|
|
@@ -152,11 +152,15 @@ func GetPeerUpdateForHost(ctx context.Context, network string, host *models.Host
|
|
|
// track which nodes are deleted
|
|
|
// after peer calculation, if peer not in list, add delete config of peer
|
|
|
hostPeerUpdate := models.HostPeerUpdate{
|
|
|
- Host: *host,
|
|
|
- Server: servercfg.GetServer(),
|
|
|
- HostPeerIDs: make(models.HostPeerMap, 0),
|
|
|
- ServerVersion: servercfg.GetVersion(),
|
|
|
- ServerAddrs: []models.ServerAddr{},
|
|
|
+ Host: *host,
|
|
|
+ Server: servercfg.GetServer(),
|
|
|
+ HostPeerIDs: make(models.HostPeerMap, 0),
|
|
|
+ ServerVersion: servercfg.GetVersion(),
|
|
|
+ ServerAddrs: []models.ServerAddr{},
|
|
|
+ IngressInfo: models.IngressInfo{
|
|
|
+ ExtPeers: make(map[string]models.ExtClientInfo),
|
|
|
+ },
|
|
|
+ EgressInfo: make(map[string]models.EgressInfo),
|
|
|
PeerIDs: make(models.PeerMap, 0),
|
|
|
Peers: []wgtypes.PeerConfig{},
|
|
|
NodePeers: []wgtypes.PeerConfig{},
|
|
|
@@ -253,7 +257,6 @@ func GetPeerUpdateForHost(ctx context.Context, network string, host *models.Host
|
|
|
IP: net.ParseIP(extPeerIdAndAddr.Address),
|
|
|
Mask: GetCIDRMaskFromAddr(extPeerIdAndAddr.Address),
|
|
|
},
|
|
|
- Network: node.Network,
|
|
|
PeerKey: extPeerIdAndAddr.ID,
|
|
|
Allow: true,
|
|
|
ID: extPeerIdAndAddr.ID,
|
|
|
@@ -261,12 +264,15 @@ func GetPeerUpdateForHost(ctx context.Context, network string, host *models.Host
|
|
|
}
|
|
|
}
|
|
|
}
|
|
|
+ if node.IsIngressGateway && peer.IsEgressGateway {
|
|
|
+ hostPeerUpdate.IngressInfo.EgressRanges = append(hostPeerUpdate.IngressInfo.EgressRanges,
|
|
|
+ peer.EgressGatewayRanges...)
|
|
|
+ }
|
|
|
nodePeerMap[peerHost.PublicKey.String()] = models.PeerRouteInfo{
|
|
|
PeerAddr: net.IPNet{
|
|
|
IP: net.ParseIP(peer.PrimaryAddress()),
|
|
|
Mask: GetCIDRMaskFromAddr(peer.PrimaryAddress()),
|
|
|
},
|
|
|
- Network: peer.Network,
|
|
|
PeerKey: peerHost.PublicKey.String(),
|
|
|
Allow: true,
|
|
|
ID: peer.ID.String(),
|
|
|
@@ -333,7 +339,6 @@ func GetPeerUpdateForHost(ctx context.Context, network string, host *models.Host
|
|
|
IP: net.ParseIP(extPeerIdAndAddr.Address),
|
|
|
Mask: GetCIDRMaskFromAddr(extPeerIdAndAddr.Address),
|
|
|
},
|
|
|
- Network: node.Network,
|
|
|
PeerKey: extPeerIdAndAddr.ID,
|
|
|
Allow: true,
|
|
|
ID: extPeerIdAndAddr.ID,
|
|
|
@@ -349,6 +354,21 @@ func GetPeerUpdateForHost(ctx context.Context, network string, host *models.Host
|
|
|
Name: extPeerIdAndAddr.Name,
|
|
|
Network: node.Network,
|
|
|
}
|
|
|
+
|
|
|
+ hostPeerUpdate.IngressInfo.ExtPeers[extPeerIdAndAddr.ID] = models.ExtClientInfo{
|
|
|
+ Masquerade: true,
|
|
|
+ IngGwAddr: net.IPNet{
|
|
|
+ IP: net.ParseIP(node.PrimaryAddress()),
|
|
|
+ Mask: GetCIDRMaskFromAddr(node.PrimaryAddress()),
|
|
|
+ },
|
|
|
+ Network: node.PrimaryNetworkRange(),
|
|
|
+ ExtPeerAddr: net.IPNet{
|
|
|
+ IP: net.ParseIP(extPeerIdAndAddr.Address),
|
|
|
+ Mask: GetCIDRMaskFromAddr(extPeerIdAndAddr.Address),
|
|
|
+ },
|
|
|
+ ExtPeerKey: extPeerIdAndAddr.ID,
|
|
|
+ Peers: filterNodeMapForClientACLs(extPeerIdAndAddr.ID, node.Network, nodePeerMap),
|
|
|
+ }
|
|
|
if node.Network == network {
|
|
|
hostPeerUpdate.PeerIDs[extPeerIdAndAddr.ID] = extPeerIdAndAddr
|
|
|
hostPeerUpdate.NodePeers = append(hostPeerUpdate.NodePeers, extPeers...)
|
|
|
@@ -358,6 +378,18 @@ func GetPeerUpdateForHost(ctx context.Context, network string, host *models.Host
|
|
|
logger.Log(1, "error retrieving external clients:", err.Error())
|
|
|
}
|
|
|
}
|
|
|
+ if node.IsEgressGateway {
|
|
|
+ hostPeerUpdate.EgressInfo[node.ID.String()] = models.EgressInfo{
|
|
|
+ EgressID: node.ID.String(),
|
|
|
+ Network: node.PrimaryNetworkRange(),
|
|
|
+ EgressGwAddr: net.IPNet{
|
|
|
+ IP: net.ParseIP(node.PrimaryAddress()),
|
|
|
+ Mask: GetCIDRMaskFromAddr(node.PrimaryAddress()),
|
|
|
+ },
|
|
|
+ GwPeers: nodePeerMap,
|
|
|
+ EgressGWCfg: node.EgressGatewayRequest,
|
|
|
+ }
|
|
|
+ }
|
|
|
}
|
|
|
// == post peer calculations ==
|
|
|
// indicate removal if no allowed IPs were calculated
|
|
|
@@ -442,7 +474,6 @@ func GetFwUpdate(host *models.Host) (models.FwAction, error) {
|
|
|
IP: net.ParseIP(extPeerIdAndAddr.Address),
|
|
|
Mask: GetCIDRMaskFromAddr(extPeerIdAndAddr.Address),
|
|
|
},
|
|
|
- Network: peer.Network,
|
|
|
PeerKey: extPeerIdAndAddr.ID,
|
|
|
Allow: true,
|
|
|
ID: extPeerIdAndAddr.ID,
|
|
|
@@ -459,7 +490,6 @@ func GetFwUpdate(host *models.Host) (models.FwAction, error) {
|
|
|
IP: net.ParseIP(peer.PrimaryAddress()),
|
|
|
Mask: GetCIDRMaskFromAddr(peer.PrimaryAddress()),
|
|
|
},
|
|
|
- Network: peer.Network,
|
|
|
PeerKey: peerHost.PublicKey.String(),
|
|
|
Allow: true,
|
|
|
ID: peer.ID.String(),
|
|
|
@@ -478,7 +508,6 @@ func GetFwUpdate(host *models.Host) (models.FwAction, error) {
|
|
|
IP: net.ParseIP(extPeerIdAndAddr.Address),
|
|
|
Mask: GetCIDRMaskFromAddr(extPeerIdAndAddr.Address),
|
|
|
},
|
|
|
- Network: node.Network,
|
|
|
PeerKey: extPeerIdAndAddr.ID,
|
|
|
Allow: true,
|
|
|
ID: extPeerIdAndAddr.ID,
|
|
|
@@ -493,8 +522,7 @@ func GetFwUpdate(host *models.Host) (models.FwAction, error) {
|
|
|
IP: net.ParseIP(node.PrimaryAddress()),
|
|
|
Mask: GetCIDRMaskFromAddr(node.PrimaryAddress()),
|
|
|
},
|
|
|
- Network: node.PrimaryNetworkRange(),
|
|
|
- NetworkName: node.Network,
|
|
|
+ Network: node.PrimaryNetworkRange(),
|
|
|
ExtPeerAddr: net.IPNet{
|
|
|
IP: net.ParseIP(extPeerIdAndAddr.Address),
|
|
|
Mask: GetCIDRMaskFromAddr(extPeerIdAndAddr.Address),
|
Abhishek Kondur