Open hats0id opened 3 weeks ago
xterm-inator
commented
2 weeks ago Hey,
Currently the application only knows about IP addresses that are used from creating peers through the app. However I think I can change this to also know about addresses already existing, I'll have a look into this.
For the second thing, are you talking about what the user logs into MikroGuard with, wanting this to be just a username instead of an email address?
xterm-inator
commented
2 weeks ago I have added functionality to skip IPs already used in the router. could you test this image: ghcr.io/xterm-inator/mikroguard:pr-41 with your setup and let me know if it works.
hats0id
commented
2 weeks ago I have added functionality to skip IPs already used in the router. could you test this image: ghcr.io/xterm-inator/mikroguard:pr-41 with your setup and let me know if it works.
Hello there. Thank you very much for fast response. I have tried and got an error:
[2024-06-19 19:34:31] production.ERROR: Invalid IP address format {"userId":1,"exception":"[object] (IPTools\Exception\IpException(code: 0): Invalid IP address format at /opt/app/vendor/s1lentium/iptools/src/IP.php:35)
hats0id
commented
2 weeks ago I have checked one more time and it works. I have had few peers with ip range for example 192.168.1.1-192.168.1.30 and two peers with ip 192.168.1.253 and 192.168.1.254. After removing these all works. May be you shoul add more checks. And regarding username and password - since there is no username and password when someone creates peer for wireguard - i do not relly understand purpose of these when i create peers. Can you clarify this?
xterm-inator
commented
2 weeks ago Hey, Thanks for testing.
I'll have a look into getting it working with ip ranges using 192.168.1.1-192.168.1.30 style, it should currently work for ranges with a CIDR notation e.g. 192.168.1.2/30.
I'm not sure why it wouldn't with 192.168.1.253 and 192.168.1.254, could you try these ones again?
The app is built around the concept of each user manages their own connection, e.g. a company with many users and each user can login to get their connection details. However, I am currently working on an update that will allow each user to have multiple peers so that might solve your problem.
hats0id
commented
2 weeks ago Hey, Thanks for testing.
I'll have a look into getting it working with ip ranges using 192.168.1.1-192.168.1.30 style, it should currently work for ranges with a CIDR notation e.g. 192.168.1.2/30.
I'm not sure why it wouldn't with 192.168.1.253 and 192.168.1.254, could you try these ones again?
The app is built around the concept of each user manages their own connection, e.g. a company with many users and each user can login to get their connection details. However, I am currently working on an update that will allow each user to have multiple peers so that might solve your problem.
In my setup i have 32 peers - for example 192.168.1.2-192.168.1.30 and two peers with ip 192.168.1.253 and 192.168.1.254. I Guess problem is in your algorithm how you check used/unused IP. And may be it just checked that last ip (192.168.1.254) for 192.168.1.0/24 subnet was used and there are no free IP for new peer. After deleting (changing IP) - that all peers have IP sequentially in range 192.168.1.2-192.168.1.34 it works.
xterm-inator
commented
1 week ago Ah OK, I get what you mean so you have multiple peers between 192.168.1.2 and 192.168.1.30 not a single peer with a range. pr-41 should work with that and with your high range ips, so I'm not sure why it didn't but I'll do some more tests later in the week to try and find the issue.
xterm-inator
commented
3 days ago so, I tested with 4 peers using 10.255.254.2/32, 10.255.254.3/32, 10.255.254.120/32, 10.255.254.4/32 all created in winbox. Then setup a new MikroGuard instance and created a new peer and it gave me an IP of 10.255.254.5/32, which is expected. So I'm not sure why your instance had an error.
xterm-inator
commented
1 day ago I have added some logging to the parse code so we can try and find the IP that is causing the problem. So if you could pull ghcr.io/xterm-inator/mikroguard:pr-41 again and see if you get any logs when adding a new connection.
hats0id
commented
1 day ago I have made a test and got this error:
[2024-07-06 21:41:39] production.DEBUG: Invalid IP - 193.168.1.253/32,0.0.0.0/0, Invalid IP address format.
This peer is a site to site connection. And this allowed address is needed to route some traffic via this peer. If i remove 0.0.0.0/0 all is ok.
Hello dear - thank you for this great software. When i try to add new user - it ignores all existing peers and tries to create new peer with dublicate IP. It would be great if it automatically add all existing peers. And second thing - is it possbile to use as a peer name not just email, but any name? Thank you.