Etusivu Tutki Apua
Kirjaudu sisään
golang
/
netmaker
peilaus alkaen https://github.com/gravitl/netmaker
2
0
Fork 0
Tiedostot Ongelmat 0 Wiki
Selaa lähdekoodia

Merge branch 'NET-1911' of https://github.com/gravitl/netmaker into NET-1910

abhishek9686 6 kuukautta sitten
vanhempi
3ac0222375 98606bc2dc
commit
f1efab83a3
2 muutettua tiedostoa jossa 24 lisäystä ja 11 poistoa
Jaettu näkymä Näytä diff tilastot
  1. 23 10
      logic/acls.go
  2. 1 1
      logic/extpeers.go

+ 23 - 10
logic/acls.go
Näytä tiedosto 

@@ -890,20 +890,33 @@ func IsNodeAllowedToCommunicate(node, peer models.Node, checkDefaultPolicy bool)
 
 		}
 
 		srcMap = convAclTagToValueMap(policy.Src)
 
 		dstMap = convAclTagToValueMap(policy.Dst)
 
+		_, srcAll := srcMap["*"]
 
+		_, dstAll := dstMap["*"]
 
 		if policy.AllowedDirection == models.TrafficDirectionBi {
 
-			if _, ok := srcMap[node.ID.String()]; ok {
 
-				allowedPolicies = append(allowedPolicies, policy)
 
-				break
 
+			if _, ok := srcMap[nodeId]; ok || srcAll {
 
+				if _, ok := dstMap[peerId]; ok || dstAll {
 
+					allowedPolicies = append(allowedPolicies, policy)
 
+					continue
 
+				}
 
+
 
+			}
 
+			if _, ok := dstMap[nodeId]; ok || dstAll {
 
+				if _, ok := srcMap[peerId]; ok || srcAll {
 
+					allowedPolicies = append(allowedPolicies, policy)
 
+					continue
 
+				}
 
 			}
 
 		}
 
-		if _, ok := dstMap[node.ID.String()]; ok {
 
-			allowedPolicies = append(allowedPolicies, policy)
 
-			break
 
+		if _, ok := dstMap[nodeId]; ok || dstAll {
 
+			if _, ok := srcMap[peerId]; ok || srcAll {
 
+				allowedPolicies = append(allowedPolicies, policy)
 
+				continue
 
+			}
 
 		}
 
 		for tagID := range nodeTags {
 
 			allowed := false
 
 			if _, ok := dstMap[tagID.String()]; policy.AllowedDirection == models.TrafficDirectionBi && ok {
 
-				if _, ok := srcMap["*"]; ok {
 
+				if srcAll {
 
 					allowed = true
 
 					allowedPolicies = append(allowedPolicies, policy)
 
 					break
 
@@ -920,7 +933,7 @@ func IsNodeAllowedToCommunicate(node, peer models.Node, checkDefaultPolicy bool)
 
 				break
 
 			}
 
 			if _, ok := srcMap[tagID.String()]; ok {
 
-				if _, ok := dstMap["*"]; ok {
 
+				if dstAll {
 
 					allowed = true
 
 					allowedPolicies = append(allowedPolicies, policy)
 
 					break
 
@@ -940,7 +953,7 @@ func IsNodeAllowedToCommunicate(node, peer models.Node, checkDefaultPolicy bool)
 
 		for tagID := range peerTags {
 
 			allowed := false
 
 			if _, ok := dstMap[tagID.String()]; ok {
 
-				if _, ok := srcMap["*"]; ok {
 
+				if srcAll {
 
 					allowed = true
 
 					allowedPolicies = append(allowedPolicies, policy)
 
 					break
 
@@ -959,7 +972,7 @@ func IsNodeAllowedToCommunicate(node, peer models.Node, checkDefaultPolicy bool)
 
 			}
 
 
 			if _, ok := srcMap[tagID.String()]; policy.AllowedDirection == models.TrafficDirectionBi && ok {
 
-				if _, ok := dstMap["*"]; ok {
 
+				if dstAll {
 
 					allowed = true
 
 					allowedPolicies = append(allowedPolicies, policy)
 
 					break

+ 1 - 1
logic/extpeers.go
Näytä tiedosto 

@@ -106,6 +106,7 @@ func DeleteExtClient(network string, clientid string) error {
 
 	if servercfg.CacheEnabled() {
 
 		deleteExtClientFromCache(key)
 
 	}
 
+	go RemoveNodeFromAclPolicy(extClient.ConvertToStaticNode())
 
 	return nil
 
 }
 
 
@@ -134,7 +135,6 @@ func DeleteExtClientAndCleanup(extClient models.ExtClient) error {
 
 		slog.Error("DeleteExtClientAndCleanup-update network acls:", "Error", err.Error())
 
 		return err
 
 	}
 
-	go RemoveNodeFromAclPolicy(extClient.ConvertToStaticNode())
 
 
 	return nil
 
 }