void/ZeroTierOne
2
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-06-06 12:33:44 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add rule type to match a COM field of the peer by ID and value because this will be powerful.

Browse source
This commit is contained in:
Adam Ierymenko 2016-06-21 08:09:20 -07:00
parent eee59ec9ce
commit 330c80f3f5
2 changed files with 27 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
include/ZeroTierOne.h
View file

@ -507,7 +507,17 @@ enum ZT_VirtualNetworkRuleType
/** /**
* Match a range of relative TCP sequence numbers (e.g. approx first N bytes of stream) * Match a range of relative TCP sequence numbers (e.g. approx first N bytes of stream)
*/ */
ZT_NETWORK_RULE_MATCH_TCP_RELATIVE_SEQUENCE_NUMBER_RANGE = 50 ZT_NETWORK_RULE_MATCH_TCP_RELATIVE_SEQUENCE_NUMBER_RANGE = 50,
/**
* Match a certificate of network membership field from the ZT origin's COM: greater than or equal to
*/
ZT_NETWORK_RULE_MATCH_COM_FIELD_GE = 51,
/**
* Match a certificate of network membership field from the ZT origin's COM: less than or equal to
*/
ZT_NETWORK_RULE_MATCH_COM_FIELD_LE = 52
}; };
/** /**
@ -618,6 +628,11 @@ typedef struct
* Ethernet packet size in host byte order (start-end, inclusive) * Ethernet packet size in host byte order (start-end, inclusive)
*/ */
uint16_t frameSize[2]; uint16_t frameSize[2];
/**
* COM ID and value for ZT_NETWORK_RULE_MATCH_COM_FIELD_GE and ZT_NETWORK_RULE_MATCH_COM_FIELD_LE
*/
uint64_t comIV[2];
} v; } v;
} ZT_VirtualNetworkRule; } ZT_VirtualNetworkRule;

11
node/NetworkConfig.cpp
View file

@ -250,6 +250,12 @@ bool NetworkConfig::toDictionary(Dictionary<ZT_NETWORKCONFIG_DICT_CAPACITY> &d,b
tmp.append((uint32_t)rules[i].v.tcpseq[0]); tmp.append((uint32_t)rules[i].v.tcpseq[0]);
tmp.append((uint32_t)rules[i].v.tcpseq[1]); tmp.append((uint32_t)rules[i].v.tcpseq[1]);
break; break;
case ZT_NETWORK_RULE_MATCH_COM_FIELD_GE:
case ZT_NETWORK_RULE_MATCH_COM_FIELD_LE:
tmp.append((uint8_t)16);
tmp.append((uint64_t)rules[i].v.comIV[0]);
tmp.append((uint64_t)rules[i].v.comIV[1]);
break;
} }
} }
if (tmp.size()) { if (tmp.size()) {
@ -469,6 +475,11 @@ bool NetworkConfig::fromDictionary(const Dictionary<ZT_NETWORKCONFIG_DICT_CAPACI
rules[ruleCount].v.tcpseq[0] = tmp.at<uint32_t>(p); rules[ruleCount].v.tcpseq[0] = tmp.at<uint32_t>(p);
rules[ruleCount].v.tcpseq[1] = tmp.at<uint32_t>(p + 4); rules[ruleCount].v.tcpseq[1] = tmp.at<uint32_t>(p + 4);
break; break;
case ZT_NETWORK_RULE_MATCH_COM_FIELD_GE:
case ZT_NETWORK_RULE_MATCH_COM_FIELD_LE:
rules[ruleCount].v.comIV[0] = tmp.at<uint64_t>(p);
rules[ruleCount].v.comIV[1] = tmp.at<uint64_t>(p + 8);
break;
} }
p += fieldLen; p += fieldLen;
++ruleCount; ++ruleCount;