extern/netbird
1
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2025-06-20 09:47:49 +02:00
Code Issues Packages Projects Releases Wiki Activity

Use any as source for the firewall for routed networks (#2134)

Browse Source
This commit is contained in:
Viktor Liu 2024-06-18 16:33:03 +02:00 committed by GitHub
parent 381447b8d6
commit 215fb257f7
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 15 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
client/internal/routemanager/server_nonandroid.go
View File

@ -5,7 +5,7 @@ package routemanager
import ( import (
"context" "context"
"fmt" "fmt"
"net" "net/netip"
"sync" "sync"
log "github.com/sirupsen/logrus" log "github.com/sirupsen/logrus"
@ -89,7 +89,7 @@ func (m *defaultServerRouter) removeFromServerNetwork(route *route.Route) error
m.mux.Lock() m.mux.Lock()
defer m.mux.Unlock() defer m.mux.Unlock()
routerPair, err := routeToRouterPair(m.wgInterface.Address().Network, route) routerPair, err := routeToRouterPair(route)
if err != nil { if err != nil {
return fmt.Errorf("parse prefix: %w", err) return fmt.Errorf("parse prefix: %w", err)
} }
@ -118,7 +118,7 @@ func (m *defaultServerRouter) addToServerNetwork(route *route.Route) error {
m.mux.Lock() m.mux.Lock()
defer m.mux.Unlock() defer m.mux.Unlock()
routerPair, err := routeToRouterPair(m.wgInterface.Address().Network, route) routerPair, err := routeToRouterPair(route)
if err != nil { if err != nil {
return fmt.Errorf("parse prefix: %w", err) return fmt.Errorf("parse prefix: %w", err)
} }
@ -151,7 +151,7 @@ func (m *defaultServerRouter) cleanUp() {
m.mux.Lock() m.mux.Lock()
defer m.mux.Unlock() defer m.mux.Unlock()
for _, r := range m.routes { for _, r := range m.routes {
routerPair, err := routeToRouterPair(m.wgInterface.Address().Network, r) routerPair, err := routeToRouterPair(r)
if err != nil { if err != nil {
log.Errorf("Failed to convert route to router pair: %v", err) log.Errorf("Failed to convert route to router pair: %v", err)
continue continue
@ -169,7 +169,10 @@ func (m *defaultServerRouter) cleanUp() {
m.statusRecorder.UpdateLocalPeerState(state) m.statusRecorder.UpdateLocalPeerState(state)
} }
func routeToRouterPair(source *net.IPNet, route *route.Route) (firewall.RouterPair, error) { func routeToRouterPair(route *route.Route) (firewall.RouterPair, error) {
// TODO: add ipv6
source := getDefaultPrefix(route.Network)
destination := route.Network.Masked().String() destination := route.Network.Masked().String()
if route.IsDynamic() { if route.IsDynamic() {
// TODO: add ipv6 // TODO: add ipv6
@ -183,3 +186,10 @@ func routeToRouterPair(source *net.IPNet, route *route.Route) (firewall.RouterPa
Masquerade: route.Masquerade, Masquerade: route.Masquerade,
}, nil }, nil
} }
func getDefaultPrefix(prefix netip.Prefix) netip.Prefix {
if prefix.Addr().Is6() {
return netip.PrefixFrom(netip.IPv6Unspecified(), 0)
}
return netip.PrefixFrom(netip.IPv4Unspecified(), 0)
}