Add generic wg private network routing

neacsu · neacsu · commit e8397d6c84e2 · 2024-06-10T12:22:09.000Z
diff --git a/common/wireguard/src/lib.rs b/common/wireguard/src/lib.rs
@@ -99,6 +99,7 @@ pub async fn start_wireguard(
 ) -> Result<std::sync::Arc<WgApiWrapper>, Box<dyn std::error::Error + Send + Sync + 'static>> {
     use base64::{prelude::BASE64_STANDARD, Engine};
     use defguard_wireguard_rs::{InterfaceConfiguration, WireguardInterfaceApi};
+    use ip_network::IpNetwork;
     use peer_controller::PeerController;
 
     let mut peers = vec![];
@@ -120,7 +121,18 @@ pub async fn start_wireguard(
         peers,
     };
     wg_api.configure_interface(&interface_config)?;
-    // wgapi.configure_peer_routing(&peers)?;
+
+    // Use a dummy peer to create routing rule for the entire network space
+    let mut catch_all_peer = Peer::new(Key::new([0; 32]));
+    let network = IpNetwork::new_truncate(
+        wireguard_data.inner.config().private_ip,
+        wireguard_data.inner.config().private_network_prefix,
+    )?;
+    catch_all_peer.set_allowed_ips(vec![IpAddrMask::new(
+        network.network_address(),
+        network.netmask(),
+    )]);
+    wg_api.configure_peer_routing(&[catch_all_peer])?;
 
     let wg_api = std::sync::Arc::new(WgApiWrapper::new(wg_api));
     let mut controller = PeerController::new(wg_api.clone(), wireguard_data.peer_rx);
diff --git a/common/wireguard/src/peer_controller.rs b/common/wireguard/src/peer_controller.rs
@@ -36,13 +36,13 @@ impl PeerController {
                 msg = self.peer_rx.recv() => {
                     match msg {
                         Some(PeerControlMessage::AddPeer(peer)) => {
-                            if self.wg_api.inner.configure_peer(&peer).is_err() {
-                                log::error!("Could not configure peer {:?}", peer);
+                            if let Err(e) = self.wg_api.inner.configure_peer(&peer) {
+                                log::error!("Could not configure peer: {:?}", e);
                             }
                         }
                         Some(PeerControlMessage::RemovePeer(peer_pubkey)) => {
-                            if self.wg_api.inner.remove_peer(&peer_pubkey).is_err() {
-                                log::error!("Could not remove peer with key {:?}", peer_pubkey);
+                            if let Err(e) = self.wg_api.inner.remove_peer(&peer_pubkey) {
+                                log::error!("Could not remove peer: {:?}", e);
                             }
                         }
                         None => {

Original file line number	Diff line number	Diff line change
`@@ -36,13 +36,13 @@ impl PeerController {`
`36`	`36`	`msg = self.peer_rx.recv() => {`
`37`	`37`	`match msg {`
`38`	`38`	`Some(PeerControlMessage::AddPeer(peer)) => {`
`39`		`- if self.wg_api.inner.configure_peer(&peer).is_err() {`
`40`		`- log::error!("Could not configure peer {:?}", peer);`
	`39`	`+ if let Err(e) = self.wg_api.inner.configure_peer(&peer) {`
	`40`	`+ log::error!("Could not configure peer: {:?}", e);`
`41`	`41`	`}`
`42`	`42`	`}`
`43`	`43`	`Some(PeerControlMessage::RemovePeer(peer_pubkey)) => {`
`44`		`- if self.wg_api.inner.remove_peer(&peer_pubkey).is_err() {`
`45`		`- log::error!("Could not remove peer with key {:?}", peer_pubkey);`
	`44`	`+ if let Err(e) = self.wg_api.inner.remove_peer(&peer_pubkey) {`
	`45`	`+ log::error!("Could not remove peer: {:?}", e);`
`46`	`46`	`}`
`47`	`47`	`}`
`48`	`48`	`None => {`