summaryrefslogtreecommitdiff
path: root/src/main
diff options
context:
space:
mode:
authorTrygve Laugstøl <trygvis@inamo.no>2021-01-06 10:16:51 +0100
committerTrygve Laugstøl <trygvis@inamo.no>2021-01-06 10:16:51 +0100
commit9eac79348242b5dc33f4cccdd86beda2a4ed4746 (patch)
tree95eaed3ba80ce4e39c3843f5c39cafe27479861b /src/main
parent2dcbdffc28b9eeaab68eb7c90eb8813899bd9546 (diff)
downloadrules-sandbox-9eac79348242b5dc33f4cccdd86beda2a4ed4746.tar.gz
rules-sandbox-9eac79348242b5dc33f4cccdd86beda2a4ed4746.tar.bz2
rules-sandbox-9eac79348242b5dc33f4cccdd86beda2a4ed4746.tar.xz
rules-sandbox-9eac79348242b5dc33f4cccdd86beda2a4ed4746.zip
Implementing VPN connections.
Diffstat (limited to 'src/main')
-rw-r--r--src/main/java/io/trygvis/rules/engine/Main.java11
-rw-r--r--src/main/java/io/trygvis/rules/network/Ipv4Address.java24
-rw-r--r--src/main/resources/io/trygvis/rules/acme/vpn.drl52
3 files changed, 60 insertions, 27 deletions
diff --git a/src/main/java/io/trygvis/rules/engine/Main.java b/src/main/java/io/trygvis/rules/engine/Main.java
index 6f04a98..7c96be6 100644
--- a/src/main/java/io/trygvis/rules/engine/Main.java
+++ b/src/main/java/io/trygvis/rules/engine/Main.java
@@ -41,11 +41,12 @@ public class Main {
io.dump("phase-1", session.getFactHandles());
io.dump("vpn0", session.getFactHandles(), (Object o) ->
- o.getClass().getName().contains("Wg") ||
- o instanceof Machine ||
- o instanceof DnsEntry ||
- o instanceof Ipv4Cidr ||
- o instanceof Ipv4Address);
+ o.getClass().getName().contains("Wg")
+ || o instanceof Machine
+ || o instanceof DnsEntry
+ || o instanceof Ipv4Cidr
+ || o instanceof Ipv4Address
+ );
session.dispose();
}
diff --git a/src/main/java/io/trygvis/rules/network/Ipv4Address.java b/src/main/java/io/trygvis/rules/network/Ipv4Address.java
index 071bca9..7ca9ca5 100644
--- a/src/main/java/io/trygvis/rules/network/Ipv4Address.java
+++ b/src/main/java/io/trygvis/rules/network/Ipv4Address.java
@@ -6,9 +6,10 @@ import com.fasterxml.jackson.databind.SerializerProvider;
import com.fasterxml.jackson.databind.annotation.JsonSerialize;
import java.io.IOException;
+import java.util.Objects;
@JsonSerialize(using = Ipv4Address.Serializer.class)
-public class Ipv4Address {
+public class Ipv4Address implements Comparable<Ipv4Address> {
public final int address;
public Ipv4Address(int address) {
@@ -16,6 +17,27 @@ public class Ipv4Address {
}
@Override
+ public boolean equals(Object o) {
+ if (this == o) return true;
+
+ if (o instanceof Ipv4Address other) {
+ return address == other.address;
+ }
+
+ return false;
+ }
+
+ @Override
+ public int hashCode() {
+ return Objects.hash(address);
+ }
+
+ @Override
+ public int compareTo(Ipv4Address o) {
+ return address - o.address;
+ }
+
+ @Override
public String toString() {
return "%d.%d.%d.%d".formatted(
address >> 24 & 0xff,
diff --git a/src/main/resources/io/trygvis/rules/acme/vpn.drl b/src/main/resources/io/trygvis/rules/acme/vpn.drl
index 456cbae..88c44f1 100644
--- a/src/main/resources/io/trygvis/rules/acme/vpn.drl
+++ b/src/main/resources/io/trygvis/rules/acme/vpn.drl
@@ -16,18 +16,23 @@ declare WgNet
networkCidr : String
end
+declare WgIpPool
+ net : String
+ role : String
+ cidr : Ipv4Cidr
+end
+
+declare WgIpPool
+ net : String
+ cidr : Ipv4Cidr
+end
+
rule "Create link network" when
$net : WgNet()
not(Ipv4Cidr(network == IpCalc.cidr($net.linkCidr).network))
then
- insert(IpCalc.cidr($net.linkCidr))
-end
-
-rule "Create link network addresses" when
- $cidr : Ipv4Cidr()
- $addresses : Ipv4Address() from $cidr.addresses
-then
- insert($addresses)
+ insert(new WgIpPool($net.name, "link", IpCalc.cidr($net.linkCidr)))
+ insert(new WgIpPool($net.name, "network", IpCalc.cidr($net.networkCidr)))
end
declare WgHost
@@ -85,16 +90,21 @@ then
insert(new WgConnection($h.name, $other.name))
end
-//declare AllocatedIp
-// owner : Object
-// ip : Ipv4Address
-//end
-//
-//rule "Assign IP"
-//when
-// $host : WgHost()
-// $ip : Ipv4Address()
-//then
-// var allocation = new AllocatedIp($host, $ip);
-// insert(allocation)
-//end
+declare WgIpAllocation
+ host : String
+ role : String
+ ip : Ipv4Address
+end
+
+rule "Assign IP"
+when
+ $net : WgNet()
+ $host : WgHost(net == $net.name)
+ $pool : WgIpPool(net == $net.name)
+ not(WgIpAllocation(host == $host.name, role == $pool.role))
+ $ip : Ipv4Address() from $pool.cidr.addresses()
+ not(WgIpAllocation(ip == $ip))
+then
+ System.out.printf("IP: net=%s, pool.role=%s, host=%s, ip=%s%n", $net.name, $pool.role, $host.name, $ip);
+ insert(new WgIpAllocation($host.name, $pool.role, $ip))
+end