Home Explore Help
Sign In
golang
/
netmaker
mirror of https://github.com/gravitl/netmaker
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

add allowed networks

abhishek9686 9 months ago
parent
f14d916936
commit
98e313242b
2 changed files with 18 additions and 15 deletions
Unified View Show Diff Stats
  1. 11 8
      logic/peers.go
  2. 7 7
      models/mqtt.go

+ 11 - 8
logic/peers.go
View File 

@@ -158,17 +158,20 @@ func GetPeerUpdateForHost(network string, host *models.Host, allNodes []models.N
 
 		}
 
 		}
 
 		defaultUserPolicy, _ := GetDefaultPolicy(models.NetworkID(node.Network), models.UserPolicy)
 
 		defaultUserPolicy, _ := GetDefaultPolicy(models.NetworkID(node.Network), models.UserPolicy)
 
 		defaultDevicePolicy, _ := GetDefaultPolicy(models.NetworkID(node.Network), models.DevicePolicy)
 
 		defaultDevicePolicy, _ := GetDefaultPolicy(models.NetworkID(node.Network), models.DevicePolicy)
 
-		if node.NetworkRange.IP != nil {
 
-			hostPeerUpdate.FwUpdate.Networks = append(hostPeerUpdate.FwUpdate.Networks, node.NetworkRange)
 
-		}
 
-		if node.NetworkRange6.IP != nil {
 
-			hostPeerUpdate.FwUpdate.Networks = append(hostPeerUpdate.FwUpdate.Networks, node.NetworkRange6)
 
-		}
 
 
 
-		if !defaultDevicePolicy.Enabled || !defaultUserPolicy.Enabled {
 
+		if defaultDevicePolicy.Enabled && defaultUserPolicy.Enabled {
 
+			if node.NetworkRange.IP != nil {
 
+				hostPeerUpdate.FwUpdate.AllowedNetworks = append(hostPeerUpdate.FwUpdate.AllowedNetworks, node.NetworkRange)
 
+			}
 
+			if node.NetworkRange6.IP != nil {
 
+				hostPeerUpdate.FwUpdate.AllowedNetworks = append(hostPeerUpdate.FwUpdate.AllowedNetworks, node.NetworkRange6)
 
+			}
 
+
 
+		} else {
 
 			hostPeerUpdate.FwUpdate.AllowAll = false
 
 			hostPeerUpdate.FwUpdate.AllowAll = false
 
+			hostPeerUpdate.FwUpdate.AclRules = GetAclRulesForNode(&node)
 
 		}
 
 		}
 
-		hostPeerUpdate.FwUpdate.AclRules = GetAclRulesForNode(&node)
 
+
 
 		currentPeers := GetNetworkNodesMemory(allNodes, node.Network)
 
 		currentPeers := GetNetworkNodesMemory(allNodes, node.Network)
 
 		for _, peer := range currentPeers {
 
 		for _, peer := range currentPeers {
 
 			peer := peer
 
 			peer := peer

+ 7 - 7
models/mqtt.go
View File 

@@ -94,13 +94,13 @@ type KeyUpdate struct {
 
 
 
 // FwUpdate - struct for firewall updates
 
 // FwUpdate - struct for firewall updates
 
 type FwUpdate struct {
 
 type FwUpdate struct {
 
-	AllowAll    bool                   `json:"allow_all"`
 
-	Networks    []net.IPNet            `json:"networks"`
 
-	IsEgressGw  bool                   `json:"is_egress_gw"`
 
-	IsIngressGw bool                   `json:"is_ingress_gw"`
 
-	EgressInfo  map[string]EgressInfo  `json:"egress_info"`
 
-	IngressInfo map[string]IngressInfo `json:"ingress_info"`
 
-	AclRules    map[string]AclRule     `json:"acl_rules"`
 
+	AllowAll        bool                   `json:"allow_all"`
 
+	AllowedNetworks []net.IPNet            `json:"networks"`
 
+	IsEgressGw      bool                   `json:"is_egress_gw"`
 
+	IsIngressGw     bool                   `json:"is_ingress_gw"`
 
+	EgressInfo      map[string]EgressInfo  `json:"egress_info"`
 
+	IngressInfo     map[string]IngressInfo `json:"ingress_info"`
 
+	AclRules        map[string]AclRule     `json:"acl_rules"`
 
 }
 
 }
 
 
 
 // FailOverMeReq - struct for failover req
 
 // FailOverMeReq - struct for failover req