wireguard: Select the correct source IP address for N2N peers

commit 76ea485d9edb781328e307c68b1f878d933408e5 Author: Michael Tremer <michael.tremer@ipfire.org> Date: Fri Sep 27 17:39:22 2024 +0200 wireguard: Select the correct source IP address for N2N peers This is so that the firewall chooses the correct IP address when trying to establish connections to the remote networks. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
2026-04-09 10:35:53 +02:00 · 2025-06-24 22:37:17 -07:00
parent 09073df309
commit 5b18e6c763
1 changed files with 40 additions and 0 deletions
--- a/src/initscripts/networking/functions.network
+++ b/src/initscripts/networking/functions.network
@@ -246,6 +246,46 @@ network_address_in_network() {
 	[ "${address}" -ge "${netaddr}" -a "${address}" -le "${broadcast}" ]
 }

+# Takes a network and list of IP addresses and will return the first IP address
+# that is in the given network.
+first_address_in_network() {
+	local network="${1}"
+	shift
+
+	local addr
+	for addr in $@; do
+		if network_address_in_network "${addr}" "${network}"; then
+			echo "${addr}"
+			return 0
+		fi
+	done
+
+	return 1
+}
+
+# Returns the first of IPFire's own IP addresses that is in any of the given networks
+ipfire_address_in_networks() {
+	local addresses=()
+
+	local var
+	for var in GREEN_ADDRESS BLUE_ADDRESS ORANGE_ADDRESS; do
+		if [ -n "${!var}" ]; then
+			addresses+=( "${!var}" )
+		fi
+	done
+
+	local network
+	for network in $@; do
+		# Find and end after the first match
+		if first_address_in_network "${network}" "${addresses[@]}"; then
+			return 0
+		fi
+	done
+
+	# Nothing found
+	return 1
+}
+
 dhcpcd_get_pid() {
 		# This function returns the pid of a dhcpcd by a given
 		# network device, if a pidfile exists.