Home Explore Help
Sign In
golang
/
netmaker
mirror of https://github.com/gravitl/netmaker
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

freebsd set peers working

afeiszli 3 years ago
parent
59db83af62
commit
97acdc5e8b
2 changed files with 112 additions and 13 deletions
Unified View Show Diff Stats
  1. 96 0
      netclient/freebsd/peers.go
  2. 16 13
      netclient/ncutils/peerhelper.go

+ 96 - 0
netclient/freebsd/peers.go
View File 

@@ -0,0 +1,96 @@
 
+package wireguard
 
+
 
+import (
 
+	"fmt"
 
+	"io/ioutil"
 
+	"log"
 
+	"os"
 
+	"os/exec"
 
+	"runtime"
 
+	"strconv"
 
+	"strings"
 
+	"time"
 
+
 
+	"github.com/gravitl/netmaker/models"
 
+	"github.com/gravitl/netmaker/netclient/config"
 
+	"github.com/gravitl/netmaker/netclient/local"
 
+	"github.com/gravitl/netmaker/netclient/ncutils"
 
+	"github.com/gravitl/netmaker/netclient/server"
 
+	"golang.zx2c4.com/wireguard/wgctrl/internal/wguser"
 
+	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
 
+)
 
+
 
+// SetPeers - sets peers on a given WireGuard interface
 
+func SetPeers(iface string, keepalive int32, peers []wgtypes.PeerConfig) error {
 
+
 
+	client, err := wguser.New()
 
+	if err != nil {
 
+		ncutils.PrintLog("failed to start wgctrl", 0)
 
+		return err
 
+	}
 
+
 
+	device, err := client.Device(iface)
 
+	if err != nil {
 
+		ncutils.PrintLog("failed to parse interface", 0)
 
+		return err
 
+	}
 
+	devicePeers := device.Peers
 
+	if len(devicePeers) > 1 && len(peers) == 0 {
 
+		ncutils.PrintLog("no peers pulled", 1)
 
+		return err
 
+	}
 
+
 
+	for _, peer := range peers {
 
+
 
+		for _, currentPeer := range devicePeers {
 
+			if currentPeer.AllowedIPs[0].String() == peer.AllowedIPs[0].String() &&
 
+				currentPeer.PublicKey.String() != peer.PublicKey.String() {
 
+				_, err := ncutils.RunCmd("wg set "+iface+" peer "+currentPeer.PublicKey.String()+" remove", true)
 
+				if err != nil {
 
+					log.Println("error removing peer", peer.Endpoint.String())
 
+				}
 
+			}
 
+		}
 
+		udpendpoint := peer.Endpoint.String()
 
+		var allowedips string
 
+		var iparr []string
 
+		for _, ipaddr := range peer.AllowedIPs {
 
+			iparr = append(iparr, ipaddr.String())
 
+		}
 
+		allowedips = strings.Join(iparr, ",")
 
+		keepAliveString := strconv.Itoa(int(keepalive))
 
+		if keepAliveString == "0" {
 
+			keepAliveString = "5"
 
+		}
 
+		if peer.Endpoint != nil {
 
+			_, err = ncutils.RunCmd("wg set "+iface+" peer "+peer.PublicKey.String()+
 
+				" endpoint "+udpendpoint+
 
+				" persistent-keepalive "+keepAliveString+
 
+				" allowed-ips "+allowedips, true)
 
+		} else {
 
+			_, err = ncutils.RunCmd("wg set "+iface+" peer "+peer.PublicKey.String()+
 
+				" persistent-keepalive "+keepAliveString+
 
+				" allowed-ips "+allowedips, true)
 
+		}
 
+		if err != nil {
 
+			log.Println("error setting peer", peer.PublicKey.String())
 
+		}
 
+	}
 
+
 
+	for _, currentPeer := range devicePeers {
 
+		shouldDelete := true
 
+		for _, peer := range peers {
 
+			if peer.AllowedIPs[0].String() == currentPeer.AllowedIPs[0].String() {
 
+				shouldDelete = false
 
+			}
 
+		}
 
+		if shouldDelete {
 
+			output, err := ncutils.RunCmd("wg set "+iface+" peer "+currentPeer.PublicKey.String()+" remove", true)
 
+			if err != nil {
 
+				log.Println(output, "error removing peer", currentPeer.PublicKey.String())
 
+			}
 
+		}
 
+	}
 
+
 
+	return nil
 
+}

+ 16 - 13
netclient/ncutils/peerhelper.go
View File 

@@ -3,32 +3,35 @@ package ncutils
 
 import (
 
 import (
 
 	"strconv"
 
 	"strconv"
 
 	"strings"
 
 	"strings"
 
-	"bufio"
 
 	"net"
 
 	"net"
 
 	"time"
 
 	"time"
 
 	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
 
 	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
 
 )
 
 )
 
 
 
 func GetPeers(iface string) ([]wgtypes.Peer, error) {
 
 func GetPeers(iface string) ([]wgtypes.Peer, error) {
 
-	
+
 
 	var peers []wgtypes.Peer
 
 	var peers []wgtypes.Peer
 
-	
 	output, err := RunCmd("wg show "+iface+" dump",true)
 
 	output, err := RunCmd("wg show "+iface+" dump",true)
 
 	if err != nil {
 
 	if err != nil {
 
 		return peers, err
 
 		return peers, err
 
 	}
 
 	}
 
-	scanner := bufio.NewScanner(strings.NewReader(output))
 
-	for scanner.Scan() {
 
-		if err := scanner.Err(); err != nil {
 
-			Log("err reading standard input:"+ err.Error())
 
-			return peers, err
 
+	for i, line := range strings.Split(strings.TrimSuffix(output, "\n"), "\n") {
 
+		if i == 0 {
 
+			continue
 
 		}
 
 		}
 
 		var allowedIPs []net.IPNet
 
 		var allowedIPs []net.IPNet
 
-		fields := strings.Fields(scanner.Text())
 
+		fields := strings.Fields(line)
 
+		if len(fields) < 4 {
 
+			Log("error parsing peer: "+line)
 
+			continue
 
+		}
 
 		pubkeystring := fields[0]
 
 		pubkeystring := fields[0]
 
-		endpointstring := fields[1]
 
+		endpointstring := fields[2]
 
 		allowedipstring := fields[3]
 
 		allowedipstring := fields[3]
 
-		pkeepalivestring := fields[7]
 
+		var pkeepalivestring string
 
+		if len(fields) > 7 {
 
+			pkeepalivestring = fields[7]
 
+		}
 
 		// AllowedIPs = private IP + defined networks
 
 		// AllowedIPs = private IP + defined networks
 
 
 
 		pubkey, err := wgtypes.ParseKey(pubkeystring)
 
 		pubkey, err := wgtypes.ParseKey(pubkeystring)
 
@@ -39,7 +42,7 @@ func GetPeers(iface string) ([]wgtypes.Peer, error) {
 
 		ipstrings := strings.Split(allowedipstring, ",")
 
 		ipstrings := strings.Split(allowedipstring, ",")
 
 		for _, ipstring := range ipstrings {
 
 		for _, ipstring := range ipstrings {
 
 			var netip net.IP
 
 			var netip net.IP
 
-			if netip = net.ParseIP(ipstring); netip != nil {
 
+			if netip = net.ParseIP(strings.Split(ipstring,"/")[0]); netip != nil {
 
 				allowedIPs = append(
 
 				allowedIPs = append(
 
 					allowedIPs,
 
 					allowedIPs,
 
 					net.IPNet{
 
 					net.IPNet{
 
@@ -89,4 +92,4 @@ func GetPeers(iface string) ([]wgtypes.Peer, error) {
 
 	}
 
 	}
 
 
 
 	return peers, err
 
 	return peers, err
 
-}
 
+}