mirror of
https://github.com/netbirdio/netbird.git
synced 2026-03-31 06:24:18 -04:00
55126f990c
- Move `util/grpc` and `util/net` to `client` so `internal` packages can be accessed - Add methods to return the next best interface after the NetBird interface. - Use `IP_UNICAST_IF` sock opt to force the outgoing interface for the NetBird `net.Dialer` and `net.ListenerConfig` to avoid routing loops. The interface is picked by the new route lookup method. - Some refactoring to avoid import cycles - Old behavior is available through `NB_USE_LEGACY_ROUTING=true` env var
70 lines
2.2 KiB
Go
70 lines
2.2 KiB
Go
package net
|
|
|
|
import (
|
|
"fmt"
|
|
"math/big"
|
|
"net"
|
|
"net/netip"
|
|
)
|
|
|
|
const (
|
|
// ControlPlaneMark is the fwmark value used to mark packets that should not be routed through the NetBird interface to
|
|
// avoid routing loops.
|
|
// This includes all control plane traffic (mgmt, signal, flows), relay, ICE/stun/turn and everything that is emitted by the wireguard socket.
|
|
// It doesn't collide with the other marks, as the others are used for data plane traffic only.
|
|
ControlPlaneMark = 0x1BD00
|
|
|
|
// Data plane marks (0x1BD10 - 0x1BDFF)
|
|
|
|
// DataPlaneMarkLower is the lowest value for the data plane range
|
|
DataPlaneMarkLower = 0x1BD10
|
|
// DataPlaneMarkUpper is the highest value for the data plane range
|
|
DataPlaneMarkUpper = 0x1BDFF
|
|
|
|
// DataPlaneMarkIn is the mark for inbound data plane traffic.
|
|
DataPlaneMarkIn = 0x1BD10
|
|
|
|
// DataPlaneMarkOut is the mark for outbound data plane traffic.
|
|
DataPlaneMarkOut = 0x1BD11
|
|
|
|
// PreroutingFwmarkRedirected is applied to packets that are were redirected (input -> forward, e.g. by Docker or Podman) for special handling.
|
|
PreroutingFwmarkRedirected = 0x1BD20
|
|
|
|
// PreroutingFwmarkMasquerade is applied to packets that arrive from the NetBird interface and should be masqueraded.
|
|
PreroutingFwmarkMasquerade = 0x1BD21
|
|
|
|
// PreroutingFwmarkMasqueradeReturn is applied to packets that will leave through the NetBird interface and should be masqueraded.
|
|
PreroutingFwmarkMasqueradeReturn = 0x1BD22
|
|
)
|
|
|
|
// IsDataPlaneMark determines if a fwmark is in the data plane range (0x1BD10-0x1BDFF)
|
|
func IsDataPlaneMark(fwmark uint32) bool {
|
|
return fwmark >= DataPlaneMarkLower && fwmark <= DataPlaneMarkUpper
|
|
}
|
|
|
|
func GetLastIPFromNetwork(network netip.Prefix, fromEnd int) (netip.Addr, error) {
|
|
var endIP net.IP
|
|
addr := network.Addr().AsSlice()
|
|
mask := net.CIDRMask(network.Bits(), len(addr)*8)
|
|
|
|
for i := 0; i < len(addr); i++ {
|
|
endIP = append(endIP, addr[i]|^mask[i])
|
|
}
|
|
|
|
// convert to big.Int
|
|
endInt := big.NewInt(0)
|
|
endInt.SetBytes(endIP)
|
|
|
|
// subtract fromEnd from the last ip
|
|
fromEndBig := big.NewInt(int64(fromEnd))
|
|
resultInt := big.NewInt(0)
|
|
resultInt.Sub(endInt, fromEndBig)
|
|
|
|
ip, ok := netip.AddrFromSlice(resultInt.Bytes())
|
|
if !ok {
|
|
return netip.Addr{}, fmt.Errorf("invalid IP address from network %s", network)
|
|
}
|
|
|
|
return ip.Unmap(), nil
|
|
}
|