mirror of
https://github.com/gravitl/netmaker.git
synced 2025-10-03 10:24:24 +08:00
fix(NET-760): check for private network range (#2722)
This commit is contained in:
parent
643950f9eb
commit
c8ae70bd69
1 changed files with 35 additions and 0 deletions
|
@ -4,6 +4,7 @@ import (
|
|||
"encoding/json"
|
||||
"errors"
|
||||
"fmt"
|
||||
"net"
|
||||
"net/http"
|
||||
"strings"
|
||||
|
||||
|
@ -246,6 +247,40 @@ func createNetwork(w http.ResponseWriter, r *http.Request) {
|
|||
return
|
||||
}
|
||||
|
||||
// validate address ranges: must be private
|
||||
if network.AddressRange != "" {
|
||||
_, ipNet, err := net.ParseCIDR(network.AddressRange)
|
||||
if err != nil {
|
||||
logger.Log(0, r.Header.Get("user"), "failed to create network: ",
|
||||
err.Error())
|
||||
logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
|
||||
return
|
||||
}
|
||||
if !ipNet.IP.IsPrivate() {
|
||||
err := errors.New("address range must be private")
|
||||
logger.Log(0, r.Header.Get("user"), "failed to create network: ",
|
||||
err.Error())
|
||||
logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
|
||||
return
|
||||
}
|
||||
}
|
||||
if network.AddressRange6 != "" {
|
||||
_, ipNet, err := net.ParseCIDR(network.AddressRange6)
|
||||
if err != nil {
|
||||
logger.Log(0, r.Header.Get("user"), "failed to create network: ",
|
||||
err.Error())
|
||||
logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
|
||||
return
|
||||
}
|
||||
if !ipNet.IP.IsPrivate() {
|
||||
err := errors.New("address range must be private")
|
||||
logger.Log(0, r.Header.Get("user"), "failed to create network: ",
|
||||
err.Error())
|
||||
logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
network, err = logic.CreateNetwork(network)
|
||||
if err != nil {
|
||||
logger.Log(0, r.Header.Get("user"), "failed to create network: ",
|
||||
|
|
Loading…
Add table
Reference in a new issue