diff --git a/netclient/functions/daemon.go b/netclient/functions/daemon.go index daa1cfdb..d92d436f 100644 --- a/netclient/functions/daemon.go +++ b/netclient/functions/daemon.go @@ -354,7 +354,7 @@ func UpdatePeers(client mqtt.Client, msg mqtt.Message) { return } //err = wireguard.SyncWGQuickConf(cfg.Node.Interface, file) - err = wireguard.SetPeers(cfg.Node.Interface, cfg.Node.PersistentKeepalive, peerUpdate.Peers) + err = wireguard.SetPeers(cfg.Node.Interface, cfg.Node.Address, cfg.Node.PersistentKeepalive, peerUpdate.Peers) if err != nil { ncutils.Log("error syncing wg after peer update " + err.Error()) return diff --git a/netclient/local/routes.go b/netclient/local/routes.go index a8512e6b..1f52b4d6 100644 --- a/netclient/local/routes.go +++ b/netclient/local/routes.go @@ -8,7 +8,7 @@ import ( ) // SetPeerRoutes - sets/removes ip routes for each peer on a network -func SetPeerRoutes(iface string, oldPeers map[string][]net.IPNet, newPeers []wgtypes.PeerConfig) { +func SetPeerRoutes(iface, currentNodeAddr string, oldPeers map[string][]net.IPNet, newPeers []wgtypes.PeerConfig) { // traverse through all recieved peers for _, peer := range newPeers { // if pubkey found in existing peers, check against existing peer @@ -17,14 +17,14 @@ func SetPeerRoutes(iface string, oldPeers map[string][]net.IPNet, newPeers []wgt // traverse IPs, check to see if old peer contains each IP for _, allowedIP := range peer.AllowedIPs { // compare new ones (if any) to old ones if !ncutils.IPNetSliceContains(currPeerAllowedIPs, allowedIP) { - if err := setRoute(iface, &allowedIP); err != nil { + if err := setRoute(iface, &allowedIP, allowedIP.IP.String()); err != nil { ncutils.PrintLog(err.Error(), 1) } } } for _, allowedIP := range currPeerAllowedIPs { // compare old ones (if any) to new ones if !ncutils.IPNetSliceContains(peer.AllowedIPs, allowedIP) { - if err := deleteRoute(iface, &allowedIP); err != nil { + if err := deleteRoute(iface, &allowedIP, allowedIP.IP.String()); err != nil { ncutils.PrintLog(err.Error(), 1) } } @@ -32,7 +32,7 @@ func SetPeerRoutes(iface string, oldPeers map[string][]net.IPNet, newPeers []wgt delete(oldPeers, peer.PublicKey.String()) // remove peer as it was found and processed } else { for _, allowedIP := range peer.AllowedIPs { // add all routes as peer doesn't exist - if err := setRoute(iface, &allowedIP); err != nil { + if err := setRoute(iface, &allowedIP, allowedIP.String()); err != nil { ncutils.PrintLog(err.Error(), 1) } } @@ -42,7 +42,16 @@ func SetPeerRoutes(iface string, oldPeers map[string][]net.IPNet, newPeers []wgt // traverse through all remaining existing peers for _, allowedIPs := range oldPeers { for _, allowedIP := range allowedIPs { - deleteRoute(iface, &allowedIP) + deleteRoute(iface, &allowedIP, allowedIP.IP.String()) + } + } +} + +// SetCurrentPeerRoutes - sets all the current peers +func SetCurrentPeerRoutes(iface, currentAddr string, peers []wgtypes.Peer) { + for _, peer := range peers { + for _, allowedIP := range peer.AllowedIPs { + setRoute(iface, &allowedIP, currentAddr) } } } diff --git a/netclient/local/routes_darwin.go b/netclient/local/routes_darwin.go new file mode 100644 index 00000000..5e8911ba --- /dev/null +++ b/netclient/local/routes_darwin.go @@ -0,0 +1,32 @@ +package local + +import ( + "net" + + "github.com/gravitl/netmaker/netclient/ncutils" +) + +// route -n add -net 10.0.0.0/8 192.168.0.254 +// networksetup -setadditionalroutes Ethernet 192.168.1.0 255.255.255.0 10.0.0.2 persistent +func setRoute(iface string, addr *net.IPNet, address string) error { + var err error + var out string + var inetx = "inet" + if strings.Contains(addr.IP.String(), ":") { + inetx = "inet6" + } + out, err = ncutils.RunCmd("route -n get -"+inetx+" "+addr.IP.String(), true) + if err != nil { + return err + } + if !(strings.Contains(out, iface)) { + _, err = ncutils.RunCmd("route -q -n add -"+inetx+" "+addr.String()+" -interface "+iface, true) + } + return err +} + +func deleteRoute(iface string, addr *net.IPNet, address string) error { + var err error + _, err = ncutils.RunCmd("route -q -n delete "+addr.String(), true) + return err +} diff --git a/netclient/local/routes_freebsd.go b/netclient/local/routes_freebsd.go new file mode 100644 index 00000000..72522c40 --- /dev/null +++ b/netclient/local/routes_freebsd.go @@ -0,0 +1,19 @@ +package local + +import ( + "net" + + "github.com/gravitl/netmaker/netclient/ncutils" +) + +func setRoute(iface string, addr *net.IPNet, address string) error { + var err error + _, _ = ncutils.RunCmd("route add -net "+addr.String()+" -interface "+iface, true) + return err +} + +func deleteRoute(iface string, addr *net.IPNet, address string) error { + var err error + _, err = ncutils.RunCmd("route delete -net "+addr.String()+" -interface "+iface, true) + return err +} diff --git a/netclient/local/routes_linux.go b/netclient/local/routes_linux.go index 37706a1a..84ef30b9 100644 --- a/netclient/local/routes_linux.go +++ b/netclient/local/routes_linux.go @@ -1,6 +1,3 @@ -//go:build linux -// +build linux - package local import ( @@ -12,13 +9,13 @@ import ( "github.com/gravitl/netmaker/netclient/ncutils" ) -func setRoute(iface string, addr *net.IPNet) error { +func setRoute(iface string, addr *net.IPNet, address string) error { var err error _, err = ncutils.RunCmd(fmt.Sprintf("ip route add %s dev %s", addr.String(), iface), true) return err } -func deleteRoute(iface string, addr *net.IPNet) error { +func deleteRoute(iface string, addr *net.IPNet, address string) error { var err error _, err = ncutils.RunCmd(fmt.Sprintf("ip route del %s dev %s", addr.String(), iface), true) return err diff --git a/netclient/local/routes_other.go b/netclient/local/routes_other.go deleted file mode 100644 index 88522e55..00000000 --- a/netclient/local/routes_other.go +++ /dev/null @@ -1,33 +0,0 @@ -//go:build !linux -// +build !linux - -package local - -import ( - //"github.com/davecgh/go-spew/spew" - - "fmt" - "net" - - "github.com/gravitl/netmaker/netclient/ncutils" -) - -//"github.com/davecgh/go-spew/spew" - -/* - -These functions are not used. These should only be called by Linux (see routes_linux.go). These routes return nothing if called. - -*/ - -func setRoute(iface string, addr *net.IPNet) error { - var err error - _, err = ncutils.RunCmd(fmt.Sprintf("ip route add %s dev %s", addr.String(), iface), true) - return err -} - -func deleteRoute(iface string, addr *net.IPNet) error { - var err error - _, err = ncutils.RunCmd(fmt.Sprintf("ip route del %s dev %s", addr.String(), iface), true) - return err -} diff --git a/netclient/local/routes_windows.go b/netclient/local/routes_windows.go new file mode 100644 index 00000000..cf98a4ec --- /dev/null +++ b/netclient/local/routes_windows.go @@ -0,0 +1,22 @@ +package local + +import ( + "net" + "time" + + "github.com/gravitl/netmaker/netclient/ncutils" +) + +func setRoute(iface string, addr *net.IPNet, address string) error { + var err error + _, err = ncutils.RunCmd("route -p add "+addr.IP.String()+" mask "+addr.Mask.String()+" "+address, true) + time.Sleep(time.Second >> 2) + ncutils.RunCmd("route change "+addr.IP.String()+" mask "+addr.Mask.String()+" "+address, true) + return err +} + +func deleteRoute(iface string, addr *net.IPNet, address string) error { + var err error + _, err = ncutils.RunCmd("route delete "+addr.IP.String()+" mask "+addr.Mask.String()+" "+address, true) + return err +} diff --git a/netclient/wireguard/common.go b/netclient/wireguard/common.go index fb803f53..fd674a6d 100644 --- a/netclient/wireguard/common.go +++ b/netclient/wireguard/common.go @@ -25,7 +25,7 @@ const ( ) // SetPeers - sets peers on a given WireGuard interface -func SetPeers(iface string, keepalive int32, peers []wgtypes.PeerConfig) error { +func SetPeers(iface, currentNodeAddr string, keepalive int32, peers []wgtypes.PeerConfig) error { var devicePeers []wgtypes.Peer var oldPeerAllowedIps = make(map[string][]net.IPNet, len(peers)) var err error @@ -107,7 +107,7 @@ func SetPeers(iface string, keepalive int32, peers []wgtypes.PeerConfig) error { err = SetMacPeerRoutes(iface) return err } else if ncutils.IsLinux() { - local.SetPeerRoutes(iface, oldPeerAllowedIps, peers) + local.SetPeerRoutes(iface, currentNodeAddr, oldPeerAllowedIps, peers) } return nil @@ -243,7 +243,7 @@ func SetWGConfig(network string, peerupdate bool) error { return err } } - err = SetPeers(iface, nodecfg.PersistentKeepalive, peers) + err = SetPeers(iface, nodecfg.Address, nodecfg.PersistentKeepalive, peers) } else if peerupdate { err = InitWireguard(&nodecfg, privkey, peers, hasGateway, gateways, true) } else {