Calculate and apply CIDR.
This commit is contained in:
parent
475b6abb5b
commit
35d88eff60
|
@ -117,4 +117,18 @@ struct CIDRAddress {
|
||||||
|
|
||||||
self.subnet = subnet
|
self.subnet = subnet
|
||||||
}
|
}
|
||||||
|
|
||||||
|
var subnetString: String {
|
||||||
|
// We could calculate these.
|
||||||
|
|
||||||
|
var bitMask: UInt32 = 0b11111111111111111111111111111111
|
||||||
|
bitMask = bitMask << (32 - subnet)
|
||||||
|
|
||||||
|
let first = UInt8(truncatingIfNeeded: bitMask >> 24)
|
||||||
|
let second = UInt8(truncatingIfNeeded: bitMask >> 16 )
|
||||||
|
let third = UInt8(truncatingIfNeeded: bitMask >> 8)
|
||||||
|
let fourth = UInt8(truncatingIfNeeded: bitMask)
|
||||||
|
|
||||||
|
return "\(first).\(second).\(third).\(fourth)"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -34,34 +34,37 @@ class PacketTunnelProvider: NEPacketTunnelProvider {
|
||||||
let endpoints = config.providerConfiguration?[PCKeys.endpoints.rawValue] as? String ?? ""
|
let endpoints = config.providerConfiguration?[PCKeys.endpoints.rawValue] as? String ?? ""
|
||||||
let addresses = (config.providerConfiguration?[PCKeys.addresses.rawValue] as? String ?? "").split(separator: ",")
|
let addresses = (config.providerConfiguration?[PCKeys.addresses.rawValue] as? String ?? "").split(separator: ",")
|
||||||
|
|
||||||
settings.split(separator: "\n").forEach {os_log("Tunnel config: %{public}s", log: Log.general, type: .info, String($0))}
|
let validatedEndpoints = endpoints.split(separator: ",").compactMap { try? Endpoint(endpointString: String($0)) }.compactMap {$0}
|
||||||
|
let validatedAddresses = addresses.compactMap { try? CIDRAddress(stringRepresentation: String($0)) }.compactMap { $0 }
|
||||||
|
|
||||||
if wireGuardWrapper.turnOn(withInterfaceName: interfaceName, settingsString: settings) {
|
if wireGuardWrapper.turnOn(withInterfaceName: interfaceName, settingsString: settings) {
|
||||||
//TODO: Hardcoded values for addresses
|
//TODO: Hardcoded values for tunnelRemoteAddress
|
||||||
|
let newSettings = NEPacketTunnelNetworkSettings(tunnelRemoteAddress: "149.248.160.60")
|
||||||
|
newSettings.tunnelOverheadBytes = 80
|
||||||
|
|
||||||
// IPv4 settings
|
// IPv4 settings
|
||||||
let ipv4Settings = NEIPv4Settings(addresses: ["10.50.10.171"], subnetMasks: ["255.255.224.0"])
|
let validatedIPv4Addresses = validatedAddresses.filter { $0.addressType == .IPv4}
|
||||||
|
if validatedIPv4Addresses.count > 0 {
|
||||||
|
let ipv4Settings = NEIPv4Settings(addresses: validatedIPv4Addresses.map { $0.ipAddress }, subnetMasks: validatedIPv4Addresses.map { $0.subnetString })
|
||||||
ipv4Settings.includedRoutes = [NEIPv4Route.default()]
|
ipv4Settings.includedRoutes = [NEIPv4Route.default()]
|
||||||
let validatedEndpoints = endpoints.split(separator: ",").compactMap { try? Endpoint(endpointString: String($0)) }.compactMap {$0}
|
|
||||||
ipv4Settings.excludedRoutes = validatedEndpoints.filter { $0.addressType == .IPv4}.map {
|
ipv4Settings.excludedRoutes = validatedEndpoints.filter { $0.addressType == .IPv4}.map {
|
||||||
NEIPv4Route(destinationAddress: $0.ipAddress, subnetMask: "255.255.255.255")}
|
NEIPv4Route(destinationAddress: $0.ipAddress, subnetMask: "255.255.255.255")}
|
||||||
|
|
||||||
|
newSettings.ipv4Settings = ipv4Settings
|
||||||
|
}
|
||||||
|
|
||||||
// IPv6 settings
|
// IPv6 settings
|
||||||
//TODO: Hardcoded values for address
|
let validatedIPv6Addresses = validatedAddresses.filter { $0.addressType == .IPv6}
|
||||||
let ipv6Settings = NEIPv6Settings(addresses: ["2607:f938:3001:4000::aac"], networkPrefixLengths: [64])
|
if validatedIPv6Addresses.count > 0 {
|
||||||
|
let ipv6Settings = NEIPv6Settings(addresses: validatedIPv6Addresses.map { $0.ipAddress }, networkPrefixLengths: validatedIPv6Addresses.map { NSNumber(value: $0.subnet) })
|
||||||
ipv6Settings.includedRoutes = [NEIPv6Route.default()]
|
ipv6Settings.includedRoutes = [NEIPv6Route.default()]
|
||||||
ipv6Settings.excludedRoutes = validatedEndpoints.filter { $0.addressType == .IPv6}.map { NEIPv6Route(destinationAddress: $0.ipAddress, networkPrefixLength: 0)}
|
ipv6Settings.excludedRoutes = validatedEndpoints.filter { $0.addressType == .IPv6}.map { NEIPv6Route(destinationAddress: $0.ipAddress, networkPrefixLength: 0)}
|
||||||
|
|
||||||
//TODO: Hardcoded values for tunnelRemoteAddress
|
newSettings.ipv6Settings = ipv6Settings
|
||||||
let newSettings = NEPacketTunnelNetworkSettings(tunnelRemoteAddress: "149.248.160.60")
|
}
|
||||||
|
|
||||||
newSettings.ipv4Settings = ipv4Settings
|
|
||||||
//TODO apply IPv6
|
|
||||||
// newSettings.ipv6Settings = ipv6Settings
|
|
||||||
newSettings.tunnelOverheadBytes = 80
|
|
||||||
if let dns = config.providerConfiguration?[PCKeys.dns.rawValue] as? String {
|
if let dns = config.providerConfiguration?[PCKeys.dns.rawValue] as? String {
|
||||||
var splitDnsEntries = dns.split(separator: ",").map {String($0)}
|
let splitDnsEntries = dns.split(separator: ",").map {String($0)}
|
||||||
//TODO apple IPv6 DNS
|
|
||||||
// splitDnsEntries.append("2606:ed00:2:babe::2")
|
|
||||||
let dnsSettings = NEDNSSettings(servers: splitDnsEntries)
|
let dnsSettings = NEDNSSettings(servers: splitDnsEntries)
|
||||||
newSettings.dnsSettings = dnsSettings
|
newSettings.dnsSettings = dnsSettings
|
||||||
}
|
}
|
||||||
|
|
|
@ -120,4 +120,73 @@ class ValidatorsTests: XCTestCase {
|
||||||
executeTest(stringRepresentation: "12345")
|
executeTest(stringRepresentation: "12345")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func testIPv4CIDRAddressSubnetConversion() throws {
|
||||||
|
// swiftlint:disable force_try
|
||||||
|
let cidrAddress1 = try! CIDRAddress(stringRepresentation: "128.0.0.0/1")!
|
||||||
|
XCTAssertEqual(cidrAddress1.ipAddress, cidrAddress1.subnetString)
|
||||||
|
let cidrAddress2 = try! CIDRAddress(stringRepresentation: "192.0.0.0/2")!
|
||||||
|
XCTAssertEqual(cidrAddress2.ipAddress, cidrAddress2.subnetString)
|
||||||
|
let cidrAddress3 = try! CIDRAddress(stringRepresentation: "224.0.0.0/3")!
|
||||||
|
XCTAssertEqual(cidrAddress3.ipAddress, cidrAddress3.subnetString)
|
||||||
|
let cidrAddress4 = try! CIDRAddress(stringRepresentation: "240.0.0.0/4")!
|
||||||
|
XCTAssertEqual(cidrAddress4.ipAddress, cidrAddress4.subnetString)
|
||||||
|
let cidrAddress5 = try! CIDRAddress(stringRepresentation: "248.0.0.0/5")!
|
||||||
|
XCTAssertEqual(cidrAddress5.ipAddress, cidrAddress5.subnetString)
|
||||||
|
let cidrAddress6 = try! CIDRAddress(stringRepresentation: "252.0.0.0/6")!
|
||||||
|
XCTAssertEqual(cidrAddress6.ipAddress, cidrAddress6.subnetString)
|
||||||
|
let cidrAddress7 = try! CIDRAddress(stringRepresentation: "254.0.0.0/7")!
|
||||||
|
XCTAssertEqual(cidrAddress7.ipAddress, cidrAddress7.subnetString)
|
||||||
|
let cidrAddress8 = try! CIDRAddress(stringRepresentation: "255.0.0.0/8")!
|
||||||
|
XCTAssertEqual(cidrAddress8.ipAddress, cidrAddress8.subnetString)
|
||||||
|
let cidrAddress9 = try! CIDRAddress(stringRepresentation: "255.128.0.0/9")!
|
||||||
|
XCTAssertEqual(cidrAddress9.ipAddress, cidrAddress9.subnetString)
|
||||||
|
let cidrAddress10 = try! CIDRAddress(stringRepresentation: "255.192.0.0/10")!
|
||||||
|
XCTAssertEqual(cidrAddress10.ipAddress, cidrAddress10.subnetString)
|
||||||
|
let cidrAddress11 = try! CIDRAddress(stringRepresentation: "255.224.0.0/11")!
|
||||||
|
XCTAssertEqual(cidrAddress11.ipAddress, cidrAddress11.subnetString)
|
||||||
|
let cidrAddress12 = try! CIDRAddress(stringRepresentation: "255.240.0.0/12")!
|
||||||
|
XCTAssertEqual(cidrAddress12.ipAddress, cidrAddress12.subnetString)
|
||||||
|
let cidrAddress13 = try! CIDRAddress(stringRepresentation: "255.248.0.0/13")!
|
||||||
|
XCTAssertEqual(cidrAddress13.ipAddress, cidrAddress13.subnetString)
|
||||||
|
let cidrAddress14 = try! CIDRAddress(stringRepresentation: "255.252.0.0/14")!
|
||||||
|
XCTAssertEqual(cidrAddress14.ipAddress, cidrAddress14.subnetString)
|
||||||
|
let cidrAddress15 = try! CIDRAddress(stringRepresentation: "255.254.0.0/15")!
|
||||||
|
XCTAssertEqual(cidrAddress15.ipAddress, cidrAddress15.subnetString)
|
||||||
|
let cidrAddress16 = try! CIDRAddress(stringRepresentation: "255.255.0.0/16")!
|
||||||
|
XCTAssertEqual(cidrAddress16.ipAddress, cidrAddress16.subnetString)
|
||||||
|
let cidrAddress17 = try! CIDRAddress(stringRepresentation: "255.255.128.0/17")!
|
||||||
|
XCTAssertEqual(cidrAddress17.ipAddress, cidrAddress17.subnetString)
|
||||||
|
let cidrAddress18 = try! CIDRAddress(stringRepresentation: "255.255.192.0/18")!
|
||||||
|
XCTAssertEqual(cidrAddress18.ipAddress, cidrAddress18.subnetString)
|
||||||
|
let cidrAddress19 = try! CIDRAddress(stringRepresentation: "255.255.224.0/19")!
|
||||||
|
XCTAssertEqual(cidrAddress19.ipAddress, cidrAddress19.subnetString)
|
||||||
|
let cidrAddress20 = try! CIDRAddress(stringRepresentation: "255.255.240.0/20")!
|
||||||
|
XCTAssertEqual(cidrAddress20.ipAddress, cidrAddress20.subnetString)
|
||||||
|
let cidrAddress21 = try! CIDRAddress(stringRepresentation: "255.255.248.0/21")!
|
||||||
|
XCTAssertEqual(cidrAddress21.ipAddress, cidrAddress21.subnetString)
|
||||||
|
let cidrAddress22 = try! CIDRAddress(stringRepresentation: "255.255.252.0/22")!
|
||||||
|
XCTAssertEqual(cidrAddress22.ipAddress, cidrAddress22.subnetString)
|
||||||
|
let cidrAddress23 = try! CIDRAddress(stringRepresentation: "255.255.254.0/23")!
|
||||||
|
XCTAssertEqual(cidrAddress23.ipAddress, cidrAddress23.subnetString)
|
||||||
|
let cidrAddress24 = try! CIDRAddress(stringRepresentation: "255.255.255.0/24")!
|
||||||
|
XCTAssertEqual(cidrAddress24.ipAddress, cidrAddress24.subnetString)
|
||||||
|
let cidrAddress25 = try! CIDRAddress(stringRepresentation: "255.255.255.128/25")!
|
||||||
|
XCTAssertEqual(cidrAddress25.ipAddress, cidrAddress25.subnetString)
|
||||||
|
let cidrAddress26 = try! CIDRAddress(stringRepresentation: "255.255.255.192/26")!
|
||||||
|
XCTAssertEqual(cidrAddress26.ipAddress, cidrAddress26.subnetString)
|
||||||
|
let cidrAddress27 = try! CIDRAddress(stringRepresentation: "255.255.255.224/27")!
|
||||||
|
XCTAssertEqual(cidrAddress27.ipAddress, cidrAddress27.subnetString)
|
||||||
|
let cidrAddress28 = try! CIDRAddress(stringRepresentation: "255.255.255.240/28")!
|
||||||
|
XCTAssertEqual(cidrAddress28.ipAddress, cidrAddress28.subnetString)
|
||||||
|
let cidrAddress29 = try! CIDRAddress(stringRepresentation: "255.255.255.248/29")!
|
||||||
|
XCTAssertEqual(cidrAddress29.ipAddress, cidrAddress29.subnetString)
|
||||||
|
let cidrAddress30 = try! CIDRAddress(stringRepresentation: "255.255.255.252/30")!
|
||||||
|
XCTAssertEqual(cidrAddress30.ipAddress, cidrAddress30.subnetString)
|
||||||
|
let cidrAddress31 = try! CIDRAddress(stringRepresentation: "255.255.255.254/31")!
|
||||||
|
XCTAssertEqual(cidrAddress31.ipAddress, cidrAddress31.subnetString)
|
||||||
|
let cidrAddress32 = try! CIDRAddress(stringRepresentation: "255.255.255.255/32")!
|
||||||
|
XCTAssertEqual(cidrAddress32.ipAddress, cidrAddress32.subnetString)
|
||||||
|
// swiftlint:enable force_try
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue