lare/autopeering
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Compare commits

base: lare:707040de59991e0e5bc164400ad71374cd6d6c5a
Branches Tags
lare:master
lare:v1.0
...
compare: lare:0a0bfaac669ad93e3396993551d1d8c4e1a51a97
Branches Tags
lare:master
lare:v1.0

2 commits
707040de59 ... 0a0bfaac66

Author SHA1 Message Date
lare
0a0bfaac66 [web] allow owner (specified in config) to use debug login even if debug login isn't enabled 2023-04-22 00:57:53 +02:00
lare
b676e78090 [node] use ipv4 or ipv6 if no ipv6 ll is specified 2023-04-21 23:38:41 +02:00
6 changed files with 19 additions and 17 deletions
Show stats Expand all files Collapse all files

6
nodes/main.py
View file

@ -239,8 +239,10 @@ class PeeringManager:
for pNr in range(len(self.peerings[asn])): for pNr in range(len(self.peerings[asn])):
if self.peerings[asn][pNr]["node"] == node: if self.peerings[asn][pNr]["node"] == node:
old_peering = self.peerings[asn][pNr] old_peering = self.peerings[asn][pNr]
new_peering = self.peerings[asn][pNr] = {"MNT": MNT if MNT!=NotSpecified else old_peering["MNT"], "ASN": asn, "node": config["nodename"], "wg_key": wg_key, new_peering = self.peerings[asn][pNr] = {"MNT": MNT if MNT!=NotSpecified else old_peering["MNT"], "ASN": asn, "node": config["nodename"],
"endpoint": endpoint if endpoint!=NotSpecified else old_peering["endpoint"], "ipv6ll": ipv6ll if ipv6ll != NotSpecified else old_peering["ipv6ll"], "ipv4": ipv4 if ipv4 != NotSpecified else old_peering["ipv4"], "ipv6": ipv6 if ipv6 != NotSpecified else old_peering["ipv6"], "bgp_mp": bgp_mp if bgp_mp != NotSpecified else old_peering["bgp_mp"], "bgp_enh": bgp_enh if bgp_enh != NotSpecified else old_peering["bgp_enh"]} "wg_key": wg_key,"endpoint": endpoint if endpoint!=NotSpecified else old_peering["endpoint"],
"ipv6ll": ipv6ll if ipv6ll != NotSpecified else old_peering["ipv6ll"], "ipv4": ipv4 if ipv4 != NotSpecified else old_peering["ipv4"], "ipv6": ipv6 if ipv6 != NotSpecified else old_peering["ipv6"],
"bgp_mp": bgp_mp if bgp_mp != NotSpecified else old_peering["bgp_mp"], "bgp_enh": bgp_enh if bgp_enh != NotSpecified else old_peering["bgp_enh"]}
success = True success = True
if not success: if not success:
return False, 404 return False, 404

6
nodes/templates/bgp-peer.template.conf
View file

@ -1,6 +1,6 @@
{% if peering["bgp_mp"] %} {% if peering["bgp_mp"] == True %}
protocol bgp dn42_{{peering["MNT"][:-4].lower()}}_{{peering["ASN"][-4:]}} from dnpeers { protocol bgp dn42_{{peering["MNT"][:-4].lower()}}_{{peering["ASN"][-4:]}} from dnpeers {
neighbor {{peering["ipv6ll"]}} as {{peering["ASN"]}}; neighbor {{peering["ipv6ll"] or peering["ipv4"] or peering["ipv6"]}} as {{peering["ASN"]}};
interface {% if peering['ASN'].__len__() >=6 %}"dn42_{{peering['ASN'][-6:]}}"{% else %}"dn42_{{peering['asn']}}"{% endif %}; interface {% if peering['ASN'].__len__() >=6 %}"dn42_{{peering['ASN'][-6:]}}"{% else %}"dn42_{{peering['asn']}}"{% endif %};
passive off; passive off;
@ -19,7 +19,7 @@ protocol bgp dn42_{{peering["MNT"][:-4].lower()}}_{{peering["ASN"][-4:]}} from d
extended next hop {% if peering["bgp_enh"] %}on{%else%}off{%endif%}; extended next hop {% if peering["bgp_enh"] %}on{%else%}off{%endif%};
}; };
}; };
{%else%} {%else if peering["bgp_mp"] == False %}
protocol bgp dn42_{{peering["MNT"][:-4].lower()}}_{{peering['ASN'][-4:]}}_4 from dnpeers { protocol bgp dn42_{{peering["MNT"][:-4].lower()}}_{{peering['ASN'][-4:]}}_4 from dnpeers {
neighbor {{peering["ipv4"]}} as {{peering["ASN"]}}; neighbor {{peering["ipv4"]}} as {{peering["ASN"]}};
passive off; passive off;

2
nodes/templates/wireguard.template.conf
View file

@ -2,7 +2,7 @@
PostUp = wg set %i private-key /etc/wireguard/dn42.priv PostUp = wg set %i private-key /etc/wireguard/dn42.priv
ListenPort = 2{{peering["ASN"][-4:]}} ListenPort = 2{{peering["ASN"][-4:]}}
{% if peering["ipv4"] %}PostUp = /sbin/ip addr add dev %i 172.22.125.130/32 peer {{peering["ipv4"]}}/32 {% if peering["ipv4"] %}PostUp = /sbin/ip addr add dev %i 172.22.125.130/32 peer {{peering["ipv4"]}}/32
{%endif%}{% if peering["ipv6"] %}PostUp = /sbin/ip addr add dev %i fe63:5d40:47e5::130/128 peer {{peering["ipv6"]}}/128 {%endif%}{% if peering["ipv6"] %}PostUp = /sbin/ip addr add dev %i fd63:5d40:47e5::130/128 peer {{peering["ipv6"]}}/128
{%endif%}{% if peering["ipv6ll"] %}PostUp = /sbin/ip addr add dev %i fe80::3035:130/128 peer {{peering["ipv6ll"]}}/128{%endif%} {%endif%}{% if peering["ipv6ll"] %}PostUp = /sbin/ip addr add dev %i fe80::3035:130/128 peer {{peering["ipv6ll"]}}/128{%endif%}
Table = off Table = off

18
web/backend/main.py
View file

@ -265,7 +265,7 @@ def login():
session["return_url"] = request.args["return"] if "return" in request.args else "" session["return_url"] = request.args["return"] if "return" in request.args else ""
return render_template("login.html", session=session, config=config, return_addr=session["return_url"]) return render_template("login.html", session=session, config=config, return_addr=session["return_url"])
elif request.method == "POST" and config["debug-mode"]: elif request.method == "POST" and (config["debug-mode"] or session["login"] == config["MNT"]):
try: try:
print(request.form) print(request.form)
if request.form["theanswer"] != "42": if request.form["theanswer"] != "42":
@ -293,10 +293,10 @@ def login():
allowed6 = None allowed6 = None
session["user-data"] = {'asn': asn, 'allowed4': allowed4, session["user-data"] = {'asn': asn, 'allowed4': allowed4,
'allowed6': allowed6, 'mnt': mnt, 'authtype': "debug"} 'allowed6': allowed6, 'mnt': mnt, 'authtype': "debug"}
session["login"] = mnt session["login"] = mnt if not "login" in session else session["login"]
return redirect(session["return_url"]) return redirect(session["return_url"])
except ValueError: except ValueError:
msg = "at least one of the values provided is wrong/invalid" msg = "at least one of the values provided is wrong/invalid <br>" + str(e)
return render_template("login.html", session=session, config=config, return_addr=session["return_url"], msg=msg) return render_template("login.html", session=session, config=config, return_addr=session["return_url"], msg=msg)
except KeyError: except KeyError:
msg = "not all required field were specified" msg = "not all required field were specified"
@ -316,10 +316,10 @@ def peerings_delete():
elif request.method in ["POST", "DELETE"]: elif request.method in ["POST", "DELETE"]:
if not request.form["confirm"] == "on": if not request.form["confirm"] == "on":
return render_template("peerings-delete.html", session=session, config=config, request_args=request.args, msg="you have to confirm the deletion first") return render_template("peerings-delete.html", session=session, config=config, request_args=request.args, msg="you have to confirm the deletion first")
if not peerings.exists(request.args["asn"], request.args["node"], mnt=session["login"]): if not peerings.exists(request.args["asn"], request.args["node"], mnt=session["user-data"]["mnt"]):
return render_template("peerings-delete.html", session=session, config=config, request_args=request.args, msg="the peering you requested to delete doesn't exist (anymore) or you are not authorized to delete it") return render_template("peerings-delete.html", session=session, config=config, request_args=request.args, msg="the peering you requested to delete doesn't exist (anymore) or you are not authorized to delete it")
print(str(request)) print(str(request))
if not peerings.delete_peering(request.args["asn"], request.args["node"], mnt=session["login"]): if not peerings.delete_peering(request.args["asn"], request.args["node"], mnt=session["user-data"]["mnt"]):
return render_template("peerings-delete.html", session=session, config=config, request_args=request.args, msg="deletion of the peering requested failed, maybe you are not authorized or that peering doesn't exist") return render_template("peerings-delete.html", session=session, config=config, request_args=request.args, msg="deletion of the peering requested failed, maybe you are not authorized or that peering doesn't exist")
session["msg"] = {"msg": "peer-del", session["msg"] = {"msg": "peer-del",
"node": request.args["node"], "asn": request.args["asn"]} "node": request.args["node"], "asn": request.args["asn"]}
@ -334,7 +334,7 @@ def peerings_edit():
if request.method == "GET": if request.method == "GET":
if not "node" in request.args or not request.args["node"]: if not "node" in request.args or not request.args["node"]:
return render_template("peerings-edit.html", session=session, config=config, peerings=peerings, msg="no peering selected, please click one of the buttons above") return render_template("peerings-edit.html", session=session, config=config, peerings=peerings, msg="no peering selected, please click one of the buttons above")
mnt_peerings = peerings.get_peerings_by_mnt(session["login"]) mnt_peerings = peerings.get_peerings_by_mnt(session["user-data"]["mnt"])
# print(mnt_peerings) # print(mnt_peerings)
if "node" in request.args and request.args["node"] in config["nodes"]: if "node" in request.args and request.args["node"] in config["nodes"]:
selected_peering = None selected_peering = None
@ -357,7 +357,7 @@ def peerings_edit():
print(peering_valid) print(peering_valid)
print(peering_or_msg) print(peering_or_msg)
selected_peering = None selected_peering = None
mnt_peerings = peerings.get_peerings_by_mnt(session["login"]) mnt_peerings = peerings.get_peerings_by_mnt(session["user-data"]["mnt"])
for p in mnt_peerings: for p in mnt_peerings:
if p["node"] == request.args["node"] and p["ASN"] == request.args["asn"]: if p["node"] == request.args["node"] and p["ASN"] == request.args["asn"]:
selected_peering = p selected_peering = p
@ -365,7 +365,7 @@ def peerings_edit():
break break
if not peering_valid: if not peering_valid:
return render_template("peerings-edit.html", session=session, config=config, peerings=peerings, msg=peering_or_msg, selected_peering=selected_peering), 400 return render_template("peerings-edit.html", session=session, config=config, peerings=peerings, msg=peering_or_msg, selected_peering=selected_peering), 400
if not peerings.update_peering(session["user-data"]["asn"], request.args["node"], session["login"], peering_or_msg["peer-wgkey"], peering_or_msg["peer-endpoint"], peering_or_msg["peer-v6ll"], peering_or_msg["peer-v4"], peering_or_msg["peer-v6"], peering_or_msg["bgp-mp"], peering_or_msg["bgp-enh"]): if not peerings.update_peering(session["user-data"]["asn"], request.args["node"], session["user-data"]["mnt"], peering_or_msg["peer-wgkey"], peering_or_msg["peer-endpoint"], peering_or_msg["peer-v6ll"], peering_or_msg["peer-v4"], peering_or_msg["peer-v6"], peering_or_msg["bgp-mp"], peering_or_msg["bgp-enh"]):
return render_template("peerings-edit.html", session=session, config=config, peerings=peerings, msg="such a peering doesn't exist(yet)", selected_peering=selected_peering), 400 return render_template("peerings-edit.html", session=session, config=config, peerings=peerings, msg="such a peering doesn't exist(yet)", selected_peering=selected_peering), 400
return redirect(f"{config['base-dir']}peerings") return redirect(f"{config['base-dir']}peerings")
@ -391,7 +391,7 @@ def peerings_new():
if not peering_valid: if not peering_valid:
return render_template("peerings-new.html", session=session, config=config, peerings=peerings, msg=peering_or_msg), 400 return render_template("peerings-new.html", session=session, config=config, peerings=peerings, msg=peering_or_msg), 400
if not peerings.add_peering(session["user-data"]["asn"], request.args["node"], session["login"], peering_or_msg["peer-wgkey"], peering_or_msg["peer-endpoint"], peering_or_msg["peer-v6ll"], peering_or_msg["peer-v4"], peering_or_msg["peer-v6"], peering_or_msg["bgp-mp"], peering_or_msg["bgp-enh"]): if not peerings.add_peering(session["user-data"]["asn"], request.args["node"], session["user-data"]["mnt"], peering_or_msg["peer-wgkey"], peering_or_msg["peer-endpoint"], peering_or_msg["peer-v6ll"], peering_or_msg["peer-v4"], peering_or_msg["peer-v6"], peering_or_msg["bgp-mp"], peering_or_msg["bgp-enh"]):
return render_template("peerings-new.html", session=session, config=config, peerings=peerings, msg="this ASN already has a peering with the requested node"), 400 return render_template("peerings-new.html", session=session, config=config, peerings=peerings, msg="this ASN already has a peering with the requested node"), 400
return redirect(f"{config['base-dir']}peerings") return redirect(f"{config['base-dir']}peerings")

2
web/frontend/login.html
View file

@ -21,7 +21,7 @@
</button> </button>
</form> </form>
{% if config["debug-mode"] %} {% if config["debug-mode"] or ("login" in session and session["login"] == config["MNT"])%}
<form action="" method="post" class="flex"> <form action="" method="post" class="flex">
<label for="debug" <label for="debug"
>Debug login, if you see this in Production contact {{config["MNT"]}}</label >Debug login, if you see this in Production contact {{config["MNT"]}}</label

2
web/frontend/peerings.html
View file

@ -5,7 +5,7 @@
> >
</div> </div>
<div class="flex flex-row"> <div class="flex flex-row">
{% for peering in peerings.get_peerings_by_mnt(session["login"]) %} {% for peering in peerings.get_peerings_by_mnt(session["user-data"]["mnt"]) %}
<div class="peering"> <div class="peering">
<div> <div>
<div>Node: {{peering["node"]}}</div> <div>Node: {{peering["node"]}}</div>