Inicio Explorar Axuda
Iniciar sesión
golang
/
netmaker
réplica de https://github.com/gravitl/netmaker
2
0
Fork 0
Ficheiros Incidencias 0 Wiki
Explorar o código

fix egress on inet gw

abhishek9686 hai 3 meses
pai
a191d0af7d
achega
173924acd8
Modificáronse 5 ficheiros con 18 adicións e 11 borrados
Dividir vista Mostrar estatísticas de Diff
  1. 4 1
      controllers/middleware.go
  2. 11 4
      logic/extpeers.go
  3. 2 5
      logic/peers.go
  4. 1 0
      models/user_mgmt.go
  5. 0 1
      pro/logic/user_mgmt.go

+ 4 - 1
controllers/middleware.go
Ver ficheiro 

@@ -50,8 +50,11 @@ func userMiddleWare(handler http.Handler) http.Handler {
 
 		if strings.Contains(route, "createrelay") || strings.Contains(route, "deleterelay") {
 
 			r.Header.Set("TARGET_RSRC", models.RelayRsrc.String())
 
 		}
 
-
 
 		if strings.Contains(route, "gateway") {
 
+			r.Header.Set("TARGET_RSRC", models.GatewayRsrc.String())
 
+		}
 
+
 
+		if strings.Contains(route, "egress") {
 
 			r.Header.Set("TARGET_RSRC", models.EgressGwRsrc.String())
 
 		}
 
 		if strings.Contains(route, "networks") {

+ 11 - 4
logic/extpeers.go
Ver ficheiro 

@@ -81,12 +81,19 @@ func GetEgressRangesOnNetwork(client *models.ExtClient) ([]string, error) {
 
 			continue
 
 		}
 
 		GetNodeEgressInfo(&currentNode, eli)
 
-		if currentNode.EgressDetails.IsInternetGateway && client.IngressGatewayID != currentNode.ID.String() {
 
-			continue
 
-		}
 
 		if currentNode.EgressDetails.IsEgressGateway { // add the egress gateway range(s) to the result
 
 			if len(currentNode.EgressDetails.EgressGatewayRanges) > 0 {
 
-				result = append(result, currentNode.EgressDetails.EgressGatewayRanges...)
 
+				if currentNode.EgressDetails.IsInternetGateway && client.IngressGatewayID != currentNode.ID.String() {
 
+					for _, rangeI := range currentNode.EgressDetails.EgressGatewayRanges {
 
+						if rangeI == "0.0.0.0/0" || rangeI == "::/0" {
 
+							continue
 
+						} else {
 
+							result = append(result, rangeI)
 
+						}
 
+					}
 
+				} else {
 
+					result = append(result, currentNode.EgressDetails.EgressGatewayRanges...)
 
+				}
 
 			}
 
 		}
 
 	}

+ 2 - 5
logic/peers.go
Ver ficheiro 

@@ -186,12 +186,9 @@ func GetPeerUpdateForHost(network string, host *models.Host, allNodes []models.N
 
 		}
 
 		defaultUserPolicy, _ := GetDefaultPolicy(models.NetworkID(node.Network), models.UserPolicy)
 
 		defaultDevicePolicy, _ := GetDefaultPolicy(models.NetworkID(node.Network), models.DevicePolicy)
 
-		anyActiveEgressPolicy := CheckIfAnyActiveEgressPolicy(node)
 
-		nodeHasAccessToAllRsrcs := CheckIfNodeHasAccessToAllResources(&node)
 
-		anyUniDirectionPolicy := CheckIfAnyPolicyisUniDirectional(node)
 
 		if (defaultDevicePolicy.Enabled && defaultUserPolicy.Enabled) ||
 
-			(!anyUniDirectionPolicy && !anyActiveEgressPolicy) ||
 
-			nodeHasAccessToAllRsrcs {
 
+			(!CheckIfAnyPolicyisUniDirectional(node) && !CheckIfAnyActiveEgressPolicy(node)) ||
 
+			CheckIfNodeHasAccessToAllResources(&node) {
 
 			aclRule := models.AclRule{
 
 				ID:              fmt.Sprintf("%s-allowed-network-rules", node.ID.String()),
 
 				AllowedProtocol: models.ALL,

+ 1 - 0
models/user_mgmt.go
Ver ficheiro 

@@ -65,6 +65,7 @@ const (
 
 	HostRsrc           RsrcType = "hosts"
 
 	RelayRsrc          RsrcType = "relays"
 
 	RemoteAccessGwRsrc RsrcType = "remote_access_gw"
 
+	GatewayRsrc        RsrcType = "gateways"
 
 	ExtClientsRsrc     RsrcType = "extclients"
 
 	InetGwRsrc         RsrcType = "inet_gw"
 
 	EgressGwRsrc       RsrcType = "egress"

+ 0 - 1
pro/logic/user_mgmt.go
Ver ficheiro 

@@ -761,7 +761,6 @@ func GetUserRAGNodes(user models.User) (gws map[string]models.Node) {
 
 					}
 
 				}
 
 			}
 
-
 
 		}
 
 	}
 
 	return