From 1d75647b49443c42f11142ca8356fbf083dabe1f Mon Sep 17 00:00:00 2001 From: abhishek9686 Date: Tue, 10 Dec 2024 11:48:31 +0400 Subject: [PATCH 1/4] migrate all policies --- logic/acls.go | 40 ++++++++++------------------------------ migrate/migrate.go | 3 ++- 2 files changed, 12 insertions(+), 31 deletions(-) diff --git a/logic/acls.go b/logic/acls.go index ce9b230f5..8bbafd806 100644 --- a/logic/acls.go +++ b/logic/acls.go @@ -18,37 +18,17 @@ var ( aclCacheMap = make(map[string]models.Acl) ) -func MigrateDefaulAclPolicies(netID models.NetworkID) { - if netID.String() == "" { - return - } - acl, err := GetAcl(fmt.Sprintf("%s.%s", netID, "all-nodes")) - if err == nil { - //if acl.Proto.String() == "" { - acl.Proto = models.ALL - acl.ServiceType = models.Custom - acl.Port = []string{} - UpsertAcl(acl) - //} - } - acl, err = GetAcl(fmt.Sprintf("%s.%s", netID, "all-users")) - if err == nil { - //if acl.Proto.String() == "" { - acl.Proto = models.ALL - acl.ServiceType = models.Custom - acl.Port = []string{} - UpsertAcl(acl) - //} - } - acl, err = GetAcl(fmt.Sprintf("%s.%s", netID, "all-remote-access-gws")) - if err == nil { - //if acl.Proto.String() == "" { - acl.Proto = models.ALL - acl.ServiceType = models.Custom - acl.Port = []string{} - UpsertAcl(acl) - //} +func MigrateAclPolicies() { + acls := ListAcls() + for _, acl := range acls { + if acl.Proto.String() == "" { + acl.Proto = models.ALL + acl.ServiceType = models.Custom + acl.Port = []string{} + UpsertAcl(acl) + } } + } // CreateDefaultAclNetworkPolicies - create default acl network policies diff --git a/migrate/migrate.go b/migrate/migrate.go index 6cce40965..6c86f35f7 100644 --- a/migrate/migrate.go +++ b/migrate/migrate.go @@ -437,6 +437,7 @@ func createDefaultTagsAndPolicies() { for _, network := range networks { logic.CreateDefaultTags(models.NetworkID(network.NetID)) logic.CreateDefaultAclNetworkPolicies(models.NetworkID(network.NetID)) - logic.MigrateDefaulAclPolicies(models.NetworkID(network.NetID)) + } + logic.MigrateDefaulAclPolicies(models.NetworkID(network.NetID)) } From 5ae8688a30be44325892dec4cfc6d465034fb00e Mon Sep 17 00:00:00 2001 From: abhishek9686 Date: Tue, 10 Dec 2024 11:48:56 +0400 Subject: [PATCH 2/4] migrate all policies --- migrate/migrate.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/migrate/migrate.go b/migrate/migrate.go index 6c86f35f7..824deecae 100644 --- a/migrate/migrate.go +++ b/migrate/migrate.go @@ -439,5 +439,5 @@ func createDefaultTagsAndPolicies() { logic.CreateDefaultAclNetworkPolicies(models.NetworkID(network.NetID)) } - logic.MigrateDefaulAclPolicies(models.NetworkID(network.NetID)) + logic.MigrateAclPolicies() } From 450b58199e42e8a3d89c6dba85964c9538e4965f Mon Sep 17 00:00:00 2001 From: abhishek9686 Date: Tue, 10 Dec 2024 11:50:43 +0400 Subject: [PATCH 3/4] add acl policy type for any traffic --- controllers/acls.go | 8 ++++++++ models/acl.go | 1 + 2 files changed, 9 insertions(+) diff --git a/controllers/acls.go b/controllers/acls.go index 6873f2a02..ffaa66636 100644 --- a/controllers/acls.go +++ b/controllers/acls.go @@ -53,6 +53,14 @@ func aclPolicyTypes(w http.ResponseWriter, r *http.Request) { // models.NetmakerSubNetRangeAClID, }, ProtocolTypes: []models.ProtocolType{ + { + Name: models.Any, + AllowedProtocols: []models.Protocol{ + models.ALL, + }, + PortRange: "All ports", + AllowPortSetting: false, + }, { Name: models.Http, AllowedProtocols: []models.Protocol{ diff --git a/models/acl.go b/models/acl.go index 4778ad6d8..9f303fd1d 100644 --- a/models/acl.go +++ b/models/acl.go @@ -34,6 +34,7 @@ const ( AllUDP = "All UDP" ICMPService = "ICMP" Custom = "Custom" + Any = "Any" ) func (p Protocol) String() string { From 087002c832efb15a39a730cbb2fb70dfccaa940b Mon Sep 17 00:00:00 2001 From: abhishek9686 Date: Tue, 10 Dec 2024 11:55:24 +0400 Subject: [PATCH 4/4] use any service type for migration --- logic/acls.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/logic/acls.go b/logic/acls.go index 8bbafd806..d623e5c5a 100644 --- a/logic/acls.go +++ b/logic/acls.go @@ -23,7 +23,7 @@ func MigrateAclPolicies() { for _, acl := range acls { if acl.Proto.String() == "" { acl.Proto = models.ALL - acl.ServiceType = models.Custom + acl.ServiceType = models.Any acl.Port = []string{} UpsertAcl(acl) }