diff options
| author | Alex Auvolat <alex@adnab.me> | 2023-03-09 11:04:27 +0100 |
|---|---|---|
| committer | Alex Auvolat <alex@adnab.me> | 2023-03-09 11:04:27 +0100 |
| commit | 84381b5096db7af4a5b30cab72a0c5dad9699065 (patch) | |
| tree | 2b2a329e60a757f187d7d6dddf52b7d751e1e656 | |
| parent | 878414bfb7fc227a85589617bf433ce4adc0ebbe (diff) | |
| download | wgautomesh-84381b5096db7af4a5b30cab72a0c5dad9699065.tar.gz wgautomesh-84381b5096db7af4a5b30cab72a0c5dad9699065.zip | |
add missing allowed-ips
| -rw-r--r-- | src/main.rs | 19 |
1 files changed, 12 insertions, 7 deletions
diff --git a/src/main.rs b/src/main.rs index 766fb20..7e0f013 100644 --- a/src/main.rs +++ b/src/main.rs @@ -83,7 +83,7 @@ fn fasthash(data: &[u8]) -> u64 { h.digest() } -fn wg_dump(config: &Config) -> Result<(Pubkey, Vec<(Pubkey, Option<SocketAddr>, u64)>)> { +fn wg_dump(config: &Config) -> Result<(Pubkey, u16, Vec<(Pubkey, Option<SocketAddr>, u64)>)> { let output = Command::new("sudo") .args(["wg", "show", &config.interface, "dump"]) .output()?; @@ -91,6 +91,7 @@ fn wg_dump(config: &Config) -> Result<(Pubkey, Vec<(Pubkey, Option<SocketAddr>, let ourself = lines.next().unwrap().split('\t').collect::<Vec<_>>(); let our_pubkey = ourself[1].to_string(); + let listen_port = ourself[2].parse::<u16>()?; let peers = lines .filter_map(|line| { @@ -107,14 +108,15 @@ fn wg_dump(config: &Config) -> Result<(Pubkey, Vec<(Pubkey, Option<SocketAddr>, }) .collect::<Vec<_>>(); - Ok((our_pubkey, peers)) + Ok((our_pubkey, listen_port, peers)) } // ============ DAEMON CODE ================= struct Daemon { config: Config, - ourself: Pubkey, + our_pubkey: Pubkey, + listen_port: u16, socket: UdpSocket, state: Mutex<State>, } @@ -137,11 +139,12 @@ enum Gossip { impl Daemon { fn new(config: Config) -> Result<Self> { - let (ourself, _peers) = wg_dump(&config)?; + let (our_pubkey, listen_port, _peers) = wg_dump(&config)?; let socket = UdpSocket::bind(SocketAddr::new("0.0.0.0".parse()?, config.gossip_port))?; Ok(Daemon { config, - ourself, + our_pubkey, + listen_port, socket, state: Mutex::new(State { peers: HashMap::new(), @@ -176,7 +179,7 @@ impl Daemon { } fn wg_loop_iter(&self, i: usize) -> Result<()> { - let (_, wg_peers) = wg_dump(&self.config)?; + let (_, _, wg_peers) = wg_dump(&self.config)?; let mut state = self.state.lock().unwrap(); // 1. Update local peers info of peers @@ -191,7 +194,7 @@ impl Daemon { Some(x) => x.address, None => continue, }; - let gossip_prio = fasthash(format!("{}-{}", self.ourself, pk).as_bytes()); + let gossip_prio = fasthash(format!("{}-{}", self.our_pubkey, pk).as_bytes()); state.peers.insert( pk, PeerInfo { @@ -258,6 +261,8 @@ impl Daemon { &endpoint.0.to_string(), "persistent-keepalive", "20", + "allowed-ips", + &format!("{}/32", peer.address), ]) .output()?; } |