iptables now being set by client

2025-10-05 16:57:51 +08:00 · 2021-04-15 09:48:14 -04:00
parent 77914d22b0
commit e2ec093eaf
9 changed files with 78 additions and 13 deletions
--- a/controllers/nodeHttpController.go
+++ b/controllers/nodeHttpController.go
@@ -592,12 +592,12 @@ func createGateway(w http.ResponseWriter, r *http.Request) {
 	nodechange.IsGateway = true
 	nodechange.GatewayRange = gateway.RangeString
 	if gateway.PostUp == "" {
-		nodechange.PostUp = "iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o " + gateway.Interface + " -j MASQUERADE"
+		nodechange.PostUp = "iptables -A FORWARD -i " + node.Interface + " -j ACCEPT; iptables -t nat -A POSTROUTING -o " + gateway.Interface + " -j MASQUERADE"
 	} else {
 		nodechange.PostUp = gateway.PostUp
 	}
 	if gateway.PostDown == "" {
-		nodechange.PostDown = "iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o " + gateway.Interface + " -j MASQUERADE"
+		nodechange.PostDown = "iptables -D FORWARD -i " + node.Interface + " -j ACCEPT; iptables -t nat -D POSTROUTING -o " + gateway.Interface + " -j MASQUERADE"
 	} else {
 		nodechange.PostDown = gateway.PostDown
 	}
--- a/functions/helpers.go
+++ b/functions/helpers.go
@@ -25,7 +25,7 @@ import (
 //node has that value for the same field within the network
 func CreateServerToken(netID string) (string, error) {
-
+	fmt.Println("Creating token.")
        var network models.Network
        var accesskey models.AccessKey
@@ -43,9 +43,24 @@ func CreateServerToken(netID string) (string, error) {
        }
        address := "localhost" + gconf.PortGRPC
-        accessstringdec := address + "." + netID + "." + accesskey.Value
+        privAddr := ""
        if *network.IsLocal {
                privAddr = network.LocalRange
        }
 	fmt.Println("Token details:")
 	fmt.Println("    grpc address + port: " + address)
 	fmt.Println("                network: " + netID)
 	fmt.Println("          private range: " + privAddr)
 	accessstringdec := address + "|" + netID + "|" + accesskey.Value + "|" + privAddr
 	accesskey.AccessString = base64.StdEncoding.EncodeToString([]byte(accessstringdec))
        fmt.Println("          access string: " + accesskey.AccessString)
        network.AccessKeys = append(network.AccessKeys, accesskey)
        collection := mongoconn.Client.Database("netmaker").Collection("networks")
--- a/main.go
+++ b/main.go
@@ -63,6 +63,7 @@ func main() {
 	log.Println("Server starting...")
 	mongoconn.ConnectDatabase()
 	installserver := false
 	if !(defaultnet == "off") {
 	if config.Config.Server.CreateDefault {
--- a/netclient/functions/.common.go.swp
+++ b/netclient/functions/.common.go.swp
--- a/netclient/functions/common.go
+++ b/netclient/functions/common.go
@@ -678,12 +678,41 @@ func initWireguard(node *nodepb.Node, privkey string, peers []wgtypes.PeerConfig
                Stderr: os.Stdout,
        }
        err = cmdIPLinkDown.Run()
        if nodecfg.PostDown != "" {
 		runcmds := strings.Split(nodecfg.PostDown, "; ")
 		err = runCmds(runcmds)
 		if err != nil {
 			fmt.Println("Error encountered running PostDown: " + err.Error())
 		}
 	}
 	err = cmdIPLinkUp.Run()
        if nodecfg.PostUp != "" {
                runcmds := strings.Split(nodecfg.PostUp, "; ")
                err = runCmds(runcmds)
                if err != nil {
                        fmt.Println("Error encountered running PostUp: " + err.Error())
                }
        }
 	if  err  !=  nil {
                return err
        }
 	return err
 }
 func runCmds(commands []string) error {
 	var err error
 	for _, command := range commands {
 		fmt.Println("Running command: " + command)
 		args := strings.Fields(command)
 		out, err := exec.Command(args[0], args[1:]...).Output()
 		fmt.Println(string(out))
 		if err != nil {
 			return err
 		}
 	}
 	return err
 }
 func setWGKeyConfig(network string, serveraddr string) error {
@@ -959,7 +988,7 @@ func CheckIn(network string) error {
                if ifaceupdate {
 			fmt.Println("Interface update: " + currentiface +
 			" >>>> " + newinterface)
-                        err := DeleteInterface(currentiface)
+                        err := DeleteInterface(currentiface, nodecfg.PostDown)
                        if err != nil {
                                fmt.Println("ERROR DELETING INTERFACE: " + currentiface)
                        }
@@ -1206,12 +1235,19 @@ func WipeLocal(network string) error{
        if  err  !=  nil {
                fmt.Println(err)
        }
        if nodecfg.PostDown != "" {
                runcmds := strings.Split(nodecfg.PostDown, "; ")
                err = runCmds(runcmds)
                if err != nil {
                        fmt.Println("Error encountered running PostDown: " + err.Error())
                }
        }
 	}
 	return err
 }
-func DeleteInterface(ifacename string) error{
+func DeleteInterface(ifacename string, postdown string) error{
        ipExec, err := exec.LookPath("ip")
        cmdIPLinkDel := &exec.Cmd {
@@ -1224,6 +1260,13 @@ func DeleteInterface(ifacename string) error{
        if  err  !=  nil {
                fmt.Println(err)
        }
        if postdown != "" {
                runcmds := strings.Split(postdown, "; ")
                err = runCmds(runcmds)
                if err != nil {
                        fmt.Println("Error encountered running PostDown: " + err.Error())
                }
        }
        return err
 }
--- a/netclient/main.go
+++ b/netclient/main.go
@@ -110,6 +110,7 @@ func main() {
 			fmt.Println("Beginning agent installation.")
 			err := functions.Install(*taccesskey, *tpassword, *tserver, *tnetwork, *tnoauto, *taccesstoken, *tname)
 			if err != nil {
 				fmt.Println("Error encountered while installing.")
 				if !strings.Contains(err.Error(), "ALREADY_INSTALLED") {
 				fmt.Println("Error installing: ", err)
 				fmt.Println("Cleaning up (uninstall)")
--- a/1
+++ b/1
@@ -0,0 +1 @@
 wMb6dxHPNJqQd8GbwfLN8HPLiJYEl1uJtEls5hRoD10=
--- a/1
+++ b/1
@@ -0,0 +1 @@
 /FdO9q+Bs3ee/NVbtKwMhSmFj4AyyjmlOrujzaBoenE=
--- a/serverctl/serverctl.go
+++ b/serverctl/serverctl.go
@@ -4,6 +4,7 @@ import (
        "fmt"
  "github.com/gravitl/netmaker/functions"
 	"io"
 	"errors"
 	"net/http"
        "os"
        "os/exec"
@@ -56,11 +57,13 @@ func AddNetwork(network string) (bool, error) {
                fmt.Println("could not find or create /etc/netclient")
                return false, err
        }
 	fmt.Println("Directory is ready.")
 	token, err := functions.CreateServerToken(network)
        if err != nil {
                fmt.Println("could not create server token for " + network)
 		return false, err
        }
 	fmt.Println("Token is ready.")
        _, err = os.Stat("/etc/netclient/netclient")
 	if os.IsNotExist(err) {
 		err = DownloadNetclient()
@@ -74,12 +77,12 @@ func AddNetwork(network string) (bool, error) {
                fmt.Println("could not change netclient directory permissions")
                return false, err
        }
-	cmdoutput, err := exec.Command("/etc/netclient/netclient","-c","install","-t",token,"-name","netmaker").Output()
+	fmt.Println("Client is ready. Running install.")
 	out, err := exec.Command("/etc/netclient/netclient","-c","install","-t",token,"-name","netmaker").Output()
        fmt.Println(string(out))
 	if err != nil {
-	        fmt.Println(string(cmdoutput))
+                return false, errors.New(string(out) + err.Error())
                return false, err
        }
 	fmt.Println(string(cmdoutput))
 	fmt.Println("Server added to network " + network)
 	return true, err
 }
		`@@ -0,0 +1 @@`
							`wMb6dxHPNJqQd8GbwfLN8HPLiJYEl1uJtEls5hRoD10=`
		`@@ -0,0 +1 @@`
							`/FdO9q+Bs3ee/NVbtKwMhSmFj4AyyjmlOrujzaBoenE=`