gravitl/netmaker
1
1
Fork 0
mirror of https://github.com/gravitl/netmaker.git synced 2025-10-16 08:45:57 +08:00
Code Issues Projects Releases Packages Wiki Activity
6785 commits 1613 branches 85 tags 295 MiB
Commit graph

24 commits

Author SHA1 Message Date
Abhishek K
3d765f9cf1
NET-1910: Acl controls for Egress Traffic (#3377) 
* add support for egress ranges on acl policy

* add egress ranges to acl rules

* add egress ranges to acl policies

* Add egress ranges to acl rules

* add egress ranges to fw update

* fetch acl rules for egress networks

* apply egress policies for devices

* configure user policies for egresss routes

* fix gw tag name migration

* fix egress acl rules for static nodes

* add egress ranges for static nodes on ingress gw

* fileter acl IPs to be unique

* cleanup IOT logic from peer update

* make acl Rule Dst List

* cleanup egress ranges from acl policies

* create user group default acl policy for gateways

* remove remote access name ids

* rm egress ranges removal from acl policies

* simplify user permissions on nodes

* add additional nameservers to extclient dns

* remove debug logs

* fix static checks
 2025-03-18 13:25:55 +04:00
abhishek9686
b45a926649 optimise static node rules, fix traffic flows for static nodes 2025-03-05 14:26:35 +04:00
abhishek9686
8de1f4f6ca single node acl group 2025-01-20 17:43:13 +05:30
abhishek9686
021023d999 allow single devices in the acl policies 2025-01-17 15:58:40 +05:30
Abhishek K
116e2ef959
Net 1784 latest (#3250) 
* fix all resources rules

* for any service set defaults
 2024-12-12 10:02:31 +04:00
Abhishek K
7093373c77
NET-1784: Migrate All Policies (#3245) 
* migrate all policies

* migrate all policies

* add acl policy type for any traffic

* use any service type for migration
 2024-12-10 11:55:37 +04:00
Abhishek K
f124b10c35
NET-1784: Adv Acl Rules (#3239) 
* define direction on acl req

* define protocol types and rule model

* get rules for node

* fetch acl rule for a node

* redine acl firewall model

* add json tags

* update port,protocol, and direction

* add json tags to acl options

* convert protocol to string

* simplify acl map

* add json tags to acl rules

* add networks to fw update

* add acls rules

* NET-1784: add allow all field

* add allow all field on fw udpate

* remove debug logs

* fix port and protocol types

* migrate default acl policies

* define constants for service types

* add adv options for user rules on ingress gw

* debug log

* allow whole network

* add static nodes to acl rules

* replace peers on acl updates

* initiliase rule map

* add user acl rules on target node

* revert acl check on extclient

* handle static node rules on ingress gw

* update multiple policies for users

* check allowed direction

* remove debug logs
 2024-12-10 11:21:14 +04:00
Yabin Ma
5f21c8bb1d
NET-1778: scale test code changes (#3203) 
* comment ACL call and add debug message

* add cache for network nodes

* fix load node to network cache issue

* add peerUpdate call 1 min limit

* add debug log for scale test

* release maps

* avoid default policy for node

* 1 min limit for peerUpdate trigger

* mq options

* Revert "mq options"

This reverts commit 10b93d0118.

* set peerUpdate run in sequence

* update for emqx 5.8.2

* remove batch peer update

* change the sleep to 10 millisec to avoid timeout

* add compress and change encrypt for peerUpdate message

* add mem profiling and automaxprocs

* add failover ctx mutex

* ignore request to failover peer

* remove code without called

* remove debug logs

* update emqx to v5.8.2

* change broker keepalive

* add OLD_ACL_SUPPORT setting

* add host version check for message encrypt

* remove debug message

* remove peerUpdate call control

---------

Co-authored-by: abhishek9686 <abhi281342@gmail.com>
 2024-12-10 10:15:31 +04:00
Max Ma
e8d3e80b08 initialize cache in startup 2024-11-29 11:35:34 +01:00
abhishek9686
167d29a96b remove * on default grp, add admins to admin net groups by default 2024-10-30 19:22:05 +04:00
abhishek9686
ffd0133468 add middleware acl check 2024-10-29 15:28:25 +04:00
abhishek9686
ebc3e90301 add extclient egress ranges 2024-10-29 12:41:40 +04:00
abhishek9686
2cc54d949c remove user role from policy types 2024-10-29 08:51:27 +04:00
abhishek9686
f7b78ccad6 remove user role from acl policy types 2024-10-28 11:39:16 +04:00
abhishek9686
c37cf2b7e3 create default user policies 2024-10-18 16:53:39 +04:00
abhishek9686
4e4ffac787 fix acls peer update logic 2024-10-17 13:07:46 +04:00
abhishek9686
a9697f9d7b add acl types api 2024-09-30 12:42:26 +04:00
abhishek9686
9deac0ad2d sync tag updates with acl policies 2024-09-28 17:19:01 +04:00
abhishek9686
2c3f4581e8 publish peer upate on acl changes 2024-09-27 11:40:04 +04:00
abhishek9686
5b49872d5d fix update acl policy 2024-09-26 21:00:04 +04:00
abhishek9686
940ed8b2f0 remove uuid on id type 2024-09-26 18:45:54 +04:00
abhishek9686
4e825f7b9e force set default acl field to false 2024-09-25 20:25:23 +04:00
abhishek9686
630928b4f7 add acl policy checker 2024-09-25 10:37:44 +04:00
abhishek9686
6bc59adb2c add acls api handlers 2024-09-24 19:45:45 +04:00