diff options
| -rw-r--r-- | netconf-service/index.js | 2 | ||||
| -rw-r--r-- | node/Constants.hpp | 5 | ||||
| -rw-r--r-- | node/NetworkConfig.cpp | 10 | ||||
| -rw-r--r-- | node/NetworkConfig.hpp | 31 |
4 files changed, 43 insertions, 5 deletions
diff --git a/netconf-service/index.js b/netconf-service/index.js index f9a48e5a..60155500 100644 --- a/netconf-service/index.js +++ b/netconf-service/index.js @@ -42,6 +42,8 @@ var ZT_NETWORKCONFIG_DICT_KEY_IPV4_STATIC = "v4s"; var ZT_NETWORKCONFIG_DICT_KEY_IPV6_STATIC = "v6s"; var ZT_NETWORKCONFIG_DICT_KEY_CERTIFICATE_OF_MEMBERSHIP = "com"; var ZT_NETWORKCONFIG_DICT_KEY_ENABLE_BROADCAST = "eb"; +var ZT_NETWORKCONFIG_DICT_KEY_BRIDGING_MODE = "br"; +var ZT_NETWORKCONFIG_DICT_KEY_ACTIVE_BRIDGES = "ab"; // Path to zerotier-idtool binary, invoked to enerate certificates of membership var ZEROTIER_IDTOOL = '/usr/local/bin/zerotier-idtool'; diff --git a/node/Constants.hpp b/node/Constants.hpp index 6d1ade22..37a3b3a9 100644 --- a/node/Constants.hpp +++ b/node/Constants.hpp @@ -109,6 +109,11 @@ error_no_byte_order_defined; #define ZT_ADDRESS_LENGTH 5 /** + * Length of a hexadecimal ZeroTier address + */ +#define ZT_ADDRESS_LENGTH_HEX 10 + +/** * Addresses beginning with this byte are reserved for the joy of in-band signaling */ #define ZT_ADDRESS_RESERVED_PREFIX 0xff diff --git a/node/NetworkConfig.cpp b/node/NetworkConfig.cpp index d4721a32..98a44557 100644 --- a/node/NetworkConfig.cpp +++ b/node/NetworkConfig.cpp @@ -86,6 +86,7 @@ void NetworkConfig::_fromDictionary(const Dictionary &d) _issuedTo = Address(d.get(ZT_NETWORKCONFIG_DICT_KEY_ISSUED_TO)); _multicastPrefixBits = Utils::hexStrToUInt(d.get(ZT_NETWORKCONFIG_DICT_KEY_MULTICAST_PREFIX_BITS,zero).c_str()); _multicastDepth = Utils::hexStrToUInt(d.get(ZT_NETWORKCONFIG_DICT_KEY_MULTICAST_DEPTH,zero).c_str()); + _bridgingMode = (BridgingMode)Utils::hexStrToUInt(d.get(ZT_NETWORKCONFIG_DICT_KEY_BRIDGING_MODE,zero).c_str()); _private = (Utils::hexStrToUInt(d.get(ZT_NETWORKCONFIG_DICT_KEY_PRIVATE,one).c_str()) != 0); _enableBroadcast = (Utils::hexStrToUInt(d.get(ZT_NETWORKCONFIG_DICT_KEY_ENABLE_BROADCAST,one).c_str()) != 0); _name = d.get(ZT_NETWORKCONFIG_DICT_KEY_NAME); @@ -121,6 +122,15 @@ void NetworkConfig::_fromDictionary(const Dictionary &d) _staticIps.insert(addr); } + std::vector<std::string> ab(Utils::split(d.get(ZT_NETWORKCONFIG_DICT_KEY_ACTIVE_BRIDGES,"").c_str(),",","","")); + for(std::vector<std::string>::const_iterator a(ab.begin());a!=ab.end();++a) { + if (a->length() == ZT_ADDRESS_LENGTH_HEX) { + Address tmp(*a); + if (!tmp.isReserved()) + _activeBridges.insert(tmp); + } + } + Dictionary mr(d.get(ZT_NETWORKCONFIG_DICT_KEY_MULTICAST_RATES,std::string())); for(Dictionary::const_iterator i(mr.begin());i!=mr.end();++i) { std::vector<std::string> params(Utils::split(i->second.c_str(),",","","")); diff --git a/node/NetworkConfig.hpp b/node/NetworkConfig.hpp index a53841de..05c395c0 100644 --- a/node/NetworkConfig.hpp +++ b/node/NetworkConfig.hpp @@ -62,13 +62,13 @@ namespace ZeroTier { #define ZT_NETWORKCONFIG_DICT_KEY_IPV6_STATIC "v6s" #define ZT_NETWORKCONFIG_DICT_KEY_CERTIFICATE_OF_MEMBERSHIP "com" #define ZT_NETWORKCONFIG_DICT_KEY_ENABLE_BROADCAST "eb" +#define ZT_NETWORKCONFIG_DICT_KEY_BRIDGING_MODE "br" +#define ZT_NETWORKCONFIG_DICT_KEY_ACTIVE_BRIDGES "ab" /** * Network configuration received from netconf master nodes * - * This is designed to work as an immutable value object held in a shared - * pointer so that it can be both updated and used without too much mutex - * boogie. + * This is an immutable value object created from a dictionary received from netconf master. */ class NetworkConfig { @@ -76,6 +76,16 @@ public: friend class SharedPtr<NetworkConfig>; /** + * Network bridging mode + */ + enum BridgingMode + { + BRIDGING_DISABLED = 0, // no bridging + BRIDGING_ACTIVE_ONLY = 1, // only active bridges may bridge + BRIDGING_PERMISSIVE = 2 // allow passive bridging by any peer + }; + + /** * Tuple of multicast rate parameters */ struct MulticastRate @@ -102,7 +112,7 @@ public: * @param etherType Ethernet frame type to check * @return True if allowed on this network */ - inline bool permitsEtherType(unsigned int etherType) + inline bool permitsEtherType(unsigned int etherType) const throw() { if ((!etherType)||(etherType > 0xffff)) // sanity checks @@ -124,6 +134,7 @@ public: inline const std::string &name() const throw() { return _name; } inline const std::string &description() const throw() { return _description; } inline const std::set<InetAddress> &staticIps() const throw() { return _staticIps; } + inline const std::set<Address> &activeBridges() const throw() { return _activeBridges; } inline const CertificateOfMembership &com() const throw() { return _com; } inline bool enableBroadcast() const throw() { return _enableBroadcast; } @@ -134,7 +145,15 @@ public: inline bool permitsBridging(const Address &fromPeer) const throw() { - return false; // TODO: bridging not implemented yet + switch(_bridgingMode) { + case BRIDGING_ACTIVE_ONLY: + return (_activeBridges.count(fromPeer) > 0); + case BRIDGING_PERMISSIVE: + return true; + //case BRIDGING_DISABLED: + default: + return false; + } } /** @@ -156,11 +175,13 @@ private: Address _issuedTo; unsigned int _multicastPrefixBits; unsigned int _multicastDepth; + BridgingMode _bridgingMode; bool _private; bool _enableBroadcast; std::string _name; std::string _description; std::set<InetAddress> _staticIps; + std::set<Address> _activeBridges; std::map<MulticastGroup,MulticastRate> _multicastRates; CertificateOfMembership _com; |