Merge pull request #34 from sphen13/client_allowed_ips

default client allowed ips in server config
vx3r · Apr 15, 2020 · 9e4b22d · 9e4b22d
2 parents eecea63 + 260f733
commit 9e4b22d
Show file tree

Hide file tree

Showing 4 changed files with 44 additions and 1 deletion.
diff --git a/core/server.go b/core/server.go
@@ -36,6 +36,10 @@ func ReadServer() (*model.Server, error) {
 		server.Dns = append(server.Dns, "fd9f::10:0:0:2")
 		server.Dns = append(server.Dns, "10.0.0.2")
 
+		server.AllowedIPs = make([]string, 0)
+		server.AllowedIPs = append(server.AllowedIPs, "0.0.0.0/0")
+		server.AllowedIPs = append(server.AllowedIPs, "::/0")
+
 		server.PersistentKeepalive = 16
 		server.Mtu = 0
 		server.PreUp = "echo WireGuard PreUp"

diff --git a/model/server.go b/model/server.go
@@ -16,6 +16,7 @@ type Server struct {
 	Endpoint            string    `json:"endpoint"`
 	PersistentKeepalive int       `json:"persistentKeepalive"`
 	Dns                 []string  `json:"dns"`
+	AllowedIPs          []string  `json:"allowedips"`
 	PreUp               string    `json:"preUp"`
 	PostUp              string    `json:"postUp"`
 	PreDown             string    `json:"preDown"`
@@ -59,6 +60,12 @@ func (a Server) IsValid() []error {
 			errs = append(errs, fmt.Errorf("dns %s is invalid", dns))
 		}
 	}
+	// check if the allowedIPs are valid
+	for _, allowedIP := range a.AllowedIPs {
+		if !util.IsValidCidr(allowedIP) {
+			errs = append(errs, fmt.Errorf("allowedIP %s is invalid", allowedIP))
+		}
+	}
 
 	return errs
 }
diff --git a/ui/src/components/Clients.vue b/ui/src/components/Clients.vue
@@ -382,7 +382,7 @@
           name: "",
           email: "",
           enable: true,
-          allowedIPs: ["0.0.0.0/0", "::/0"],
+          allowedIPs: this.server.allowedips,
           address: this.server.address,
         }
       },

diff --git a/ui/src/components/Server.vue b/ui/src/components/Server.vue
@@ -85,6 +85,26 @@
                                     </v-chip>
                                 </template>
                             </v-combobox>
+                            <v-combobox
+                                    v-model="server.allowedips"
+                                    chips
+                                    hint="Write IPv4 or IPv6 address and hit enter"
+                                    label="Default Allowed IPs for clients"
+                                    multiple
+                                    dark
+                            >
+                                <template v-slot:selection="{ attrs, item, select, selected }">
+                                    <v-chip
+                                            v-bind="attrs"
+                                            :input-value="selected"
+                                            close
+                                            @click="select"
+                                            @click:close="server.allowedips.splice(server.allowedips.indexOf(item), 1)"
+                                    >
+                                        <strong>{{ item }}</strong>&nbsp;
+                                    </v-chip>
+                                </template>
+                            </v-combobox>
                             <v-text-field
                                     type="number"
                                     v-model="server.mtu"
@@ -218,6 +238,18 @@
           }
         }
 
+        // check client AllowedIPs
+        if (this.server.allowedips.length < 1) {
+          this.notify('error', 'Please provide at least one valid CIDR address for client allowed IPs');
+          return;
+        }
+        for (let i = 0; i < this.server.allowedips.length; i++){
+          if (this.$isCidr(this.server.allowedips[i]) === 0) {
+            this.notify('error', 'Invalid CIDR detected, please correct before submitting');
+            return
+          }
+        }
+
         this.api.patch('/server', this.server).then((res) => {
           this.notify('success', "Server successfully updated");
           this.server = res;