|
@@ -675,6 +675,12 @@ func IsPeerAllowed(node, peer models.Node, checkDefaultPolicy bool) bool {
|
|
|
} else {
|
|
} else {
|
|
|
peerTags = peer.Tags
|
|
peerTags = peer.Tags
|
|
|
}
|
|
}
|
|
|
|
|
+ if nodeTags == nil {
|
|
|
|
|
+ nodeTags = make(map[models.TagID]struct{})
|
|
|
|
|
+ }
|
|
|
|
|
+ if peerTags == nil {
|
|
|
|
|
+ peerTags = make(map[models.TagID]struct{})
|
|
|
|
|
+ }
|
|
|
nodeTags[models.TagID(nodeId)] = struct{}{}
|
|
nodeTags[models.TagID(nodeId)] = struct{}{}
|
|
|
peerTags[models.TagID(peerId)] = struct{}{}
|
|
peerTags[models.TagID(peerId)] = struct{}{}
|
|
|
if checkDefaultPolicy {
|
|
if checkDefaultPolicy {
|
|
@@ -920,6 +926,12 @@ func IsNodeAllowedToCommunicateV1(node, peer models.Node, checkDefaultPolicy boo
|
|
|
} else {
|
|
} else {
|
|
|
peerTags = peer.Tags
|
|
peerTags = peer.Tags
|
|
|
}
|
|
}
|
|
|
|
|
+ if nodeTags == nil {
|
|
|
|
|
+ nodeTags = make(map[models.TagID]struct{})
|
|
|
|
|
+ }
|
|
|
|
|
+ if peerTags == nil {
|
|
|
|
|
+ peerTags = make(map[models.TagID]struct{})
|
|
|
|
|
+ }
|
|
|
nodeTags[models.TagID(nodeId)] = struct{}{}
|
|
nodeTags[models.TagID(nodeId)] = struct{}{}
|
|
|
peerTags[models.TagID(peerId)] = struct{}{}
|
|
peerTags[models.TagID(peerId)] = struct{}{}
|
|
|
if checkDefaultPolicy {
|
|
if checkDefaultPolicy {
|
|
@@ -1073,6 +1085,12 @@ func IsNodeAllowedToCommunicate(node, peer models.Node, checkDefaultPolicy bool)
|
|
|
} else {
|
|
} else {
|
|
|
peerTags = peer.Tags
|
|
peerTags = peer.Tags
|
|
|
}
|
|
}
|
|
|
|
|
+ if nodeTags == nil {
|
|
|
|
|
+ nodeTags = make(map[models.TagID]struct{})
|
|
|
|
|
+ }
|
|
|
|
|
+ if peerTags == nil {
|
|
|
|
|
+ peerTags = make(map[models.TagID]struct{})
|
|
|
|
|
+ }
|
|
|
nodeTags[models.TagID(nodeId)] = struct{}{}
|
|
nodeTags[models.TagID(nodeId)] = struct{}{}
|
|
|
peerTags[models.TagID(peerId)] = struct{}{}
|
|
peerTags[models.TagID(peerId)] = struct{}{}
|
|
|
if checkDefaultPolicy {
|
|
if checkDefaultPolicy {
|
|
@@ -1403,6 +1421,9 @@ func getUserAclRulesForNode(targetnode *models.Node,
|
|
|
} else {
|
|
} else {
|
|
|
targetNodeTags = maps.Clone(targetnode.Tags)
|
|
targetNodeTags = maps.Clone(targetnode.Tags)
|
|
|
}
|
|
}
|
|
|
|
|
+ if targetNodeTags == nil {
|
|
|
|
|
+ targetNodeTags = make(map[models.TagID]struct{})
|
|
|
|
|
+ }
|
|
|
targetNodeTags[models.TagID(targetnode.ID.String())] = struct{}{}
|
|
targetNodeTags[models.TagID(targetnode.ID.String())] = struct{}{}
|
|
|
for _, acl := range acls {
|
|
for _, acl := range acls {
|
|
|
if !acl.Enabled {
|
|
if !acl.Enabled {
|
|
@@ -1488,6 +1509,9 @@ func checkIfAnyPolicyisUniDirectional(targetNode models.Node) bool {
|
|
|
} else {
|
|
} else {
|
|
|
targetNodeTags = maps.Clone(targetNode.Tags)
|
|
targetNodeTags = maps.Clone(targetNode.Tags)
|
|
|
}
|
|
}
|
|
|
|
|
+ if targetNodeTags == nil {
|
|
|
|
|
+ targetNodeTags = make(map[models.TagID]struct{})
|
|
|
|
|
+ }
|
|
|
targetNodeTags[models.TagID(targetNode.ID.String())] = struct{}{}
|
|
targetNodeTags[models.TagID(targetNode.ID.String())] = struct{}{}
|
|
|
targetNodeTags["*"] = struct{}{}
|
|
targetNodeTags["*"] = struct{}{}
|
|
|
acls, _ := ListAclsByNetwork(models.NetworkID(targetNode.Network))
|
|
acls, _ := ListAclsByNetwork(models.NetworkID(targetNode.Network))
|
|
@@ -1548,6 +1572,9 @@ func GetAclRulesForNode(targetnodeI *models.Node) (rules map[string]models.AclRu
|
|
|
} else {
|
|
} else {
|
|
|
targetNodeTags = maps.Clone(targetnode.Tags)
|
|
targetNodeTags = maps.Clone(targetnode.Tags)
|
|
|
}
|
|
}
|
|
|
|
|
+ if targetNodeTags == nil {
|
|
|
|
|
+ targetNodeTags = make(map[models.TagID]struct{})
|
|
|
|
|
+ }
|
|
|
targetNodeTags[models.TagID(targetnode.ID.String())] = struct{}{}
|
|
targetNodeTags[models.TagID(targetnode.ID.String())] = struct{}{}
|
|
|
targetNodeTags["*"] = struct{}{}
|
|
targetNodeTags["*"] = struct{}{}
|
|
|
for _, acl := range acls {
|
|
for _, acl := range acls {
|
Abhishek K