPending: data.GetIspending(), IsPending: data.GetIspending(),
PublicKey: data.GetPublickey(), PublicKey: data.GetPublickey(),
ListenPort: data.GetListenport(), ListenPort: data.GetListenport(),
UDPHolePunch: data.GetUdpholepunch(),
} }
err := node.Validate(false) err := node.Validate(false)
@@ -197,6 +147,7 @@ func (s *NodeServiceServer) CreateNode(ctx context.Context, req *nodepb.CreateNo
Islocal: network.IsLocal == "yes", Islocal: network.IsLocal == "yes",
Isdualstack: network.IsDualStack == "yes", Isdualstack: network.IsDualStack == "yes",
Localrange: network.LocalRange, Localrange: network.LocalRange,
Udpholepunch: node.UDPHolePunch,
}, },
} }
err = SetNetworkNodesLastModified(node.Network) err = SetNetworkNodesLastModified(node.Network)
@@ -225,6 +176,7 @@ func (s *NodeServiceServer) CheckIn(ctx context.Context, req *nodepb.CheckInReq)
ListenPort: data.GetListenport(), ListenPort: data.GetListenport(),
PersistentKeepalive: data.GetKeepalive(), PersistentKeepalive: data.GetKeepalive(),
PublicKey: data.GetPublickey(), PublicKey: data.GetPublickey(),
UDPHolePunch: data.GetUdpholepunch(),
} }
checkinresponse, err := NodeCheckIn(node, node.Network) checkinresponse, err := NodeCheckIn(node, node.Network)
@@ -274,6 +226,7 @@ func (s *NodeServiceServer) UpdateNode(ctx context.Context, req *nodepb.UpdateNo
IsPending: data.GetIspending(), IsPending: data.GetIspending(),
PublicKey: data.GetPublickey(), PublicKey: data.GetPublickey(),
ListenPort: data.GetListenport(), ListenPort: data.GetListenport(),
UDPHolePunch: data.GetUdpholepunch(),
} }
// Convert the Id string to a MongoDB ObjectId // Convert the Id string to a MongoDB ObjectId
@@ -323,6 +276,7 @@ func (s *NodeServiceServer) UpdateNode(ctx context.Context, req *nodepb.UpdateNo
Islocal: network.IsLocal == "yes", Islocal: network.IsLocal == "yes",
Isdualstack: network.IsDualStack == "yes", Isdualstack: network.IsDualStack == "yes",
Localrange: network.LocalRange, Localrange: network.LocalRange,
Udpholepunch: newnode.UDPHolePunch,
}, },
}, nil }, nil
} }

1
go.mod
View File

@@ -3,6 +3,7 @@ module github.com/gravitl/netmaker
go 1.15 go 1.15
require ( require (
github.com/aws/aws-sdk-go v1.34.28
github.com/davecgh/go-spew v1.1.1 // indirect github.com/davecgh/go-spew v1.1.1 // indirect
github.com/dgrijalva/jwt-go v3.2.0+incompatible github.com/dgrijalva/jwt-go v3.2.0+incompatible
github.com/go-playground/validator/v10 v10.5.0 github.com/go-playground/validator/v10 v10.5.0

File diff suppressed because it is too large Load Diff

View File

@@ -36,7 +36,7 @@ message Node {
string postup = 11; string postup = 11;
string postdown = 12; string postdown = 12;
int32 keepalive = 13; int32 keepalive = 13;
bool saveconfig = 14; string saveconfig = 14;
string accesskey = 15; string accesskey = 15;
string interface = 16; string interface = 16;
string lastcheckin = 17; string lastcheckin = 17;
@@ -51,6 +51,7 @@ message Node {
bool isdualstack = 27; bool isdualstack = 27;
bool dnsoff = 24; bool dnsoff = 24;
string localrange = 25; string localrange = 25;
string udpholepunch = 30;
} }
message CheckInResponse { message CheckInResponse {

View File

@@ -2,17 +2,19 @@ package config
import ( import (
//"github.com/davecgh/go-spew/spew" //"github.com/davecgh/go-spew/spew"
"github.com/urfave/cli/v2"
"os"
"encoding/base64" "encoding/base64"
"encoding/json"
"errors" "errors"
"fmt" "fmt"
"log" "log"
"encoding/json" "os"
"gopkg.in/yaml.v3"
nodepb "github.com/gravitl/netmaker/grpc" nodepb "github.com/gravitl/netmaker/grpc"
"github.com/gravitl/netmaker/models" "github.com/gravitl/netmaker/models"
"github.com/urfave/cli/v2"
"gopkg.in/yaml.v3"
) )
type GlobalConfig struct { type GlobalConfig struct {
GRPCWireGuard string `yaml:"grpcwg"` GRPCWireGuard string `yaml:"grpcwg"`
Client models.IntClient Client models.IntClient
@@ -69,10 +71,11 @@ type NodeConfig struct {
StaticIP string `yaml:"staticip"` StaticIP string `yaml:"staticip"`
StaticPubKey string `yaml:"staticpubkey"` StaticPubKey string `yaml:"staticpubkey"`
IPForwarding string `yaml:"ipforwarding"` IPForwarding string `yaml:"ipforwarding"`
UDPHolePunch string `yaml:"udpholepunch"`
} }
//reading in the env file //reading in the env file
func Write(config *ClientConfig, network string) error{ func Write(config *ClientConfig, network string) error {
if network == "" { if network == "" {
err := errors.New("No network provided. Exiting.") err := errors.New("No network provided. Exiting.")
return err return err
@@ -95,8 +98,9 @@ func Write(config *ClientConfig, network string) error{
} }
return err return err
} }
//reading in the env file //reading in the env file
func WriteGlobal(config *GlobalConfig) error{ func WriteGlobal(config *GlobalConfig) error {
_, err := os.Stat("/etc/netclient") _, err := os.Stat("/etc/netclient")
if os.IsNotExist(err) { if os.IsNotExist(err) {
os.Mkdir("/etc/netclient", 744) os.Mkdir("/etc/netclient", 744)
@@ -118,7 +122,7 @@ func WriteGlobal(config *GlobalConfig) error{
} }
return err return err
} }
func WriteServer(server string, accesskey string, network string) error{ func WriteServer(server string, accesskey string, network string) error {
if network == "" { if network == "" {
err := errors.New("No network provided. Exiting.") err := errors.New("No network provided. Exiting.")
return err return err
@@ -201,9 +205,7 @@ func WriteServer(server string, accesskey string, network string) error{
return err return err
} }
func (config *ClientConfig) ReadConfig() {
func(config *ClientConfig) ReadConfig() {
nofile := false nofile := false
//home, err := homedir.Dir() //home, err := homedir.Dir()
@@ -233,7 +235,7 @@ func(config *ClientConfig) ReadConfig() {
} }
} }
} }
func ModGlobalConfig(cfg models.IntClient) error{ func ModGlobalConfig(cfg models.IntClient) error {
var modconfig GlobalConfig var modconfig GlobalConfig
var err error var err error
if FileExists("/etc/netclient/netconfig-global-001") { if FileExists("/etc/netclient/netconfig-global-001") {
@@ -243,60 +245,57 @@ func ModGlobalConfig(cfg models.IntClient) error{
} }
modconfig = *useconfig modconfig = *useconfig
} }
if cfg.ServerWGPort != ""{ if cfg.ServerWGPort != "" {
modconfig.Client.ServerWGPort = cfg.ServerWGPort modconfig.Client.ServerWGPort = cfg.ServerWGPort
} }
if cfg.ServerGRPCPort != ""{ if cfg.ServerGRPCPort != "" {
modconfig.Client.ServerGRPCPort = cfg.ServerGRPCPort modconfig.Client.ServerGRPCPort = cfg.ServerGRPCPort
} }
if cfg.ServerAPIPort != ""{ if cfg.ServerAPIPort != "" {
modconfig.Client.ServerAPIPort = cfg.ServerAPIPort modconfig.Client.ServerAPIPort = cfg.ServerAPIPort
} }
if cfg.PublicKey != ""{ if cfg.PublicKey != "" {
modconfig.Client.PublicKey = cfg.PublicKey modconfig.Client.PublicKey = cfg.PublicKey
} }
if cfg.PrivateKey != ""{ if cfg.PrivateKey != "" {
modconfig.Client.PrivateKey = cfg.PrivateKey modconfig.Client.PrivateKey = cfg.PrivateKey
} }
if cfg.ServerPublicEndpoint != ""{ if cfg.ServerPublicEndpoint != "" {
modconfig.Client.ServerPublicEndpoint = cfg.ServerPublicEndpoint modconfig.Client.ServerPublicEndpoint = cfg.ServerPublicEndpoint
} }
if cfg.ServerPrivateAddress != ""{ if cfg.ServerPrivateAddress != "" {
modconfig.Client.ServerPrivateAddress = cfg.ServerPrivateAddress modconfig.Client.ServerPrivateAddress = cfg.ServerPrivateAddress
} }
if cfg.Address != ""{ if cfg.Address != "" {
modconfig.Client.Address = cfg.Address modconfig.Client.Address = cfg.Address
} }
if cfg.Address6 != ""{ if cfg.Address6 != "" {
modconfig.Client.Address6 = cfg.Address6 modconfig.Client.Address6 = cfg.Address6
} }
if cfg.Network != ""{ if cfg.Network != "" {
modconfig.Client.Network = cfg.Network modconfig.Client.Network = cfg.Network
} }
if cfg.ServerKey != ""{ if cfg.ServerKey != "" {
modconfig.Client.ServerKey = cfg.ServerKey modconfig.Client.ServerKey = cfg.ServerKey
} }
if cfg.AccessKey != ""{ if cfg.AccessKey != "" {
modconfig.Client.AccessKey = cfg.AccessKey modconfig.Client.AccessKey = cfg.AccessKey
} }
if cfg.ClientID != ""{ if cfg.ClientID != "" {
modconfig.Client.ClientID = cfg.ClientID modconfig.Client.ClientID = cfg.ClientID
} }
err = WriteGlobal(&modconfig) err = WriteGlobal(&modconfig)
return err return err
} }
func ModConfig(node *nodepb.Node) error {
func ModConfig(node *nodepb.Node) error{
network := node.Nodenetwork network := node.Nodenetwork
if network == "" { if network == "" {
return errors.New("No Network Provided") return errors.New("No Network Provided")
} }
var modconfig ClientConfig var modconfig ClientConfig
var err error var err error
if FileExists("/etc/netclient/netconfig-"+network) { if FileExists("/etc/netclient/netconfig-" + network) {
useconfig, err := ReadConfig(network) useconfig, err := ReadConfig(network)
if err != nil { if err != nil {
return err return err
@@ -304,46 +303,46 @@ func ModConfig(node *nodepb.Node) error{
modconfig = *useconfig modconfig = *useconfig
} }
nodecfg := modconfig.Node nodecfg := modconfig.Node
if node.Name != ""{ if node.Name != "" {
nodecfg.Name = node.Name nodecfg.Name = node.Name
} }
if node.Interface != ""{ if node.Interface != "" {
nodecfg.Interface = node.Interface nodecfg.Interface = node.Interface
} }
if node.Nodenetwork != ""{ if node.Nodenetwork != "" {
nodecfg.Network = node.Nodenetwork nodecfg.Network = node.Nodenetwork
} }
if node.Macaddress != ""{ if node.Macaddress != "" {
nodecfg.MacAddress = node.Macaddress nodecfg.MacAddress = node.Macaddress
} }
if node.Localaddress != ""{ if node.Localaddress != "" {
nodecfg.LocalAddress = node.Localaddress nodecfg.LocalAddress = node.Localaddress
} }
if node.Postup != ""{ if node.Postup != "" {
nodecfg.PostUp = node.Postup nodecfg.PostUp = node.Postup
} }
if node.Postdown != ""{ if node.Postdown != "" {
nodecfg.PostDown = node.Postdown nodecfg.PostDown = node.Postdown
} }
if node.Listenport != 0{ if node.Listenport != 0 {
nodecfg.Port = node.Listenport nodecfg.Port = node.Listenport
} }
if node.Keepalive != 0{ if node.Keepalive != 0 {
nodecfg.KeepAlive = node.Keepalive nodecfg.KeepAlive = node.Keepalive
} }
if node.Publickey != ""{ if node.Publickey != "" {
nodecfg.PublicKey = node.Publickey nodecfg.PublicKey = node.Publickey
} }
if node.Endpoint != ""{ if node.Endpoint != "" {
nodecfg.Endpoint = node.Endpoint nodecfg.Endpoint = node.Endpoint
} }
if node.Password != ""{ if node.Password != "" {
nodecfg.Password = node.Password nodecfg.Password = node.Password
} }
if node.Address != ""{ if node.Address != "" {
nodecfg.WGAddress = node.Address nodecfg.WGAddress = node.Address
} }
if node.Address6 != ""{ if node.Address6 != "" {
nodecfg.WGAddress6 = node.Address6 nodecfg.WGAddress6 = node.Address6
} }
if node.Postchanges != "" { if node.Postchanges != "" {
@@ -355,6 +354,9 @@ func ModConfig(node *nodepb.Node) error{
if node.Isdualstack == true { if node.Isdualstack == true {
nodecfg.IsDualStack = "yes" nodecfg.IsDualStack = "yes"
} }
if node.Udpholepunch != "" {
nodecfg.UDPHolePunch = node.Udpholepunch
}
if node.Isingressgateway { if node.Isingressgateway {
nodecfg.IsIngressGateway = "yes" nodecfg.IsIngressGateway = "yes"
} else { } else {
@@ -369,7 +371,7 @@ func ModConfig(node *nodepb.Node) error{
return err return err
} }
func GetCLIConfig(c *cli.Context) (ClientConfig, error){ func GetCLIConfig(c *cli.Context) (ClientConfig, error) {
var cfg ClientConfig var cfg ClientConfig
if c.String("token") != "" { if c.String("token") != "" {
tokenbytes, err := base64.StdEncoding.DecodeString(c.String("token")) tokenbytes, err := base64.StdEncoding.DecodeString(c.String("token"))
@@ -379,7 +381,7 @@ func GetCLIConfig(c *cli.Context) (ClientConfig, error){
} }
var accesstoken models.AccessToken var accesstoken models.AccessToken
if err := json.Unmarshal(tokenbytes, &accesstoken); err != nil { if err := json.Unmarshal(tokenbytes, &accesstoken); err != nil {
log.Println("error converting token json to object", tokenbytes ) log.Println("error converting token json to object", tokenbytes)
return cfg, err return cfg, err
} }
@@ -464,11 +466,12 @@ func GetCLIConfig(c *cli.Context) (ClientConfig, error){
cfg.Node.IPForwarding = c.String("ipforwarding") cfg.Node.IPForwarding = c.String("ipforwarding")
cfg.OperatingSystem = c.String("operatingsystem") cfg.OperatingSystem = c.String("operatingsystem")
cfg.Daemon = c.String("daemon") cfg.Daemon = c.String("daemon")
cfg.Node.UDPHolePunch = c.String("udpholepunch")
return cfg, nil return cfg, nil
} }
func GetCLIConfigRegister(c *cli.Context) (GlobalConfig, error){ func GetCLIConfigRegister(c *cli.Context) (GlobalConfig, error) {
var cfg GlobalConfig var cfg GlobalConfig
if c.String("token") != "" { if c.String("token") != "" {
tokenbytes, err := base64.StdEncoding.DecodeString(c.String("token")) tokenbytes, err := base64.StdEncoding.DecodeString(c.String("token"))
@@ -478,7 +481,7 @@ func GetCLIConfigRegister(c *cli.Context) (GlobalConfig, error){
} }
var accesstoken models.AccessToken var accesstoken models.AccessToken
if err := json.Unmarshal(tokenbytes, &accesstoken); err != nil { if err := json.Unmarshal(tokenbytes, &accesstoken); err != nil {
log.Println("error converting token json to object", tokenbytes ) log.Println("error converting token json to object", tokenbytes)
return cfg, err return cfg, err
} }
cfg.GRPCWireGuard = accesstoken.WG.GRPCWireGuard cfg.GRPCWireGuard = accesstoken.WG.GRPCWireGuard
@@ -530,7 +533,6 @@ func GetCLIConfigRegister(c *cli.Context) (GlobalConfig, error){
return cfg, nil return cfg, nil
} }
func ReadConfig(network string) (*ClientConfig, error) { func ReadConfig(network string) (*ClientConfig, error) {
if network == "" { if network == "" {
err := errors.New("No network provided. Exiting.") err := errors.New("No network provided. Exiting.")

View File

@@ -1,23 +1,24 @@
package functions package functions
import ( import (
"google.golang.org/grpc/credentials"
"crypto/tls"
"fmt"
"errors"
"context" "context"
"crypto/tls"
"errors"
"fmt"
"log" "log"
"net"
"math/rand" "math/rand"
"net"
"time" "time"
"github.com/gravitl/netmaker/netclient/config"
"github.com/gravitl/netmaker/netclient/wireguard"
"github.com/gravitl/netmaker/netclient/server"
"github.com/gravitl/netmaker/netclient/local"
nodepb "github.com/gravitl/netmaker/grpc" nodepb "github.com/gravitl/netmaker/grpc"
"github.com/gravitl/netmaker/netclient/config"
"github.com/gravitl/netmaker/netclient/local"
"github.com/gravitl/netmaker/netclient/server"
"github.com/gravitl/netmaker/netclient/wireguard"
"golang.zx2c4.com/wireguard/wgctrl" "golang.zx2c4.com/wireguard/wgctrl"
"google.golang.org/grpc"
"golang.zx2c4.com/wireguard/wgctrl/wgtypes" "golang.zx2c4.com/wireguard/wgctrl/wgtypes"
"google.golang.org/grpc"
"google.golang.org/grpc/credentials"
//homedir "github.com/mitchellh/go-homedir" //homedir "github.com/mitchellh/go-homedir"
) )
@@ -149,7 +150,7 @@ func JoinNetwork(cfg config.ClientConfig) error {
conn, err := grpc.Dial(cfg.Server.GRPCAddress, requestOpts) conn, err := grpc.Dial(cfg.Server.GRPCAddress, requestOpts)
if err != nil { if err != nil {
log.Fatalf("Unable to establish client connection to " + cfg.Server.GRPCAddress + ": %v", err) log.Fatalf("Unable to establish client connection to "+cfg.Server.GRPCAddress+": %v", err)
} }
wcclient = nodepb.NewNodeServiceClient(conn) wcclient = nodepb.NewNodeServiceClient(conn)
@@ -189,7 +190,7 @@ func JoinNetwork(cfg config.ClientConfig) error {
return err return err
} }
if node.Dnsoff==true { if node.Dnsoff == true {
cfg.Node.DNS = "yes" cfg.Node.DNS = "yes"
} }
if !(cfg.Node.IsLocal == "yes") && node.Islocal && node.Localrange != "" { if !(cfg.Node.IsLocal == "yes") && node.Islocal && node.Localrange != "" {
@@ -253,4 +254,3 @@ func GenPass() string {
} }
return string(b) return string(b)
} }

View File

@@ -2,13 +2,14 @@ package main
import ( import (
"errors" "errors"
"github.com/gravitl/netmaker/netclient/command"
"github.com/gravitl/netmaker/netclient/config"
"github.com/urfave/cli/v2"
"log" "log"
"os" "os"
"os/exec" "os/exec"
"strconv" "strconv"
"github.com/gravitl/netmaker/netclient/command"
"github.com/gravitl/netmaker/netclient/config"
"github.com/urfave/cli/v2"
) )
func main() { func main() {
@@ -162,6 +163,12 @@ func main() {
Value: "", Value: "",
Usage: "Sets ipv6 address if 'yes'. Ignores if 'no'. Will retrieve from network if unset.", Usage: "Sets ipv6 address if 'yes'. Ignores if 'no'. Will retrieve from network if unset.",
}, },
&cli.StringFlag{
Name: "udpholepunch",
EnvVars: []string{"NETCLIENT_UDP_HOLEPUNCH"},
Value: "",
Usage: "Turns on udp holepunching if 'yes'. Ignores if 'no'. Will retrieve from network if unset.",
},
&cli.StringFlag{ &cli.StringFlag{
Name: "ipforwarding", Name: "ipforwarding",
EnvVars: []string{"NETCLIENT_IPFORWARDING"}, EnvVars: []string{"NETCLIENT_IPFORWARDING"},
@@ -365,7 +372,6 @@ func main() {
log.Fatal("This program must be run with elevated privileges (sudo). This program installs a SystemD service and configures WireGuard and networking rules. Please re-run with sudo/root.") log.Fatal("This program must be run with elevated privileges (sudo). This program installs a SystemD service and configures WireGuard and networking rules. Please re-run with sudo/root.")
} }
_, err = exec.LookPath("wg") _, err = exec.LookPath("wg")
if err != nil { if err != nil {
log.Println(err) log.Println(err)

View File

@@ -2,30 +2,32 @@ package wireguard
import ( import (
//"github.com/davecgh/go-spew/spew" //"github.com/davecgh/go-spew/spew"
"google.golang.org/grpc/credentials"
"crypto/tls"
"fmt"
"strconv"
"errors"
"context" "context"
"crypto/tls"
"errors"
"fmt"
"io/ioutil" "io/ioutil"
"strings"
"log" "log"
"net" "net"
"os" "os"
"os/exec" "os/exec"
"github.com/gravitl/netmaker/netclient/config" "strconv"
"github.com/gravitl/netmaker/netclient/local" "strings"
"github.com/gravitl/netmaker/netclient/auth"
"github.com/gravitl/netmaker/netclient/server"
nodepb "github.com/gravitl/netmaker/grpc" nodepb "github.com/gravitl/netmaker/grpc"
"github.com/gravitl/netmaker/models" "github.com/gravitl/netmaker/models"
"github.com/gravitl/netmaker/netclient/auth"
"github.com/gravitl/netmaker/netclient/config"
"github.com/gravitl/netmaker/netclient/local"
"github.com/gravitl/netmaker/netclient/server"
"golang.zx2c4.com/wireguard/wgctrl" "golang.zx2c4.com/wireguard/wgctrl"
"google.golang.org/grpc"
"google.golang.org/grpc/metadata"
"golang.zx2c4.com/wireguard/wgctrl/wgtypes" "golang.zx2c4.com/wireguard/wgctrl/wgtypes"
"google.golang.org/grpc"
"google.golang.org/grpc/credentials"
"google.golang.org/grpc/metadata"
//homedir "github.com/mitchellh/go-homedir" //homedir "github.com/mitchellh/go-homedir"
) )
func InitGRPCWireguard(client models.IntClient) error { func InitGRPCWireguard(client models.IntClient) error {
//spew.Dump(client) //spew.Dump(client)
@@ -52,7 +54,7 @@ func InitGRPCWireguard(client models.IntClient) error {
if client.Address6 == "" && client.Address == "" { if client.Address6 == "" && client.Address == "" {
return errors.New("no address to configure") return errors.New("no address to configure")
} }
cmdIPDevLinkAdd := exec.Command("ip","link", "add", "dev", ifacename, "type", "wireguard" ) cmdIPDevLinkAdd := exec.Command("ip", "link", "add", "dev", ifacename, "type", "wireguard")
cmdIPAddrAdd := exec.Command("ip", "address", "add", "dev", ifacename, client.Address+"/24") cmdIPAddrAdd := exec.Command("ip", "address", "add", "dev", ifacename, client.Address+"/24")
cmdIPAddr6Add := exec.Command("ip", "address", "add", "dev", ifacename, client.Address6+"/64") cmdIPAddr6Add := exec.Command("ip", "address", "add", "dev", ifacename, client.Address6+"/64")
currentiface, err := net.InterfaceByName(ifacename) currentiface, err := net.InterfaceByName(ifacename)
@@ -68,10 +70,10 @@ func InitGRPCWireguard(client models.IntClient) error {
//Add IPv4Address (make into separate function) //Add IPv4Address (make into separate function)
for _, a := range addrs { for _, a := range addrs {
if strings.Contains(a.String(), client.Address){ if strings.Contains(a.String(), client.Address) {
match = true match = true
} }
if strings.Contains(a.String(), client.Address6){ if strings.Contains(a.String(), client.Address6) {
match6 = true match6 = true
} }
} }
@@ -82,7 +84,7 @@ func InitGRPCWireguard(client models.IntClient) error {
fmt.Println(err) fmt.Println(err)
} }
} }
if !match6 && client.Address6 !=""{ if !match6 && client.Address6 != "" {
err = cmdIPAddr6Add.Run() err = cmdIPAddr6Add.Run()
if err != nil { if err != nil {
log.Println("Error adding ipv6 address") log.Println("Error adding ipv6 address")
@@ -146,8 +148,6 @@ func InitGRPCWireguard(client models.IntClient) error {
func InitWireguard(node *nodepb.Node, privkey string, peers []wgtypes.PeerConfig, hasGateway bool, gateways []string) error { func InitWireguard(node *nodepb.Node, privkey string, peers []wgtypes.PeerConfig, hasGateway bool, gateways []string) error {
//spew.Dump(node)
//spew.Dump(peers)
ipExec, err := exec.LookPath("ip") ipExec, err := exec.LookPath("ip")
if err != nil { if err != nil {
return err return err
@@ -158,18 +158,16 @@ func InitWireguard(node *nodepb.Node, privkey string, peers []wgtypes.PeerConfig
} }
wgclient, err := wgctrl.New() wgclient, err := wgctrl.New()
//modcfg := config.Config if err != nil {
//modcfg.ReadConfig() return err
}
modcfg, err := config.ReadConfig(node.Nodenetwork) modcfg, err := config.ReadConfig(node.Nodenetwork)
if err != nil { if err != nil {
return err return err
} }
nodecfg := modcfg.Node nodecfg := modcfg.Node
servercfg := modcfg.Server servercfg := modcfg.Server
if err != nil { if err != nil {
log.Fatalf("failed to open client: %v", err) log.Fatalf("failed to open client: %v", err)
} }
@@ -193,22 +191,21 @@ func InitWireguard(node *nodepb.Node, privkey string, peers []wgtypes.PeerConfig
} else if node.Nodenetwork != "" { } else if node.Nodenetwork != "" {
network = node.Nodenetwork network = node.Nodenetwork
} }
cmdIPDevLinkAdd := &exec.Cmd { cmdIPDevLinkAdd := &exec.Cmd{
Path: ipExec, Path: ipExec,
Args: []string{ ipExec, "link", "add", "dev", ifacename, "type", "wireguard" }, Args: []string{ipExec, "link", "add", "dev", ifacename, "type", "wireguard"},
Stdout: os.Stdout, Stdout: os.Stdout,
Stderr: os.Stdout, Stderr: os.Stdout,
} }
cmdIPAddrAdd := &exec.Cmd { cmdIPAddrAdd := &exec.Cmd{
Path: ipExec, Path: ipExec,
Args: []string{ ipExec, "address", "add", "dev", ifacename, node.Address+"/24"}, Args: []string{ipExec, "address", "add", "dev", ifacename, node.Address + "/24"},
Stdout: os.Stdout, Stdout: os.Stdout,
Stderr: os.Stdout, Stderr: os.Stdout,
} }
currentiface, err := net.InterfaceByName(ifacename) currentiface, err := net.InterfaceByName(ifacename)
if err != nil { if err != nil {
err = cmdIPDevLinkAdd.Run() err = cmdIPDevLinkAdd.Run()
if err != nil && !strings.Contains(err.Error(), "exists") { if err != nil && !strings.Contains(err.Error(), "exists") {
@@ -220,7 +217,7 @@ func InitWireguard(node *nodepb.Node, privkey string, peers []wgtypes.PeerConfig
match := false match := false
addrs, _ := currentiface.Addrs() addrs, _ := currentiface.Addrs()
for _, a := range addrs { for _, a := range addrs {
if strings.Contains(a.String(), node.Address){ if strings.Contains(a.String(), node.Address) {
match = true match = true
} }
} }
@@ -234,13 +231,21 @@ func InitWireguard(node *nodepb.Node, privkey string, peers []wgtypes.PeerConfig
var nodeport int var nodeport int
nodeport = int(node.Listenport) nodeport = int(node.Listenport)
//pubkey := privkey.PublicKey() conf := wgtypes.Config{}
conf := wgtypes.Config{ if nodecfg.UDPHolePunch == "yes" {
conf = wgtypes.Config{
PrivateKey: &key,
ReplacePeers: true,
Peers: peers,
}
} else {
conf = wgtypes.Config{
PrivateKey: &key, PrivateKey: &key,
ListenPort: &nodeport, ListenPort: &nodeport,
ReplacePeers: true, ReplacePeers: true,
Peers: peers, Peers: peers,
} }
}
_, err = wgclient.Device(ifacename) _, err = wgclient.Device(ifacename)
if err != nil { if err != nil {
if os.IsNotExist(err) { if os.IsNotExist(err) {
@@ -267,17 +272,16 @@ func InitWireguard(node *nodepb.Node, privkey string, peers []wgtypes.PeerConfig
} }
//=========End DNS Setup=======\\ //=========End DNS Setup=======\\
cmdIPLinkUp := &exec.Cmd{
cmdIPLinkUp := &exec.Cmd {
Path: ipExec, Path: ipExec,
Args: []string{ ipExec, "link", "set", "up", "dev", ifacename}, Args: []string{ipExec, "link", "set", "up", "dev", ifacename},
Stdout: os.Stdout, Stdout: os.Stdout,
Stderr: os.Stdout, Stderr: os.Stdout,
} }
cmdIPLinkDown := &exec.Cmd { cmdIPLinkDown := &exec.Cmd{
Path: ipExec, Path: ipExec,
Args: []string{ ipExec, "link", "set", "down", "dev", ifacename}, Args: []string{ipExec, "link", "set", "down", "dev", ifacename},
Stdout: os.Stdout, Stdout: os.Stdout,
Stderr: os.Stdout, Stderr: os.Stdout,
} }
@@ -302,16 +306,16 @@ func InitWireguard(node *nodepb.Node, privkey string, peers []wgtypes.PeerConfig
fmt.Println("Error encountered running PostUp: " + err.Error()) fmt.Println("Error encountered running PostUp: " + err.Error())
} }
} }
if (hasGateway) { if hasGateway {
for _, gateway := range gateways { for _, gateway := range gateways {
out, err := exec.Command(ipExec,"-4","route","add",gateway,"dev",ifacename).Output() out, err := exec.Command(ipExec, "-4", "route", "add", gateway, "dev", ifacename).Output()
fmt.Println(string(out)) fmt.Println(string(out))
if err != nil { if err != nil {
fmt.Println("Error encountered adding gateway: " + err.Error()) fmt.Println("Error encountered adding gateway: " + err.Error())
} }
} }
} }
if (node.Address6 != "" && node.Isdualstack) { if node.Address6 != "" && node.Isdualstack {
fmt.Println("Adding address: " + node.Address6) fmt.Println("Adding address: " + node.Address6)
out, err := exec.Command(ipExec, "address", "add", "dev", ifacename, node.Address6+"/64").Output() out, err := exec.Command(ipExec, "address", "add", "dev", ifacename, node.Address6+"/64").Output()
if err != nil { if err != nil {
@@ -323,7 +327,6 @@ func InitWireguard(node *nodepb.Node, privkey string, peers []wgtypes.PeerConfig
return err return err
} }
func SetWGKeyConfig(network string, serveraddr string) error { func SetWGKeyConfig(network string, serveraddr string) error {
ctx := context.Background() ctx := context.Background()
@@ -375,7 +378,6 @@ func SetWGKeyConfig(network string, serveraddr string) error {
return err return err
} }
postnode := server.GetNode(network) postnode := server.GetNode(network)
req := &nodepb.UpdateNodeReq{ req := &nodepb.UpdateNodeReq{
@@ -395,7 +397,6 @@ func SetWGKeyConfig(network string, serveraddr string) error {
return err return err
} }
func SetWGConfig(network string) error { func SetWGConfig(network string) error {
cfg, err := config.ReadConfig(network) cfg, err := config.ReadConfig(network)
@@ -423,9 +424,9 @@ func SetWGConfig(network string) error {
return err return err
} }
func StorePrivKey(key string, network string) error{ func StorePrivKey(key string, network string) error {
d1 := []byte(key) d1 := []byte(key)
err := ioutil.WriteFile("/etc/netclient/wgkey-" + network, d1, 0644) err := ioutil.WriteFile("/etc/netclient/wgkey-"+network, d1, 0644)
return err return err
} }

View File

@@ -183,3 +183,26 @@ func ReconfigureServerWireGuard() error {
} }
return nil return nil
} }
func GetPeers(networkName string) (map[string]string, error) {
peers := make(map[string]string)
network, err := functions.GetParentNetwork(networkName)
if err != nil {
return peers, err
}
iface := network.DefaultInterface
client, err := wgctrl.New()
if err != nil {
return peers, err
}
device, err := client.Device(iface)
if err != nil {
return nil, err
}
for _, peer := range device.Peers {
peers[peer.PublicKey.String()] = peer.Endpoint.String()
}
return peers, nil
}