added proxy manager to configure proxy based received events

nm-proxy/common/common.go

@@ -37,10 +37,7 @@ type ConnConfig struct {
 	// Key is a public key of a remote peer
 	Key string
 	// LocalKey is a public key of a local peer
-	LocalKey string
-
-	ProxyConfig     Config
-	AllowedIPs      []net.IPNet
+	LocalKey        string
 	LocalWgPort     int
 	RemoteProxyIP   net.IP
 	RemoteWgPort    int
@@ -50,12 +47,10 @@ type Config struct {
 	Port         int
 	BodySize     int
 	Addr         string
-	WgListenAddr string
 	RemoteKey    string
 	WgInterface  *wg.WGIface
 	AllowedIps   []net.IPNet
 	PreSharedKey *wgtypes.Key
-	//ProxyServer  *server.ProxyServer
 }
 
 // Proxy -  WireguardProxy proxies
@@ -68,9 +63,14 @@ type Proxy struct {
 	LocalConn  net.Conn
 }
 
-var Peers = make(map[string]*Conn)
+type RemotePeer struct {
+	PeerKey   string
+	Interface string
+}
+
+var WgIFaceMap = make(map[string]map[string]*Conn)
 
-var RemoteEndpointsMap = make(map[string][]string)
+var RemoteEndpointsMap = make(map[string][]RemotePeer)
 
 // RunCmd - runs a local command
 func RunCmd(command string, printerr bool) (string, error) {

nm-proxy/manager/manager.go

@@ -0,0 +1,98 @@
+package manager
+
+import (
+	"errors"
+	"log"
+	"runtime"
+
+	"github.com/gravitl/netmaker/netclient/wireguard"
+	"github.com/gravitl/netmaker/nm-proxy/common"
+	peerpkg "github.com/gravitl/netmaker/nm-proxy/peer"
+	"github.com/gravitl/netmaker/nm-proxy/wg"
+	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
+)
+
+type ProxyAction string
+
+type ManagerPayload struct {
+	InterfaceName string
+	Peers         []wgtypes.PeerConfig
+}
+
+const (
+	AddInterface    ProxyAction = "ADD_INTERFACE"
+	DeleteInterface ProxyAction = "DELETE_INTERFACE"
+)
+
+type ManagerAction struct {
+	Action  ProxyAction
+	Payload ManagerPayload
+}
+
+func StartProxyManager(manageChan chan *ManagerAction) {
+	for {
+
+		select {
+		case mI := <-manageChan:
+			log.Printf("-------> PROXY-MANAGER: %+v\n", mI)
+			switch mI.Action {
+			case AddInterface:
+				mI.AddInterfaceToProxy()
+			}
+
+		}
+	}
+}
+func cleanUp(iface string) {
+	if peers, ok := common.WgIFaceMap[iface]; ok {
+		for _, peerI := range peers {
+			peerI.Proxy.Cancel()
+		}
+	}
+	delete(common.WgIFaceMap, iface)
+}
+
+func (m *ManagerAction) AddInterfaceToProxy() error {
+	var err error
+	if m.Payload.InterfaceName == "" {
+		return errors.New("interface cannot be empty")
+	}
+	if len(m.Payload.Peers) == 0 {
+		log.Println("No Peers to add...")
+		return nil
+	}
+	ifaceName := m.Payload.InterfaceName
+	log.Println("--------> IFACE: ", ifaceName)
+	if runtime.GOOS == "darwin" {
+		ifaceName, err = wireguard.GetRealIface(ifaceName)
+		if err != nil {
+			log.Println("failed to get real iface: ", err)
+		}
+	}
+	cleanUp(ifaceName)
+
+	wgInterface, err := wg.NewWGIFace(ifaceName, "127.0.0.1/32", wg.DefaultMTU)
+	if err != nil {
+		log.Fatal("Failed init new interface: ", err)
+	}
+	log.Printf("wg: %+v\n", wgInterface)
+	for _, peerI := range m.Payload.Peers {
+
+		peerpkg.AddNewPeer(wgInterface, &peerI)
+		if val, ok := common.RemoteEndpointsMap[peerI.Endpoint.IP.String()]; ok {
+
+			val = append(val, common.RemotePeer{
+				Interface: ifaceName,
+				PeerKey:   peerI.PublicKey.String(),
+			})
+			common.RemoteEndpointsMap[peerI.Endpoint.IP.String()] = val
+		} else {
+			common.RemoteEndpointsMap[peerI.Endpoint.IP.String()] = []common.RemotePeer{{
+				Interface: ifaceName,
+				PeerKey:   peerI.PublicKey.String(),
+			}}
+		}
+
+	}
+	return nil
+}

nm-proxy/nm-proxy.go

@@ -1,72 +1,32 @@
 package nmproxy
 
 import (
-	"fmt"
 	"log"
 	"net"
-	"runtime"
 
-	"github.com/gravitl/netmaker/logger"
-	"github.com/gravitl/netmaker/netclient/config"
-	"github.com/gravitl/netmaker/netclient/ncutils"
-	"github.com/gravitl/netmaker/netclient/wireguard"
-	"github.com/gravitl/netmaker/nm-proxy/common"
-	peerpkg "github.com/gravitl/netmaker/nm-proxy/peer"
+	"github.com/gravitl/netmaker/nm-proxy/manager"
 	"github.com/gravitl/netmaker/nm-proxy/server"
 	"github.com/gravitl/netmaker/nm-proxy/stun"
-	"github.com/gravitl/netmaker/nm-proxy/wg"
 )
 
-func Start() {
+// Comm Channel to configure proxy
+/* Actions -
+   1. Add - new interface and its peers
+   2. Delete - remove close all conns for the interface,cleanup
+
+*/
+func Start(mgmChan chan *manager.ManagerAction) {
 	log.Println("Starting Proxy...")
+	go manager.StartProxyManager(mgmChan)
 	hInfo := stun.GetHostInfo()
 	stun.Host = hInfo
 	log.Printf("HOSTINFO: %+v", hInfo)
 	// start the netclient proxy server
-	p, err := server.CreateProxyServer(0, 0, hInfo.PrivIp.String())
+	err := server.NmProxyServer.CreateProxyServer(0, 0, hInfo.PrivIp.String())
 	if err != nil {
 		log.Fatal("failed to create proxy: ", err)
 	}
-	go p.Listen()
-	networks, _ := ncutils.GetSystemNetworks()
-	for _, network := range networks {
-		logger.Log(3, "initializing network", network)
-		cfg := config.ClientConfig{}
-		cfg.Network = network
-		cfg.ReadConfig()
-		node, err := peerpkg.GetNodeInfo(&cfg)
-		if err != nil {
-			log.Println("Failed to get node info: ", err)
-			continue
-		}
-		for _, peerI := range node.Peers {
-			ifaceName := node.Node.Interface
-			log.Println("--------> IFACE: ", ifaceName)
-			if runtime.GOOS == "darwin" {
-				ifaceName, err = wireguard.GetRealIface(ifaceName)
-				if err != nil {
-					log.Println("failed to get real iface: ", err)
-				}
-			}
-			wgInterface, err := wg.NewWGIFace(ifaceName, "127.0.0.1/32", wg.DefaultMTU)
-			if err != nil {
-				log.Fatal("Failed init new interface: ", err)
-			}
-			log.Printf("wg: %+v\n", wgInterface)
-			peerpkg.AddNewPeer(p, wgInterface, &peerI)
-			if val, ok := common.RemoteEndpointsMap[peerI.Endpoint.IP.String()]; ok {
-				val = append(val, peerI.PublicKey.String())
-				common.RemoteEndpointsMap[peerI.Endpoint.IP.String()] = val
-			} else {
-				common.RemoteEndpointsMap[peerI.Endpoint.IP.String()] = []string{peerI.PublicKey.String()}
-			}
-
-		}
-
-	}
-	fmt.Printf("\nPEERS-------> %+v\n", common.Peers)
-	fmt.Printf("\nREMOTE ENDPOINTS-------> %+v\n", common.RemoteEndpointsMap)
-	select {}
+	server.NmProxyServer.Listen()
 }
 
 // IsPublicIP indicates whether IP is public or not.

nm-proxy/peer/peer.go

@@ -1,18 +1,12 @@
 package peer
 
 import (
-	"encoding/json"
 	"fmt"
-	"io"
 	"log"
 	"net"
-	"net/http"
 
-	"github.com/gravitl/netmaker/models"
-	"github.com/gravitl/netmaker/netclient/config"
 	"github.com/gravitl/netmaker/nm-proxy/common"
 	"github.com/gravitl/netmaker/nm-proxy/proxy"
-	"github.com/gravitl/netmaker/nm-proxy/server"
 	"github.com/gravitl/netmaker/nm-proxy/wg"
 	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
 )
@@ -38,40 +32,13 @@ type ConnConfig struct {
 	RemoteProxyPort int
 }
 
-func GetNodeInfo(cfg *config.ClientConfig) (models.NodeGet, error) {
-	var nodeGET models.NodeGet
-	token, err := common.Authenticate(cfg)
-	if err != nil {
-		return nodeGET, err
-	}
-	url := fmt.Sprintf("https://%s/api/nodes/%s/%s", cfg.Server.API, cfg.Network, cfg.Node.ID)
-	response, err := common.API("", http.MethodGet, url, token)
-	if err != nil {
-		return nodeGET, err
-	}
-	if response.StatusCode != http.StatusOK {
-		bytes, err := io.ReadAll(response.Body)
-		if err != nil {
-			fmt.Println(err)
-		}
-		return nodeGET, (fmt.Errorf("%s %w", string(bytes), err))
-	}
-	defer response.Body.Close()
-	if err := json.NewDecoder(response.Body).Decode(&nodeGET); err != nil {
-		return nodeGET, fmt.Errorf("error decoding node %w", err)
-	}
-	return nodeGET, nil
-}
-
-func AddNewPeer(pserver *server.ProxyServer, wgInterface *wg.WGIface, peer *wgtypes.PeerConfig) error {
+func AddNewPeer(wgInterface *wg.WGIface, peer *wgtypes.PeerConfig) error {
 
 	c := proxy.Config{
-		Port:         peer.Endpoint.Port,
-		WgListenAddr: "127.0.0.1",
-		RemoteKey:    peer.PublicKey.String(),
-		WgInterface:  wgInterface,
-		AllowedIps:   peer.AllowedIPs,
-		ProxyServer:  pserver,
+		Port:        peer.Endpoint.Port,
+		RemoteKey:   peer.PublicKey.String(),
+		WgInterface: wgInterface,
+		AllowedIps:  peer.AllowedIPs,
 	}
 	p := proxy.NewProxy(c)
 	remoteConn, err := net.Dial("udp", fmt.Sprintf("%s:%d", peer.Endpoint.IP.String(), common.NmProxyPort))
@@ -83,27 +50,23 @@ func AddNewPeer(pserver *server.ProxyServer, wgInterface *wg.WGIface, peer *wgty
 	if err != nil {
 		return err
 	}
-	log.Println("-------> Here1")
 	connConf := common.ConnConfig{
-		Key:      peer.PublicKey.String(),
-		LocalKey: "",
-		ProxyConfig: common.Config{
-			Port:         peer.Endpoint.Port,
-			WgListenAddr: "127.0.0.1",
-			RemoteKey:    peer.PublicKey.String(),
-			WgInterface:  wgInterface,
-			AllowedIps:   peer.AllowedIPs,
-			//ProxyServer:  pserver,
-		},
-		AllowedIPs:      peer.AllowedIPs,
+		Key:             peer.PublicKey.String(),
+		LocalKey:        "",
 		RemoteProxyIP:   net.ParseIP(peer.Endpoint.IP.String()),
 		RemoteWgPort:    peer.Endpoint.Port,
 		RemoteProxyPort: common.NmProxyPort,
 	}
 	peerProxy := common.Proxy{
-		Ctx:        p.Ctx,
-		Cancel:     p.Cancel,
-		Config:     connConf.ProxyConfig,
+		Ctx:    p.Ctx,
+		Cancel: p.Cancel,
+		Config: common.Config{
+			Port:        peer.Endpoint.Port,
+			RemoteKey:   peer.PublicKey.String(),
+			WgInterface: wgInterface,
+			AllowedIps:  peer.AllowedIPs,
+		},
+
 		RemoteConn: remoteConn,
 		LocalConn:  p.LocalConn,
 	}
@@ -111,6 +74,11 @@ func AddNewPeer(pserver *server.ProxyServer, wgInterface *wg.WGIface, peer *wgty
 		Config: connConf,
 		Proxy:  peerProxy,
 	}
-	common.Peers[peer.PublicKey.String()] = &peerConn
+	if _, ok := common.WgIFaceMap[wgInterface.Name]; ok {
+		common.WgIFaceMap[wgInterface.Name][peer.PublicKey.String()] = &peerConn
+	} else {
+		common.WgIFaceMap[wgInterface.Name] = make(map[string]*common.Conn)
+		common.WgIFaceMap[wgInterface.Name][peer.PublicKey.String()] = &peerConn
+	}
 	return nil
 }

nm-proxy/proxy/proxy.go

@@ -4,7 +4,6 @@ import (
 	"context"
 	"net"
 
-	"github.com/gravitl/netmaker/nm-proxy/server"
 	"github.com/gravitl/netmaker/nm-proxy/wg"
 	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
 )
@@ -18,12 +17,10 @@ type Config struct {
 	Port         int
 	BodySize     int
 	Addr         string
-	WgListenAddr string
 	RemoteKey    string
 	WgInterface  *wg.WGIface
 	AllowedIps   []net.IPNet
 	PreSharedKey *wgtypes.Key
-	ProxyServer  *server.ProxyServer
 }
 
 // Proxy -  WireguardProxy proxies

nm-proxy/proxy/wireguard.go

@@ -1,9 +1,7 @@
 package proxy
 
 import (
-	"bytes"
 	"context"
-	"encoding/binary"
 	"fmt"
 	"log"
 	"net"
@@ -13,6 +11,7 @@ import (
 	"github.com/c-robinson/iplib"
 	"github.com/gravitl/netmaker/nm-proxy/common"
 	"github.com/gravitl/netmaker/nm-proxy/packet"
+	"github.com/gravitl/netmaker/nm-proxy/server"
 	"github.com/gravitl/netmaker/nm-proxy/wg"
 )
 
@@ -25,10 +24,18 @@ func NewProxy(config Config) *Proxy {
 // proxyToRemote proxies everything from Wireguard to the RemoteKey peer
 func (p *Proxy) ProxyToRemote() {
 	buf := make([]byte, 1500)
+	defer p.LocalConn.Close()
+	defer p.RemoteConn.Close()
 	for {
 		select {
 		case <-p.Ctx.Done():
 			log.Printf("stopped proxying to remote peer %s due to closed connection\n", p.Config.RemoteKey)
+			if runtime.GOOS == "darwin" {
+				_, err := common.RunCmd(fmt.Sprintf("ifconfig lo0 -alias %s 255.255.255.255", p.LocalConn.LocalAddr().String()), true)
+				if err != nil {
+					log.Println("Failed to add alias: ", err)
+				}
+			}
 			return
 		default:
 
@@ -37,8 +44,8 @@ func (p *Proxy) ProxyToRemote() {
 				log.Println("ERRR READ: ", err)
 				continue
 			}
-
-			if peerI, ok := common.Peers[p.Config.RemoteKey]; ok {
+			peers := common.WgIFaceMap[p.Config.WgInterface.Name]
+			if peerI, ok := peers[p.Config.RemoteKey]; ok {
 				log.Println("PROCESSING PKT BEFORE SENDING")
 
 				buf, n, err = packet.ProcessPacketBeforeSending(buf, n, peerI.Config.RemoteWgPort)
@@ -49,10 +56,10 @@ func (p *Proxy) ProxyToRemote() {
 				log.Printf("Peer: %s not found in config\n", p.Config.RemoteKey)
 			}
 			// test(n, buf)
-			log.Printf("PROXING TO REMOTE!!!---> %s >>>>> %s\n", p.Config.ProxyServer.Server.LocalAddr().String(), p.RemoteConn.RemoteAddr().String())
+			log.Printf("PROXING TO REMOTE!!!---> %s >>>>> %s\n", server.NmProxyServer.Server.LocalAddr().String(), p.RemoteConn.RemoteAddr().String())
 			host, port, _ := net.SplitHostPort(p.RemoteConn.RemoteAddr().String())
 			portInt, _ := strconv.Atoi(port)
-			_, err = p.Config.ProxyServer.Server.WriteToUDP(buf[:n], &net.UDPAddr{
+			_, err = server.NmProxyServer.Server.WriteToUDP(buf[:n], &net.UDPAddr{
 				IP:   net.ParseIP(host),
 				Port: portInt,
 			})
@@ -63,18 +70,6 @@ func (p *Proxy) ProxyToRemote() {
 	}
 }
 
-func test(n int, data []byte) {
-	var localWgPort uint16
-	//portBuf := data[n-2 : n+1]
-	portBuf := data[2:4]
-	reader := bytes.NewReader(portBuf)
-	err := binary.Read(reader, binary.BigEndian, &localWgPort)
-	if err != nil {
-		log.Println("Failed to read port buffer: ", err)
-	}
-	log.Println("TEST WFGPO: ", localWgPort)
-}
-
 // proxyToLocal proxies everything from the RemoteKey peer to local Wireguard
 func (p *Proxy) ProxyToLocal() {
 
@@ -119,7 +114,13 @@ func (p *Proxy) Start(remoteConn net.Conn) error {
 	p.RemoteConn = remoteConn
 
 	var err error
-	addr, err := GetFreeIp("127.0.0.1/8")
+
+	wgPort, err := p.Config.WgInterface.GetListenPort()
+	if err != nil {
+		log.Printf("Failed to get listen port for iface: %s,Err: %v\n", p.Config.WgInterface.Name, err)
+		return err
+	}
+	addr, err := GetFreeIp("127.0.0.1/8", *wgPort)
 	if err != nil {
 		log.Println("Failed to get freeIp: ", err)
 		return err
@@ -128,11 +129,6 @@ func (p *Proxy) Start(remoteConn net.Conn) error {
 	if runtime.GOOS == "darwin" {
 		wgAddr = addr
 	}
-	wgPort, err := p.Config.WgInterface.GetListenPort()
-	if err != nil {
-		log.Printf("Failed to get listen port for iface: %s,Err: %v\n", p.Config.WgInterface.Name, err)
-		return err
-	}
 
 	p.LocalConn, err = net.DialUDP("udp", &net.UDPAddr{
 		IP:   net.ParseIP(addr),
@@ -157,7 +153,7 @@ func (p *Proxy) Start(remoteConn net.Conn) error {
 	return nil
 }
 
-func GetFreeIp(cidrAddr string) (string, error) {
+func GetFreeIp(cidrAddr string, dstPort int) (string, error) {
 	//ensure AddressRange is valid
 	if _, _, err := net.ParseCIDR(cidrAddr); err != nil {
 		log.Println("UniqueAddress encountered  an error")
@@ -176,10 +172,10 @@ func GetFreeIp(cidrAddr string) (string, error) {
 
 		conn, err := net.DialUDP("udp", &net.UDPAddr{
 			IP:   net.ParseIP(newAddrs.String()),
-			Port: 51722,
+			Port: common.NmProxyPort,
 		}, &net.UDPAddr{
 			IP:   net.ParseIP("127.0.0.1"),
-			Port: 51820,
+			Port: dstPort,
 		})
 		if err == nil {
 			conn.Close()

nm-proxy/server/server.go

@@ -10,6 +10,10 @@ import (
 	"github.com/gravitl/netmaker/nm-proxy/packet"
 )
 
+var (
+	NmProxyServer = &ProxyServer{}
+)
+
 const (
 	defaultBodySize = 10000
 	defaultPort     = 51722
@@ -47,17 +51,19 @@ func (p *ProxyServer) Listen() {
 		}
 		log.Println("--------> RECV PKT: ", source.IP.String(), localWgPort)
 		if val, ok := common.RemoteEndpointsMap[source.IP.String()]; ok {
-			for _, peerKeys := range val {
-				if peerI, ok := common.Peers[peerKeys]; ok {
-					if peerI.Config.LocalWgPort == int(localWgPort) {
-						log.Printf("PROXING TO LOCAL!!!---> %s <<<< %s <<<<<<<< %s\n", peerI.Proxy.LocalConn.RemoteAddr(),
-							peerI.Proxy.LocalConn.LocalAddr(), fmt.Sprintf("%s:%d", source.IP.String(), source.Port))
-						_, err = peerI.Proxy.LocalConn.Write(buffer[:n])
-						if err != nil {
-							log.Println("Failed to proxy to Wg local interface: ", err)
-							continue
-						}
+			for _, remotePeer := range val {
+				if peers, ok := common.WgIFaceMap[remotePeer.Interface]; ok {
+					if peerI, ok := peers[remotePeer.PeerKey]; ok {
+						if peerI.Config.LocalWgPort == int(localWgPort) {
+							log.Printf("PROXING TO LOCAL!!!---> %s <<<< %s <<<<<<<< %s\n", peerI.Proxy.LocalConn.RemoteAddr(),
+								peerI.Proxy.LocalConn.LocalAddr(), fmt.Sprintf("%s:%d", source.IP.String(), source.Port))
+							_, err = peerI.Proxy.LocalConn.Write(buffer[:n])
+							if err != nil {
+								log.Println("Failed to proxy to Wg local interface: ", err)
+								continue
+							}
 
+						}
 					}
 				}
 
@@ -72,7 +78,7 @@ func (p *ProxyServer) Listen() {
 // bodySize - default 10000, leave 0 to use default
 // addr - the address for proxy to listen on
 // forwards - indicate address to forward to, {"<address:port>",...} format
-func CreateProxyServer(port, bodySize int, addr string) (p *ProxyServer, err error) {
+func (p *ProxyServer) CreateProxyServer(port, bodySize int, addr string) (err error) {
 	if p == nil {
 		p = &ProxyServer{}
 	}