configure proxy on peer update without resetting

logic/peers.go

@@ -83,7 +83,7 @@ func GetPeersForProxy(node *models.Node, onlyPeers bool) (manager.ManagerPayload
 			logger.Log(1, "failed to resolve udp addr for node: ", peer.ID, peer.Endpoint, err.Error())
 			continue
 		}
-		allowedips := getNodeAllowedIPs(node, &peer)
+		allowedips := getNodeAllowedIPs(&peer, node)
 		var keepalive time.Duration
 		if node.PersistentKeepalive != 0 {
 			// set_keepalive
@@ -96,12 +96,16 @@ func GetPeersForProxy(node *models.Node, onlyPeers bool) (manager.ManagerPayload
 			PersistentKeepaliveInterval: &keepalive,
 			ReplaceAllowedIPs:           true,
 		})
+		peerConfMap[peer.PublicKey] = manager.PeerConf{
+			Address: peer.PrimaryAddress(),
+		}
 		if !onlyPeers && peer.IsRelayed == "yes" {
 			relayNode := FindRelay(&peer)
 			if relayNode != nil {
 				relayTo, err := net.ResolveUDPAddr("udp", fmt.Sprintf("%s:%d", relayNode.Endpoint, relayNode.LocalListenPort))
 				if err == nil {
 					peerConfMap[peer.PublicKey] = manager.PeerConf{
+
 						IsRelayed: true,
 						RelayedTo: relayTo,
 						Address:   peer.PrimaryAddress(),

netclient/functions/mqhandlers.go

@@ -14,7 +14,6 @@ import (
 	"github.com/gravitl/netmaker/logger"
 	"github.com/gravitl/netmaker/models"
 	"github.com/gravitl/netmaker/netclient/config"
-	"github.com/gravitl/netmaker/netclient/local"
 	"github.com/gravitl/netmaker/netclient/ncutils"
 	"github.com/gravitl/netmaker/netclient/wireguard"
 	"github.com/gravitl/netmaker/nm-proxy/manager"
@@ -53,6 +52,7 @@ func ProxyUpdate(client mqtt.Client, msg mqtt.Message) {
 
 // NodeUpdate -- mqtt message handler for /update/<NodeID> topic
 func NodeUpdate(client mqtt.Client, msg mqtt.Message) {
+	return
 	var newNode models.Node
 	var nodeCfg config.ClientConfig
 	var network = parseNetworkFromTopic(msg.Topic())
@@ -252,22 +252,22 @@ func UpdatePeers(client mqtt.Client, msg mqtt.Message) {
 		UpdateLocalListenPort(&cfg)
 		return
 	}
-	queryAddr := cfg.Node.PrimaryAddress()
+	// queryAddr := cfg.Node.PrimaryAddress()
 
 	//err = wireguard.SyncWGQuickConf(cfg.Node.Interface, file)
-	var iface = cfg.Node.Interface
+	// var iface = cfg.Node.Interface
-	if ncutils.IsMac() {
+	// if ncutils.IsMac() {
-		iface, err = local.GetMacIface(queryAddr)
+	// 	iface, err = local.GetMacIface(queryAddr)
-		if err != nil {
+	// 	if err != nil {
-			logger.Log(0, "error retrieving mac iface: "+err.Error())
+	// 		logger.Log(0, "error retrieving mac iface: "+err.Error())
-			return
+	// 		return
-		}
+	// 	}
-	}
+	// }
-	err = wireguard.SetPeers(iface, &cfg.Node, peerUpdate.Peers)
+	// err = wireguard.SetPeers(iface, &cfg.Node, peerUpdate.Peers)
-	if err != nil {
+	// if err != nil {
-		logger.Log(0, "error syncing wg after peer update: "+err.Error())
+	// 	logger.Log(0, "error syncing wg after peer update: "+err.Error())
-		return
+	// 	return
-	}
+	// }
 	ProxyMgmChan <- &peerUpdate.ProxyUpdate
 	logger.Log(0, "network:", cfg.Node.Network, "received peer update for node "+cfg.Node.Name+" "+cfg.Node.Network)
 	if cfg.Node.DNSOn == "yes" {

nm-proxy/common/common.go

@@ -48,8 +48,7 @@ type Config struct {
 	RemoteKey   string
 	LocalKey    string
 	WgInterface *wg.WGIface
-	AllowedIps   []net.IPNet
+	PeerConf    *wgtypes.PeerConfig
-	PreSharedKey *wgtypes.Key
 }
 
 // Proxy -  WireguardProxy proxies
@@ -70,7 +69,12 @@ type RemotePeer struct {
 	IsAttachedExtClient bool
 }
 
-var WgIFaceMap = make(map[string]map[string]*Conn)
+type WgIfaceConf struct {
+	Iface   *wgtypes.Device
+	PeerMap map[string]*Conn
+}
+
+var WgIFaceMap = make(map[string]WgIfaceConf)
 
 var PeerKeyHashMap = make(map[string]RemotePeer)
 

nm-proxy/manager/manager.go

@@ -7,6 +7,7 @@ import (
 	"fmt"
 	"log"
 	"net"
+	"reflect"
 	"runtime"
 	"time"
 
@@ -59,6 +60,7 @@ const (
 	AddInterface ProxyAction = "ADD_INTERFACE"
 	DeletePeer   ProxyAction = "DELETE_PEER"
 	UpdatePeer   ProxyAction = "UPDATE_PEER"
+	AddPeer      ProxyAction = "ADD_PEER"
 	RelayPeers   ProxyAction = "RELAY_PEERS"
 	RelayUpdate  ProxyAction = "RELAY_UPDATE"
 	RelayTo      ProxyAction = "RELAY_TO"
@@ -90,7 +92,7 @@ func StartProxyManager(manageChan chan *ManagerAction) {
 			case UpdatePeer:
 				//mI.UpdatePeerProxy()
 			case DeletePeer:
-				mI.DeletePeers()
+
 			case RelayPeers:
 				mI.RelayPeers()
 			case RelayUpdate:
@@ -135,98 +137,132 @@ func (m *ManagerAction) RelayPeers() {
 	}
 }
 
-func (m *ManagerAction) DeletePeers() {
+func (m *ManagerAction) processPayload() (*wg.WGIface, error) {
-	if len(m.Payload.Peers) == 0 {
-		log.Println("No Peers to delete...")
-		return
-	}
-	peersMap, ok := common.WgIFaceMap[m.Payload.InterfaceName]
-	if !ok {
-		log.Println("interface not found: ", m.Payload.InterfaceName)
-		return
-	}
-
-	for _, peerI := range m.Payload.Peers {
-		if peerConf, ok := peersMap[peerI.PublicKey.String()]; ok {
-			peerConf.Proxy.Cancel()
-			delete(peersMap, peerI.PublicKey.String())
-		}
-	}
-	common.WgIFaceMap[m.Payload.InterfaceName] = peersMap
-}
-
-func (m *ManagerAction) UpdatePeerProxy() {
-	if len(m.Payload.Peers) == 0 {
-		log.Println("No Peers to add...")
-		return
-	}
-	peers, ok := common.WgIFaceMap[m.Payload.InterfaceName]
-	if !ok {
-		log.Println("interface not found: ", m.Payload.InterfaceName)
-		return
-	}
-
-	for _, peerI := range m.Payload.Peers {
-		peerConf := m.Payload.PeerMap[peerI.PublicKey.String()]
-		if peerI.Endpoint == nil && !peerConf.IsExtClient {
-			log.Println("Endpoint nil for peer: ", peerI.PublicKey.String())
-			continue
-		}
-
-		if peerConf, ok := peers[peerI.PublicKey.String()]; ok {
-
-			peerConf.Config.RemoteWgPort = peerI.Endpoint.Port
-			peers[peerI.PublicKey.String()] = peerConf
-			common.WgIFaceMap[m.Payload.InterfaceName] = peers
-			log.Printf("---->####### Updated PEER: %+v\n", peerConf)
-		}
-	}
-
-}
-
-func cleanUp(iface string) {
-	if peers, ok := common.WgIFaceMap[iface]; ok {
-		log.Println("########------------>  CLEANING UP: ", iface)
-		for _, peerI := range peers {
-			peerI.Proxy.Cancel()
-		}
-	}
-	delete(common.WgIFaceMap, iface)
-	delete(common.PeerAddrMap, iface)
-	if waitThs, ok := common.ExtClientsWaitTh[iface]; ok {
-		for _, cancelF := range waitThs {
-			cancelF()
-		}
-		delete(common.ExtClientsWaitTh, iface)
-	}
-
-	log.Println("CLEANED UP..........")
-}
-
-func (m *ManagerAction) AddInterfaceToProxy() error {
 	var err error
+	var wgIface *wg.WGIface
 	if m.Payload.InterfaceName == "" {
-		return errors.New("interface cannot be empty")
+		return nil, errors.New("interface cannot be empty")
 	}
 	if len(m.Payload.Peers) == 0 {
-		log.Println("No Peers to add...")
+		return nil, errors.New("no peers to add")
-		return nil
 	}
-	ifaceName := m.Payload.InterfaceName
+
-	log.Println("--------> IFACE: ", ifaceName)
 	if runtime.GOOS == "darwin" {
-		ifaceName, err = wg.GetRealIface(ifaceName)
+		m.Payload.InterfaceName, err = wg.GetRealIface(m.Payload.InterfaceName)
 		if err != nil {
 			log.Println("failed to get real iface: ", err)
 		}
 	}
-	cleanUp(ifaceName)
+	wgIface, err = wg.NewWGIFace(m.Payload.InterfaceName, "127.0.0.1/32", wg.DefaultMTU)
-
-	wgInterface, err := wg.NewWGIFace(ifaceName, "127.0.0.1/32", wg.DefaultMTU)
 	if err != nil {
 		log.Println("Failed init new interface: ", err)
+		return nil, err
+	}
+	var wgProxyConf common.WgIfaceConf
+	var ok bool
+	if wgProxyConf, ok = common.WgIFaceMap[m.Payload.InterfaceName]; !ok {
+		return wgIface, nil
+	}
+	// sync map with wg device config
+	// check if listen port has changed
+	if wgIface.Device.ListenPort != wgProxyConf.Iface.ListenPort {
+		// reset proxy for this interface
+
+		log.Println("########------------>  CLEANING UP: ", m.Payload.InterfaceName)
+		for _, peerI := range wgProxyConf.PeerMap {
+			peerI.Proxy.Cancel()
+		}
+		delete(common.WgIFaceMap, m.Payload.InterfaceName)
+		return wgIface, nil
+	}
+	wgProxyConf.Iface = wgIface.Device
+	for i := len(m.Payload.Peers) - 1; i >= 0; i-- {
+		if currentPeer, ok := wgProxyConf.PeerMap[m.Payload.Peers[i].PublicKey.String()]; ok {
+			// check if peer is not connected to proxy
+			devPeer, err := wg.GetPeer(m.Payload.InterfaceName, currentPeer.Config.Key)
+			if err == nil {
+				log.Printf("---------> COMAPRING ENDP{INT}: DEV: %s, Proxy: %s", devPeer.Endpoint.String(), currentPeer.Proxy.LocalConn.LocalAddr().String())
+				if devPeer.Endpoint.String() != currentPeer.Proxy.LocalConn.LocalAddr().String() {
+					log.Println("---------> endpoint is not set to proxy: ", currentPeer.Config.Key)
+					currentPeer.Proxy.Cancel()
+					delete(wgProxyConf.PeerMap, currentPeer.Config.Key)
+					continue
+				}
+			}
+			if !reflect.DeepEqual(m.Payload.Peers[i], *currentPeer.Proxy.Config.PeerConf) {
+				if currentPeer.Proxy.RemoteConn.IP.String() != m.Payload.Peers[i].Endpoint.IP.String() {
+					log.Println("----------> Resetting proxy for Peer: ", currentPeer.Config.Key, m.Payload.InterfaceName)
+					currentPeer.Proxy.Cancel()
+					delete(wgProxyConf.PeerMap, currentPeer.Config.Key)
+
+				} else {
+
+					log.Println("----->##### Updating Peer on Interface: ", m.Payload.InterfaceName, currentPeer.Config.Key)
+					updatePeerConf := m.Payload.Peers[i]
+					localUdpAddr, err := net.ResolveUDPAddr("udp", currentPeer.Proxy.LocalConn.LocalAddr().String())
+					if err == nil {
+						updatePeerConf.Endpoint = localUdpAddr
+					}
+					if err := wgIface.Update(updatePeerConf); err != nil {
+						log.Println("failed to update peer: ", currentPeer.Config.Key, err)
+					}
+					currentPeer.Proxy.Config.PeerConf = &m.Payload.Peers[i]
+					wgProxyConf.PeerMap[currentPeer.Config.Key] = currentPeer
+					// delete the peer from the list
+					log.Println("-----------> deleting peer from list: ", m.Payload.Peers[i].PublicKey)
+					m.Payload.Peers = append(m.Payload.Peers[:i], m.Payload.Peers[i+1:]...)
+
+				}
+
+			} else {
+				// delete the peer from the list
+				log.Println("-----------> No updates observed so deleting peer: ", m.Payload.Peers[i].PublicKey)
+				m.Payload.Peers = append(m.Payload.Peers[:i], m.Payload.Peers[i+1:]...)
+			}
+
+		}
+	}
+	for _, currPeerI := range wgProxyConf.PeerMap {
+		if _, ok := m.Payload.PeerMap[currPeerI.Config.Key]; !ok {
+			currPeerI.Proxy.Cancel()
+			// delete peer from interface
+			log.Println("CurrPeer Not Found, Deleting Peer from Interface: ", currPeerI.Config.Key)
+			if err := wgIface.RemovePeer(currPeerI.Config.Key); err != nil {
+				log.Println("failed to remove peer: ", currPeerI.Config.Key, err)
+			}
+			delete(wgProxyConf.PeerMap, currPeerI.Config.Key)
+
+		}
+	}
+	common.WgIFaceMap[m.Payload.InterfaceName] = wgProxyConf
+
+	// if peers, ok := common.WgIFaceMap[iface]; ok {
+	// 	log.Println("########------------>  CLEANING UP: ", iface)
+	// 	for _, peerI := range peers {
+	// 		peerI.Proxy.Cancel()
+	// 	}
+	// }
+	// delete(common.WgIFaceMap, iface)
+	// delete(common.PeerAddrMap, iface)
+	// if waitThs, ok := common.ExtClientsWaitTh[iface]; ok {
+	// 	for _, cancelF := range waitThs {
+	// 		cancelF()
+	// 	}
+	// 	delete(common.ExtClientsWaitTh, iface)
+	// }
+
+	log.Println("CLEANED UP..........")
+	return wgIface, nil
+}
+
+func (m *ManagerAction) AddInterfaceToProxy() error {
+	var err error
+
+	wgInterface, err := m.processPayload()
+	if err != nil {
 		return err
 	}
+
 	log.Printf("wg: %+v\n", wgInterface)
 	wgListenAddr, err := proxy.GetInterfaceListenAddr(wgInterface.Port)
 	if err != nil {
@@ -272,7 +308,7 @@ func (m *ManagerAction) AddInterfaceToProxy() error {
 		}
 		if shouldProceed {
 			common.PeerKeyHashMap[fmt.Sprintf("%x", md5.Sum([]byte(peerI.PublicKey.String())))] = common.RemotePeer{
-				Interface:           ifaceName,
+				Interface:           m.Payload.InterfaceName,
 				PeerKey:             peerI.PublicKey.String(),
 				IsExtClient:         peerConf.IsExtClient,
 				Endpoint:            peerI.Endpoint,
@@ -295,7 +331,7 @@ func (m *ManagerAction) AddInterfaceToProxy() error {
 			log.Println("Extclient endpoint not updated yet....skipping")
 			// TODO - watch the interface for ext client update
 			go func(wgInterface *wg.WGIface, peer *wgtypes.PeerConfig,
-				isRelayed, isExtClient, isAttachedExtClient bool, relayTo *net.UDPAddr, peerConf PeerConf) {
+				isRelayed bool, relayTo *net.UDPAddr, peerConf PeerConf) {
 				addExtClient := false
 				ctx, cancel := context.WithCancel(context.Background())
 				common.ExtClientsWaitTh[wgInterface.Name] = append(common.ExtClientsWaitTh[wgInterface.Name], cancel)
@@ -321,7 +357,7 @@ func (m *ManagerAction) AddInterfaceToProxy() error {
 						log.Println("Exiting extclient watch Thread for: ", wgInterface.Device.PublicKey.String())
 						return
 					default:
-						wgInterface, err := wg.NewWGIFace(ifaceName, "127.0.0.1/32", wg.DefaultMTU)
+						wgInterface, err := wg.NewWGIFace(m.Payload.InterfaceName, "127.0.0.1/32", wg.DefaultMTU)
 						if err != nil {
 							log.Println("Failed init new interface: ", err)
 							return
@@ -338,7 +374,7 @@ func (m *ManagerAction) AddInterfaceToProxy() error {
 
 				}
 
-			}(wgInterface, &peerI, isRelayed, peerConf.IsExtClient, peerConf.IsAttachedExtClient, relayedTo, peerConf)
+			}(wgInterface, &peerI, isRelayed, relayedTo, peerConf)
 			continue
 		}
 

nm-proxy/peer/peer.go

@@ -41,7 +41,7 @@ func AddNewPeer(wgInterface *wg.WGIface, peer *wgtypes.PeerConfig, peerAddr stri
 		LocalKey:    wgInterface.Device.PublicKey.String(),
 		RemoteKey:   peer.PublicKey.String(),
 		WgInterface: wgInterface,
-		AllowedIps:  peer.AllowedIPs,
+		PeerConf:    peer,
 	}
 	p := proxy.NewProxy(c)
 	peerPort := common.NmProxyPort
@@ -91,7 +91,7 @@ func AddNewPeer(wgInterface *wg.WGIface, peer *wgtypes.PeerConfig, peerAddr stri
 			LocalKey:    wgInterface.Device.PublicKey.String(),
 			RemoteKey:   peer.PublicKey.String(),
 			WgInterface: wgInterface,
-			AllowedIps:  peer.AllowedIPs,
+			PeerConf:    peer,
 		},
 
 		RemoteConn: remoteConn,
@@ -105,10 +105,15 @@ func AddNewPeer(wgInterface *wg.WGIface, peer *wgtypes.PeerConfig, peerAddr stri
 		Proxy:  peerProxy,
 	}
 	if _, ok := common.WgIFaceMap[wgInterface.Name]; ok {
-		common.WgIFaceMap[wgInterface.Name][peer.PublicKey.String()] = &peerConn
+		common.WgIFaceMap[wgInterface.Name].PeerMap[peer.PublicKey.String()] = &peerConn
 	} else {
-		common.WgIFaceMap[wgInterface.Name] = make(map[string]*common.Conn)
+		ifaceConf := common.WgIfaceConf{
-		common.WgIFaceMap[wgInterface.Name][peer.PublicKey.String()] = &peerConn
+			Iface:   wgInterface.Device,
+			PeerMap: make(map[string]*common.Conn),
+		}
+
+		common.WgIFaceMap[wgInterface.Name] = ifaceConf
+		common.WgIFaceMap[wgInterface.Name].PeerMap[peer.PublicKey.String()] = &peerConn
 	}
 	if _, ok := common.PeerAddrMap[wgInterface.Name]; ok {
 		common.PeerAddrMap[wgInterface.Name][peerAddr] = &peerConn

nm-proxy/proxy/proxy.go

@@ -23,8 +23,7 @@ type Config struct {
 	RemoteKey   string
 	LocalKey    string
 	WgInterface *wg.WGIface
-	AllowedIps   []net.IPNet
+	PeerConf    *wgtypes.PeerConfig
-	PreSharedKey *wgtypes.Key
 }
 
 // Proxy -  WireguardProxy proxies

nm-proxy/proxy/wireguard.go

@@ -25,7 +25,6 @@ func NewProxy(config Config) *Proxy {
 // proxyToRemote proxies everything from Wireguard to the RemoteKey peer
 func (p *Proxy) ProxyToRemote() {
 
-	peers := common.WgIFaceMap[p.Config.WgInterface.Name]
 	go func() {
 		<-p.Ctx.Done()
 		log.Println("Closing connection for: ", p.LocalConn.LocalAddr().String())
@@ -61,15 +60,15 @@ func (p *Proxy) ProxyToRemote() {
 				continue
 			}
 			//go func(buf []byte, n int) {
-
+			ifaceConf := common.WgIFaceMap[p.Config.WgInterface.Name]
-			if peerI, ok := peers[p.Config.RemoteKey]; ok {
+			if peerI, ok := ifaceConf.PeerMap[p.Config.RemoteKey]; ok {
-				//var srcPeerKeyHash, dstPeerKeyHash string
+				var srcPeerKeyHash, dstPeerKeyHash string
-				buf, n, _, _ = packet.ProcessPacketBeforeSending(buf, n, peerI.Config.LocalKey, peerI.Config.Key)
+				buf, n, srcPeerKeyHash, dstPeerKeyHash = packet.ProcessPacketBeforeSending(buf, n, peerI.Config.LocalKey, peerI.Config.Key)
 				if err != nil {
 					log.Println("failed to process pkt before sending: ", err)
 				}
-				// log.Printf("PROXING TO REMOTE!!!---> %s >>>>> %s >>>>> %s [[ SrcPeerHash: %s, DstPeerHash: %s ]]\n",
+				log.Printf("PROXING TO REMOTE!!!---> %s >>>>> %s >>>>> %s [[ SrcPeerHash: %s, DstPeerHash: %s ]]\n",
-				// 	p.LocalConn.LocalAddr(), server.NmProxyServer.Server.LocalAddr().String(), p.RemoteConn.String(), srcPeerKeyHash, dstPeerKeyHash)
+					p.LocalConn.LocalAddr(), server.NmProxyServer.Server.LocalAddr().String(), p.RemoteConn.String(), srcPeerKeyHash, dstPeerKeyHash)
 			} else {
 				log.Printf("Peer: %s not found in config\n", p.Config.RemoteKey)
 				p.Cancel()
@@ -99,9 +98,9 @@ func (p *Proxy) updateEndpoint() error {
 		return err
 	}
 	// add local proxy connection as a Wireguard peer
-	log.Printf("---> ## Updating Peer:  %+v\n", p.Config)
+	log.Printf("---> ####### Updating Peer:  %+v\n", p.Config.PeerConf)
-	err = p.Config.WgInterface.UpdatePeer(p.Config.RemoteKey, p.Config.AllowedIps, wg.DefaultWgKeepAlive,
+	err = p.Config.WgInterface.UpdatePeer(p.Config.RemoteKey, p.Config.PeerConf.AllowedIPs, wg.DefaultWgKeepAlive,
-		udpAddr, p.Config.PreSharedKey)
+		udpAddr, p.Config.PeerConf.PresharedKey)
 	if err != nil {
 		return err
 	}
@@ -113,17 +112,8 @@ func (p *Proxy) Start(remoteConn *net.UDPAddr) error {
 	p.RemoteConn = remoteConn
 
 	var err error
-	// err = p.Config.WgInterface.GetWgIface(p.Config.WgInterface.Name)
+
-	// if err != nil {
+	//log.Printf("----> WGIFACE: %+v\n", p.Config.WgInterface)
-	// 	log.Println("Failed to get iface: ", p.Config.WgInterface.Name, err)
-	// 	return err
-	// }
-	// wgAddr, err := GetInterfaceIpv4Addr(p.Config.WgInterface.Name)
-	// if err != nil {
-	// 	log.Println("failed to get interface addr: ", err)
-	// 	return err
-	// }
-	log.Printf("----> WGIFACE: %+v\n", p.Config.WgInterface)
 	addr, err := GetFreeIp(common.DefaultCIDR, p.Config.WgInterface.Port)
 	if err != nil {
 		log.Println("Failed to get freeIp: ", err)
@@ -137,7 +127,7 @@ func (p *Proxy) Start(remoteConn *net.UDPAddr) error {
 	if runtime.GOOS == "darwin" {
 		wgListenAddr.IP = net.ParseIP(addr)
 	}
-	log.Println("--------->#### Wg Listen Addr: ", wgListenAddr.String())
+	//log.Println("--------->#### Wg Listen Addr: ", wgListenAddr.String())
 	p.LocalConn, err = net.DialUDP("udp", &net.UDPAddr{
 		IP:   net.ParseIP(addr),
 		Port: common.NmProxyPort,

nm-proxy/server/server.go

@@ -2,6 +2,7 @@ package server
 
 import (
 	"context"
+	"fmt"
 	"log"
 	"net"
 	"time"
@@ -42,9 +43,9 @@ func (p *ProxyServer) Listen(ctx context.Context) {
 		case <-ctx.Done():
 			log.Println("--------->### Shutting down Proxy.....")
 			// clean up proxy connections
-			for iface, peers := range common.WgIFaceMap {
+			for iface, ifaceConf := range common.WgIFaceMap {
 				log.Println("########------------>  CLEANING UP: ", iface)
-				for _, peerI := range peers {
+				for _, peerI := range ifaceConf.PeerMap {
 					peerI.Proxy.Cancel()
 				}
 			}
@@ -114,11 +115,11 @@ func (p *ProxyServer) Listen(ctx context.Context) {
 			}
 
 			if peerInfo, ok := common.PeerKeyHashMap[srcPeerKeyHash]; ok {
-				if peers, ok := common.WgIFaceMap[peerInfo.Interface]; ok {
+				if ifaceConf, ok := common.WgIFaceMap[peerInfo.Interface]; ok {
-					if peerI, ok := peers[peerInfo.PeerKey]; ok {
+					if peerI, ok := ifaceConf.PeerMap[peerInfo.PeerKey]; ok {
-						// log.Printf("PROXING TO LOCAL!!!---> %s <<<< %s <<<<<<<< %s   [[ RECV PKT [SRCKEYHASH: %s], [DSTKEYHASH: %s], SourceIP: [%s] ]]\n",
+						log.Printf("PROXING TO LOCAL!!!---> %s <<<< %s <<<<<<<< %s   [[ RECV PKT [SRCKEYHASH: %s], [DSTKEYHASH: %s], SourceIP: [%s] ]]\n",
-						// 	peerI.Proxy.LocalConn.RemoteAddr(), peerI.Proxy.LocalConn.LocalAddr(),
+							peerI.Proxy.LocalConn.RemoteAddr(), peerI.Proxy.LocalConn.LocalAddr(),
-						// 	fmt.Sprintf("%s:%d", source.IP.String(), source.Port), srcPeerKeyHash, dstPeerKeyHash, source.IP.String())
+							fmt.Sprintf("%s:%d", source.IP.String(), source.Port), srcPeerKeyHash, dstPeerKeyHash, source.IP.String())
 						_, err = peerI.Proxy.LocalConn.Write(buffer[:n])
 						if err != nil {
 							log.Println("Failed to proxy to Wg local interface: ", err)

nm-proxy/wg/wg.go

@@ -125,8 +125,8 @@ func (w *WGIface) UpdatePeer(peerKey string, allowedIps []net.IPNet, keepAlive t
 	}
 	peer := wgtypes.PeerConfig{
 		PublicKey:                   peerKeyParsed,
-		// ReplaceAllowedIPs:           true,
+		ReplaceAllowedIPs:           true,
-		// AllowedIPs:                  allowedIps,
+		AllowedIPs:                  allowedIps,
 		PersistentKeepaliveInterval: &keepAlive,
 		PresharedKey:                preSharedKey,
 		Endpoint:                    endpoint,
@@ -234,3 +234,73 @@ func RunCmd(command string, printerr bool) (string, error) {
 	}
 	return string(out), err
 }
+
+// RemovePeer removes a Wireguard Peer from the interface iface
+func (w *WGIface) RemovePeer(peerKey string) error {
+	w.mu.Lock()
+	defer w.mu.Unlock()
+
+	log.Printf("Removing peer %s from interface %s ", peerKey, w.Name)
+
+	peerKeyParsed, err := wgtypes.ParseKey(peerKey)
+	if err != nil {
+		return err
+	}
+
+	peer := wgtypes.PeerConfig{
+		PublicKey: peerKeyParsed,
+		Remove:    true,
+	}
+
+	config := wgtypes.Config{
+		Peers: []wgtypes.PeerConfig{peer},
+	}
+	err = w.configureDevice(config)
+	if err != nil {
+		return fmt.Errorf("received error \"%v\" while removing peer %s from interface %s", err, peerKey, w.Name)
+	}
+	return nil
+}
+
+// UpdatePeer
+func (w *WGIface) Update(peerConf wgtypes.PeerConfig) error {
+	w.mu.Lock()
+	defer w.mu.Unlock()
+	var err error
+	log.Printf("---------> NEWWWWWW Updating peer %+v from interface %s ", peerConf, w.Name)
+
+	peerConf.UpdateOnly = true
+	peerConf.ReplaceAllowedIPs = true
+	config := wgtypes.Config{
+		Peers: []wgtypes.PeerConfig{peerConf},
+	}
+	err = w.configureDevice(config)
+	if err != nil {
+		return fmt.Errorf("received error \"%v\" while Updating peer %s from interface %s", err, peerConf.PublicKey.String(), w.Name)
+	}
+	return nil
+}
+
+func GetPeer(ifaceName, peerPubKey string) (wgtypes.Peer, error) {
+	wg, err := wgctrl.New()
+	if err != nil {
+		return wgtypes.Peer{}, err
+	}
+	defer func() {
+		err = wg.Close()
+		if err != nil {
+			log.Printf("got error while closing wgctl: %v", err)
+		}
+	}()
+
+	wgDevice, err := wg.Device(ifaceName)
+	if err != nil {
+		return wgtypes.Peer{}, err
+	}
+	for _, peer := range wgDevice.Peers {
+		if peer.PublicKey.String() == peerPubKey {
+			return peer, nil
+		}
+	}
+	return wgtypes.Peer{}, fmt.Errorf("peer not found")
+}