zishuo/netmaker
1
0
Fork 0
mirror of https://github.com/gravitl/netmaker.git synced 2025-10-28 19:11:57 +08:00
Code Issues Packages Projects Releases Wiki Activity

add ingress rules to peer update

Browse Source
This commit is contained in:
abhishek9686
2024-10-21 12:35:10 +04:00
parent 6b93163bd5
commit 7fa6580103
4 changed files with 26 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
logic/extpeers.go
View File

@@ -396,20 +396,29 @@ func ToggleExtClientConnectivity(client *models.ExtClient, enable bool) (models.
return newClient, nil return newClient, nil
} }
func GetExtPeers(node, peer *models.Node) ([]wgtypes.PeerConfig, []models.IDandAddr, []models.EgressNetworkRoutes, error) { func GetExtPeers(node, peer *models.Node) ([]wgtypes.PeerConfig, []models.IDandAddr, []models.EgressNetworkRoutes, []net.IP, error) {
var peers []wgtypes.PeerConfig var peers []wgtypes.PeerConfig
var idsAndAddr []models.IDandAddr var idsAndAddr []models.IDandAddr
var egressRoutes []models.EgressNetworkRoutes var egressRoutes []models.EgressNetworkRoutes
var extUserIps []net.IP
extPeers, err := GetNetworkExtClients(node.Network) extPeers, err := GetNetworkExtClients(node.Network)
if err != nil { if err != nil {
return peers, idsAndAddr, egressRoutes, err return peers, idsAndAddr, egressRoutes, extUserIps, err
} }
host, err := GetHost(node.HostID.String()) host, err := GetHost(node.HostID.String())
if err != nil { if err != nil {
return peers, idsAndAddr, egressRoutes, err return peers, idsAndAddr, egressRoutes, extUserIps, err
} }
for _, extPeer := range extPeers { for _, extPeer := range extPeers {
extPeer := extPeer extPeer := extPeer
if extPeer.RemoteAccessClientID != "" {
if extPeer.AddressIPNet4().IP != nil {
extUserIps = append(extUserIps, extPeer.AddressIPNet4().IP)
}
if extPeer.AddressIPNet6().IP != nil {
extUserIps = append(extUserIps, extPeer.AddressIPNet6().IP)
}
}
if !IsClientNodeAllowed(&extPeer, peer.ID.String()) { if !IsClientNodeAllowed(&extPeer, peer.ID.String()) {
continue continue
} }
@@ -479,7 +488,7 @@ func GetExtPeers(node, peer *models.Node) ([]wgtypes.PeerConfig, []models.IDandA
IsExtClient: true, IsExtClient: true,
}) })
} }
return peers, idsAndAddr, egressRoutes, nil return peers, idsAndAddr, egressRoutes, extUserIps, nil
} }

9
logic/peers.go
View File

@@ -75,6 +75,7 @@ func GetPeerUpdateForHost(network string, host *models.Host, allNodes []models.N
ServerAddrs: []models.ServerAddr{}, ServerAddrs: []models.ServerAddr{},
FwUpdate: models.FwUpdate{ FwUpdate: models.FwUpdate{
EgressInfo: make(map[string]models.EgressInfo), EgressInfo: make(map[string]models.EgressInfo),
IngressInfo: make(map[string]models.IngressInfo),
}, },
PeerIDs: make(models.PeerMap, 0), PeerIDs: make(models.PeerMap, 0),
Peers: []wgtypes.PeerConfig{}, Peers: []wgtypes.PeerConfig{},
@@ -287,9 +288,13 @@ func GetPeerUpdateForHost(network string, host *models.Host, allNodes []models.N
var extPeers []wgtypes.PeerConfig var extPeers []wgtypes.PeerConfig
var extPeerIDAndAddrs []models.IDandAddr var extPeerIDAndAddrs []models.IDandAddr
var egressRoutes []models.EgressNetworkRoutes var egressRoutes []models.EgressNetworkRoutes
var extUserIps []net.IP
if node.IsIngressGateway { if node.IsIngressGateway {
extPeers, extPeerIDAndAddrs, egressRoutes, err = GetExtPeers(&node, &node) extPeers, extPeerIDAndAddrs, egressRoutes, extUserIps, err = GetExtPeers(&node, &node)
if err == nil { if err == nil {
hostPeerUpdate.FwUpdate.IngressInfo[node.ID.String()] = models.IngressInfo{
UserIps: extUserIps,
}
hostPeerUpdate.EgressRoutes = append(hostPeerUpdate.EgressRoutes, egressRoutes...) hostPeerUpdate.EgressRoutes = append(hostPeerUpdate.EgressRoutes, egressRoutes...)
hostPeerUpdate.Peers = append(hostPeerUpdate.Peers, extPeers...) hostPeerUpdate.Peers = append(hostPeerUpdate.Peers, extPeers...)
for _, extPeerIdAndAddr := range extPeerIDAndAddrs { for _, extPeerIdAndAddr := range extPeerIDAndAddrs {
@@ -421,7 +426,7 @@ func GetAllowedIPs(node, peer *models.Node, metrics *models.Metrics) []net.IPNet
// handle ingress gateway peers // handle ingress gateway peers
if peer.IsIngressGateway { if peer.IsIngressGateway {
extPeers, _, _, err := GetExtPeers(peer, node) extPeers, _, _, _, err := GetExtPeers(peer, node)
if err != nil { if err != nil {
logger.Log(2, "could not retrieve ext peers for ", peer.ID.String(), err.Error()) logger.Log(2, "could not retrieve ext peers for ", peer.ID.String(), err.Error())
} }

4
models/mqtt.go
View File

@@ -28,8 +28,7 @@ type HostPeerUpdate struct {
// IngressInfo - struct for ingress info // IngressInfo - struct for ingress info
type IngressInfo struct { type IngressInfo struct {
ExtPeers map[string]ExtClientInfo `json:"ext_peers" yaml:"ext_peers"` UserIps []net.IP
EgressRanges []string `json:"egress_ranges" yaml:"egress_ranges"`
} }
// EgressInfo - struct for egress info // EgressInfo - struct for egress info
@@ -79,6 +78,7 @@ type KeyUpdate struct {
type FwUpdate struct { type FwUpdate struct {
IsEgressGw bool `json:"is_egress_gw"` IsEgressGw bool `json:"is_egress_gw"`
EgressInfo map[string]EgressInfo `json:"egress_info"` EgressInfo map[string]EgressInfo `json:"egress_info"`
IngressInfo map[string]IngressInfo `json:"ingress_info"`
} }
// FailOverMeReq - struct for failover req // FailOverMeReq - struct for failover req

2
pro/logic/failover.go
View File

@@ -148,7 +148,7 @@ func GetFailOverPeerIps(peer, node *models.Node) []net.IPNet {
} }
// handle ingress gateway peers // handle ingress gateway peers
if failOverpeer.IsIngressGateway { if failOverpeer.IsIngressGateway {
extPeers, _, _, err := logic.GetExtPeers(&failOverpeer, node) extPeers, _, _, _, err := logic.GetExtPeers(&failOverpeer, node)
if err != nil { if err != nil {
logger.Log(2, "could not retrieve ext peers for ", peer.ID.String(), err.Error()) logger.Log(2, "could not retrieve ext peers for ", peer.ID.String(), err.Error())
} }