changes to allowedip parsing to handle ipv6 better

logic/server.go

@@ -16,6 +16,7 @@ import (
 	"github.com/gravitl/netmaker/models"
 	"github.com/gravitl/netmaker/netclient/ncutils"
 	"github.com/gravitl/netmaker/servercfg"
+	"github.com/seancfoley/ipaddress-go/ipaddr"
 	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
 )
 
@@ -237,15 +238,31 @@ func GetServerPeers(serverNode *models.Node) ([]wgtypes.PeerConfig, bool, []stri
 		}
 
 		var peer wgtypes.PeerConfig
+		var allowedips = []net.IPNet{}
+		if node.Address != "" {
 			var peeraddr = net.IPNet{
 				IP:   net.ParseIP(node.Address),
 				Mask: net.CIDRMask(32, 32),
 			}
-		var allowedips = []net.IPNet{
+			if peeraddr.IP != nil && peeraddr.Mask != nil {
-			peeraddr,
+				allowedips = append(allowedips, peeraddr)
 			}
+		}
+
+		if node.Address6 != "" {
+			var addr6 = net.IPNet{
+				IP:   net.ParseIP(node.Address6),
+				Mask: net.CIDRMask(128, 128),
+			}
+			if addr6.IP != nil && addr6.Mask != nil {
+				allowedips = append(allowedips, addr6)
+			}
+		}
+
 		// handle manually set peers
 		for _, allowedIp := range node.AllowedIPs {
+			currentIP := ipaddr.NewIPAddressString(allowedIp).GetAddress()
+			if currentIP.IsIPv4() {
 				if _, ipnet, err := net.ParseCIDR(allowedIp); err == nil {
 					nodeEndpointArr := strings.Split(node.Endpoint, ":")
 					if !ipnet.Contains(net.IP(nodeEndpointArr[0])) && ipnet.IP.String() != node.Address { // don't need to add an allowed ip that already exists..
@@ -258,6 +275,13 @@ func GetServerPeers(serverNode *models.Node) ([]wgtypes.PeerConfig, bool, []stri
 					}
 					allowedips = append(allowedips, ipnet)
 				}
+			} else if currentIP.IsIPv6() {
+				ipnet := net.IPNet{
+					IP:   currentIP.GetNetIP(),
+					Mask: net.CIDRMask(128, 128),
+				}
+				allowedips = append(allowedips, ipnet)
+			}
 		}
 		// handle egress gateway peers
 		if node.IsEgressGateway == "yes" {
@@ -269,6 +293,8 @@ func GetServerPeers(serverNode *models.Node) ([]wgtypes.PeerConfig, bool, []stri
 					logger.Log(1, "could not parse gateway IP range. Not adding", iprange)
 					continue // if can't parse CIDR
 				}
+				currentAddr := ipaddr.NewIPAddressString(ipnet.String()).GetAddress()
+				if currentAddr.IsIPv4() {
 					nodeEndpointArr := strings.Split(node.Endpoint, ":") // getting the public ip of node
 					if ipnet.Contains(net.ParseIP(nodeEndpointArr[0])) { // ensuring egress gateway range does not contain public ip of node
 						logger.Log(2, "egress IP range of", iprange, "overlaps with", node.Endpoint, ", omitting")
@@ -284,16 +310,13 @@ func GetServerPeers(serverNode *models.Node) ([]wgtypes.PeerConfig, bool, []stri
 					} else {
 						allowedips = append(allowedips, *ipnet)
 					}
+				} else if currentAddr.IsIPv6() {
+					allowedips = append(allowedips, *ipnet)
+				}
 			}
 			ranges = nil
 		}
-		if node.Address6 != "" {
+
-			var addr6 = net.IPNet{
-				IP:   net.ParseIP(node.Address6),
-				Mask: net.CIDRMask(128, 128),
-			}
-			allowedips = append(allowedips, addr6)
-		}
 		peer = wgtypes.PeerConfig{
 			PublicKey:                   pubkey,
 			PersistentKeepaliveInterval: &(keepalivedur),

netclient/ncutils/peerhelper.go

@@ -10,6 +10,7 @@ import (
 	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
 )
 
+// GetPeers - gets the peers from a given WireGuard interface
 func GetPeers(iface string) ([]wgtypes.Peer, error) {
 
 	var peers []wgtypes.Peer

netclient/wireguard/common.go

@@ -80,7 +80,6 @@ func SetPeers(iface string, node *models.Node, peers []wgtypes.PeerConfig) error
 			_, err = ncutils.RunCmd("wg set "+iface+" peer "+peer.PublicKey.String()+
 				" persistent-keepalive "+keepAliveString+
 				" allowed-ips "+allowedips, true)
-
 		} else {
 			_, err = ncutils.RunCmd("wg set "+iface+" peer "+peer.PublicKey.String()+
 				" endpoint "+udpendpoint+