personal_interest_mirrors/nebula
1
0
Fork 0
mirror of https://github.com/slackhq/nebula.git synced 2025-11-12 11:43:58 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

control->Send: Also set the src port

Browse Source 
With the source port also set, we only need to enable inbound
firewall rules on the 'server' side of the connection, as
the conntrack will allow replies.
This commit is contained in:
Dave Russell 2020-10-02 22:25:31 +10:00
parent 3cebf38504
commit e9657d571e
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
control.go
View File

@ -204,7 +204,12 @@ func (c *Control) Send(ip uint32, port uint16, t NebulaMessageSubType, payload [
binary.BigEndian.PutUint16(packet[2:4], uint16(length))
binary.BigEndian.PutUint32(packet[12:16], ip2int(c.f.inside.CidrNet().IP.To4()))
binary.BigEndian.PutUint32(packet[16:20], ip)
// Set identical values for src and dst port as they're only
// used for nebula firewall rule mataching.
binary.BigEndian.PutUint16(packet[20:22], port)
binary.BigEndian.PutUint16(packet[22:24], port)
copy(packet[headerLen:], payload)
nb := make([]byte, 12)