|
|
@@ -137,6 +137,27 @@ func AddEgressInfoToPeerByAccess(node, targetNode *models.Node, eli []schema.Egr
|
|
|
}
|
|
|
}
|
|
|
|
|
|
+func GetEgressDomainsByAccess(node *models.Node) (domains []string) {
|
|
|
+ acls, _ := ListAclsByNetwork(models.NetworkID(node.Network))
|
|
|
+ eli, _ := (&schema.Egress{Network: node.Network}).ListByNetwork(db.WithContext(context.TODO()))
|
|
|
+ defaultDevicePolicy, _ := GetDefaultPolicy(models.NetworkID(node.Network), models.DevicePolicy)
|
|
|
+ isDefaultPolicyActive := defaultDevicePolicy.Enabled
|
|
|
+ for _, e := range eli {
|
|
|
+ if !e.Status || e.Network != node.Network {
|
|
|
+ continue
|
|
|
+ }
|
|
|
+ if !isDefaultPolicyActive {
|
|
|
+ if !DoesNodeHaveAccessToEgress(node, &e, acls) {
|
|
|
+ continue
|
|
|
+ }
|
|
|
+ }
|
|
|
+ if e.Domain != "" && len(e.DomainAns) > 0 {
|
|
|
+ domains = append(domains, e.Domain)
|
|
|
+ }
|
|
|
+ }
|
|
|
+ return
|
|
|
+}
|
|
|
+
|
|
|
func GetNodeEgressInfo(targetNode *models.Node, eli []schema.Egress, acls []models.Acl) {
|
|
|
|
|
|
req := models.EgressGatewayRequest{
|
|
|
@@ -156,16 +177,20 @@ func GetNodeEgressInfo(targetNode *models.Node, eli []schema.Egress, acls []mode
|
|
|
m := uint32(m64)
|
|
|
if e.Range != "" {
|
|
|
req.Ranges = append(req.Ranges, e.Range)
|
|
|
- } else {
|
|
|
+ req.RangesWithMetric = append(req.RangesWithMetric, models.EgressRangeMetric{
|
|
|
+ Network: e.Range,
|
|
|
+ Nat: e.Nat,
|
|
|
+ RouteMetric: m,
|
|
|
+ })
|
|
|
+ } else if len(e.DomainAns) > 0 {
|
|
|
req.Ranges = append(req.Ranges, e.DomainAns...)
|
|
|
+ req.RangesWithMetric = append(req.RangesWithMetric, models.EgressRangeMetric{
|
|
|
+ Network: e.DomainAns[0],
|
|
|
+ Nat: e.Nat,
|
|
|
+ RouteMetric: m,
|
|
|
+ })
|
|
|
}
|
|
|
|
|
|
- req.RangesWithMetric = append(req.RangesWithMetric, models.EgressRangeMetric{
|
|
|
- Network: e.Range,
|
|
|
- Nat: e.Nat,
|
|
|
- RouteMetric: m,
|
|
|
- })
|
|
|
-
|
|
|
}
|
|
|
}
|
|
|
if targetNode.Mutex != nil {
|
abhishek9686