|
|
@@ -152,15 +152,11 @@ func GetPeerUpdateForHost(ctx context.Context, network string, host *models.Host
|
|
|
// track which nodes are deleted
|
|
|
// after peer calculation, if peer not in list, add delete config of peer
|
|
|
hostPeerUpdate := models.HostPeerUpdate{
|
|
|
- Host: *host,
|
|
|
- Server: servercfg.GetServer(),
|
|
|
- HostPeerIDs: make(models.HostPeerMap, 0),
|
|
|
- ServerVersion: servercfg.GetVersion(),
|
|
|
- ServerAddrs: []models.ServerAddr{},
|
|
|
- IngressInfo: models.IngressInfo{
|
|
|
- ExtPeers: make(map[string]models.ExtClientInfo),
|
|
|
- },
|
|
|
- EgressInfo: make(map[string]models.EgressInfo),
|
|
|
+ Host: *host,
|
|
|
+ Server: servercfg.GetServer(),
|
|
|
+ HostPeerIDs: make(models.HostPeerMap, 0),
|
|
|
+ ServerVersion: servercfg.GetVersion(),
|
|
|
+ ServerAddrs: []models.ServerAddr{},
|
|
|
PeerIDs: make(models.PeerMap, 0),
|
|
|
Peers: []wgtypes.PeerConfig{},
|
|
|
NodePeers: []wgtypes.PeerConfig{},
|
|
|
@@ -179,10 +175,6 @@ func GetPeerUpdateForHost(ctx context.Context, network string, host *models.Host
|
|
|
continue
|
|
|
}
|
|
|
currentPeers := GetNetworkNodesMemory(allNodes, node.Network)
|
|
|
- var nodePeerMap map[string]models.PeerRouteInfo
|
|
|
- if node.IsIngressGateway || node.IsEgressGateway {
|
|
|
- nodePeerMap = make(map[string]models.PeerRouteInfo)
|
|
|
- }
|
|
|
for _, peer := range currentPeers {
|
|
|
select {
|
|
|
case <-ctx.Done():
|
|
|
@@ -246,39 +238,6 @@ func GetPeerUpdateForHost(ctx context.Context, network string, host *models.Host
|
|
|
peerConfig.AllowedIPs = allowedips // only append allowed IPs if valid connection
|
|
|
}
|
|
|
|
|
|
- if node.IsIngressGateway || node.IsEgressGateway {
|
|
|
- if peer.IsIngressGateway {
|
|
|
- _, extPeerIDAndAddrs, err := GetExtPeers(&peer)
|
|
|
- if err == nil {
|
|
|
- for _, extPeerIdAndAddr := range extPeerIDAndAddrs {
|
|
|
- extPeerIdAndAddr := extPeerIdAndAddr
|
|
|
- nodePeerMap[extPeerIdAndAddr.ID] = models.PeerRouteInfo{
|
|
|
- PeerAddr: net.IPNet{
|
|
|
- IP: net.ParseIP(extPeerIdAndAddr.Address),
|
|
|
- Mask: getCIDRMaskFromAddr(extPeerIdAndAddr.Address),
|
|
|
- },
|
|
|
- PeerKey: extPeerIdAndAddr.ID,
|
|
|
- Allow: true,
|
|
|
- ID: extPeerIdAndAddr.ID,
|
|
|
- }
|
|
|
- }
|
|
|
- }
|
|
|
- }
|
|
|
- if node.IsIngressGateway && peer.IsEgressGateway {
|
|
|
- hostPeerUpdate.IngressInfo.EgressRanges = append(hostPeerUpdate.IngressInfo.EgressRanges,
|
|
|
- peer.EgressGatewayRanges...)
|
|
|
- }
|
|
|
- nodePeerMap[peerHost.PublicKey.String()] = models.PeerRouteInfo{
|
|
|
- PeerAddr: net.IPNet{
|
|
|
- IP: net.ParseIP(peer.PrimaryAddress()),
|
|
|
- Mask: getCIDRMaskFromAddr(peer.PrimaryAddress()),
|
|
|
- },
|
|
|
- PeerKey: peerHost.PublicKey.String(),
|
|
|
- Allow: true,
|
|
|
- ID: peer.ID.String(),
|
|
|
- }
|
|
|
- }
|
|
|
-
|
|
|
peerProxyPort := GetProxyListenPort(peerHost)
|
|
|
var nodePeer wgtypes.PeerConfig
|
|
|
if _, ok := hostPeerUpdate.HostPeerIDs[peerHost.PublicKey.String()]; !ok {
|
|
|
@@ -332,18 +291,6 @@ func GetPeerUpdateForHost(ctx context.Context, network string, host *models.Host
|
|
|
if node.IsIngressGateway {
|
|
|
extPeers, extPeerIDAndAddrs, err = GetExtPeers(&node)
|
|
|
if err == nil {
|
|
|
- for _, extPeerIdAndAddr := range extPeerIDAndAddrs {
|
|
|
- extPeerIdAndAddr := extPeerIdAndAddr
|
|
|
- nodePeerMap[extPeerIdAndAddr.ID] = models.PeerRouteInfo{
|
|
|
- PeerAddr: net.IPNet{
|
|
|
- IP: net.ParseIP(extPeerIdAndAddr.Address),
|
|
|
- Mask: getCIDRMaskFromAddr(extPeerIdAndAddr.Address),
|
|
|
- },
|
|
|
- PeerKey: extPeerIdAndAddr.ID,
|
|
|
- Allow: true,
|
|
|
- ID: extPeerIdAndAddr.ID,
|
|
|
- }
|
|
|
- }
|
|
|
hostPeerUpdate.Peers = append(hostPeerUpdate.Peers, extPeers...)
|
|
|
for _, extPeerIdAndAddr := range extPeerIDAndAddrs {
|
|
|
extPeerIdAndAddr := extPeerIdAndAddr
|
|
|
@@ -354,21 +301,6 @@ func GetPeerUpdateForHost(ctx context.Context, network string, host *models.Host
|
|
|
Name: extPeerIdAndAddr.Name,
|
|
|
Network: node.Network,
|
|
|
}
|
|
|
-
|
|
|
- hostPeerUpdate.IngressInfo.ExtPeers[extPeerIdAndAddr.ID] = models.ExtClientInfo{
|
|
|
- Masquerade: true,
|
|
|
- IngGwAddr: net.IPNet{
|
|
|
- IP: net.ParseIP(node.PrimaryAddress()),
|
|
|
- Mask: getCIDRMaskFromAddr(node.PrimaryAddress()),
|
|
|
- },
|
|
|
- Network: node.PrimaryNetworkRange(),
|
|
|
- ExtPeerAddr: net.IPNet{
|
|
|
- IP: net.ParseIP(extPeerIdAndAddr.Address),
|
|
|
- Mask: getCIDRMaskFromAddr(extPeerIdAndAddr.Address),
|
|
|
- },
|
|
|
- ExtPeerKey: extPeerIdAndAddr.ID,
|
|
|
- Peers: filterNodeMapForClientACLs(extPeerIdAndAddr.ID, node.Network, nodePeerMap),
|
|
|
- }
|
|
|
if node.Network == network {
|
|
|
hostPeerUpdate.PeerIDs[extPeerIdAndAddr.ID] = extPeerIdAndAddr
|
|
|
hostPeerUpdate.NodePeers = append(hostPeerUpdate.NodePeers, extPeers...)
|
|
|
@@ -378,18 +310,6 @@ func GetPeerUpdateForHost(ctx context.Context, network string, host *models.Host
|
|
|
logger.Log(1, "error retrieving external clients:", err.Error())
|
|
|
}
|
|
|
}
|
|
|
- if node.IsEgressGateway {
|
|
|
- hostPeerUpdate.EgressInfo[node.ID.String()] = models.EgressInfo{
|
|
|
- EgressID: node.ID.String(),
|
|
|
- Network: node.PrimaryNetworkRange(),
|
|
|
- EgressGwAddr: net.IPNet{
|
|
|
- IP: net.ParseIP(node.PrimaryAddress()),
|
|
|
- Mask: getCIDRMaskFromAddr(node.PrimaryAddress()),
|
|
|
- },
|
|
|
- GwPeers: nodePeerMap,
|
|
|
- EgressGWCfg: node.EgressGatewayRequest,
|
|
|
- }
|
|
|
- }
|
|
|
}
|
|
|
// == post peer calculations ==
|
|
|
// indicate removal if no allowed IPs were calculated
|
|
|
@@ -425,6 +345,7 @@ func GetPeerUpdateForHost(ctx context.Context, network string, host *models.Host
|
|
|
return hostPeerUpdate, nil
|
|
|
}
|
|
|
|
|
|
+// GetFwUpdate - fetches the firewall update for the gateway nodes on the host
|
|
|
func GetFwUpdate(host *models.Host) (models.FwUpdate, error) {
|
|
|
fwUpdate := models.FwUpdate{
|
|
|
IngressInfo: models.IngressInfo{
|
Abhishek Kondur