gravitl/netmaker
1
1
Fork 0
mirror of https://github.com/gravitl/netmaker.git synced 2025-09-16 10:06:28 +08:00
Code Issues Projects Releases Packages Wiki Activity
6782 commits 1593 branches 85 tags 295 MiB
Commit graph

91 commits

Author SHA1 Message Date
abhishek9686
d55baebac5 add metric route to ext client addrs 2025-03-27 15:59:33 +04:00
abhishek9686
982ee3f4f2 fix tag nil point error 2025-03-25 15:06:02 +04:00
Abhishek K
8a1f36ee8e
Net 1990 (#3386) 
* add peerkey to network egress routes model

* add peerkey to network egress routes model

* filter out conflicting routes from node

* add support for egress HA on relay

* add support for egress HA on relay

* add support for egress HA on relay

* skip if curr node is relay node of the peer

* skip if curr node is relay node of the peer

* fix failover egress HA

* add network to egress route model

* clone before modifying

* check for user policies on uni direction check

* add all network fwd rule

* delete all network policies and tags on network deletion
 2025-03-25 00:42:14 +04:00
Abhishek K
5e1ef5e366
Net 1990 (#3385) 
* add peerkey to network egress routes model

* add peerkey to network egress routes model

* filter out conflicting routes from node

* add support for egress HA on relay

* add support for egress HA on relay

* add support for egress HA on relay

* skip if curr node is relay node of the peer

* skip if curr node is relay node of the peer

* fix failover egress HA

* add network to egress route model

* clone before modifying

* check for user policies on uni direction check

* add all network fwd rule
 2025-03-25 00:29:35 +04:00
Abhishek K
8c19fc602d
Net 1990 (#3384) 
* add peerkey to network egress routes model

* add peerkey to network egress routes model

* filter out conflicting routes from node

* add support for egress HA on relay

* add support for egress HA on relay

* add support for egress HA on relay

* skip if curr node is relay node of the peer

* skip if curr node is relay node of the peer

* fix failover egress HA

* add network to egress route model

* clone before modifying

* check for user policies on uni direction check
 2025-03-24 17:15:44 +04:00
Abhishek K
3d765f9cf1
NET-1910: Acl controls for Egress Traffic (#3377) 
* add support for egress ranges on acl policy

* add egress ranges to acl rules

* add egress ranges to acl policies

* Add egress ranges to acl rules

* add egress ranges to fw update

* fetch acl rules for egress networks

* apply egress policies for devices

* configure user policies for egresss routes

* fix gw tag name migration

* fix egress acl rules for static nodes

* add egress ranges for static nodes on ingress gw

* fileter acl IPs to be unique

* cleanup IOT logic from peer update

* make acl Rule Dst List

* cleanup egress ranges from acl policies

* create user group default acl policy for gateways

* remove remote access name ids

* rm egress ranges removal from acl policies

* simplify user permissions on nodes

* add additional nameservers to extclient dns

* remove debug logs

* fix static checks
 2025-03-18 13:25:55 +04:00
abhishek9686
f3fd10326f migrate remote access gw tags 2025-03-11 00:50:44 +04:00
abhishek9686
aca11049c9 fix untagged extclient comms for user 2025-03-10 13:17:33 +04:00
abhishek9686
0e4f163f1f fix merge conflicts 2025-03-06 22:48:46 +04:00
abhishek9686
bb25739bd9 resolve merge conflicts 2025-03-06 22:41:56 +04:00
abhishek9686
984db44c78 fix extclient comms to gws 2025-03-05 23:06:38 +04:00
abhishek9686
b45a926649 optimise static node rules, fix traffic flows for static nodes 2025-03-05 14:26:35 +04:00
abhishek9686
225bf37e02 resolve merge conflicts 2025-02-28 12:18:38 +04:00
abhishek9686
46eea43397 add mutex for target nodes 2025-02-25 19:41:57 +04:00
abhishek9686
ce50b965d4 add peer mutex 2025-02-19 23:04:50 +04:00
abhishek9686
92698363cd add node mutex to model 2025-02-19 22:17:40 +04:00
abhishek9686
9590f9e5a4 resolve merge conflicts 2025-02-19 09:33:23 +04:00
Abhishek K
ee6bea117f
Merge branch 'develop' into master 2025-02-19 01:14:06 +04:00
abhishek9686
98606bc2dc fix static node ingress rules 2025-02-19 00:52:40 +04:00
abhishek9686
7dd4c048c3 add mutex around peer tags 2025-02-18 22:10:03 +04:00
abhishek9686
d22a6a39e3 resolve merge conflicts 2025-02-17 20:29:29 +04:00
Abhishek K
f028a6374d
Merge pull request #3332 from gravitl/master 
Master
 2025-02-17 18:10:19 +04:00
abhishek9686
252de61aa7 clone node tags 2025-02-17 17:55:53 +04:00
abhishek9686
9812b5c428 remove deleted users from acl policy 2025-02-14 21:05:31 +04:00
abhishek9686
ed1f48a4b4 remove node id from acls when deleted 2025-02-14 19:59:58 +04:00
abhishek9686
41fa0b1bce resolve merge conflicts 2025-02-14 18:24:56 +04:00
Abhishek K
689b9b6b52
NET-1941: failover signaling optimized, new endpoint for metrics peer info (#3322) 
* optimise acl cache with network map

* fix mutex clash

* fix acl mutex

* add new endpoint for metrics peer info

* fix static check

* add new endpoint for metrics peer info

* fix host peer info api params

* cache failover data

* add json tag

* avoid duplicate calls to failover

* add failover check ctx

* add failover check ctx

* fix failover debug log

* optimise failover operations

* remove debug logs

* rm unused model

* rm unused model
 2025-02-14 16:06:26 +04:00
abhishek9686
bee1f4dda4 remove debug log, fix concurrent map write issue 2025-02-13 22:53:05 +04:00
abhishek9686
28af1156e6 fix static node id policy 2025-02-09 12:26:46 +04:00
abhishek9686
fabc9f2920 optimise firewall rules 2025-02-08 20:57:09 +04:00
abhishek9686
3bdb7fb5e3 fix src policy check 2025-02-05 22:39:13 +04:00
abhishek9686
46d79ee512 support static nodes in standalone device policies 2025-02-03 16:02:42 +04:00
abhishek9686
9a40717b5b fix single device policies 2025-02-01 16:54:43 +04:00
abhishek9686
2c720d022b fix user acl device policy 2025-01-29 11:07:44 +05:30
abhishek9686
9ba818ffa9 add node acl rules to fw update 2025-01-27 14:26:03 +05:30
abhishek9686
1db150c65b fix node id acl validation 2025-01-27 12:25:35 +05:30
abhishek9686
8de1f4f6ca single node acl group 2025-01-20 17:43:13 +05:30
abhishek9686
021023d999 allow single devices in the acl policies 2025-01-17 15:58:40 +05:30
abhishek9686
73eed6e583 add service type to default acl polices 2024-12-18 16:18:24 +04:00
abhishek9686
56f979bba9 fix peer list on interface 2024-12-16 22:26:09 +04:00
abhishek9686
f14d916936 for any service set defaults 2024-12-12 02:32:36 +04:00
abhishek9686
effb7eb5d7 fix all resources rules 2024-12-12 02:30:32 +04:00
Abhishek K
7093373c77
NET-1784: Migrate All Policies (#3245) 
* migrate all policies

* migrate all policies

* add acl policy type for any traffic

* use any service type for migration
 2024-12-10 11:55:37 +04:00
Abhishek K
f124b10c35
NET-1784: Adv Acl Rules (#3239) 
* define direction on acl req

* define protocol types and rule model

* get rules for node

* fetch acl rule for a node

* redine acl firewall model

* add json tags

* update port,protocol, and direction

* add json tags to acl options

* convert protocol to string

* simplify acl map

* add json tags to acl rules

* add networks to fw update

* add acls rules

* NET-1784: add allow all field

* add allow all field on fw udpate

* remove debug logs

* fix port and protocol types

* migrate default acl policies

* define constants for service types

* add adv options for user rules on ingress gw

* debug log

* allow whole network

* add static nodes to acl rules

* replace peers on acl updates

* initiliase rule map

* add user acl rules on target node

* revert acl check on extclient

* handle static node rules on ingress gw

* update multiple policies for users

* check allowed direction

* remove debug logs
 2024-12-10 11:21:14 +04:00
Yabin Ma
5f21c8bb1d
NET-1778: scale test code changes (#3203) 
* comment ACL call and add debug message

* add cache for network nodes

* fix load node to network cache issue

* add peerUpdate call 1 min limit

* add debug log for scale test

* release maps

* avoid default policy for node

* 1 min limit for peerUpdate trigger

* mq options

* Revert "mq options"

This reverts commit 10b93d0118.

* set peerUpdate run in sequence

* update for emqx 5.8.2

* remove batch peer update

* change the sleep to 10 millisec to avoid timeout

* add compress and change encrypt for peerUpdate message

* add mem profiling and automaxprocs

* add failover ctx mutex

* ignore request to failover peer

* remove code without called

* remove debug logs

* update emqx to v5.8.2

* change broker keepalive

* add OLD_ACL_SUPPORT setting

* add host version check for message encrypt

* remove debug message

* remove peerUpdate call control

---------

Co-authored-by: abhishek9686 <abhi281342@gmail.com>
 2024-12-10 10:15:31 +04:00
Max Ma
e8d3e80b08 initialize cache in startup 2024-11-29 11:35:34 +01:00
abhishek9686
64f730f6f0 list cache 2024-11-27 15:05:08 +04:00
abhishek9686
698032a4dc load acls into cache 2024-11-27 12:57:48 +04:00
abhishek9686
7df8196aba initiliase acl cache 2024-11-27 12:28:08 +04:00
abhishek9686
8a948187bb block tag deletion if used by a acl policy 2024-11-15 15:39:36 +04:00