added logic to check peers

netclient/local/routes_linux.go

@@ -6,113 +6,20 @@ package local
 import (
 	//"github.com/davecgh/go-spew/spew"
 
+	"fmt"
 	"net"
 
 	"github.com/gravitl/netmaker/netclient/ncutils"
-	"golang.zx2c4.com/wireguard/wgctrl"
-	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
 )
 
-func routeExists(iface, address, mask string) bool {
-	return false
-}
-
-func setRoute(iface, address, mask string) error {
-	_, err := ncutils.RunCmd("ip route add", true)
-	return err
-}
-
-func DeleteRoute(iface, address string) error {
+func setRoute(iface string, addr *net.IPNet) error {
 	var err error
+	_, err = ncutils.RunCmd(fmt.Sprintf("ip route add %s dev %s", addr.String(), iface), true)
 	return err
 }
 
-func ApplyRoutesFromConf(confPath string) error {
+func deleteRoute(iface string, addr *net.IPNet) error {
 	var err error
+	_, err = ncutils.RunCmd(fmt.Sprintf("ip route del %s dev %s", addr.String(), iface), true)
 	return err
 }
-
-//func SetLinuxPeerRoutes(currentPeers []wgtypes.PeerConfig, newPeers []wgtypes.PeerConfig) {
-func SetLinuxPeerRoutes(iface string, oldPeers map[string][]net.IP, newPeers []wgtypes.PeerConfig) {
-
-	// traverse through all recieved peers
-	for _, peer := range newPeers {
-		// if pubkey found in existing peers, check against existing peer
-		currPeerAllowedIPs := oldPeers[peer.PublicKey.String()]
-		if currPeerAllowedIPs != nil {
-			// traverse IPs, check to see if old peer contains each IP
-			for _, allowedIP := range peer.AllowedIPs {
-				if !ncutils.StringSliceContains(currPeerAllowedIPs, allowedIP.IP.String()) {
-					if err := setRoute(iface, allowedIP.IP.String(), allowedIP.Mask.String()); err != nil {
-						ncutils.PrintLog(err.Error(), 1)
-					}
-				}
-			}
-			for _, allowedIP := range currPeerAllowedIPs {
-				if !ncutils.StringSliceContains(currPeerAllowedIPs, allowedIP) {
-					if err := setRoute(iface, allowedIP.IP.String(), allowedIP.Mask.String()); err != nil {
-						ncutils.PrintLog(err.Error(), 1)
-					}
-				}
-			}
-			delete(oldPeers, peer.PublicKey.String())
-		} else {
-			for _, allowedIP := range peer.AllowedIPs {
-				if err := setRoute(iface, allowedIP.IP.String(), allowedIP.Mask.String()); err != nil {
-					ncutils.PrintLog(err.Error(), 1)
-				}
-			}
-		}
-	}
-
-	// traverse through all existing peers
-	for _, peer := range oldPeers {
-		// if pubkey found in existing peers, check against existing peer
-		currPeerAllowedIPs := oldPeers[peer.PublicKey.String()]
-		if currPeerAllowedIPs != nil {
-			// traverse IPs, check to see if old peer contains each IP
-			for _, allowedIP := range peer.AllowedIPs {
-				if !ncutils.StringSliceContains(currPeerAllowedIPs, allowedIP.IP.String()) {
-					if err := setRoute(iface, allowedIP.IP.String(), allowedIP.Mask.String()); err != nil {
-						ncutils.PrintLog(err.Error(), 1)
-					}
-				}
-			}
-		} else {
-			for _, allowedIP := range peer.AllowedIPs {
-				if err := setRoute(iface, allowedIP.IP.String(), allowedIP.Mask.String()); err != nil {
-					ncutils.PrintLog(err.Error(), 1)
-				}
-			}
-		}
-	}
-
-	// delete removed AllowedIPs
-	/*
-		for _, currentPeer := range currentPeers {
-			for _, oldIP := range currentPeer.AllowedIPs {
-				found := true
-				for _, newPeer := range newPeers {
-					for _, newIP := range newPeer.AllowedIPs {
-						if
-					}
-				}
-			}
-		}
-	*/
-}
-
-func GetCurrentIPs() []string {
-	client, err := wgctrl.New()
-	if err != nil {
-		ncutils.PrintLog("failed to start wgctrl", 0)
-		return err
-	}
-	defer client.Close()
-	device, err := client.Device(iface)
-	if err != nil {
-		ncutils.PrintLog("failed to parse interface", 0)
-		return err
-	}
-	devicePeers = device.Peers
-}

netclient/local/routes_other.go

@@ -3,6 +3,15 @@
 
 package local
 
+import (
+	//"github.com/davecgh/go-spew/spew"
+
+	"fmt"
+	"net"
+
+	"github.com/gravitl/netmaker/netclient/ncutils"
+)
+
 //"github.com/davecgh/go-spew/spew"
 
 /*
@@ -11,14 +20,14 @@ These functions are not used. These should only be called by Linux (see routes_l
 
 */
 
-func routeExists(iface, address, mask string) bool {
-	return false
-}
-
-func SetRoute(iface, newAddress, oldAddress, mask string) error {
-	return nil
+func setRoute(iface string, addr *net.IPNet) error {
+	var err error
+	_, err = ncutils.RunCmd(fmt.Sprintf("ip route add %s dev %s", addr.String(), iface), true)
+	return err
 }
 
-func DeleteRoute(iface, address) error {
-	return nil
+func deleteRoute(iface string, addr *net.IPNet) error {
+	var err error
+	_, err = ncutils.RunCmd(fmt.Sprintf("ip route del %s dev %s", addr.String(), iface), true)
+	return err
 }

netclient/ncutils/iface.go

@@ -70,6 +70,16 @@ func StringSliceContains(slice []string, item string) bool {
 	return false
 }
 
+// IPNetSliceContains - sees if a string slice contains a string element
+func IPNetSliceContains(slice []net.IPNet, item net.IPNet) bool {
+	for _, s := range slice {
+		if s.String() == item.String() {
+			return true
+		}
+	}
+	return false
+}
+
 // IfaceExists - return true if you can find the iface
 func IfaceExists(ifacename string) bool {
 	localnets, err := net.Interfaces()

netclient/wireguard/common.go

@@ -3,6 +3,7 @@ package wireguard
 import (
 	"errors"
 	"log"
+	"net"
 	"runtime"
 	"strconv"
 	"strings"
@@ -25,9 +26,8 @@ const (
 
 // SetPeers - sets peers on a given WireGuard interface
 func SetPeers(iface string, keepalive int32, peers []wgtypes.PeerConfig) error {
-	var oldIPList []string
-	var newIPList []string
 	var devicePeers []wgtypes.Peer
+	var oldPeerAllowedIps = make(map[string][]net.IPNet, len(peers))
 	var err error
 	if ncutils.IsFreeBSD() {
 		if devicePeers, err = ncutils.GetPeers(iface); err != nil {
@@ -59,12 +59,6 @@ func SetPeers(iface string, keepalive int32, peers []wgtypes.PeerConfig) error {
 				_, err := ncutils.RunCmd("wg set "+iface+" peer "+currentPeer.PublicKey.String()+" remove", true)
 				if err != nil {
 					log.Println("error removing peer", peer.Endpoint.String())
-				} else {
-					for _, address := range currentPeer.AllowedIPs {
-						if err = local.DeleteRoute(iface, address.String()); err != nil {
-							ncutils.PrintLog(err.Error(), 1)
-						}
-					}
 				}
 			}
 		}
@@ -109,12 +103,13 @@ func SetPeers(iface string, keepalive int32, peers []wgtypes.PeerConfig) error {
 				log.Println(output, "error removing peer", currentPeer.PublicKey.String())
 			}
 		}
+		oldPeerAllowedIps[currentPeer.PublicKey.String()] = currentPeer.AllowedIPs
 	}
 	if ncutils.IsMac() {
 		err = SetMacPeerRoutes(iface)
 		return err
 	} else if ncutils.IsLinux() {
-		err = local.SetLinuxPeerRoutes(devicePeers, peers)
+		local.SetPeerRoutes(iface, oldPeerAllowedIps, peers)
 	}
 
 	return nil

netclient/wireguard/unix.go

@@ -8,7 +8,6 @@ import (
 
 	"github.com/gravitl/netmaker/models"
 	"github.com/gravitl/netmaker/netclient/config"
-	"github.com/gravitl/netmaker/netclient/local"
 	"github.com/gravitl/netmaker/netclient/ncutils"
 	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
 )
@@ -66,12 +65,9 @@ func ApplyWGQuickConf(confPath string, ifacename string) error {
 			ncutils.RunCmd("wg-quick down "+confPath, true)
 		}
 		_, err = ncutils.RunCmd("wg-quick up "+confPath, true)
-		if err != nil {
-			return err
-		}
-		if ncutils.IsLinux() {
-			err = local.ApplyRoutesFromConf(confPath)
-		}
+		// if err != nil {
+		// 	return err
+		// }
 		return err
 	}
 }