jostreff/wireguard-ui
1
0
Fork 0
mirror of https://github.com/ngoduykhanh/wireguard-ui.git synced 2025-04-20 20:03:39 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

Allow passing extra allowed subnets (#114)

Browse source
This commit is contained in:
brittondodd 2022-01-29 02:45:00 -05:00 committed by GitHub
parent f3a788e3a4
commit 341f9b6a42
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 97 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
handler/routes.go
View file

@ -160,6 +160,12 @@ func NewClient(db store.IStore) echo.HandlerFunc {
return c.JSON(http.StatusBadRequest, jsonHTTPResponse{false, "Allowed IPs must be in CIDR format"}) return c.JSON(http.StatusBadRequest, jsonHTTPResponse{false, "Allowed IPs must be in CIDR format"})
} }
// validate extra AllowedIPs
if util.ValidateExtraAllowedIPs(client.ExtraAllowedIPs) == false {
log.Warnf("Invalid Extra AllowedIPs input from user: %v", client.ExtraAllowedIPs)
return c.JSON(http.StatusBadRequest, jsonHTTPResponse{false, "Extra AllowedIPs must be in CIDR format"})
}
// gen ID // gen ID
guid := xid.New() guid := xid.New()
client.ID = guid.String() client.ID = guid.String()
@ -274,6 +280,11 @@ func UpdateClient(db store.IStore) echo.HandlerFunc {
return c.JSON(http.StatusBadRequest, jsonHTTPResponse{false, "Allowed IPs must be in CIDR format"}) return c.JSON(http.StatusBadRequest, jsonHTTPResponse{false, "Allowed IPs must be in CIDR format"})
} }
if util.ValidateExtraAllowedIPs(_client.ExtraAllowedIPs) == false {
log.Warnf("Invalid Allowed IPs input from user: %v", _client.ExtraAllowedIPs)
return c.JSON(http.StatusBadRequest, jsonHTTPResponse{false, "Extra Allowed IPs must be in CIDR format"})
}
// map new data // map new data
client.Name = _client.Name client.Name = _client.Name
client.Email = _client.Email client.Email = _client.Email
@ -281,6 +292,7 @@ func UpdateClient(db store.IStore) echo.HandlerFunc {
client.UseServerDNS = _client.UseServerDNS client.UseServerDNS = _client.UseServerDNS
client.AllocatedIPs = _client.AllocatedIPs client.AllocatedIPs = _client.AllocatedIPs
client.AllowedIPs = _client.AllowedIPs client.AllowedIPs = _client.AllowedIPs
client.ExtraAllowedIPs = _client.ExtraAllowedIPs
client.UpdatedAt = time.Now().UTC() client.UpdatedAt = time.Now().UTC()
// write to the database // write to the database
@ -628,7 +640,7 @@ func SuggestIPAllocation(db store.IStore) echo.HandlerFunc {
fmt.Sprintf("Cannot suggest ip allocation: failed to get available ip from network %s", cidr), fmt.Sprintf("Cannot suggest ip allocation: failed to get available ip from network %s", cidr),
}) })
} }
if (strings.Contains(ip, ":")) { if strings.Contains(ip, ":") {
suggestedIPs = append(suggestedIPs, fmt.Sprintf("%s/128", ip)) suggestedIPs = append(suggestedIPs, fmt.Sprintf("%s/128", ip))
} else { } else {
suggestedIPs = append(suggestedIPs, fmt.Sprintf("%s/32", ip)) suggestedIPs = append(suggestedIPs, fmt.Sprintf("%s/32", ip))

1
model/client.go
View file

@ -14,6 +14,7 @@ type Client struct {
Email string `json:"email"` Email string `json:"email"`
AllocatedIPs []string `json:"allocated_ips"` AllocatedIPs []string `json:"allocated_ips"`
AllowedIPs []string `json:"allowed_ips"` AllowedIPs []string `json:"allowed_ips"`
ExtraAllowedIPs []string `json:"extra_allowed_ips"`
UseServerDNS bool `json:"use_server_dns"` UseServerDNS bool `json:"use_server_dns"`
Enabled bool `json:"enabled"` Enabled bool `json:"enabled"`
CreatedAt time.Time `json:"created_at"` CreatedAt time.Time `json:"created_at"`

24
templates/base.html
View file

@ -163,6 +163,11 @@
<input type="text" data-role="tagsinput" class="form-control" id="client_allowed_ips" <input type="text" data-role="tagsinput" class="form-control" id="client_allowed_ips"
value="0.0.0.0/0"> value="0.0.0.0/0">
</div> </div>
<div class="form-group">
<label for="client_extra_allowed_ips" class="control-label">Extra Allowed IPs</label>
<input type="text" data-role="tagsinput" class="form-control"
id="client_extra_allowed_ips">
</div>
<div class="form-group"> <div class="form-group">
<div class="icheck-primary d-inline"> <div class="icheck-primary d-inline">
<input type="checkbox" id="use_server_dns" checked> <input type="checkbox" id="use_server_dns" checked>
@ -293,6 +298,12 @@
const allocated_ips = $("#client_allocated_ips").val().split(","); const allocated_ips = $("#client_allocated_ips").val().split(",");
const allowed_ips = $("#client_allowed_ips").val().split(","); const allowed_ips = $("#client_allowed_ips").val().split(",");
let use_server_dns = false; let use_server_dns = false;
let extra_allowed_ips = [];
if ($("#client_extra_allowed_ips").val() !== "") {
extra_allowed_ips = $("#client_extra_allowed_ips").val().split(",");
}
if ($("#use_server_dns").is(':checked')){ if ($("#use_server_dns").is(':checked')){
use_server_dns = true; use_server_dns = true;
@ -305,7 +316,7 @@
} }
const data = {"name": name, "email": email, "allocated_ips": allocated_ips, "allowed_ips": allowed_ips, const data = {"name": name, "email": email, "allocated_ips": allocated_ips, "allowed_ips": allowed_ips,
"use_server_dns": use_server_dns, "enabled": enabled}; "extra_allowed_ips": extra_allowed_ips, "use_server_dns": use_server_dns, "enabled": enabled};
$.ajax({ $.ajax({
cache: false, cache: false,
@ -376,6 +387,16 @@
'placeholderColor': '#666666' 'placeholderColor': '#666666'
}); });
$("#client_extra_allowed_ips").tagsInput({
'width': '100%',
'height': '75%',
'interactive': true,
'defaultText': 'Add More',
'removeWithBackspace': true,
'minChars': 0,
'placeholderColor': '#666666'
});
// New client form validation // New client form validation
$(document).ready(function () { $(document).ready(function () {
$.validator.setDefaults({ $.validator.setDefaults({
@ -414,6 +435,7 @@
$("#client_name").val(""); $("#client_name").val("");
$("#client_email").val(""); $("#client_email").val("");
$("#client_allocated_ips").importTags(''); $("#client_allocated_ips").importTags('');
$("#client_extra_allowed_ips").importTags('');
updateIPAllocationSuggestion(); updateIPAllocationSuggestion();
}); });
}); });

27
templates/clients.html
View file

@ -86,6 +86,11 @@ Wireguard Clients
<label for="_client_allowed_ips" class="control-label">Allowed IPs</label> <label for="_client_allowed_ips" class="control-label">Allowed IPs</label>
<input type="text" data-role="tagsinput" class="form-control" id="_client_allowed_ips"> <input type="text" data-role="tagsinput" class="form-control" id="_client_allowed_ips">
</div> </div>
<div class="form-group">
<label for="_client_extra_allowed_ips" class="control-label">Extra Allowed IPs</label>
<input type="text" data-role="tagsinput" class="form-control"
id="_client_extra_allowed_ips">
</div>
<div class="form-group"> <div class="form-group">
<div class="icheck-primary d-inline"> <div class="icheck-primary d-inline">
<input type="checkbox" id="_use_server_dns"> <input type="checkbox" id="_use_server_dns">
@ -302,6 +307,16 @@ Wireguard Clients
'placeholderColor': '#666666' 'placeholderColor': '#666666'
}); });
modal.find("#_client_extra_allowed_ips").tagsInput({
'width': '100%',
'height': '75%',
'interactive': true,
'defaultText': 'Add More',
'removeWithBackspace' : true,
'minChars': 0,
'placeholderColor': '#666666'
})
// update client modal data // update client modal data
$.ajax({ $.ajax({
cache: false, cache: false,
@ -327,6 +342,11 @@ Wireguard Clients
modal.find("#_client_allowed_ips").addTag(obj); modal.find("#_client_allowed_ips").addTag(obj);
}); });
modal.find("#_client_extra_allowed_ips").importTags('');
client.extra_allowed_ips.forEach(function (obj) {
modal.find("#_client_extra_allowed_ips").addTag(obj);
});
modal.find("#_use_server_dns").prop("checked", client.use_server_dns); modal.find("#_use_server_dns").prop("checked", client.use_server_dns);
modal.find("#_enabled").prop("checked", client.enabled); modal.find("#_enabled").prop("checked", client.enabled);
}, },
@ -371,6 +391,11 @@ Wireguard Clients
const allocated_ips = $("#_client_allocated_ips").val().split(","); const allocated_ips = $("#_client_allocated_ips").val().split(",");
const allowed_ips = $("#_client_allowed_ips").val().split(","); const allowed_ips = $("#_client_allowed_ips").val().split(",");
let use_server_dns = false; let use_server_dns = false;
let extra_allowed_ips = [];
if( $("#_client_extra_allowed_ips").val() !== "" ) {
extra_allowed_ips = $("#_client_extra_allowed_ips").val().split(",");
}
if ($("#_use_server_dns").is(':checked')){ if ($("#_use_server_dns").is(':checked')){
use_server_dns = true; use_server_dns = true;
@ -383,7 +408,7 @@ Wireguard Clients
} }
const data = {"id": client_id, "name": name, "email": email, "allocated_ips": allocated_ips, const data = {"id": client_id, "name": name, "email": email, "allocated_ips": allocated_ips,
"allowed_ips": allowed_ips, "use_server_dns": use_server_dns, "enabled": enabled}; "allowed_ips": allowed_ips, "extra_allowed_ips": extra_allowed_ips, "use_server_dns": use_server_dns, "enabled": enabled};
$.ajax({ $.ajax({
cache: false, cache: false,

2
templates/wg.conf
View file

@ -20,5 +20,5 @@ PostDown = {{ .serverConfig.Interface.PostDown }}
[Peer] [Peer]
PublicKey = {{ .Client.PublicKey }} PublicKey = {{ .Client.PublicKey }}
PresharedKey = {{ .Client.PresharedKey }} PresharedKey = {{ .Client.PresharedKey }}
AllowedIPs = {{$first :=true}}{{range .Client.AllocatedIPs }}{{if $first}}{{$first = false}}{{else}},{{end}}{{.}}{{end}} AllowedIPs = {{$first :=true}}{{range .Client.AllocatedIPs }}{{if $first}}{{$first = false}}{{else}},{{end}}{{.}}{{end}}{{range .Client.ExtraAllowedIPs }},{{.}}{{end}}
{{end}}{{end}} {{end}}{{end}}

22
util/util.go
View file

@ -76,18 +76,34 @@ func ValidateCIDR(cidr string) bool {
} }
// ValidateCIDRList to validate a list of network CIDR // ValidateCIDRList to validate a list of network CIDR
func ValidateCIDRList(cidrs []string) bool { func ValidateCIDRList(cidrs []string, allowEmpty bool) bool {
for _, cidr := range cidrs { for _, cidr := range cidrs {
if allowEmpty {
if len(cidr) > 0 {
if ValidateCIDR(cidr) == false { if ValidateCIDR(cidr) == false {
return false return false
} }
} }
} else {
if ValidateCIDR(cidr) == false {
return false
}
}
}
return true return true
} }
// ValidateAllowedIPs to validate allowed ip addresses in CIDR format // ValidateAllowedIPs to validate allowed ip addresses in CIDR format
func ValidateAllowedIPs(cidrs []string) bool { func ValidateAllowedIPs(cidrs []string) bool {
if ValidateCIDRList(cidrs) == false { if ValidateCIDRList(cidrs, false) == false {
return false
}
return true
}
// ValidateExtraAllowedIPs to validate extra Allowed ip addresses, allowing empty strings
func ValidateExtraAllowedIPs(cidrs []string) bool {
if ValidateCIDRList(cidrs, true) == false {
return false return false
} }
return true return true
@ -95,7 +111,7 @@ func ValidateAllowedIPs(cidrs []string) bool {
// ValidateServerAddresses to validate allowed ip addresses in CIDR format // ValidateServerAddresses to validate allowed ip addresses in CIDR format
func ValidateServerAddresses(cidrs []string) bool { func ValidateServerAddresses(cidrs []string) bool {
if ValidateCIDRList(cidrs) == false { if ValidateCIDRList(cidrs, false) == false {
return false return false
} }
return true return true