mirrors/nebula
1
Fork 0
mirror of https://github.com/slackhq/nebula.git synced 2025-12-05 18:20:48 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

Firewall types and cross-stack subnet stuff (#1509)
Some checks failed
gofmt / Run gofmt (push) Has been cancelled
Details
smoke-extra / Run extra smoke tests (push) Has been cancelled
Details
smoke / Run multi node smoke test (push) Has been cancelled
Details
Build and test / Build all and test on ubuntu-linux (push) Has been cancelled
Details
Build and test / Build and test on linux with boringcrypto (push) Has been cancelled
Details
Build and test / Build and test on linux with pkcs11 (push) Has been cancelled
Details
Build and test / Build and test on macos-latest (push) Has been cancelled
Details
Build and test / Build and test on windows-latest (push) Has been cancelled
Details

Browse source 
* firewall can distinguish if the host connecting has an overlapping network, is a VPN peer without an overlapping network, or is a unsafe network

* Cross stack subnet stuff (#1512)

* experiment with not filtering out non-common addresses in hostinfo.networks

* allow handshakes without overlaps

* unsafe network test

* change HostInfo.buildNetworks argument to reference the cert
This commit is contained in:
Jack Doan 2025-11-12 13:40:20 -06:00 committed by GitHub
parent 6a8a2992ff
commit a89f95182c
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
11 changed files with 582 additions and 116 deletions
Download patch file Download diff file Expand all files Collapse all files

4
control_tester.go
View file

@ -174,6 +174,10 @@ func (c *Control) GetHostmap() *HostMap {
return c.f.hostMap
}
func (c *Control) GetF() *Interface {
return c.f
}
func (c *Control) GetCertState() *CertState {
return c.f.pki.getCertState()
}