Commit Graph

62 Commits

Author SHA1 Message Date
Andre Kelpe
e782db30e9 Implements PostUp and PostDown commands using /bin/sh
This introduces PostUp and PostDown in dsnet. PostUp and PostDown allow
the user to run arbitrary commands after the device is up or down. These
are typically used to change the firewall rules via iptables. A working
example would be

...
    "PostUp" : "iptables -A FORWARD -i dsnet -j ACCEPT; iptables -A FORWARD -o dsnet -j ACCEPT; iptables -t nat -A POSTROUTING -o ens2 -j MASQUERADE ",
    "PostDown" : "iptables -D FORWARD -i dsnet -j ACCEPT; iptables -D FORWARD -o dsnet -j ACCEPT; iptables -t nat -D POSTROUTING -o ens2 -j MASQUERADE ",
...

All commands are executed by `/bin/sh` and no filtering or sandboxing is
applied. Users of this should know what they are doing.

Fixes https://github.com/naggie/dsnet/issues/16
2020-11-19 23:21:11 +01:00
Callan Bryant
d042250c1a
create deterministic wg interface names for vyatta 2020-10-30 13:02:46 +00:00
Callan Bryant
4ad58382f6
go fmt 2020-10-28 00:39:15 +00:00
Callan Bryant
112379c70a
remove redundant allowed IP enumeration 2020-10-27 22:00:21 +00:00
Callan Bryant
0481996116
add allowedIPs conditionally 2020-10-27 21:57:44 +00:00
Callan Bryant
ddb0b4c549
conditional IPv4/6 and fix vyatta 2020-10-27 21:03:45 +00:00
Callan Bryant
63b22e0554
only save peer allowed IP of net version is defined 2020-10-27 00:00:38 +00:00
Callan Bryant
5477a321b2
fix CIDR notation for Peer IPs 2020-10-26 23:37:19 +00:00
Callan Bryant
dfd617273b
add missing bracket 2020-10-26 22:47:48 +00:00
Callan Bryant
34ff77b27a
...also for vyatta 2020-10-26 21:39:55 +00:00
Callan Bryant
5a870dab60
use ExternalIP6 if ExternalIP not available 2020-10-26 18:27:35 +00:00
Callan Bryant
f57fa3473d
fix lookup of v6: do not require 2020-10-26 17:58:15 +00:00
Callan Bryant
7bbe28a145
add CIDR subnet properly 2020-10-26 08:08:39 +00:00
Callan Bryant
e7da49c1a8
don't use string respresentations unnecessarily 2020-10-25 22:59:57 +00:00
Callan Bryant
e7fb9dc5ce
IPv6 config to template 2020-10-25 22:56:49 +00:00
Callan Bryant
f7f06f00fa
check for IP networks before allocating 2020-10-25 22:27:33 +00:00
Callan Bryant
19f25ff847
working psudorandom v6 allocator 2020-10-25 14:57:18 +00:00
Callan Bryant
64a73d18ed
rename getULA to getULAnet 2020-10-25 10:06:25 +00:00
Callan Bryant
af3e1b2ea9
make allocation universal, given a network 2020-10-25 08:23:43 +00:00
Callan Bryant
952cb44110
user InterfaceName for interface description 2020-10-19 18:23:59 +01:00
Callan Bryant
53483ffaee
set interface description 2020-10-19 03:37:21 +01:00
Callan Bryant
0f7ea82d8b
correct preshared-key association 2020-10-19 19:25:56 +01:00
Callan Bryant
ce9091e8bc
add missing pubkey 2020-10-19 03:17:06 +01:00
Callan Bryant
fceddc55dd
choose a valid edgeos interface name 2020-10-19 17:52:54 +01:00
Callan Bryant
d0e8eb74ec
remove [Interfaces] left over from before, re-order 2020-10-19 17:49:36 +01:00
Callan Bryant
b38e0966eb
write correct netmask to conf files 2020-10-19 00:27:39 +01:00
Callan Bryant
a361bffa3c
hardcode in a /22 until fixed correctly 2020-10-19 00:15:42 +01:00
Callan Bryant
d1d0113832
Optionally generate vyatta commands 2020-10-19 00:05:55 +01:00
Callan Bryant
1e046a20a1
record added time 2020-03-19 20:12:42 +00:00
Callan Bryant
3277362e6e
no DNS by default 2020-03-16 19:29:16 +00:00
Callan Bryant
a35ab76c22
exact check for number of args 2020-03-14 14:51:49 +00:00
Callan Bryant
d250f2b23b
support additional networks 2020-03-08 20:48:10 +00:00
Callan Bryant
8fd1114f01
remove comment 2020-03-07 22:10:23 +00:00
Callan Bryant
17b0ad74ae
peer online count in report 2020-03-07 21:57:00 +00:00
Callan Bryant
5f735112f2
use keepalive const in template 2020-03-07 14:36:14 +00:00
Callan Bryant
78b28be231
correct distribution of PSKs 2020-03-05 22:18:21 +00:00
Callan Bryant
b697afc2ee
add: hostname as arg like remove 2020-03-05 22:13:09 +00:00
Callan Bryant
b7ed21f2ec
embed types without alias properly 2020-03-05 20:46:28 +00:00
Callan Bryant
586292a25a
sync on add/remove 2020-03-05 20:43:31 +00:00
Callan Bryant
d81bd72a5f
make networks required for peer 2020-03-04 19:46:39 +00:00
Callan Bryant
020de337ce
check config file early for init/add 2020-03-03 22:33:48 +00:00
Callan Bryant
c2aac62f27
deal with private IP separately 2020-03-03 22:30:36 +00:00
Callan Bryant
125f3c4e26
working config generation 2020-03-03 21:28:06 +00:00
Callan Bryant
06d1642b16
fallback to icanhazip for external IP detection 2020-03-02 22:31:52 +00:00
Callan Bryant
335d232727
correct single host mask 2020-03-02 21:39:45 +00:00
Callan Bryant
1fdf4fe71f
prompts: stderr< + misc 2020-03-02 21:36:41 +00:00
Callan Bryant
c4cb15c45e
separate internal/external IP 2020-03-02 21:02:21 +00:00
Callan Bryant
e02a1552e9
MustChooseIP -> MustAllocateIP 2020-03-02 20:11:33 +00:00
Callan Bryant
19668c0334
start peer conf file, update README 2020-03-02 19:57:52 +00:00
Callan Bryant
cf93b219a1
correct IPAllocated() 2020-03-02 19:31:29 +00:00