Merge pull request #966 from gravitl/feature_v0.12.2_ingress_outbound

added ingress outbound to ext clients
2024-09-20 15:26:04 +08:00 · 2022-03-25 16:06:29 -04:00 · 2022-03-25 16:06:29 -04:00 · fb8769aec1
parent a6b1c6a8cd 9b7631e6dc
commit fb8769aec1
1 changed files with 14 additions and 0 deletions
--- a/logic/peers.go
+++ b/logic/peers.go
@ -61,6 +61,9 @@ func GetNodePeers(networkName, nodeid string, excludeRelayed bool, isP2S bool) (
 			peer.EgressGatewayRanges = node.EgressGatewayRanges
 			peer.IsEgressGateway = node.IsEgressGateway
 		}
+
+		peer.IsIngressGateway = node.IsIngressGateway
+		isDualStack := node.IsDualStack == "yes"
 		allow := node.IsRelayed != "yes" || !excludeRelayed

 		if node.Network == networkName && node.IsPending != "yes" && allow {
@ -89,6 +92,17 @@ func GetNodePeers(networkName, nodeid string, excludeRelayed bool, isP2S bool) (
 					}
 				}
 			}
+			if peer.IsIngressGateway == "yes" { // handle ingress stuff
+				if currentExtClients, err := GetExtPeersList(&node); err == nil {
+					for i := range currentExtClients {
+						peer.AllowedIPs = append(peer.AllowedIPs, currentExtClients[i].Address)
+						if isDualStack {
+							peer.AllowedIPs = append(peer.AllowedIPs, currentExtClients[i].Address6)
+						}
+					}
+				}
+			}
+
 			if (!isP2S || peer.IsHub == "yes") && currentNetworkACLs.IsAllowed(acls.AclID(nodeid), acls.AclID(node.ID)) {
 				peers = append(peers, peer)
 			}