diff options
| author | Christian Poessinger <christian@poessinger.com> | 2020-11-20 14:33:31 +0100 |
|---|---|---|
| committer | Christian Poessinger <christian@poessinger.com> | 2020-11-20 14:33:31 +0100 |
| commit | 49be767ce95d28fd55a15b67876bd23a533d3982 (patch) | |
| tree | 033df77b3f90c523adb7eb7ee7439e4d444dc0aa | |
| parent | 3ae4de2699519a829429509ce44c126c342ff8bf (diff) | |
| download | vyos-1x-49be767ce95d28fd55a15b67876bd23a533d3982.tar.gz vyos-1x-49be767ce95d28fd55a15b67876bd23a533d3982.zip | |
wireguard: T3077: automatically create link-local IPv6 adresses
link-local addresses can still be disabled using:
set interfaces wireguard wg0 ipv6 address no-default-link-local
| -rw-r--r-- | interface-definitions/interfaces-wireguard.xml.in | 1 | ||||
| -rw-r--r-- | python/vyos/ifconfig/wireguard.py | 27 |
2 files changed, 28 insertions, 0 deletions
diff --git a/interface-definitions/interfaces-wireguard.xml.in b/interface-definitions/interfaces-wireguard.xml.in index aa63e4ac7..84f7803a0 100644 --- a/interface-definitions/interfaces-wireguard.xml.in +++ b/interface-definitions/interfaces-wireguard.xml.in @@ -22,6 +22,7 @@ #include <include/interface-vrf.xml.i> #include <include/port-number.xml.i> #include <include/interface-mtu-68-16000.xml.i> + #include <include/interface-ipv6-options.xml.i> <leafNode name="fwmark"> <properties> <help>A 32-bit fwmark value set on all outgoing packets</help> diff --git a/python/vyos/ifconfig/wireguard.py b/python/vyos/ifconfig/wireguard.py index da3bd4e89..25c8923f7 100644 --- a/python/vyos/ifconfig/wireguard.py +++ b/python/vyos/ifconfig/wireguard.py @@ -17,6 +17,9 @@ import os import time from datetime import timedelta +from netaddr import EUI +from netaddr import mac_unix_expanded +from random import getrandbits from hurry.filesize import size from hurry.filesize import alternative @@ -169,6 +172,30 @@ class WireGuardIf(Interface): ['port', 'private_key', 'pubkey', 'psk', 'allowed_ips', 'fwmark', 'endpoint', 'keepalive'] + def get_mac(self): + """ + Get current interface MAC (Media Access Contrl) address used. + + NOTE: Tunnel interfaces have no "MAC" address by default. The content + of the 'address' file in /sys/class/net/device contains the + local-ip thus we generate a random MAC address instead + + Example: + >>> from vyos.ifconfig import Interface + >>> Interface('eth0').get_mac() + '00:50:ab:cd:ef:00' + """ + # we choose 40 random bytes for the MAC address, this gives + # us e.g. EUI('00-EA-EE-D6-A3-C8') or EUI('00-41-B9-0D-F2-2A') + tmp = EUI(getrandbits(48)).value + # set locally administered bit in MAC address + tmp |= 0xf20000000000 + # convert integer to "real" MAC address representation + mac = EUI(hex(tmp).split('x')[-1]) + # change dialect to use : as delimiter instead of - + mac.dialect = mac_unix_expanded + return str(mac) + def update(self, config): """ General helper function which works on a dictionary retrived by get_config_dict(). It's main intention is to consolidate the scattered |