zishuo/netmaker
1
0
Fork 0
mirror of https://github.com/gravitl/netmaker.git synced 2025-10-06 01:07:41 +08:00
Code Issues Packages Projects Releases Wiki Activity

add allowed networks

Browse Source
This commit is contained in:
abhishek9686
2024-12-13 14:08:34 +04:00
parent f14d916936
commit 98e313242b
2 changed files with 19 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
logic/peers.go
View File

@@ -158,17 +158,20 @@ func GetPeerUpdateForHost(network string, host *models.Host, allNodes []models.N
}
defaultUserPolicy, _ := GetDefaultPolicy(models.NetworkID(node.Network), models.UserPolicy)
defaultDevicePolicy, _ := GetDefaultPolicy(models.NetworkID(node.Network), models.DevicePolicy)
if node.NetworkRange.IP != nil {
hostPeerUpdate.FwUpdate.Networks = append(hostPeerUpdate.FwUpdate.Networks, node.NetworkRange)
}
if node.NetworkRange6.IP != nil {
hostPeerUpdate.FwUpdate.Networks = append(hostPeerUpdate.FwUpdate.Networks, node.NetworkRange6)
if defaultDevicePolicy.Enabled && defaultUserPolicy.Enabled {
if node.NetworkRange.IP != nil {
hostPeerUpdate.FwUpdate.AllowedNetworks = append(hostPeerUpdate.FwUpdate.AllowedNetworks, node.NetworkRange)
}
if node.NetworkRange6.IP != nil {
hostPeerUpdate.FwUpdate.AllowedNetworks = append(hostPeerUpdate.FwUpdate.AllowedNetworks, node.NetworkRange6)
}
} else {
hostPeerUpdate.FwUpdate.AllowAll = false
hostPeerUpdate.FwUpdate.AclRules = GetAclRulesForNode(&node)
}
if !defaultDevicePolicy.Enabled || !defaultUserPolicy.Enabled {
hostPeerUpdate.FwUpdate.AllowAll = false
}
hostPeerUpdate.FwUpdate.AclRules = GetAclRulesForNode(&node)
currentPeers := GetNetworkNodesMemory(allNodes, node.Network)
for _, peer := range currentPeers {
peer := peer

14
models/mqtt.go
View File

@@ -94,13 +94,13 @@ type KeyUpdate struct {
// FwUpdate - struct for firewall updates
type FwUpdate struct {
AllowAll bool `json:"allow_all"`
Networks []net.IPNet `json:"networks"`
IsEgressGw bool `json:"is_egress_gw"`
IsIngressGw bool `json:"is_ingress_gw"`
EgressInfo map[string]EgressInfo `json:"egress_info"`
IngressInfo map[string]IngressInfo `json:"ingress_info"`
AclRules map[string]AclRule `json:"acl_rules"`
AllowAll bool `json:"allow_all"`
AllowedNetworks []net.IPNet `json:"networks"`
IsEgressGw bool `json:"is_egress_gw"`
IsIngressGw bool `json:"is_ingress_gw"`
EgressInfo map[string]EgressInfo `json:"egress_info"`
IngressInfo map[string]IngressInfo `json:"ingress_info"`
AclRules map[string]AclRule `json:"acl_rules"`
}
// FailOverMeReq - struct for failover req