mirror of
https://github.com/gravitl/netmaker.git
synced 2025-10-05 16:57:51 +08:00
configure proxy on peer update without resetting
This commit is contained in:
Abhishek Kondur
@@ -83,7 +83,7 @@ func GetPeersForProxy(node *models.Node, onlyPeers bool) (manager.ManagerPayload
|
||||
logger.Log(1, "failed to resolve udp addr for node: ", peer.ID, peer.Endpoint, err.Error())
|
||||
continue
|
||||
}
|
||||
allowedips := getNodeAllowedIPs(node, &peer)
|
||||
allowedips := getNodeAllowedIPs(&peer, node)
|
||||
var keepalive time.Duration
|
||||
if node.PersistentKeepalive != 0 {
|
||||
// set_keepalive
|
||||
@@ -96,12 +96,16 @@ func GetPeersForProxy(node *models.Node, onlyPeers bool) (manager.ManagerPayload
|
||||
PersistentKeepaliveInterval: &keepalive,
|
||||
ReplaceAllowedIPs: true,
|
||||
})
|
||||
peerConfMap[peer.PublicKey] = manager.PeerConf{
|
||||
Address: peer.PrimaryAddress(),
|
||||
}
|
||||
if !onlyPeers && peer.IsRelayed == "yes" {
|
||||
relayNode := FindRelay(&peer)
|
||||
if relayNode != nil {
|
||||
relayTo, err := net.ResolveUDPAddr("udp", fmt.Sprintf("%s:%d", relayNode.Endpoint, relayNode.LocalListenPort))
|
||||
if err == nil {
|
||||
peerConfMap[peer.PublicKey] = manager.PeerConf{
|
||||
|
||||
IsRelayed: true,
|
||||
RelayedTo: relayTo,
|
||||
Address: peer.PrimaryAddress(),
|
||||
|
||||
@@ -14,7 +14,6 @@ import (
|
||||
"github.com/gravitl/netmaker/logger"
|
||||
"github.com/gravitl/netmaker/models"
|
||||
"github.com/gravitl/netmaker/netclient/config"
|
||||
"github.com/gravitl/netmaker/netclient/local"
|
||||
"github.com/gravitl/netmaker/netclient/ncutils"
|
||||
"github.com/gravitl/netmaker/netclient/wireguard"
|
||||
"github.com/gravitl/netmaker/nm-proxy/manager"
|
||||
@@ -53,6 +52,7 @@ func ProxyUpdate(client mqtt.Client, msg mqtt.Message) {
|
||||
|
||||
// NodeUpdate -- mqtt message handler for /update/<NodeID> topic
|
||||
func NodeUpdate(client mqtt.Client, msg mqtt.Message) {
|
||||
return
|
||||
var newNode models.Node
|
||||
var nodeCfg config.ClientConfig
|
||||
var network = parseNetworkFromTopic(msg.Topic())
|
||||
@@ -252,22 +252,22 @@ func UpdatePeers(client mqtt.Client, msg mqtt.Message) {
|
||||
UpdateLocalListenPort(&cfg)
|
||||
return
|
||||
}
|
||||
queryAddr := cfg.Node.PrimaryAddress()
|
||||
// queryAddr := cfg.Node.PrimaryAddress()
|
||||
|
||||
//err = wireguard.SyncWGQuickConf(cfg.Node.Interface, file)
|
||||
var iface = cfg.Node.Interface
|
||||
if ncutils.IsMac() {
|
||||
iface, err = local.GetMacIface(queryAddr)
|
||||
if err != nil {
|
||||
logger.Log(0, "error retrieving mac iface: "+err.Error())
|
||||
return
|
||||
}
|
||||
}
|
||||
err = wireguard.SetPeers(iface, &cfg.Node, peerUpdate.Peers)
|
||||
if err != nil {
|
||||
logger.Log(0, "error syncing wg after peer update: "+err.Error())
|
||||
return
|
||||
}
|
||||
// var iface = cfg.Node.Interface
|
||||
// if ncutils.IsMac() {
|
||||
// iface, err = local.GetMacIface(queryAddr)
|
||||
// if err != nil {
|
||||
// logger.Log(0, "error retrieving mac iface: "+err.Error())
|
||||
// return
|
||||
// }
|
||||
// }
|
||||
// err = wireguard.SetPeers(iface, &cfg.Node, peerUpdate.Peers)
|
||||
// if err != nil {
|
||||
// logger.Log(0, "error syncing wg after peer update: "+err.Error())
|
||||
// return
|
||||
// }
|
||||
ProxyMgmChan <- &peerUpdate.ProxyUpdate
|
||||
logger.Log(0, "network:", cfg.Node.Network, "received peer update for node "+cfg.Node.Name+" "+cfg.Node.Network)
|
||||
if cfg.Node.DNSOn == "yes" {
|
||||
|
||||
@@ -42,14 +42,13 @@ type ConnConfig struct {
|
||||
}
|
||||
|
||||
type Config struct {
|
||||
Port int
|
||||
BodySize int
|
||||
Addr string
|
||||
RemoteKey string
|
||||
LocalKey string
|
||||
WgInterface *wg.WGIface
|
||||
AllowedIps []net.IPNet
|
||||
PreSharedKey *wgtypes.Key
|
||||
Port int
|
||||
BodySize int
|
||||
Addr string
|
||||
RemoteKey string
|
||||
LocalKey string
|
||||
WgInterface *wg.WGIface
|
||||
PeerConf *wgtypes.PeerConfig
|
||||
}
|
||||
|
||||
// Proxy - WireguardProxy proxies
|
||||
@@ -70,7 +69,12 @@ type RemotePeer struct {
|
||||
IsAttachedExtClient bool
|
||||
}
|
||||
|
||||
var WgIFaceMap = make(map[string]map[string]*Conn)
|
||||
type WgIfaceConf struct {
|
||||
Iface *wgtypes.Device
|
||||
PeerMap map[string]*Conn
|
||||
}
|
||||
|
||||
var WgIFaceMap = make(map[string]WgIfaceConf)
|
||||
|
||||
var PeerKeyHashMap = make(map[string]RemotePeer)
|
||||
|
||||
|
||||
@@ -7,6 +7,7 @@ import (
|
||||
"fmt"
|
||||
"log"
|
||||
"net"
|
||||
"reflect"
|
||||
"runtime"
|
||||
"time"
|
||||
|
||||
@@ -59,6 +60,7 @@ const (
|
||||
AddInterface ProxyAction = "ADD_INTERFACE"
|
||||
DeletePeer ProxyAction = "DELETE_PEER"
|
||||
UpdatePeer ProxyAction = "UPDATE_PEER"
|
||||
AddPeer ProxyAction = "ADD_PEER"
|
||||
RelayPeers ProxyAction = "RELAY_PEERS"
|
||||
RelayUpdate ProxyAction = "RELAY_UPDATE"
|
||||
RelayTo ProxyAction = "RELAY_TO"
|
||||
@@ -90,7 +92,7 @@ func StartProxyManager(manageChan chan *ManagerAction) {
|
||||
case UpdatePeer:
|
||||
//mI.UpdatePeerProxy()
|
||||
case DeletePeer:
|
||||
mI.DeletePeers()
|
||||
|
||||
case RelayPeers:
|
||||
mI.RelayPeers()
|
||||
case RelayUpdate:
|
||||
@@ -135,98 +137,132 @@ func (m *ManagerAction) RelayPeers() {
|
||||
}
|
||||
}
|
||||
|
||||
func (m *ManagerAction) DeletePeers() {
|
||||
if len(m.Payload.Peers) == 0 {
|
||||
log.Println("No Peers to delete...")
|
||||
return
|
||||
}
|
||||
peersMap, ok := common.WgIFaceMap[m.Payload.InterfaceName]
|
||||
if !ok {
|
||||
log.Println("interface not found: ", m.Payload.InterfaceName)
|
||||
return
|
||||
}
|
||||
|
||||
for _, peerI := range m.Payload.Peers {
|
||||
if peerConf, ok := peersMap[peerI.PublicKey.String()]; ok {
|
||||
peerConf.Proxy.Cancel()
|
||||
delete(peersMap, peerI.PublicKey.String())
|
||||
}
|
||||
}
|
||||
common.WgIFaceMap[m.Payload.InterfaceName] = peersMap
|
||||
}
|
||||
|
||||
func (m *ManagerAction) UpdatePeerProxy() {
|
||||
if len(m.Payload.Peers) == 0 {
|
||||
log.Println("No Peers to add...")
|
||||
return
|
||||
}
|
||||
peers, ok := common.WgIFaceMap[m.Payload.InterfaceName]
|
||||
if !ok {
|
||||
log.Println("interface not found: ", m.Payload.InterfaceName)
|
||||
return
|
||||
}
|
||||
|
||||
for _, peerI := range m.Payload.Peers {
|
||||
peerConf := m.Payload.PeerMap[peerI.PublicKey.String()]
|
||||
if peerI.Endpoint == nil && !peerConf.IsExtClient {
|
||||
log.Println("Endpoint nil for peer: ", peerI.PublicKey.String())
|
||||
continue
|
||||
}
|
||||
|
||||
if peerConf, ok := peers[peerI.PublicKey.String()]; ok {
|
||||
|
||||
peerConf.Config.RemoteWgPort = peerI.Endpoint.Port
|
||||
peers[peerI.PublicKey.String()] = peerConf
|
||||
common.WgIFaceMap[m.Payload.InterfaceName] = peers
|
||||
log.Printf("---->####### Updated PEER: %+v\n", peerConf)
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
func cleanUp(iface string) {
|
||||
if peers, ok := common.WgIFaceMap[iface]; ok {
|
||||
log.Println("########------------> CLEANING UP: ", iface)
|
||||
for _, peerI := range peers {
|
||||
peerI.Proxy.Cancel()
|
||||
}
|
||||
}
|
||||
delete(common.WgIFaceMap, iface)
|
||||
delete(common.PeerAddrMap, iface)
|
||||
if waitThs, ok := common.ExtClientsWaitTh[iface]; ok {
|
||||
for _, cancelF := range waitThs {
|
||||
cancelF()
|
||||
}
|
||||
delete(common.ExtClientsWaitTh, iface)
|
||||
}
|
||||
|
||||
log.Println("CLEANED UP..........")
|
||||
}
|
||||
|
||||
func (m *ManagerAction) AddInterfaceToProxy() error {
|
||||
func (m *ManagerAction) processPayload() (*wg.WGIface, error) {
|
||||
var err error
|
||||
var wgIface *wg.WGIface
|
||||
if m.Payload.InterfaceName == "" {
|
||||
return errors.New("interface cannot be empty")
|
||||
return nil, errors.New("interface cannot be empty")
|
||||
}
|
||||
if len(m.Payload.Peers) == 0 {
|
||||
log.Println("No Peers to add...")
|
||||
return nil
|
||||
return nil, errors.New("no peers to add")
|
||||
}
|
||||
ifaceName := m.Payload.InterfaceName
|
||||
log.Println("--------> IFACE: ", ifaceName)
|
||||
|
||||
if runtime.GOOS == "darwin" {
|
||||
ifaceName, err = wg.GetRealIface(ifaceName)
|
||||
m.Payload.InterfaceName, err = wg.GetRealIface(m.Payload.InterfaceName)
|
||||
if err != nil {
|
||||
log.Println("failed to get real iface: ", err)
|
||||
}
|
||||
}
|
||||
cleanUp(ifaceName)
|
||||
|
||||
wgInterface, err := wg.NewWGIFace(ifaceName, "127.0.0.1/32", wg.DefaultMTU)
|
||||
wgIface, err = wg.NewWGIFace(m.Payload.InterfaceName, "127.0.0.1/32", wg.DefaultMTU)
|
||||
if err != nil {
|
||||
log.Println("Failed init new interface: ", err)
|
||||
return nil, err
|
||||
}
|
||||
var wgProxyConf common.WgIfaceConf
|
||||
var ok bool
|
||||
if wgProxyConf, ok = common.WgIFaceMap[m.Payload.InterfaceName]; !ok {
|
||||
return wgIface, nil
|
||||
}
|
||||
// sync map with wg device config
|
||||
// check if listen port has changed
|
||||
if wgIface.Device.ListenPort != wgProxyConf.Iface.ListenPort {
|
||||
// reset proxy for this interface
|
||||
|
||||
log.Println("########------------> CLEANING UP: ", m.Payload.InterfaceName)
|
||||
for _, peerI := range wgProxyConf.PeerMap {
|
||||
peerI.Proxy.Cancel()
|
||||
}
|
||||
delete(common.WgIFaceMap, m.Payload.InterfaceName)
|
||||
return wgIface, nil
|
||||
}
|
||||
wgProxyConf.Iface = wgIface.Device
|
||||
for i := len(m.Payload.Peers) - 1; i >= 0; i-- {
|
||||
if currentPeer, ok := wgProxyConf.PeerMap[m.Payload.Peers[i].PublicKey.String()]; ok {
|
||||
// check if peer is not connected to proxy
|
||||
devPeer, err := wg.GetPeer(m.Payload.InterfaceName, currentPeer.Config.Key)
|
||||
if err == nil {
|
||||
log.Printf("---------> COMAPRING ENDP{INT}: DEV: %s, Proxy: %s", devPeer.Endpoint.String(), currentPeer.Proxy.LocalConn.LocalAddr().String())
|
||||
if devPeer.Endpoint.String() != currentPeer.Proxy.LocalConn.LocalAddr().String() {
|
||||
log.Println("---------> endpoint is not set to proxy: ", currentPeer.Config.Key)
|
||||
currentPeer.Proxy.Cancel()
|
||||
delete(wgProxyConf.PeerMap, currentPeer.Config.Key)
|
||||
continue
|
||||
}
|
||||
}
|
||||
if !reflect.DeepEqual(m.Payload.Peers[i], *currentPeer.Proxy.Config.PeerConf) {
|
||||
if currentPeer.Proxy.RemoteConn.IP.String() != m.Payload.Peers[i].Endpoint.IP.String() {
|
||||
log.Println("----------> Resetting proxy for Peer: ", currentPeer.Config.Key, m.Payload.InterfaceName)
|
||||
currentPeer.Proxy.Cancel()
|
||||
delete(wgProxyConf.PeerMap, currentPeer.Config.Key)
|
||||
|
||||
} else {
|
||||
|
||||
log.Println("----->##### Updating Peer on Interface: ", m.Payload.InterfaceName, currentPeer.Config.Key)
|
||||
updatePeerConf := m.Payload.Peers[i]
|
||||
localUdpAddr, err := net.ResolveUDPAddr("udp", currentPeer.Proxy.LocalConn.LocalAddr().String())
|
||||
if err == nil {
|
||||
updatePeerConf.Endpoint = localUdpAddr
|
||||
}
|
||||
if err := wgIface.Update(updatePeerConf); err != nil {
|
||||
log.Println("failed to update peer: ", currentPeer.Config.Key, err)
|
||||
}
|
||||
currentPeer.Proxy.Config.PeerConf = &m.Payload.Peers[i]
|
||||
wgProxyConf.PeerMap[currentPeer.Config.Key] = currentPeer
|
||||
// delete the peer from the list
|
||||
log.Println("-----------> deleting peer from list: ", m.Payload.Peers[i].PublicKey)
|
||||
m.Payload.Peers = append(m.Payload.Peers[:i], m.Payload.Peers[i+1:]...)
|
||||
|
||||
}
|
||||
|
||||
} else {
|
||||
// delete the peer from the list
|
||||
log.Println("-----------> No updates observed so deleting peer: ", m.Payload.Peers[i].PublicKey)
|
||||
m.Payload.Peers = append(m.Payload.Peers[:i], m.Payload.Peers[i+1:]...)
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
for _, currPeerI := range wgProxyConf.PeerMap {
|
||||
if _, ok := m.Payload.PeerMap[currPeerI.Config.Key]; !ok {
|
||||
currPeerI.Proxy.Cancel()
|
||||
// delete peer from interface
|
||||
log.Println("CurrPeer Not Found, Deleting Peer from Interface: ", currPeerI.Config.Key)
|
||||
if err := wgIface.RemovePeer(currPeerI.Config.Key); err != nil {
|
||||
log.Println("failed to remove peer: ", currPeerI.Config.Key, err)
|
||||
}
|
||||
delete(wgProxyConf.PeerMap, currPeerI.Config.Key)
|
||||
|
||||
}
|
||||
}
|
||||
common.WgIFaceMap[m.Payload.InterfaceName] = wgProxyConf
|
||||
|
||||
// if peers, ok := common.WgIFaceMap[iface]; ok {
|
||||
// log.Println("########------------> CLEANING UP: ", iface)
|
||||
// for _, peerI := range peers {
|
||||
// peerI.Proxy.Cancel()
|
||||
// }
|
||||
// }
|
||||
// delete(common.WgIFaceMap, iface)
|
||||
// delete(common.PeerAddrMap, iface)
|
||||
// if waitThs, ok := common.ExtClientsWaitTh[iface]; ok {
|
||||
// for _, cancelF := range waitThs {
|
||||
// cancelF()
|
||||
// }
|
||||
// delete(common.ExtClientsWaitTh, iface)
|
||||
// }
|
||||
|
||||
log.Println("CLEANED UP..........")
|
||||
return wgIface, nil
|
||||
}
|
||||
|
||||
func (m *ManagerAction) AddInterfaceToProxy() error {
|
||||
var err error
|
||||
|
||||
wgInterface, err := m.processPayload()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
log.Printf("wg: %+v\n", wgInterface)
|
||||
wgListenAddr, err := proxy.GetInterfaceListenAddr(wgInterface.Port)
|
||||
if err != nil {
|
||||
@@ -272,7 +308,7 @@ func (m *ManagerAction) AddInterfaceToProxy() error {
|
||||
}
|
||||
if shouldProceed {
|
||||
common.PeerKeyHashMap[fmt.Sprintf("%x", md5.Sum([]byte(peerI.PublicKey.String())))] = common.RemotePeer{
|
||||
Interface: ifaceName,
|
||||
Interface: m.Payload.InterfaceName,
|
||||
PeerKey: peerI.PublicKey.String(),
|
||||
IsExtClient: peerConf.IsExtClient,
|
||||
Endpoint: peerI.Endpoint,
|
||||
@@ -295,7 +331,7 @@ func (m *ManagerAction) AddInterfaceToProxy() error {
|
||||
log.Println("Extclient endpoint not updated yet....skipping")
|
||||
// TODO - watch the interface for ext client update
|
||||
go func(wgInterface *wg.WGIface, peer *wgtypes.PeerConfig,
|
||||
isRelayed, isExtClient, isAttachedExtClient bool, relayTo *net.UDPAddr, peerConf PeerConf) {
|
||||
isRelayed bool, relayTo *net.UDPAddr, peerConf PeerConf) {
|
||||
addExtClient := false
|
||||
ctx, cancel := context.WithCancel(context.Background())
|
||||
common.ExtClientsWaitTh[wgInterface.Name] = append(common.ExtClientsWaitTh[wgInterface.Name], cancel)
|
||||
@@ -321,7 +357,7 @@ func (m *ManagerAction) AddInterfaceToProxy() error {
|
||||
log.Println("Exiting extclient watch Thread for: ", wgInterface.Device.PublicKey.String())
|
||||
return
|
||||
default:
|
||||
wgInterface, err := wg.NewWGIFace(ifaceName, "127.0.0.1/32", wg.DefaultMTU)
|
||||
wgInterface, err := wg.NewWGIFace(m.Payload.InterfaceName, "127.0.0.1/32", wg.DefaultMTU)
|
||||
if err != nil {
|
||||
log.Println("Failed init new interface: ", err)
|
||||
return
|
||||
@@ -338,7 +374,7 @@ func (m *ManagerAction) AddInterfaceToProxy() error {
|
||||
|
||||
}
|
||||
|
||||
}(wgInterface, &peerI, isRelayed, peerConf.IsExtClient, peerConf.IsAttachedExtClient, relayedTo, peerConf)
|
||||
}(wgInterface, &peerI, isRelayed, relayedTo, peerConf)
|
||||
continue
|
||||
}
|
||||
|
||||
|
||||
@@ -41,7 +41,7 @@ func AddNewPeer(wgInterface *wg.WGIface, peer *wgtypes.PeerConfig, peerAddr stri
|
||||
LocalKey: wgInterface.Device.PublicKey.String(),
|
||||
RemoteKey: peer.PublicKey.String(),
|
||||
WgInterface: wgInterface,
|
||||
AllowedIps: peer.AllowedIPs,
|
||||
PeerConf: peer,
|
||||
}
|
||||
p := proxy.NewProxy(c)
|
||||
peerPort := common.NmProxyPort
|
||||
@@ -91,7 +91,7 @@ func AddNewPeer(wgInterface *wg.WGIface, peer *wgtypes.PeerConfig, peerAddr stri
|
||||
LocalKey: wgInterface.Device.PublicKey.String(),
|
||||
RemoteKey: peer.PublicKey.String(),
|
||||
WgInterface: wgInterface,
|
||||
AllowedIps: peer.AllowedIPs,
|
||||
PeerConf: peer,
|
||||
},
|
||||
|
||||
RemoteConn: remoteConn,
|
||||
@@ -105,10 +105,15 @@ func AddNewPeer(wgInterface *wg.WGIface, peer *wgtypes.PeerConfig, peerAddr stri
|
||||
Proxy: peerProxy,
|
||||
}
|
||||
if _, ok := common.WgIFaceMap[wgInterface.Name]; ok {
|
||||
common.WgIFaceMap[wgInterface.Name][peer.PublicKey.String()] = &peerConn
|
||||
common.WgIFaceMap[wgInterface.Name].PeerMap[peer.PublicKey.String()] = &peerConn
|
||||
} else {
|
||||
common.WgIFaceMap[wgInterface.Name] = make(map[string]*common.Conn)
|
||||
common.WgIFaceMap[wgInterface.Name][peer.PublicKey.String()] = &peerConn
|
||||
ifaceConf := common.WgIfaceConf{
|
||||
Iface: wgInterface.Device,
|
||||
PeerMap: make(map[string]*common.Conn),
|
||||
}
|
||||
|
||||
common.WgIFaceMap[wgInterface.Name] = ifaceConf
|
||||
common.WgIFaceMap[wgInterface.Name].PeerMap[peer.PublicKey.String()] = &peerConn
|
||||
}
|
||||
if _, ok := common.PeerAddrMap[wgInterface.Name]; ok {
|
||||
common.PeerAddrMap[wgInterface.Name][peerAddr] = &peerConn
|
||||
|
||||
@@ -17,14 +17,13 @@ const (
|
||||
)
|
||||
|
||||
type Config struct {
|
||||
Port int
|
||||
BodySize int
|
||||
Addr string
|
||||
RemoteKey string
|
||||
LocalKey string
|
||||
WgInterface *wg.WGIface
|
||||
AllowedIps []net.IPNet
|
||||
PreSharedKey *wgtypes.Key
|
||||
Port int
|
||||
BodySize int
|
||||
Addr string
|
||||
RemoteKey string
|
||||
LocalKey string
|
||||
WgInterface *wg.WGIface
|
||||
PeerConf *wgtypes.PeerConfig
|
||||
}
|
||||
|
||||
// Proxy - WireguardProxy proxies
|
||||
|
||||
@@ -25,7 +25,6 @@ func NewProxy(config Config) *Proxy {
|
||||
// proxyToRemote proxies everything from Wireguard to the RemoteKey peer
|
||||
func (p *Proxy) ProxyToRemote() {
|
||||
|
||||
peers := common.WgIFaceMap[p.Config.WgInterface.Name]
|
||||
go func() {
|
||||
<-p.Ctx.Done()
|
||||
log.Println("Closing connection for: ", p.LocalConn.LocalAddr().String())
|
||||
@@ -61,15 +60,15 @@ func (p *Proxy) ProxyToRemote() {
|
||||
continue
|
||||
}
|
||||
//go func(buf []byte, n int) {
|
||||
|
||||
if peerI, ok := peers[p.Config.RemoteKey]; ok {
|
||||
//var srcPeerKeyHash, dstPeerKeyHash string
|
||||
buf, n, _, _ = packet.ProcessPacketBeforeSending(buf, n, peerI.Config.LocalKey, peerI.Config.Key)
|
||||
ifaceConf := common.WgIFaceMap[p.Config.WgInterface.Name]
|
||||
if peerI, ok := ifaceConf.PeerMap[p.Config.RemoteKey]; ok {
|
||||
var srcPeerKeyHash, dstPeerKeyHash string
|
||||
buf, n, srcPeerKeyHash, dstPeerKeyHash = packet.ProcessPacketBeforeSending(buf, n, peerI.Config.LocalKey, peerI.Config.Key)
|
||||
if err != nil {
|
||||
log.Println("failed to process pkt before sending: ", err)
|
||||
}
|
||||
// log.Printf("PROXING TO REMOTE!!!---> %s >>>>> %s >>>>> %s [[ SrcPeerHash: %s, DstPeerHash: %s ]]\n",
|
||||
// p.LocalConn.LocalAddr(), server.NmProxyServer.Server.LocalAddr().String(), p.RemoteConn.String(), srcPeerKeyHash, dstPeerKeyHash)
|
||||
log.Printf("PROXING TO REMOTE!!!---> %s >>>>> %s >>>>> %s [[ SrcPeerHash: %s, DstPeerHash: %s ]]\n",
|
||||
p.LocalConn.LocalAddr(), server.NmProxyServer.Server.LocalAddr().String(), p.RemoteConn.String(), srcPeerKeyHash, dstPeerKeyHash)
|
||||
} else {
|
||||
log.Printf("Peer: %s not found in config\n", p.Config.RemoteKey)
|
||||
p.Cancel()
|
||||
@@ -99,9 +98,9 @@ func (p *Proxy) updateEndpoint() error {
|
||||
return err
|
||||
}
|
||||
// add local proxy connection as a Wireguard peer
|
||||
log.Printf("---> ## Updating Peer: %+v\n", p.Config)
|
||||
err = p.Config.WgInterface.UpdatePeer(p.Config.RemoteKey, p.Config.AllowedIps, wg.DefaultWgKeepAlive,
|
||||
udpAddr, p.Config.PreSharedKey)
|
||||
log.Printf("---> ####### Updating Peer: %+v\n", p.Config.PeerConf)
|
||||
err = p.Config.WgInterface.UpdatePeer(p.Config.RemoteKey, p.Config.PeerConf.AllowedIPs, wg.DefaultWgKeepAlive,
|
||||
udpAddr, p.Config.PeerConf.PresharedKey)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
@@ -113,17 +112,8 @@ func (p *Proxy) Start(remoteConn *net.UDPAddr) error {
|
||||
p.RemoteConn = remoteConn
|
||||
|
||||
var err error
|
||||
// err = p.Config.WgInterface.GetWgIface(p.Config.WgInterface.Name)
|
||||
// if err != nil {
|
||||
// log.Println("Failed to get iface: ", p.Config.WgInterface.Name, err)
|
||||
// return err
|
||||
// }
|
||||
// wgAddr, err := GetInterfaceIpv4Addr(p.Config.WgInterface.Name)
|
||||
// if err != nil {
|
||||
// log.Println("failed to get interface addr: ", err)
|
||||
// return err
|
||||
// }
|
||||
log.Printf("----> WGIFACE: %+v\n", p.Config.WgInterface)
|
||||
|
||||
//log.Printf("----> WGIFACE: %+v\n", p.Config.WgInterface)
|
||||
addr, err := GetFreeIp(common.DefaultCIDR, p.Config.WgInterface.Port)
|
||||
if err != nil {
|
||||
log.Println("Failed to get freeIp: ", err)
|
||||
@@ -137,7 +127,7 @@ func (p *Proxy) Start(remoteConn *net.UDPAddr) error {
|
||||
if runtime.GOOS == "darwin" {
|
||||
wgListenAddr.IP = net.ParseIP(addr)
|
||||
}
|
||||
log.Println("--------->#### Wg Listen Addr: ", wgListenAddr.String())
|
||||
//log.Println("--------->#### Wg Listen Addr: ", wgListenAddr.String())
|
||||
p.LocalConn, err = net.DialUDP("udp", &net.UDPAddr{
|
||||
IP: net.ParseIP(addr),
|
||||
Port: common.NmProxyPort,
|
||||
|
||||
@@ -2,6 +2,7 @@ package server
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"log"
|
||||
"net"
|
||||
"time"
|
||||
@@ -42,9 +43,9 @@ func (p *ProxyServer) Listen(ctx context.Context) {
|
||||
case <-ctx.Done():
|
||||
log.Println("--------->### Shutting down Proxy.....")
|
||||
// clean up proxy connections
|
||||
for iface, peers := range common.WgIFaceMap {
|
||||
for iface, ifaceConf := range common.WgIFaceMap {
|
||||
log.Println("########------------> CLEANING UP: ", iface)
|
||||
for _, peerI := range peers {
|
||||
for _, peerI := range ifaceConf.PeerMap {
|
||||
peerI.Proxy.Cancel()
|
||||
}
|
||||
}
|
||||
@@ -114,11 +115,11 @@ func (p *ProxyServer) Listen(ctx context.Context) {
|
||||
}
|
||||
|
||||
if peerInfo, ok := common.PeerKeyHashMap[srcPeerKeyHash]; ok {
|
||||
if peers, ok := common.WgIFaceMap[peerInfo.Interface]; ok {
|
||||
if peerI, ok := peers[peerInfo.PeerKey]; ok {
|
||||
// log.Printf("PROXING TO LOCAL!!!---> %s <<<< %s <<<<<<<< %s [[ RECV PKT [SRCKEYHASH: %s], [DSTKEYHASH: %s], SourceIP: [%s] ]]\n",
|
||||
// peerI.Proxy.LocalConn.RemoteAddr(), peerI.Proxy.LocalConn.LocalAddr(),
|
||||
// fmt.Sprintf("%s:%d", source.IP.String(), source.Port), srcPeerKeyHash, dstPeerKeyHash, source.IP.String())
|
||||
if ifaceConf, ok := common.WgIFaceMap[peerInfo.Interface]; ok {
|
||||
if peerI, ok := ifaceConf.PeerMap[peerInfo.PeerKey]; ok {
|
||||
log.Printf("PROXING TO LOCAL!!!---> %s <<<< %s <<<<<<<< %s [[ RECV PKT [SRCKEYHASH: %s], [DSTKEYHASH: %s], SourceIP: [%s] ]]\n",
|
||||
peerI.Proxy.LocalConn.RemoteAddr(), peerI.Proxy.LocalConn.LocalAddr(),
|
||||
fmt.Sprintf("%s:%d", source.IP.String(), source.Port), srcPeerKeyHash, dstPeerKeyHash, source.IP.String())
|
||||
_, err = peerI.Proxy.LocalConn.Write(buffer[:n])
|
||||
if err != nil {
|
||||
log.Println("Failed to proxy to Wg local interface: ", err)
|
||||
|
||||
@@ -124,9 +124,9 @@ func (w *WGIface) UpdatePeer(peerKey string, allowedIps []net.IPNet, keepAlive t
|
||||
return err
|
||||
}
|
||||
peer := wgtypes.PeerConfig{
|
||||
PublicKey: peerKeyParsed,
|
||||
// ReplaceAllowedIPs: true,
|
||||
// AllowedIPs: allowedIps,
|
||||
PublicKey: peerKeyParsed,
|
||||
ReplaceAllowedIPs: true,
|
||||
AllowedIPs: allowedIps,
|
||||
PersistentKeepaliveInterval: &keepAlive,
|
||||
PresharedKey: preSharedKey,
|
||||
Endpoint: endpoint,
|
||||
@@ -234,3 +234,73 @@ func RunCmd(command string, printerr bool) (string, error) {
|
||||
}
|
||||
return string(out), err
|
||||
}
|
||||
|
||||
// RemovePeer removes a Wireguard Peer from the interface iface
|
||||
func (w *WGIface) RemovePeer(peerKey string) error {
|
||||
w.mu.Lock()
|
||||
defer w.mu.Unlock()
|
||||
|
||||
log.Printf("Removing peer %s from interface %s ", peerKey, w.Name)
|
||||
|
||||
peerKeyParsed, err := wgtypes.ParseKey(peerKey)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
peer := wgtypes.PeerConfig{
|
||||
PublicKey: peerKeyParsed,
|
||||
Remove: true,
|
||||
}
|
||||
|
||||
config := wgtypes.Config{
|
||||
Peers: []wgtypes.PeerConfig{peer},
|
||||
}
|
||||
err = w.configureDevice(config)
|
||||
if err != nil {
|
||||
return fmt.Errorf("received error \"%v\" while removing peer %s from interface %s", err, peerKey, w.Name)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// UpdatePeer
|
||||
func (w *WGIface) Update(peerConf wgtypes.PeerConfig) error {
|
||||
w.mu.Lock()
|
||||
defer w.mu.Unlock()
|
||||
var err error
|
||||
log.Printf("---------> NEWWWWWW Updating peer %+v from interface %s ", peerConf, w.Name)
|
||||
|
||||
peerConf.UpdateOnly = true
|
||||
peerConf.ReplaceAllowedIPs = true
|
||||
config := wgtypes.Config{
|
||||
Peers: []wgtypes.PeerConfig{peerConf},
|
||||
}
|
||||
err = w.configureDevice(config)
|
||||
if err != nil {
|
||||
return fmt.Errorf("received error \"%v\" while Updating peer %s from interface %s", err, peerConf.PublicKey.String(), w.Name)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func GetPeer(ifaceName, peerPubKey string) (wgtypes.Peer, error) {
|
||||
wg, err := wgctrl.New()
|
||||
if err != nil {
|
||||
return wgtypes.Peer{}, err
|
||||
}
|
||||
defer func() {
|
||||
err = wg.Close()
|
||||
if err != nil {
|
||||
log.Printf("got error while closing wgctl: %v", err)
|
||||
}
|
||||
}()
|
||||
|
||||
wgDevice, err := wg.Device(ifaceName)
|
||||
if err != nil {
|
||||
return wgtypes.Peer{}, err
|
||||
}
|
||||
for _, peer := range wgDevice.Peers {
|
||||
if peer.PublicKey.String() == peerPubKey {
|
||||
return peer, nil
|
||||
}
|
||||
}
|
||||
return wgtypes.Peer{}, fmt.Errorf("peer not found")
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user