diff options
| author | Adam Ierymenko <adam.ierymenko@gmail.com> | 2016-06-21 14:58:30 -0700 |
|---|---|---|
| committer | Adam Ierymenko <adam.ierymenko@gmail.com> | 2016-06-21 14:58:30 -0700 |
| commit | 674b84d908dd74fc639fc9279fb5d5fc7981c4fc (patch) | |
| tree | eb8ca3d045730e3c90bf92c9daab21358fa75515 /service/OneService.cpp | |
| parent | e2ca239be05ac4787091eb298ce0ed1012eacbd3 (diff) | |
| download | infinitytier-674b84d908dd74fc639fc9279fb5d5fc7981c4fc.tar.gz infinitytier-674b84d908dd74fc639fc9279fb5d5fc7981c4fc.zip | |
Plumbing for network setting control, and GitHub issue #330
Diffstat (limited to 'service/OneService.cpp')
| -rw-r--r-- | service/OneService.cpp | 29 |
1 files changed, 22 insertions, 7 deletions
diff --git a/service/OneService.cpp b/service/OneService.cpp index 8b27ba49..139b1e15 100644 --- a/service/OneService.cpp +++ b/service/OneService.cpp @@ -531,15 +531,20 @@ public: // Configured networks struct NetworkState { - NetworkState() : tap((EthernetTap *)0),managedIps(),managedRoutes(),allowManaged(true),allowGlobal(true),allowDefault(true) {} + NetworkState() : + tap((EthernetTap *)0) + { + // Default network permission settings: allow management of IPs and routes but only for private and "pseudo-private" IP spaces + settings.allowManaged = true; + settings.allowGlobal = false; + settings.allowDefault = false; + } EthernetTap *tap; ZT_VirtualNetworkConfig config; // memcpy() of raw config from core std::vector<InetAddress> managedIps; std::list<ManagedRoute> managedRoutes; - bool allowManaged; // allow managed addresses and routes - bool allowGlobal; // allow global (non-private) IP routes? - bool allowDefault; // allow default route? + NetworkSettings settings; }; std::map<uint64_t,NetworkState> _nets; Mutex _nets_m; @@ -998,15 +1003,25 @@ public: _phy.whack(); } + virtual bool getNetworkSettings(const uint64_t nwid,NetworkSettings &settings) const + { + Mutex::Lock _l(_nets_m); + std::map<uint64_t,NetworkState>::const_iterator n(_nets.find(nwid)); + if (n == _nets.end()) + return false; + memcpy(&settings,&(n->second.settings),sizeof(NetworkSettings)); + return true; + } + // Begin private implementation methods // Checks if a managed IP or route target is allowed bool checkIfManagedIsAllowed(const NetworkState &n,const InetAddress &addr) { - if (!n.allowManaged) + if (!n.settings.allowManaged) return false; if (addr.isDefaultRoute()) - return n.allowDefault; + return n.settings.allowDefault; switch(addr.ipScope()) { case InetAddress::IP_SCOPE_NONE: case InetAddress::IP_SCOPE_MULTICAST: @@ -1014,7 +1029,7 @@ public: case InetAddress::IP_SCOPE_LINK_LOCAL: return false; case InetAddress::IP_SCOPE_GLOBAL: - return n.allowGlobal; + return n.settings.allowGlobal; default: return true; } |